Add support for "plugin" defaults type.

sudo-project · Sep 24, 2023 · 1c13b8a · 1c13b8a
1 parent c1708f0
commit 1c13b8a
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 0 deletions.
diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
@@ -71,6 +71,7 @@ static bool store_tuple(const char *str, struct sudo_defs_types *def);
 static bool store_uint(const char *str, struct sudo_defs_types *def);
 static bool store_timespec(const char *str, struct sudo_defs_types *def);
 static bool store_rlimit(const char *str, struct sudo_defs_types *def);
+static bool store_plugin(const char *str, struct sudo_defs_types *def, int op);
 static bool list_op(const char *str, size_t, struct list_members *list, enum list_ops op);
 static bool valid_path(const struct sudoers_context *ctx, struct sudo_defs_types *def, const char *val, const char *file, int line, int column, bool quiet);
 
@@ -307,6 +308,9 @@ parse_default_entry(const struct sudoers_context *ctx,
 	case T_TIMESPEC:
 	    rc = store_timespec(val, def);
 	    break;
+	case T_PLUGIN:
+	    rc = store_plugin(val, def, op);
+	    break;
 	case T_RLIMIT:
 	    rc = store_rlimit(val, def);
 	    break;
@@ -1080,6 +1084,22 @@ store_list(const char *str, struct sudo_defs_types *def, int op)
     debug_return_bool(true);
 }
 
+static bool
+store_plugin(const char *str, struct sudo_defs_types *def, int op)
+{
+    const enum list_ops lop = op == '-' ? delete : add;
+    debug_decl(store_plugin, SUDOERS_DEBUG_DEFAULTS);
+
+    /* Remove all old members. */
+    if (op == false || op == true)
+	(void)list_op(NULL, 0, &def->sd_un.list, freeall);
+
+    if (!list_op(str, strlen(str), &def->sd_un.list, lop))
+	debug_return_bool(false);
+
+    debug_return_bool(true);
+}
+
 static bool
 store_syslogfac(const char *str, struct sudo_defs_types *def)
 {

diff --git a/plugins/sudoers/defaults.h b/plugins/sudoers/defaults.h
@@ -111,6 +111,8 @@ struct early_default {
 #define T_TIMEOUT	0x011
 #undef T_RLIMIT
 #define T_RLIMIT	0x012
+#undef T_PLUGIN
+#define T_PLUGIN	0x013
 #undef T_MASK
 #define T_MASK		0x0FF
 #undef T_BOOL

diff --git a/plugins/sudoers/mkdefaults b/plugins/sudoers/mkdefaults
@@ -45,6 +45,7 @@ BEGIN {
     type_map["T_TIMESPEC"] = "tspec"
     type_map["T_TIMEOUT"] = "ival"
     type_map["T_RLIMIT"] = "str"
+    type_map["T_PLUGIN"] = "list"
 }
 {
     sub(/#.*/, "", $0)