powerel7
/
base
2
0
Fork 0
Code Issues Pull Requests Releases Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1055 Commits
1 Branch
0 Tags
390 MiB
 
 
 
 
 
 
Tree: 260568e7ec
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '260568e7ec'
${ noResults }
base/SOURCES/sudo-1.8.6p3-netgrmatchtrac...

56 lines
2.1 KiB
Raw Blame History

diff -up sudo-1.8.6p3/plugins/sudoers/match.c.netgrmatchtrace sudo-1.8.6p3/plugins/sudoers/match.c
--- sudo-1.8.6p3/plugins/sudoers/match.c.netgrmatchtrace 2013-08-12 14:42:56.498247674 +0200
+++ sudo-1.8.6p3/plugins/sudoers/match.c 2013-08-12 14:43:01.009264127 +0200
@@ -713,6 +713,10 @@ netgr_matches(char *netgr, char *lhost,
#ifdef HAVE_GETDOMAINNAME
static int initialized;
#endif
+#ifdef HAVE_INNETGR
+ bool innetgr_lhost = false;
+ bool innetgr_shost = false;
+#endif
debug_decl(netgr_matches, SUDO_DEBUG_MATCH)
/* make sure we have a valid netgroup, sudo style */
@@ -733,9 +737,39 @@ netgr_matches(char *netgr, char *lhost,
#ifdef HAVE_INNETGR
if (innetgr(netgr, lhost, user, domain))
- debug_return_bool(true);
+ innetgr_lhost = true;
else if (lhost != shost && innetgr(netgr, shost, user, domain))
- debug_return_bool(true);
+ innetgr_shost = true;
+
+ if (innetgr_lhost) {
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
+ "(%s, %s, %s) found in netgroup %s\n",
+ shost ? shost : "*",
+ user ? user : "*",
+ domain ? domain : "*",
+ netgr);
+ } else if (innetgr_shost) {
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
+ "(%s, %s, %s) found in netgroup %s\n",
+ lhost ? lhost : "*",
+ user ? user : "*",
+ domain ? domain : "*",
+ netgr);
+ } else {
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
+ "(%s, %s, %s) NOT found in netgroup %s\n",
+ shost ? shost : "*",
+ user ? user : "*",
+ domain ? domain : "*",
+ netgr);
+ sudo_debug_printf(SUDO_DEBUG_TRACE,
+ "(%s, %s, %s) NOT found in netgroup %s\n",
+ lhost ? lhost : "*",
+ user ? user : "*",
+ domain ? domain : "*",
+ netgr);
+ }
+ debug_return_bool(innetgr_lhost || innetgr_shost);
#endif /* HAVE_INNETGR */
debug_return_bool(false);