author | Tomas Klacko <tomas.klacko@oracle.com> |
Tue, 10 Feb 2015 02:00:16 -0800 | |
changeset 3756 | dce353ed563a |
parent 1830 | 93243cb310c5 |
child 5497 | 862a4276da0f |
permissions | -rw-r--r-- |
1830
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
1 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
2 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
3 |
# Open second terminal with root shell. Keep this as a possibility to assume |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
4 |
# root privileges if you loose the ability to do so via sudo during testing. |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
5 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
6 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
7 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
8 |
# Make sure we are looking at the correct version |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
9 |
sudo -V | grep version |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
10 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
11 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
12 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
13 |
# Test digest feature |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
14 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
15 |
openssl dgst -sha224 /usr/bin/ls # make note of the hash |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
16 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
17 |
# Add this line to sudoers (replace UID by your user ID and HASH by the ls |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
18 |
# hash): |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
19 |
<UID> ALL = sha224:<HASH> /usr/bin/ls |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
20 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
21 |
# This should work (asking you a password first) |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
22 |
sudo /usr/bin/ls / |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
23 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
24 |
# Now change the hash so that it is wrong and make sure it does not work this |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
25 |
# time |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
26 |
sudo /usr/bin/ls / |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
27 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
28 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
29 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
30 |
# add this line to sudoers |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
31 |
ALL ALL=(ALL:ALL) NOPASSWD: ALL |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
32 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
33 |
# Make sure it gives you root account |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
34 |
sudo id |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
35 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
36 |
# Make sure this changes just your group |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
37 |
sudo -g sol_src id |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
38 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
39 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
40 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
41 |
# Test creating a file in etc |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
42 |
sudoedit /etc/test |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
43 |
... |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
44 |
cat /etc/test # Make sure the text is there |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
45 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
46 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
47 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
48 |
# Auditing |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
49 |
cd /var/audit |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
50 |
sudo /usr/sbin/audit -t |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
51 |
sudo rm * |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
52 |
sudo /usr/sbin/audit -s |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
53 |
sudo auditreduce * | praudit -s |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
54 |
> file,1970-01-01 00:00:00.000 +00:00, |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
55 |
> file,2014-03-27 10:34:23.000 +00:00, |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
56 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
57 |
# Make sure that since the first run we can see new auditing record |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
58 |
sudo auditreduce * | praudit -s |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
59 |
> file,2014-03-27 10:34:23.000 +00:00, |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
60 |
> header,158,2,AUE_sudo,,10.0.2.15,2014-03-27 10:34:23.735 +00:00 |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
61 |
> subject,vmarek,root,staff,vmarek,staff,2295,3108723863,5096 202240 10.0.2.2 |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
62 |
> path,/var/share/audit |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
63 |
> path,/usr/sbin/auditreduce |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
64 |
> cmd,argcnt,1,20140327103420.not_terminated.S12-43,envcnt,0, |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
65 |
> return,success,0 |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
66 |
> file,2014-03-27 10:34:23.000 +00:00, |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
67 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
68 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
69 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
70 |
# PAM credentials |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
71 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
72 |
# Make sure that 'root' is a role |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
73 |
sudo usermod -K type=role root |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
74 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
75 |
# Note the preselection mask, it should probably be 'lo(0x1000,0x1000)' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
76 |
sudo bash -c 'auditconfig -getpinfo $$' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
77 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
78 |
# Add audit flags to root |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
79 |
sudo rolemod -K audit_flags=lo,ex:no root |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
80 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
81 |
# Make sure that the preselection mask now shows new entries (lo,ex) |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
82 |
sudo bash -c 'auditconfig -getpinfo $$' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
83 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
84 |
# Disable PAM credentials in sudo by adding this line to sudoers: |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
85 |
Defaults !pam_setcred |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
86 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
87 |
# Make sure that the preselection mask now shows only previous entry |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
88 |
sudo bash -c 'auditconfig -getpinfo $$' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
89 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
90 |
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
91 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
92 |
# Solaris privileges |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
93 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
94 |
# Add this to the end sudoers keeping the 'ALL ALL=(ALL:ALL) NOPASSWD: ALL' above |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
95 |
<UID> ALL = () PRIVS="basic,dtrace_kernel,dtrace_proc,dtrace_user" NOPASSWD: /usr/sbin/dtrace, /usr/bin/bash |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
96 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
97 |
# Just your regular id |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
98 |
id |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
99 |
> uid=157888(vmarek) gid=10(staff) |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
100 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
101 |
# Sudo normally turning you into root via the 'ALL ALL=(ALL:ALL) NOPASSWD: ALL' line |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
102 |
sudo id |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
103 |
> uid=0(root) gid=0(root) |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
104 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
105 |
# For bash it should leave your ID and just grant dtrace privileges |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
106 |
sudo bash -c 'id; ppriv $$' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
107 |
uid=157888(vmarek) gid=10(staff) |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
108 |
> 2296: bash -c id; ppriv $$ |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
109 |
> flags = <none> |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
110 |
> E: basic,dtrace_kernel,dtrace_proc,dtrace_user |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
111 |
> I: basic,dtrace_kernel,dtrace_proc,dtrace_user |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
112 |
> P: basic,dtrace_kernel,dtrace_proc,dtrace_user |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
113 |
> L: basic,dtrace_kernel,dtrace_proc,dtrace_user |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
114 |
|
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
115 |
# dtrace functionality |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
116 |
sudo dtrace -l -n 'syscall::b*:entry' |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
117 |
> ID PROVIDER MODULE FUNCTION NAME |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
118 |
> 11282 syscall brk entry |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
119 |
> 11550 syscall brandsys entry |
93243cb310c5
17890284 Update to sudo version 1.8.9p5
Vladimir Marek <Vladimir.Marek@oracle.com>
parents:
diff
changeset
|
120 |
> 11642 syscall bind entry |