Create a gist now

Instantly share code, notes, and snippets.

@mulander /doas.c.diff Secret
Created Jun 8, 2017

What would you like to do?
--- doas.c 27 May 2017 09:51:07 -0000 1.72
+++ doas.c 8 Jun 2017 17:14:18 -0000
@@ -256,7 +256,7 @@ main(int argc, char **argv)
uid_t target = 0;
gid_t groups[NGROUPS_MAX + 1];
int ngroups;
- int i, ch;
+ int i, ch, first;
int sflag = 0;
int nflag = 0;
char cwdpath[PATH_MAX];
@@ -338,7 +338,7 @@ main(int argc, char **argv)
if (geteuid())
errx(1, "not installed setuid");
- parseconfig("/etc/doas.conf", 1);
+ parseconfig("/usr/src/usr.bin/doas/doas.new", 1);
/* cmdline is used only for logging, no need to abort on truncate */
(void)strlcpy(cmdline, argv[0], sizeof(cmdline));
@@ -355,6 +355,15 @@ main(int argc, char **argv)
syslog(LOG_AUTHPRIV | LOG_NOTICE,
"failed command for %s: %s", myname, cmdline);
errc(1, EPERM, NULL);
+ }
+
+ if (rule->options & CONFIRM) {
+ printf("%s wants to run '%s'. Continue? [yN] ", myname, cmdline);
+ first = ch = getchar();
+ while (ch != '\n' && ch != EOF)
+ ch = getchar();
+ if (first != 'y' && first != 'Y')
+ errx(1, "aborted by user");
}
if (!(rule->options & NOPASS)) {
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment