From 7370462ee78349fd168eddbd7480b0220f20398e Mon Sep 17 00:00:00 2001 From: Renzo Davoli Date: Mon, 22 Aug 2016 18:59:04 +0200 Subject: [PATCH] upgraded to s2argv-execs 0.9 --- cado.1 | 2 +- cado.c | 2 +- configure.ac | 8 ++++---- read_conf.c | 8 ++++---- scado.c | 2 +- 5 files changed, 11 insertions(+), 11 deletions(-) diff --git a/cado.1 b/cado.1 index a967f68..360c843 100644 --- a/cado.1 +++ b/cado.1 @@ -59,7 +59,7 @@ run in verbose mode. \fBcado\fR shows the set of allowed capabilities, requested \fB\-f .TQ \fB\-\-force -do not fail in case the user asks for unavailable capabilities, \fBcado.conf\fR in this case grants the intersection between the +do not fail in case the user asks for unavailable capabilities, \fBcado\fR in this case grants the intersection between the set of requested cababilities and the set of allowed capabilities .TP \fB\-s diff --git a/cado.c b/cado.c index 28e1568..9687cb2 100644 --- a/cado.c +++ b/cado.c @@ -67,7 +67,7 @@ void usage(char *progname) { fprintf(stderr,"usage: %s OPTIONS capability_list command [args]\n\n",progname); fprintf(stderr,"Options:\n"); fprintf(stderr," -h, --help display help message and exit\n"); - fprintf(stderr," -f, --force do not display warnings, do what it is allowed\n"); + fprintf(stderr," -f, --force do not display warnings, do what is allowed\n"); fprintf(stderr," -v, --verbose generate extra output\n"); fprintf(stderr," -S, --scado check scado pre-authorization for scripts\n"); fprintf(stderr," -s, --setcap set the minimun caps for %s (root access)\n",progname); diff --git a/configure.ac b/configure.ac index 9d08f65..e50d028 100644 --- a/configure.ac +++ b/configure.ac @@ -13,9 +13,9 @@ AC_PROG_CC AC_PROG_INSTALL # Checks for libraries. -AC_CHECK_LIB([s2argv], [s2argv], [], +AC_CHECK_LIB([execs], [s2argv], [], [ - AC_MSG_ERROR([Could not find S2ARGV library (https://github.com/rd235/s2argv-execs)]) + AC_MSG_ERROR([Could not find execs library (https://github.com/rd235/s2argv-execs)]) ]) # Checks for header files. @@ -26,9 +26,9 @@ AC_CHECK_HEADERS([sys/capability.h], AC_CHECK_HEADERS([security/pam_appl.h security/pam_misc.h], [], [AC_MSG_ERROR([missing PAM headers])]) -AC_CHECK_HEADERS([s2argv.h], +AC_CHECK_HEADERS([execs.h], [], - [AC_MSG_ERROR([missing S2ARGV headers])]) + [AC_MSG_ERROR([missing execs headers])]) # Checks for typedefs, structures, and compiler characteristics. AC_TYPE_UID_T diff --git a/read_conf.c b/read_conf.c index 482dc56..acc27c7 100644 --- a/read_conf.c +++ b/read_conf.c @@ -29,7 +29,7 @@ #include #include #include -#include +#include #ifndef CONFDIR #define CONFDIR "/etc" @@ -49,7 +49,7 @@ static int groupmatch (char *group, char **grouplist) { return 0; } -/* s2argv security, children must drop their capabilities */ +/* execs security, children must drop their capabilities */ static int drop_capabilities(void *useless) { return prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); } @@ -67,8 +67,8 @@ uint64_t get_authorized_caps(char **user_groups, uint64_t reqset) { if (f) { char *line=NULL; size_t n=0; - /* set s2argv security, children must drop their capabilities */ - s2_fork_security=drop_capabilities; + /* set execs security, children must drop their capabilities */ + execs_fork_security=drop_capabilities; while (getline(&line, &n, f) > 0 && (reqset & ~ok_caps)) { //printf("%s",line); char *scan=line; diff --git a/scado.c b/scado.c index cfa6c22..39ac9c9 100644 --- a/scado.c +++ b/scado.c @@ -44,7 +44,7 @@ #include #include -#include +#include #define EDIT_PAM_MAXTRIES 3