Merge branch 'trifectatechfoundation:main' into main

Patrickstory15 · Aug 9, 2024 · f0d8583 · f0d8583
2 parents 99c8e88 + 2ac8cbb
commit f0d8583
Show file tree

Hide file tree

Showing 38 changed files with 324 additions and 696 deletions.
diff --git a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
@@ -2,7 +2,7 @@
 A clear and concise description of the changes done by your pull request.
 
 **Pull Request Checklist**
-- [] I have read and accepted the [code of conduct](https://github.com/memorysafety/sudo-rs/blob/master/CODE_OF_CONDUCT.md) for this project.
+- [] I have read and accepted the [code of conduct](https://github.com/trifectatechfoundation/sudo-rs/blob/master/CODE_OF_CONDUCT.md) for this project.
 - [] I have tested, formatted and ran clippy over my changes.
 - [] I have commented and documented my changes.
-- [] This pull request will fix issue https://github.com/memorysafety/sudo-rs/issues/<#issue> where a proper discussion about a solution has taken place.
+- [] This pull request will fix issue https://github.com/trifectatechfoundation/sudo-rs/issues/<#issue> where a proper discussion about a solution has taken place.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -397,11 +397,7 @@ jobs:
           shared-key: "stable"
 
       - name: Run clippy
-        uses: actions-rs/clippy-check@v1
-        with:
-          name: clippy-result
-          token: ${{ secrets.GITHUB_TOKEN }}
-          args: --no-deps -- --deny warnings
+        run: cargo clippy --no-deps --all-targets --all-features -- --deny warnings
 
   docs:
     needs: clippy

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,15 @@
 # Changelog
 
+## [0.2.3] - 2024-07-11
+
+### Changed
+- Portability: sudo-rs now is compatible with s390x-unknown-linux-gnu
+- Removed unneeded code & fix hints given by newer Rust version
+
+### Fixed
+- `visudo` would not properly truncate a `sudoers` file
+- high CPU load when child process did not terminate after closure of a terminal
+
 ## [0.2.2] - 2024-02-02
 
 ### Changed
@@ -111,9 +121,10 @@
 - Use canonicalized paths for the executed binaries
 - Simplified CLI help to only display supported actions
 
-[0.2.2]: https://github.com/memorysafety/sudo-rs/compare/v0.2.1...v0.2.2
-[0.2.1]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0...v0.2.1
-[0.2.0]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230711...v0.2.0
-[0.2.0-dev.20230711]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230703...v0.2.0-dev.20230711
-[0.2.0-dev.20230703]: https://github.com/memorysafety/sudo-rs/compare/v0.2.0-dev.20230627...v0.2.0-dev.20230703
-[0.2.0-dev.20230627]: https://github.com/memorysafety/sudo-rs/compare/v0.1.0-dev.20230620...v0.2.0-dev.20230627
+[0.2.3]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.2...v0.2.3
+[0.2.2]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.1...v0.2.2
+[0.2.1]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.0...v0.2.1
+[0.2.0]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.0-dev.20230711...v0.2.0
+[0.2.0-dev.20230711]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.0-dev.20230703...v0.2.0-dev.20230711
+[0.2.0-dev.20230703]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.2.0-dev.20230627...v0.2.0-dev.20230703
+[0.2.0-dev.20230627]: https://github.com/trifectatechfoundation/sudo-rs/compare/v0.1.0-dev.20230620...v0.2.0-dev.20230627
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -51,7 +51,7 @@ If you find a security problem that can be used to used to compromise a system,
 do follow our [security policy] and report a vulnerability instead of using the
 issue tracker.
 
-[security policy]: https://github.com/memorysafety/sudo-rs/security/policy
+[security policy]: https://github.com/trifectatechfoundation/sudo-rs/security/policy
 
 ## Working on a bigger issue
 

diff --git a/COPYRIGHT b/COPYRIGHT
@@ -1,4 +1,4 @@
-Copyright (c) 2022-2023 Internet Security Research Group
+Copyright (c) 2022-2024 Trifecta Tech Foundation and contributors
 
 Except as otherwise noted (below and/or in individual files), sudo-rs is
 licensed under the Apache License, Version 2.0 <LICENSE-APACHE> or

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,11 +1,11 @@
 [package]
 name = "sudo-rs"
 description = "A memory safe implementation of sudo and su."
-version = "0.2.2"
+version = "0.2.3"
 license = "Apache-2.0 OR MIT"
 edition = "2021"
-repository = "https://github.com/memorysafety/sudo-rs"
-homepage = "https://github.com/memorysafety/sudo-rs"
+repository = "https://github.com/trifectatechfoundation/sudo-rs"
+homepage = "https://github.com/trifectatechfoundation/sudo-rs"
 publish = true
 categories = ["command-line-interface"]
 

diff --git a/LICENSE-MIT b/LICENSE-MIT
@@ -1,5 +1,5 @@
-
-Copyright (c) 2022-2023 Internet Security Research Group
+Copyright (c) 2022-2024 Trifecta Tech Foundation
+and contributors
 
 Permission is hereby granted, free of charge, to any
 person obtaining a copy of this software and associated

diff --git a/README.md b/README.md
@@ -7,8 +7,8 @@ A safety oriented and memory safe implementation of sudo and su written in Rust.
 Sudo-rs is being developed further; features you might expect from original sudo
 may still be unimplemented or not planned. If there is an important one you need,
 please request it using the issue tracker. If you encounter any usability bugs,
-also please report them on the [issue tracker](https://github.com/memorysafety/sudo-rs/issues).
-Suspected vulnerabilities can be reported on our [security page](https://github.com/memorysafety/sudo-rs/security).
+also please report them on the [issue tracker](https://github.com/trifectatechfoundation/sudo-rs/issues).
+Suspected vulnerabilities can be reported on our [security page](https://github.com/trifectatechfoundation/sudo-rs/security).
 
 An [audit of sudo-rs version 0.2.0](docs/audit/audit-report-sudo-rs.pdf) has been performed in August 2023.
 The findings from that audit are addressed in the current version.
@@ -20,6 +20,16 @@ or newer is necessary to run sudo-rs.
 
 The recommended way to start using `sudo-rs` is via the package manager of your Linux distribution.
 
+### Arch Linux
+
+Arch Linux can be installed via AUR [sudo-rs](https://aur.archlinux.org/packages/sudo-rs) or [sudo-rs-git](https://aur.archlinux.org/packages/sudo-rs-git).
+
+Note: [AUR usage help](https://wiki.archlinux.org/title/AUR_helpers)
+
+```sh
+yay -Syu sudo-rs
+```
+
 ### Debian/Ubuntu
 If you are running Debian 13 (trixie) or later, or Ubuntu 24.04 (Noble Numbat) or later, you can use:
 ```sh
@@ -30,7 +40,11 @@ via the usual commands `sudo` and `su` instead, prepend `/usr/lib/cargo/bin` to
 
 ### Fedora
 
-For Fedora, we expect sudo-rs to be available via its package manager soon.
+If you are running Fedora 38 or later, you can use: 
+```sh
+sudo dnf install sudo-rs
+```
+This will offer the functionality using the commands `su-rs` and `sudo-rs`.
 
 ### Installing our pre-compiled x86-64 binaries
 
@@ -150,5 +164,6 @@ extract parts of our work in usable crates for other people.
 
 ## Sponsors
 
-The development of sudo-rs is an initiative of the [Prossimo project by ISRG](https://www.memorysafety.org/).
+The initial development of sudo-rs was started and funded by the [Internet Security Research Group](https://www.abetterinternet.org/) as part of the [Prossimo project](https://www.memorysafety.org/).
+
 An independent security audit of sudo-rs was made possible by the [NLNet Foundation](https://nlnet.nl/).
diff --git a/SECURITY.md b/SECURITY.md
@@ -1,7 +1,7 @@
 # Security policy
 **Do not report security vulnerabilities through public GitHub issues.**
 
-Instead, you can report them using [our security page](https://github.com/memorysafety/sudo-rs/security). Alternatively, you can also send them
+Instead, you can report them using [our security page](https://github.com/trifectatechfoundation/sudo-rs/security). Alternatively, you can also send them
 by email to [email protected]. You can encrypt your email using GnuPG if you want. Use the GPG key with fingerprint
 [C2E4 CAC4 B122 25DE 1C3B  B1C9 289D 0820 03D0 1E95](https://keys.openpgp.org/search?q=C2E4CAC4B12225DE1C3BB1C9289D082003D01E95).
 
@@ -24,4 +24,4 @@ We prefer to receive reports in English. If necessary, we also understand Spanis
 Like original sudo, we adhere to the principle of [Coordinated Vulnerability Disclosure](https://vuls.cert.org/confluence/display/CVD/Executive+Summary).
 
 # Security Advisories
-Security advisories will be published [on GitHub](https://github.com/memorysafety/sudo-rs/security/advisories) and possibly through other channels.
+Security advisories will be published [on GitHub](https://github.com/trifectatechfoundation/sudo-rs/security/advisories) and possibly through other channels.
diff --git a/docs/man/su.1.md b/docs/man/su.1.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: SU(1) sudo-rs 0.2.2 | sudo-rs
+title: SU(1) sudo-rs 0.2.3 | sudo-rs
 --- -->
 
 # NAME

diff --git a/docs/man/sudo.8.md b/docs/man/sudo.8.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: SUDO(8) sudo-rs 0.2.2 | sudo-rs
+title: SUDO(8) sudo-rs 0.2.3 | sudo-rs
 --- -->
 
 # NAME

diff --git a/docs/man/visudo.8.md b/docs/man/visudo.8.md
@@ -1,5 +1,5 @@
 <!-- ---
-title: VISUDO(8) sudo-rs 0.2.2 | sudo-rs
+title: VISUDO(8) sudo-rs 0.2.3 | sudo-rs
 --- -->
 
 # NAME

diff --git a/src/common/error.rs b/src/common/error.rs
@@ -13,6 +13,7 @@ pub enum Error {
         other_user: Option<SudoString>,
     },
     SelfCheck,
+    KernelCheck,
     CommandNotFound(PathBuf),
     InvalidCommand(PathBuf),
     ChDirNotAllowed {
@@ -56,6 +57,7 @@ impl fmt::Display for Error {
             Error::SelfCheck => {
                 f.write_str("sudo must be owned by uid 0 and have the setuid bit set")
             }
+            Error::KernelCheck => f.write_str("sudo needs a Kernel >= 5.9"),
             Error::CommandNotFound(p) => write!(f, "'{}': command not found", p.display()),
             Error::InvalidCommand(p) => write!(f, "'{}': invalid command", p.display()),
             Error::UserNotFound(u) => write!(f, "user '{u}' not found"),

diff --git a/src/defaults/settings_dsl.rs b/src/defaults/settings_dsl.rs
@@ -1,5 +1,6 @@
 macro_rules! add_from {
     ($ctor:ident, $type:ty) => {
+        #[allow(non_local_definitions)]
         impl From<$type> for $crate::defaults::SudoDefault {
             fn from(value: $type) -> Self {
                 $crate::defaults::SudoDefault::$ctor(value.into())
@@ -8,6 +9,7 @@ macro_rules! add_from {
     };
 
     ($ctor:ident, $type:ty, negatable$(, $vetting_function:expr)?) => {
+        #[allow(non_local_definitions)]
         impl From<$type> for $crate::defaults::SudoDefault {
             fn from(value: $type) -> Self {
                 $crate::defaults::SudoDefault::$ctor(OptTuple {
@@ -17,6 +19,7 @@ macro_rules! add_from {
             }
         }
 
+        #[allow(non_local_definitions)]
         impl From<($type, $type)> for $crate::defaults::SudoDefault {
             fn from((value, neg): ($type, $type)) -> Self {
                 $crate::defaults::SudoDefault::$ctor(OptTuple {

diff --git a/src/exec/use_pty/parent.rs b/src/exec/use_pty/parent.rs
@@ -700,7 +700,13 @@ impl Process for ParentClosure {
         match event {
             ParentEvent::Signal => self.on_signal(registry),
             ParentEvent::Tty(poll_event) => {
-                self.tty_pipe.on_left_event(poll_event, registry).ok();
+                // Check if tty which existed is now gone.
+                if self.tty_pipe.left().tcgetsid().is_err() {
+                    dev_warn!("tty gone (closed/detached), ignoring future events");
+                    self.tty_pipe.ignore_events(registry);
+                } else {
+                    self.tty_pipe.on_left_event(poll_event, registry).ok();
+                }
             }
             ParentEvent::Pty(poll_event) => {
                 self.tty_pipe.on_right_event(poll_event, registry).ok();

diff --git a/src/exec/use_pty/pipe/ring_buffer.rs b/src/exec/use_pty/pipe/ring_buffer.rs
@@ -25,6 +25,8 @@ impl RingBuffer {
         self.len == self.storage.len()
     }
 
+    // rustc 1.77.1 clippy gives false diagnostics, https://github.com/rust-lang/rust-clippy/issues/12519
+    #[allow(clippy::unused_io_amount)]
     pub(super) fn insert<R: Read>(&mut self, read: &mut R) -> io::Result<usize> {
         let inserted_len = if self.is_empty() {
             // Case 1.1. The buffer is empty, meaning that there are two unfilled slices in
@@ -61,6 +63,8 @@ impl RingBuffer {
         self.len == 0
     }
 
+    // rustc 1.77.1 clippy gives false diagnostics, https://github.com/rust-lang/rust-clippy/issues/12519
+    #[allow(clippy::unused_io_amount)]
     pub(super) fn remove<W: Write>(&mut self, write: &mut W) -> io::Result<usize> {
         let removed_len = if self.is_full() {
             // Case 2.1. The buffer is full, meaning that there are two filled slices in `storage`:

diff --git a/src/pam/error.rs b/src/pam/error.rs
@@ -6,23 +6,17 @@ use super::sys::*;
 
 pub type PamResult<T, E = PamError> = Result<T, E>;
 
+// TODO: add missing doc-comments
 #[derive(PartialEq, Eq, Debug)]
 pub enum PamErrorType {
     /// There was no error running the PAM command
     Success,
-    ///
     OpenError,
-    ///
     SymbolError,
-    ///
     ServiceError,
-    ///
     SystemError,
-    ///
     BufferError,
-    ///
     ConversationError,
-    ///
     PermissionDenied,
     /// The maximum number of authentication attempts was reached and no more
     /// attempts should be made.
@@ -47,27 +41,17 @@ pub enum PamErrorType {
     CredentialsError,
     /// The user account is expired and can no longer be used.
     AccountExpired,
-    ///
     AuthTokenExpired,
-    ///
     SessionError,
-    ///
     AuthTokenError,
-    ///
     AuthTokenRecoveryError,
-    ///
     AuthTokenLockBusy,
-    ///
     AuthTokenDisableAging,
-    ///
     NoModuleData,
-    ///
     Ignore,
     /// The application should exit immediately.
     Abort,
-    ///
     TryAgain,
-    ///
     ModuleUnknown,
     /// The application tried to set/delete an undefined or inaccessible item.
     BadItem, // Extension in OpenPAM and LinuxPAM