/* * Print out privileges for the specified user. * We only get here if the user is allowed to run something on this host. */ void display_privs(struct sudo_nss_list *snl, struct passwd *pw) { struct sudo_nss *nss; struct lbuf defs, privs; int count, olen; /* Reset group vector so group matching works correctly. */ reset_groups(pw); lbuf_init(&defs, output, 4, NULL, sudo_user.cols); lbuf_init(&privs, output, 4, NULL, sudo_user.cols); /* Display defaults from all sources. */ lbuf_append(&defs, "Matching Defaults entries for ", pw->pw_name, " on this host:\n", NULL); count = 0; tq_foreach_fwd(snl, nss) { count += nss->display_defaults(nss, pw, &defs); }
/* * Print out privileges for the specified user. * We only get here if the user is allowed to run something. */ void display_privs(struct sudo_nss_list *snl, struct passwd *pw) { struct sudo_nss *nss; struct lbuf defs, privs; struct stat sb; int cols, count, olen; debug_decl(display_privs, SUDO_DEBUG_NSS) cols = sudo_user.cols; if (fstat(STDOUT_FILENO, &sb) == 0 && S_ISFIFO(sb.st_mode)) cols = 0; lbuf_init(&defs, output, 4, NULL, cols); lbuf_init(&privs, output, 8, NULL, cols); /* Display defaults from all sources. */ lbuf_append(&defs, _("Matching Defaults entries for %s on %s:\n"), pw->pw_name, user_srunhost); count = 0; TAILQ_FOREACH(nss, snl, entries) { count += nss->display_defaults(nss, pw, &defs); }
/* * Give usage message and exit. * The actual usage strings are in sudo_usage.h for configure substitution. */ void usage(int fatal) { struct lbuf lbuf; char *uvec[6]; int i, ulen; /* * Use usage vectors appropriate to the progname. */ if (strcmp(getprogname(), "sudoedit") == 0) { uvec[0] = SUDO_USAGE5 + 3; uvec[1] = NULL; } else { uvec[0] = SUDO_USAGE1; uvec[1] = SUDO_USAGE2; uvec[2] = SUDO_USAGE3; uvec[3] = SUDO_USAGE4; uvec[4] = SUDO_USAGE5; uvec[5] = NULL; } /* * Print usage and wrap lines as needed, depending on the * tty width. */ ulen = (int)strlen(getprogname()) + 8; lbuf_init(&lbuf, fatal ? usage_err : usage_out, ulen, NULL, user_details.ts_cols); for (i = 0; uvec[i] != NULL; i++) { lbuf_append(&lbuf, "usage: %s%s", getprogname(), uvec[i]); lbuf_print(&lbuf); } lbuf_destroy(&lbuf); if (fatal) exit(1); }
static void help(void) { struct lbuf lbuf; int indent = 16; const char *pname = getprogname(); lbuf_init(&lbuf, usage_out, indent, NULL, user_details.ts_cols); if (strcmp(pname, "sudoedit") == 0) lbuf_append(&lbuf, _("%s - edit files as another user\n\n"), pname); else lbuf_append(&lbuf, _("%s - execute a command as another user\n\n"), pname); lbuf_print(&lbuf); usage(0); lbuf_append(&lbuf, _("\nOptions:\n")); #ifdef HAVE_BSD_AUTH_H lbuf_append(&lbuf, " -A %s", _("use helper program for password prompting\n")); #endif lbuf_append(&lbuf, " -a type %s", _("use specified BSD authentication type\n")); lbuf_append(&lbuf, " -b %s", _("run command in the background\n")); lbuf_append(&lbuf, " -C fd %s", _("close all file descriptors >= fd\n")); #ifdef HAVE_LOGIN_CAP_H lbuf_append(&lbuf, " -c class %s", _("run command with specified login class\n")); #endif lbuf_append(&lbuf, " -E %s", _("preserve user environment when executing command\n")); lbuf_append(&lbuf, " -e %s", _("edit files instead of running a command\n")); lbuf_append(&lbuf, " -g group %s", _("execute command as the specified group\n")); lbuf_append(&lbuf, " -H %s", _("set HOME variable to target user's home dir.\n")); lbuf_append(&lbuf, " -h %s", _("display help message and exit\n")); lbuf_append(&lbuf, " -i [command] %s", _("run a login shell as target user\n")); lbuf_append(&lbuf, " -K %s", _("remove timestamp file completely\n")); lbuf_append(&lbuf, " -k %s", _("invalidate timestamp file\n")); lbuf_append(&lbuf, " -l[l] command %s", _("list user's available commands\n")); lbuf_append(&lbuf, " -n %s", _("non-interactive mode, will not prompt user\n")); lbuf_append(&lbuf, " -P %s", _("preserve group vector instead of setting to target's\n")); lbuf_append(&lbuf, " -p prompt %s", _("use specified password prompt\n")); #ifdef HAVE_SELINUX lbuf_append(&lbuf, " -r role %s", _("create SELinux security context with specified role\n")); #endif lbuf_append(&lbuf, " -S %s", _("read password from standard input\n")); lbuf_append(&lbuf, " -s [command] %s", _("run a shell as target user\n")); #ifdef HAVE_SELINUX lbuf_append(&lbuf, " -t type %s", _("create SELinux security context with specified role\n")); #endif lbuf_append(&lbuf, " -U user %s", _("when listing, list specified user's privileges\n")); lbuf_append(&lbuf, " -u user %s", _("run command (or edit file) as specified user\n")); lbuf_append(&lbuf, " -V %s", _("display version information and exit\n")); lbuf_append(&lbuf, " -v %s", _("update user's timestamp without running a command\n")); lbuf_append(&lbuf, " -- %s", _("stop processing command line arguments\n")); lbuf_print(&lbuf); lbuf_destroy(&lbuf); exit(0); }