embedaddon/sudo/plugins/sudoers/bsm_audit.c - diff

Return to bsm_audit.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/bsm_audit.c between versions 1.1 and 1.1.1.4

version 1.1, 2012/02/21 16:23:02	version 1.1.1.4, 2013/10/14 07:56:34
Line 1	Line 1
/*	/*
* Copyright (c) 2009-2011 Todd C. Miller <Todd.Miller@courtesan.com>	* Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
* Copyright (c) 2009 Christian S.J. Peron	* Copyright (c) 2009 Christian S.J. Peron
*	*
* Permission to use, copy, modify, and distribute this software for any	* Permission to use, copy, modify, and distribute this software for any
Line 30	Line 30
#include <errno.h>	#include <errno.h>
#include <unistd.h>	#include <unistd.h>

	#include "missing.h"
	#include "fatal.h"
	#include "gettext.h"
	#include "sudo_debug.h"
#include "bsm_audit.h"	#include "bsm_audit.h"

/*	/*
Line 42	Line 46
# define AUDIT_NOT_CONFIGURED ENOSYS	# define AUDIT_NOT_CONFIGURED ENOSYS
#endif	#endif

void log_error(int flags, const char *fmt, ...) __attribute__((__noreturn__));

static int	static int
audit_sudo_selected(int sf)	audit_sudo_selected(int sf)
{	{
Line 51 audit_sudo_selected(int sf)	Line 53 audit_sudo_selected(int sf)
struct au_mask *mask;	struct au_mask *mask;
auditinfo_t ainfo;	auditinfo_t ainfo;
int rc, sorf;	int rc, sorf;
	debug_decl(audit_sudo_selected, SUDO_DEBUG_AUDIT)

if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) {	if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)	if (getaudit(&ainfo) < 0)
log_error(0, _("getaudit: failed"));	fatal("getaudit");
mask = &ainfo.ai_mask;	mask = &ainfo.ai_mask;
} else	} else
log_error(0, _("getaudit: failed"));	fatal("getaudit");
} else	} else
mask = &ainfo_addr.ai_mask;	mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;	sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
rc = au_preselect(AUE_sudo, mask, sorf, AU_PRS_REREAD);	rc = au_preselect(AUE_sudo, mask, sorf, AU_PRS_REREAD);
return rc;	debug_return_int(rc);
}	}

void	void
Line 76 bsm_audit_success(char **exec_args)	Line 79 bsm_audit_success(char **exec_args)
long au_cond;	long au_cond;
int aufd;	int aufd;
pid_t pid;	pid_t pid;
	debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)

pid = getpid();	pid = getpid();
/*	/*
Line 84 bsm_audit_success(char **exec_args)	Line 88 bsm_audit_success(char **exec_args)
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)	if (errno == AUDIT_NOT_CONFIGURED)
return;	return;
log_error(0, _("Could not determine audit condition"));	fatal(_("Could not determine audit condition"));
}	}
if (au_cond == AUC_NOAUDIT)	if (au_cond == AUC_NOAUDIT)
return;	debug_return;
/*	/*
* Check to see if the preselection masks are interested in seeing	* Check to see if the preselection masks are interested in seeing
* this event.	* this event.
*/	*/
if (!audit_sudo_selected(0))	if (!audit_sudo_selected(0))
return;	debug_return;
if (getauid(&auid) < 0)	if (getauid(&auid) < 0)
log_error(0, _("getauid failed"));	fatal("getauid");
if ((aufd = au_open()) == -1)	if ((aufd = au_open()) == -1)
log_error(0, _("au_open: failed"));	fatal("au_open");
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),	tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);	getuid(), pid, pid, &ainfo_addr.ai_termid);
Line 106 bsm_audit_success(char **exec_args)	Line 110 bsm_audit_success(char **exec_args)
* NB: We should probably watch out for ERANGE here.	* NB: We should probably watch out for ERANGE here.
*/	*/
if (getaudit(&ainfo) < 0)	if (getaudit(&ainfo) < 0)
log_error(0, _("getaudit: failed"));	fatal("getaudit");
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),	tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);	getuid(), pid, pid, &ainfo.ai_termid);
} else	} else
log_error(0, _("getaudit: failed"));	fatal("getaudit");
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_subject: failed"));	fatal("au_to_subject");
au_write(aufd, tok);	au_write(aufd, tok);
tok = au_to_exec_args(exec_args);	tok = au_to_exec_args(exec_args);
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_exec_args: failed"));	fatal("au_to_exec_args");
au_write(aufd, tok);	au_write(aufd, tok);
tok = au_to_return32(0, 0);	tok = au_to_return32(0, 0);
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_return32: failed"));	fatal("au_to_return32");
au_write(aufd, tok);	au_write(aufd, tok);
	#ifdef __sun
	if (au_close(aufd, 1, AUE_sudo, 0) == -1)
	#else
if (au_close(aufd, 1, AUE_sudo) == -1)	if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, _("unable to commit audit record"));	#endif
	fatal(_("unable to commit audit record"));
	debug_return;
}	}

void	void
Line 137 bsm_audit_failure(char *exec_args, char const const	Line 146 bsm_audit_failure(char *exec_args, char const const
au_id_t auid;	au_id_t auid;
pid_t pid;	pid_t pid;
int aufd;	int aufd;
	debug_decl(bsm_audit_success, SUDO_DEBUG_AUDIT)

pid = getpid();	pid = getpid();
/*	/*
* If we are not auditing, don't cut an audit record; just return.	* If we are not auditing, don't cut an audit record; just return.
*/	*/
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)	if (errno == AUDIT_NOT_CONFIGURED)
return;	debug_return;
log_error(0, _("Could not determine audit condition"));	fatal(_("Could not determine audit condition"));
}	}
if (au_cond == AUC_NOAUDIT)	if (au_cond == AUC_NOAUDIT)
return;	debug_return;
if (!audit_sudo_selected(1))	if (!audit_sudo_selected(1))
return;	debug_return;
if (getauid(&auid) < 0)	if (getauid(&auid) < 0)
log_error(0, _("getauid: failed"));	fatal("getauid");
if ((aufd = au_open()) == -1)	if ((aufd = au_open()) == -1)
log_error(0, _("au_open: failed"));	fatal("au_open");
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),	tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);	getuid(), pid, pid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) {	} else if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)	if (getaudit(&ainfo) < 0)
log_error(0, _("getaudit: failed"));	fatal("getaudit");
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),	tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);	getuid(), pid, pid, &ainfo.ai_termid);
} else	} else
log_error(0, _("getaudit: failed"));	fatal("getaudit");
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_subject: failed"));	fatal("au_to_subject");
au_write(aufd, tok);	au_write(aufd, tok);
tok = au_to_exec_args(exec_args);	tok = au_to_exec_args(exec_args);
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_exec_args: failed"));	fatal("au_to_exec_args");
au_write(aufd, tok);	au_write(aufd, tok);
(void) vsnprintf(text, sizeof(text), fmt, ap);	(void) vsnprintf(text, sizeof(text), fmt, ap);
tok = au_to_text(text);	tok = au_to_text(text);
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_text: failed"));	fatal("au_to_text");
au_write(aufd, tok);	au_write(aufd, tok);
tok = au_to_return32(EPERM, 1);	tok = au_to_return32(EPERM, 1);
if (tok == NULL)	if (tok == NULL)
log_error(0, _("au_to_return32: failed"));	fatal("au_to_return32");
au_write(aufd, tok);	au_write(aufd, tok);
	#ifdef __sun
	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
	#else
if (au_close(aufd, 1, AUE_sudo) == -1)	if (au_close(aufd, 1, AUE_sudo) == -1)
log_error(0, _("unable to commit audit record"));	#endif
	fatal(_("unable to commit audit record"));
	debug_return;
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1
changed lines
	Added in v.1.1.1.4