Return to linux_audit.c CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers |
1.1 ! misho 1: /* ! 2: * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com> ! 3: * ! 4: * Permission to use, copy, modify, and distribute this software for any ! 5: * purpose with or without fee is hereby granted, provided that the above ! 6: * copyright notice and this permission notice appear in all copies. ! 7: * ! 8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES ! 9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF ! 10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ! 11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES ! 12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ! 13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF ! 14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ! 15: */ ! 16: ! 17: #include <config.h> ! 18: ! 19: #include <sys/types.h> ! 20: #include <stdio.h> ! 21: #ifdef STDC_HEADERS ! 22: # include <stdlib.h> ! 23: # include <stddef.h> ! 24: #else ! 25: # ifdef HAVE_STDLIB_H ! 26: # include <stdlib.h> ! 27: # endif ! 28: #endif /* STDC_HEADERS */ ! 29: #include <errno.h> ! 30: #include <fcntl.h> ! 31: #include <string.h> ! 32: #include <libaudit.h> ! 33: ! 34: #include "missing.h" ! 35: #include "error.h" ! 36: #include "alloc.h" ! 37: #include "gettext.h" ! 38: #include "linux_audit.h" ! 39: ! 40: /* ! 41: * Open audit connection if possible. ! 42: * Returns audit fd on success and -1 on failure. ! 43: */ ! 44: static int ! 45: linux_audit_open(void) ! 46: { ! 47: static int au_fd = -1; ! 48: ! 49: if (au_fd != -1) ! 50: return au_fd; ! 51: au_fd = audit_open(); ! 52: if (au_fd == -1) { ! 53: /* Kernel may not have audit support. */ ! 54: if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT) ! 55: error(1, _("unable to open audit system")); ! 56: } else { ! 57: (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC); ! 58: } ! 59: return au_fd; ! 60: } ! 61: ! 62: int ! 63: linux_audit_command(char *argv[], int result) ! 64: { ! 65: int au_fd, rc; ! 66: char *command, *cp, **av; ! 67: size_t size, n; ! 68: ! 69: if ((au_fd = linux_audit_open()) == -1) ! 70: return -1; ! 71: ! 72: /* Convert argv to a flat string. */ ! 73: for (size = 0, av = argv; *av != NULL; av++) ! 74: size += strlen(*av) + 1; ! 75: command = cp = emalloc(size); ! 76: for (av = argv; *av != NULL; av++) { ! 77: n = strlcpy(cp, *av, size - (cp - command)); ! 78: if (n >= size - (cp - command)) ! 79: errorx(1, _("internal error, linux_audit_command() overflow")); ! 80: cp += n; ! 81: *cp++ = ' '; ! 82: } ! 83: *--cp = '\0'; ! 84: ! 85: /* Log command, ignoring ECONNREFUSED on error. */ ! 86: rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result); ! 87: if (rc <= 0 && errno != ECONNREFUSED) ! 88: warning(_("unable to send audit message")); ! 89: ! 90: efree(command); ! 91: ! 92: return rc; ! 93: }