embedaddon/sudo/plugins/sudoers/linux_audit.c - diff

Return to linux_audit.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/linux_audit.c between versions 1.1 and 1.1.1.6

version 1.1, 2012/02/21 16:23:02	version 1.1.1.6, 2014/06/15 16:12:54
Line 1	Line 1
/*	/*
* Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>	* Copyright (c) 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
*	*
* Permission to use, copy, modify, and distribute this software for any	* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above	* purpose with or without fee is hereby granted, provided that the above
Line 31	Line 31
#include <string.h>	#include <string.h>
#include <libaudit.h>	#include <libaudit.h>

	#define DEFAULT_TEXT_DOMAIN "sudoers"
	#include "gettext.h" /* must be included before missing.h */

#include "missing.h"	#include "missing.h"
#include "error.h"	#include "fatal.h"
#include "alloc.h"	#include "alloc.h"
#include "gettext.h"	#include "sudo_debug.h"
#include "linux_audit.h"	#include "linux_audit.h"

/*	/*
* Open audit connection if possible.	* Open audit connection if possible.
* Returns audit fd on success and -1 on failure.	* Returns audit fd on success and -1 on failure.
*/	*/
static int	int
linux_audit_open(void)	static linux_audit_open(void)
{	{
static int au_fd = -1;	static int au_fd = -1;
	debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT)

if (au_fd != -1)	if (au_fd != -1)
return au_fd;	debug_return_int(au_fd);
au_fd = audit_open();	au_fd = audit_open();
if (au_fd == -1) {	if (au_fd == -1) {
/* Kernel may not have audit support. */	/* Kernel may not have audit support. */
if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)	if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
error(1, _("unable to open audit system"));	fatal(U_("unable to open audit system"));
} else {	} else {
(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);	(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
}	}
return au_fd;	debug_return_int(au_fd);
}	}

int	int
Line 65 linux_audit_command(char *argv[], int result)	Line 69 linux_audit_command(char *argv[], int result)
int au_fd, rc;	int au_fd, rc;
char command, cp, **av;	char command, cp, **av;
size_t size, n;	size_t size, n;
	debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT)

if ((au_fd = linux_audit_open()) == -1)	if ((au_fd = linux_audit_open()) == -1)
return -1;	debug_return_int(-1);

/* Convert argv to a flat string. */	/* Convert argv to a flat string. */
for (size = 0, av = argv; *av != NULL; av++)	for (size = 0, av = argv; *av != NULL; av++)
Line 75 linux_audit_command(char *argv[], int result)	Line 80 linux_audit_command(char *argv[], int result)
command = cp = emalloc(size);	command = cp = emalloc(size);
for (av = argv; *av != NULL; av++) {	for (av = argv; *av != NULL; av++) {
n = strlcpy(cp, *av, size - (cp - command));	n = strlcpy(cp, *av, size - (cp - command));
if (n >= size - (cp - command))	if (n >= size - (cp - command)) {
errorx(1, _("internal error, linux_audit_command() overflow"));	fatalx(U_("internal error, %s overflow"),
	"linux_audit_command()");
	}
cp += n;	cp += n;
*cp++ = ' ';	*cp++ = ' ';
}	}
Line 85 linux_audit_command(char *argv[], int result)	Line 92 linux_audit_command(char *argv[], int result)
/* Log command, ignoring ECONNREFUSED on error. */	/* Log command, ignoring ECONNREFUSED on error. */
rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);	rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
if (rc <= 0 && errno != ECONNREFUSED)	if (rc <= 0 && errno != ECONNREFUSED)
warning(_("unable to send audit message"));	warning(U_("unable to send audit message"));

efree(command);	efree(command);

return rc;	debug_return_int(rc);
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1
changed lines
	Added in v.1.1.1.6