mulander/doas.c.diff Secret

## doas.c.diff
--- doas.c      27 May 2017 09:51:07 -0000      1.72
+++ doas.c      8 Jun 2017 17:14:18 -0000
@@ -256,7 +256,7 @@ main(int argc, char **argv)
        uid_t target = 0;
        gid_t groups[NGROUPS_MAX + 1];
        int ngroups;
-       int i, ch;
+       int i, ch, first;
        int sflag = 0;
        int nflag = 0;
        char cwdpath[PATH_MAX];
@@ -338,7 +338,7 @@ main(int argc, char **argv)
        if (geteuid())
                errx(1, "not installed setuid");

-       parseconfig("/etc/doas.conf", 1);
+       parseconfig("/usr/src/usr.bin/doas/doas.new", 1);

        /* cmdline is used only for logging, no need to abort on truncate */
        (void)strlcpy(cmdline, argv[0], sizeof(cmdline));
@@ -355,6 +355,15 @@ main(int argc, char **argv)
                syslog(LOG_AUTHPRIV | LOG_NOTICE,
                    "failed command for %s: %s", myname, cmdline);
                errc(1, EPERM, NULL);
+       }
+
+       if (rule->options & CONFIRM) {
+               printf("%s wants to run '%s'. Continue? [yN] ", myname, cmdline);
+               first = ch = getchar();
+               while (ch != '\n' && ch != EOF)
+                       ch = getchar();
+               if (first != 'y' && first != 'Y')
+                       errx(1, "aborted by user");
        }

        if (!(rule->options & NOPASS)) {
	--- doas.c 27 May 2017 09:51:07 -0000 1.72
	+++ doas.c 8 Jun 2017 17:14:18 -0000
	@@ -256,7 +256,7 @@ main(int argc, char **argv)
	uid_t target = 0;
	gid_t groups[NGROUPS_MAX + 1];
	int ngroups;
	- int i, ch;
	+ int i, ch, first;
	int sflag = 0;
	int nflag = 0;
	char cwdpath[PATH_MAX];
	@@ -338,7 +338,7 @@ main(int argc, char **argv)
	if (geteuid())
	errx(1, "not installed setuid");

	- parseconfig("/etc/doas.conf", 1);
	+ parseconfig("/usr/src/usr.bin/doas/doas.new", 1);

	/* cmdline is used only for logging, no need to abort on truncate */
	(void)strlcpy(cmdline, argv[0], sizeof(cmdline));
	@@ -355,6 +355,15 @@ main(int argc, char **argv)
	syslog(LOG_AUTHPRIV \| LOG_NOTICE,
	"failed command for %s: %s", myname, cmdline);
	errc(1, EPERM, NULL);
	+ }
	+
	+ if (rule->options & CONFIRM) {
	+ printf("%s wants to run '%s'. Continue? [yN] ", myname, cmdline);
	+ first = ch = getchar();
	+ while (ch != '\n' && ch != EOF)
	+ ch = getchar();
	+ if (first != 'y' && first != 'Y')
	+ errx(1, "aborted by user");
	}

	if (!(rule->options & NOPASS)) {