commit 631d458b6fc7341363a121c390e086cf676ecc83
Author: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed May 3 09:28:36 2017 -0600
Allow a tuple to be set to boolean true. Regression introduced by
refactor of set_default_entry() in sudo 1.8.18.
diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index 89788477..91b47eeb 100644
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -238,19 +238,31 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op,
int rc;
debug_decl(parse_default_entry, SUDOERS_DEBUG_DEFAULTS)
- if (val == NULL && !ISSET(def->type, T_FLAG)) {
- /* Check for bogus boolean usage or missing value if non-boolean. */
- if (!ISSET(def->type, T_BOOL) || op != false) {
- if (!quiet) {
- if (lineno > 0) {
- sudo_warnx(U_("%s:%d no value specified for \"%s\""),
- file, lineno, def->name);
- } else {
- sudo_warnx(U_("%s: no value specified for \"%s\""),
- file, def->name);
+ /*
+ * If no value specified, the boolean flag must be set for non-flags.
+ * Only flags and tuples support boolean "true".
+ */
+ if (val == NULL) {
+ switch (def->type & T_MASK) {
+ case T_FLAG:
+ break;
+ case T_TUPLE:
+ if (ISSET(def->type, T_BOOL))
+ break;
+ /* FALLTHROUGH */
+ default:
+ if (!ISSET(def->type, T_BOOL) || op != false) {
+ if (!quiet) {
+ if (lineno > 0) {
+ sudo_warnx(U_("%s:%d no value specified for \"%s\""),
+ file, lineno, def->name);
+ } else {
+ sudo_warnx(U_("%s: no value specified for \"%s\""),
+ file, def->name);
+ }
}
+ debug_return_bool(false);
}
- debug_return_bool(false);
}
}