embedaddon/sudo/plugins/sudoers/logging.c - diff

Return to logging.c CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers

Diff for /embedaddon/sudo/plugins/sudoers/logging.c between versions 1.1.1.4 and 1.1.1.6

version 1.1.1.4, 2013/07/22 10:46:12	version 1.1.1.6, 2014/06/15 16:12:54
Line 59	Line 59

#include "sudoers.h"	#include "sudoers.h"

#ifndef va_copy
# define va_copy(d, s) memcpy(&(d), &(s), sizeof(d));
#endif

/* Special message for log_warning() so we know to use ngettext() */	/* Special message for log_warning() so we know to use ngettext() */
#define INCORRECT_PASSWORD_ATTEMPT ((char *)0x01)	#define INCORRECT_PASSWORD_ATTEMPT ((char *)0x01)

Line 180 do_logfile(char *msg)	Line 176 do_logfile(char *msg)
char *full_line;	char *full_line;
size_t len;	size_t len;
mode_t oldmask;	mode_t oldmask;
time_t now;
int oldlocale;	int oldlocale;
FILE *fp;	FILE *fp;
debug_decl(do_logfile, SUDO_DEBUG_LOGGING)	debug_decl(do_logfile, SUDO_DEBUG_LOGGING)
Line 197 do_logfile(char *msg)	Line 192 do_logfile(char *msg)
send_mail(_("unable to lock log file: %s: %s"),	send_mail(_("unable to lock log file: %s: %s"),
def_logfile, strerror(errno));	def_logfile, strerror(errno));
} else {	} else {
time(&now);	const char *timestr = get_timestr(time(NULL), def_log_year);
if (def_loglinelen < sizeof(LOG_INDENT)) {	if (timestr == NULL)
	timestr = "invalid date";
	if ((size_t)def_loglinelen < sizeof(LOG_INDENT)) {
/* Don't pretty-print long log file lines (hard to grep) */	/* Don't pretty-print long log file lines (hard to grep) */
if (def_log_host)	if (def_log_host) {
(void) fprintf(fp, "%s : %s : HOST=%s : %s\n",	(void) fprintf(fp, "%s : %s : HOST=%s : %s\n",
get_timestr(now, def_log_year), user_name, user_shost, msg);	timestr, user_name, user_srunhost, msg);
else	} else {
(void) fprintf(fp, "%s : %s : %s\n",	(void) fprintf(fp, "%s : %s : %s\n", timestr, user_name, msg);
get_timestr(now, def_log_year), user_name, msg);	}
} else {	} else {
if (def_log_host)	if (def_log_host) {
len = easprintf(&full_line, "%s : %s : HOST=%s : %s",	len = easprintf(&full_line, "%s : %s : HOST=%s : %s",
get_timestr(now, def_log_year), user_name, user_shost, msg);	timestr, user_name, user_srunhost, msg);
else	} else {
len = easprintf(&full_line, "%s : %s : %s",	len = easprintf(&full_line, "%s : %s : %s",
get_timestr(now, def_log_year), user_name, msg);	timestr, user_name, msg);
	}

/*	/*
* Print out full_line with word wrap around def_loglinelen chars.	* Print out full_line with word wrap around def_loglinelen chars.
Line 290 log_denial(int status, bool inform_user)	Line 288 log_denial(int status, bool inform_user)
} else if (ISSET(status, FLAG_NO_HOST)) {	} else if (ISSET(status, FLAG_NO_HOST)) {
sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo "	sudo_printf(SUDO_CONV_ERROR_MSG, _("%s is not allowed to run sudo "
"on %s. This incident will be reported.\n"),	"on %s. This incident will be reported.\n"),
user_name, user_shost);	user_name, user_srunhost);
} else if (ISSET(status, FLAG_NO_CHECK)) {	} else if (ISSET(status, FLAG_NO_CHECK)) {
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "	sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "
"sudo on %s.\n"), user_name, user_shost);	"sudo on %s.\n"), user_name, user_srunhost);
} else {	} else {
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "	sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "
"to execute '%s%s%s' as %s%s%s on %s.\n"),	"to execute '%s%s%s' as %s%s%s on %s.\n"),
Line 332 log_failure(int status, int flags)	Line 330 log_failure(int status, int flags)
* their path to just contain a single dir.	* their path to just contain a single dir.
*/	*/
if (flags == NOT_FOUND)	if (flags == NOT_FOUND)
warningx(_("%s: command not found"), user_cmnd);	warningx(U_("%s: command not found"), user_cmnd);
else if (flags == NOT_FOUND_DOT)	else if (flags == NOT_FOUND_DOT)
warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);	warningx(U_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
}	}

debug_return;	debug_return;
Line 344 log_failure(int status, int flags)	Line 342 log_failure(int status, int flags)
* Log and audit that user was not able to authenticate themselves.	* Log and audit that user was not able to authenticate themselves.
*/	*/
void	void
log_auth_failure(int status, int tries)	log_auth_failure(int status, unsigned int tries)
{	{
int flags = NO_MAIL;	int flags = NO_MAIL;
debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)	debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
Line 439 vlog_warning(int flags, const char *fmt, va_list ap)	Line 437 vlog_warning(int flags, const char *fmt, va_list ap)

/* Expand printf-style format + args (with a special case). */	/* Expand printf-style format + args (with a special case). */
if (fmt == INCORRECT_PASSWORD_ATTEMPT) {	if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
int tries = va_arg(ap, int);	unsigned int tries = va_arg(ap, unsigned int);
easprintf(&message, ngettext("%d incorrect password attempt",	easprintf(&message, ngettext("%u incorrect password attempt",
"%d incorrect password attempts", tries), tries);	"%u incorrect password attempts", tries), tries);
} else {	} else {
evasprintf(&message, _(fmt), ap);	evasprintf(&message, _(fmt), ap);
}	}

	/* Log to debug file. */
	if (USE_ERRNO) {
	sudo_debug_printf2(NULL, NULL, 0,
	SUDO_DEBUG_WARN\|SUDO_DEBUG_ERRNO\|sudo_debug_subsys, "%s", message);
	} else {
	sudo_debug_printf2(NULL, NULL, 0,
	SUDO_DEBUG_WARN\|sudo_debug_subsys, "%s", message);
	}

if (ISSET(flags, MSG_ONLY)) {	if (ISSET(flags, MSG_ONLY)) {
logline = message;	logline = message;
} else {	} else {
Line 482 vlog_warning(int flags, const char *fmt, va_list ap)	Line 489 vlog_warning(int flags, const char *fmt, va_list ap)
* Tell the user (in their locale).	* Tell the user (in their locale).
*/	*/
if (!ISSET(flags, NO_STDERR)) {	if (!ISSET(flags, NO_STDERR)) {
	sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
if (fmt == INCORRECT_PASSWORD_ATTEMPT) {	if (fmt == INCORRECT_PASSWORD_ATTEMPT) {
int tries = va_arg(ap2, int);	unsigned int tries = va_arg(ap2, unsigned int);
warningx(ngettext("%d incorrect password attempt",	warningx_nodebug(ngettext("%u incorrect password attempt",
"%d incorrect password attempts", tries), tries);	"%u incorrect password attempts", tries), tries);
} else {	} else {
if (ISSET(flags, USE_ERRNO))	if (ISSET(flags, USE_ERRNO))
vwarning(fmt, ap2);	vwarning_nodebug(_(fmt), ap2);
else	else
vwarningx(fmt, ap2);	vwarningx_nodebug(_(fmt), ap2);
}	}
	sudoers_setlocale(oldlocale, NULL);
va_end(ap2);	va_end(ap2);
}	}

Line 539 send_mail(const char *fmt, ...)	Line 548 send_mail(const char *fmt, ...)
{	{
FILE *mail;	FILE *mail;
char *p;	char *p;
	const char *timestr;
int fd, pfd[2], status;	int fd, pfd[2], status;
pid_t pid, rv;	pid_t pid, rv;
sigaction_t sa;	sigaction_t sa;
	struct stat sb;
va_list ap;	va_list ap;
#ifndef NO_ROOT_MAILER	#ifndef NO_ROOT_MAILER
static char *root_envp[] = {	static char *root_envp[] = {
Line 559 send_mail(const char *fmt, ...)	Line 570 send_mail(const char *fmt, ...)
if (!def_mailerpath \|\| !def_mailto)	if (!def_mailerpath \|\| !def_mailto)
debug_return;	debug_return;

	/* Make sure the mailer exists and is a regular file. */
	if (stat(def_mailerpath, &sb) != 0 \|\| !S_ISREG(sb.st_mode))
	debug_return;

/* Fork and return, child will daemonize. */	/* Fork and return, child will daemonize. */
switch (pid = sudo_debug_fork()) {	switch (pid = sudo_debug_fork()) {
case -1:	case -1:
/* Error. */	/* Error. */
fatal(_("unable to fork"));	fatal(U_("unable to fork"));
break;	break;
case 0:	case 0:
/* Child. */	/* Child. */
Line 609 send_mail(const char *fmt, ...)	Line 624 send_mail(const char *fmt, ...)
closefrom(STDERR_FILENO + 1);	closefrom(STDERR_FILENO + 1);

/* Ignore SIGPIPE in case mailer exits prematurely (or is missing). */	/* Ignore SIGPIPE in case mailer exits prematurely (or is missing). */
zero_bytes(&sa, sizeof(sa));	memset(&sa, 0, sizeof(sa));
sigemptyset(&sa.sa_mask);	sigemptyset(&sa.sa_mask);
sa.sa_flags = SA_INTERRUPT;	sa.sa_flags = SA_INTERRUPT;
sa.sa_handler = SIG_IGN;	sa.sa_handler = SIG_IGN;
Line 635 send_mail(const char *fmt, ...)	Line 650 send_mail(const char *fmt, ...)
case 0:	case 0:
{	{
char *argv[MAX_MAILFLAGS + 1];	char *argv[MAX_MAILFLAGS + 1];
char mpath, mflags;	char mflags, mpath = def_mailerpath;
int i;	int i;

/* Child, set stdin to output side of the pipe */	/* Child, set stdin to output side of the pipe */
Line 652 send_mail(const char *fmt, ...)	Line 667 send_mail(const char *fmt, ...)

/* Build up an argv based on the mailer path and flags */	/* Build up an argv based on the mailer path and flags */
mflags = estrdup(def_mailerflags);	mflags = estrdup(def_mailerflags);
mpath = estrdup(def_mailerpath);	if ((argv[0] = strrchr(mpath, '/')))
if ((argv[0] = strrchr(mpath, ' ')))
argv[0]++;	argv[0]++;
else	else
argv[0] = mpath;	argv[0] = mpath;
Line 714 send_mail(const char *fmt, ...)	Line 728 send_mail(const char *fmt, ...)
(void) fprintf(mail, "\nContent-Type: text/plain; charset=\"%s\"\nContent-Transfer-Encoding: 8bit", nl_langinfo(CODESET));	(void) fprintf(mail, "\nContent-Type: text/plain; charset=\"%s\"\nContent-Transfer-Encoding: 8bit", nl_langinfo(CODESET));
#endif /* HAVE_NL_LANGINFO */	#endif /* HAVE_NL_LANGINFO */

(void) fprintf(mail, "\n\n%s : %s : %s : ", user_host,	if ((timestr = get_timestr(time(NULL), def_log_year)) == NULL)
get_timestr(time(NULL), def_log_year), user_name);	timestr = "invalid date";
	(void) fprintf(mail, "\n\n%s : %s : %s : ", user_host, timestr, user_name);
va_start(ap, fmt);	va_start(ap, fmt);
(void) vfprintf(mail, fmt, ap);	(void) vfprintf(mail, fmt, ap);
va_end(ap);	va_end(ap);
Line 896 new_logline(const char *message, int serrno)	Line 911 new_logline(const char *message, int serrno)

debug_return_str(line);	debug_return_str(line);
toobig:	toobig:
fatalx(_("internal error: insufficient space for log line"));	fatalx(U_("internal error: insufficient space for log line"));
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1.1.4
changed lines
	Added in v.1.1.1.6