Annotation of embedaddon/sudo/plugins/sudoers/linux_audit.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
! 3: *
! 4: * Permission to use, copy, modify, and distribute this software for any
! 5: * purpose with or without fee is hereby granted, provided that the above
! 6: * copyright notice and this permission notice appear in all copies.
! 7: *
! 8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
! 9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
! 10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
! 11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
! 12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
! 13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
! 14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
! 15: */
! 16:
! 17: #include <config.h>
! 18:
! 19: #include <sys/types.h>
! 20: #include <stdio.h>
! 21: #ifdef STDC_HEADERS
! 22: # include <stdlib.h>
! 23: # include <stddef.h>
! 24: #else
! 25: # ifdef HAVE_STDLIB_H
! 26: # include <stdlib.h>
! 27: # endif
! 28: #endif /* STDC_HEADERS */
! 29: #include <errno.h>
! 30: #include <fcntl.h>
! 31: #include <string.h>
! 32: #include <libaudit.h>
! 33:
! 34: #include "missing.h"
! 35: #include "error.h"
! 36: #include "alloc.h"
! 37: #include "gettext.h"
! 38: #include "linux_audit.h"
! 39:
! 40: /*
! 41: * Open audit connection if possible.
! 42: * Returns audit fd on success and -1 on failure.
! 43: */
! 44: static int
! 45: linux_audit_open(void)
! 46: {
! 47: static int au_fd = -1;
! 48:
! 49: if (au_fd != -1)
! 50: return au_fd;
! 51: au_fd = audit_open();
! 52: if (au_fd == -1) {
! 53: /* Kernel may not have audit support. */
! 54: if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
! 55: error(1, _("unable to open audit system"));
! 56: } else {
! 57: (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
! 58: }
! 59: return au_fd;
! 60: }
! 61:
! 62: int
! 63: linux_audit_command(char *argv[], int result)
! 64: {
! 65: int au_fd, rc;
! 66: char *command, *cp, **av;
! 67: size_t size, n;
! 68:
! 69: if ((au_fd = linux_audit_open()) == -1)
! 70: return -1;
! 71:
! 72: /* Convert argv to a flat string. */
! 73: for (size = 0, av = argv; *av != NULL; av++)
! 74: size += strlen(*av) + 1;
! 75: command = cp = emalloc(size);
! 76: for (av = argv; *av != NULL; av++) {
! 77: n = strlcpy(cp, *av, size - (cp - command));
! 78: if (n >= size - (cp - command))
! 79: errorx(1, _("internal error, linux_audit_command() overflow"));
! 80: cp += n;
! 81: *cp++ = ' ';
! 82: }
! 83: *--cp = '\0';
! 84:
! 85: /* Log command, ignoring ECONNREFUSED on error. */
! 86: rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
! 87: if (rc <= 0 && errno != ECONNREFUSED)
! 88: warning(_("unable to send audit message"));
! 89:
! 90: efree(command);
! 91:
! 92: return rc;
! 93: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>