Annotation of embedaddon/sudo/plugins/sudoers/linux_audit.c, revision 1.1.1.6
1.1 misho 1: /*
1.1.1.4 misho 2: * Copyright (c) 2010-2013 Todd C. Miller <Todd.Miller@courtesan.com>
1.1 misho 3: *
4: * Permission to use, copy, modify, and distribute this software for any
5: * purpose with or without fee is hereby granted, provided that the above
6: * copyright notice and this permission notice appear in all copies.
7: *
8: * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9: * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10: * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11: * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12: * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13: * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14: * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15: */
16:
17: #include <config.h>
18:
19: #include <sys/types.h>
20: #include <stdio.h>
21: #ifdef STDC_HEADERS
22: # include <stdlib.h>
23: # include <stddef.h>
24: #else
25: # ifdef HAVE_STDLIB_H
26: # include <stdlib.h>
27: # endif
28: #endif /* STDC_HEADERS */
29: #include <errno.h>
30: #include <fcntl.h>
31: #include <string.h>
32: #include <libaudit.h>
33:
1.1.1.6 ! misho 34: #define DEFAULT_TEXT_DOMAIN "sudoers"
! 35: #include "gettext.h" /* must be included before missing.h */
! 36:
1.1 misho 37: #include "missing.h"
1.1.1.5 misho 38: #include "fatal.h"
1.1 misho 39: #include "alloc.h"
1.1.1.2 misho 40: #include "sudo_debug.h"
1.1 misho 41: #include "linux_audit.h"
42:
43: /*
44: * Open audit connection if possible.
45: * Returns audit fd on success and -1 on failure.
46: */
1.1.1.2 misho 47: int
48: static linux_audit_open(void)
1.1 misho 49: {
50: static int au_fd = -1;
1.1.1.2 misho 51: debug_decl(linux_audit_open, SUDO_DEBUG_AUDIT)
1.1 misho 52:
53: if (au_fd != -1)
1.1.1.2 misho 54: debug_return_int(au_fd);
1.1 misho 55: au_fd = audit_open();
56: if (au_fd == -1) {
57: /* Kernel may not have audit support. */
58: if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
1.1.1.6 ! misho 59: fatal(U_("unable to open audit system"));
1.1 misho 60: } else {
61: (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
62: }
1.1.1.2 misho 63: debug_return_int(au_fd);
1.1 misho 64: }
65:
66: int
67: linux_audit_command(char *argv[], int result)
68: {
69: int au_fd, rc;
70: char *command, *cp, **av;
71: size_t size, n;
1.1.1.2 misho 72: debug_decl(linux_audit_command, SUDO_DEBUG_AUDIT)
1.1 misho 73:
74: if ((au_fd = linux_audit_open()) == -1)
1.1.1.2 misho 75: debug_return_int(-1);
1.1 misho 76:
77: /* Convert argv to a flat string. */
78: for (size = 0, av = argv; *av != NULL; av++)
79: size += strlen(*av) + 1;
80: command = cp = emalloc(size);
81: for (av = argv; *av != NULL; av++) {
82: n = strlcpy(cp, *av, size - (cp - command));
1.1.1.3 misho 83: if (n >= size - (cp - command)) {
1.1.1.6 ! misho 84: fatalx(U_("internal error, %s overflow"),
1.1.1.3 misho 85: "linux_audit_command()");
86: }
1.1 misho 87: cp += n;
88: *cp++ = ' ';
89: }
90: *--cp = '\0';
91:
92: /* Log command, ignoring ECONNREFUSED on error. */
93: rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result);
94: if (rc <= 0 && errno != ECONNREFUSED)
1.1.1.6 ! misho 95: warning(U_("unable to send audit message"));
1.1 misho 96:
97: efree(command);
98:
1.1.1.2 misho 99: debug_return_int(rc);
1.1 misho 100: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>