[augeas-devel] augeas: master - Sudoers: allow certain backslash-quoted characters in a command

[David Lutterkort]

Gitweb:        
http://git.fedorahosted.org/git/augeas.git?p=augeas.git;a=commitdiff;h=5da91b6f0511db5107c643bf7863701d66b75cab
Commit:        5da91b6f0511db5107c643bf7863701d66b75cab
Parent:        2c83b509e79f3e859bbba7909e3e3769e1285164
Author:        Matt Palmer <mpal...@hezmatt.org>
AuthorDate:    Thu Sep 17 12:05:19 2009 -0700
Committer:     David Lutterkort <lut...@redhat.com>
CommitterDate: Thu Sep 17 12:05:19 2009 -0700

Sudoers: allow certain backslash-quoted characters in a command

Commands may contain backslashes by themselves and the two-char sequences
\\[=:,\\]
---
 lenses/sudoers.aug            |    6 ++----
 lenses/tests/test_sudoers.aug |   13 +++++++++++++
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/lenses/sudoers.aug b/lenses/sudoers.aug
index f3d34c9..69d38ef 100644
--- a/lenses/sudoers.aug
+++ b/lenses/sudoers.aug
@@ -82,10 +82,8 @@ let sep_dquote   = Util.del_str "\""
 (* Group: Stores *)
 
 (* Variable: sto_to_com_cmnd
-sto_to_com_cmnd does not begin or end with a space
-
-There could be a \ in the middle of a command *)
-let sto_to_com_cmnd = store /([^,=:#() \t\n\\\\][^,=:#()\n]*[^,=:#() 
\t\n\\\\])|[^,=:#() \t\n\\\\]/
+sto_to_com_cmnd does not begin or end with a space *)
+let sto_to_com_cmnd = store /([^,=:#() 
\t\n\\\\]([^,=:#()\n\\\\]|\\\\[=:,\\\\])*[^,=:#() \t\n\\\\])|[^,=:#() \t\n\\\\]/
 
 (* Variable: sto_to_com
 
diff --git a/lenses/tests/test_sudoers.aug b/lenses/tests/test_sudoers.aug
index 561de85..ce61827 100644
--- a/lenses/tests/test_sudoers.aug
+++ b/lenses/tests/test_sudoers.aug
@@ -37,6 +37,8 @@ www-data +biglab=(rpinson)NOEXEC: ICAL \
         localhost = NOPASSWD:  /usr/bin/test
 
        +secretaries           ALPHA = /usr/bin/su [!-]*, !/usr/bin/su *root*
+
+someuser ALL=(root) NOPASSWD: /usr/bin/python /usr/local/sbin/filterlog 
-iu\\=www /var/log/something.log
 "
 
    test Sudoers.lns get conf =
@@ -131,6 +133,17 @@ www-data +biglab=(rpinson)NOEXEC: ICAL \
              { "host" = "ALPHA" }
              { "command" = "/usr/bin/su [!-]*" }
              { "command" = "!/usr/bin/su *root*" } } }
+      {}
+      { "spec"
+          { "user"    = "someuser" }
+          { "host_group"
+              { "host" = "ALL" }
+              { "command" = "/usr/bin/python /usr/local/sbin/filterlog 
-iu\\=www /var/log/something.log"
+                  { "runas_user" = "root" }
+                  { "tag" = "NOPASSWD" }
+              }
+          }
+      }
 
 test Sudoers.parameter_integer_bool
     put "umask = 022"

_______________________________________________
augeas-devel mailing list
augeas-devel@redhat.com
https://www.redhat.com/mailman/listinfo/augeas-devel