Annotation of embedaddon/sudo/plugins/sudoers/linux_audit.c, revision 1.1.1.2
1.1 misho 1: /*
2: * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
3: *
4: * Permission to use, copy, modify, and distribute this software for any
5: * purpose with or without fee is hereby granted, provided that the above
6: * copyright notice and this permission notice appear in all copies.
7: *
8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15: */
16:
17: #include <config.h>
18:
19: #include <sys/types.h>
20: #include <stdio.h>
21: #ifdef STDC_HEADERS
22: # include <stdlib.h>
23: # include <stddef.h>
24: #else
25: # ifdef HAVE_STDLIB_H
26: # include <stdlib.h>
27: # endif
28: #endif /* STDC_HEADERS */
29: #include <errno.h>
30: #include <fcntl.h>
31: #include <string.h>
32: #include <libaudit.h>
33:
34: #include "missing.h"
35: #include "error.h"
36: #include "alloc.h"
37: #include "gettext.h"
1.1.1.2 ! misho 38: #include "sudo_debug.h"
1.1 misho 39: #include "linux_audit.h"
40:
41: /*
42: * Open audit connection if possible.
43: * Returns audit fd on success and -1 on failure.
44: */
1.1.1.2 ! misho 45: int
! 46: static linux_audit_open(void)
1.1 misho 47: {
48: static int au_fd = -1;
1.1.1.2 ! misho 49: debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT)
1.1 misho 50:
51: if (au_fd != -1)
1.1.1.2 ! misho 52: debug_return_int(au_fd);
1.1 misho 53: au_fd = audit_open();
54: if (au_fd == -1) {
55: /* Kernel may not have audit support. */
56: if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
57: error(1, _("unable to open audit system"));
58: } else {
59: (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
60: }
1.1.1.2 ! misho 61: debug_return_int(au_fd);
1.1 misho 62: }
63:
64: int
65: linux_audit_command(char *argv[], int result)
66: {
67: int au_fd, rc;
68: char *command, *cp, **av;
69: size_t size, n;
1.1.1.2 ! misho 70: debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT)
1.1 misho 71:
72: if ((au_fd = linux_audit_open()) == -1)
1.1.1.2 ! misho 73: debug_return_int(-1);
1.1 misho 74:
75: /* Convert argv to a flat string. */
76: for (size = 0, av = argv; *av != NULL; av++)
77: size += strlen(*av) + 1;
78: command = cp = emalloc(size);
79: for (av = argv; *av != NULL; av++) {
80: n = strlcpy(cp, *av, size - (cp - command));
81: if (n >= size - (cp - command))
82: errorx(1, _("internal error, linux_audit_command() overflow"));
83: cp += n;
84: *cp++ = ' ';
85: }
86: *--cp = '\0';
87:
88: /* Log command, ignoring ECONNREFUSED on error. */
89: rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
90: if (rc <= 0 && errno != ECONNREFUSED)
91: warning(_("unable to send audit message"));
92:
93: efree(command);
94:
1.1.1.2 ! misho 95: debug_return_int(rc);
1.1 misho 96: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>