Mercurial Mercurial > upstream > oracle > userland-gate / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/sudo/patches/audit-event.patch
author Darren J Moffat <Darren.Moffat@Oracle.COM>
Wed, 25 Apr 2012 16:59:00 +0100
changeset 797 ef9656f77cca
parent 447 7ca7b95abd2f
child 840 926eb95ceab3
permissions -rw-r--r--
7140964 Problem with utility/sudo
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
     1
 
--- sudo-1.8.3p2/plugins/sudoers/bsm_audit.c	Fri Oct 21 14:01:25 2011
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
     2
 
+++ /tmp/bsm_audit.c	Mon Jan 30 17:06:00 2012
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
     3
 
@@ -30,8 +30,10 @@
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
     4
 
 #include <errno.h>
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
     5
 
 #include <unistd.h>
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
     6
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
     7
 
+#include "gettext.h"
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
     8
 
 #include "bsm_audit.h"
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
     9
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    10
 
+
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    11
 
 /*
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    12
 
  * Solaris auditon() returns EINVAL if BSM audit not configured.
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    13
 
  * OpenBSM returns ENOSYS for unimplemented options.
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    14
 
@@ -100,7 +102,7 @@
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    15
 
 		log_error(0, _("au_open: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    16
 
 	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    17
 
 		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    18
 
-		    getuid(), pid, pid, &ainfo_addr.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    19
 
+		    getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    20
 
 	} else if (errno == ENOSYS) {
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    21
 
 		/*
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    22
 
 		 * NB: We should probably watch out for ERANGE here.
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    23
 
@@ -108,7 +110,7 @@
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    24
 
 		if (getaudit(&ainfo) < 0)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    25
 
 			log_error(0, _("getaudit: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    26
 
 		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    27
 
-		    getuid(), pid, pid, &ainfo.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    28
 
+		    getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    29
 
 	} else
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    30
 
 		log_error(0, _("getaudit: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    31
 
 	if (tok == NULL)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    32
 
@@ -122,7 +124,7 @@
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    33
 
 	if (tok == NULL)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    34
 
 		log_error(0, _("au_to_return32: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    35
 
 	au_write(aufd, tok);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    36
 
-	if (au_close(aufd, 1, AUE_sudo) == -1)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    37
 
+	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    38
 
 		log_error(0, _("unable to commit audit record"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    39
 
 }
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    40
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    41
 
@@ -142,7 +144,7 @@
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    42
 
 	/*
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    43
 
 	 * If we are not auditing, don't cut an audit record; just return.
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    44
 
 	 */
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    45
 
-	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    46
 
+	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    47
 
 		if (errno == AUDIT_NOT_CONFIGURED)
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    48
 
 			return;
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    49
 
 		log_error(0, _("Could not determine audit condition"));
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    50
 
@@ -157,12 +159,12 @@
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    51
 
 		log_error(0, _("au_open: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    52
 
 	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    53
 
 		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    54
 
-		    getuid(), pid, pid, &ainfo_addr.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    55
 
+		    getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    56
 
 	} else if (errno == ENOSYS) {
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    57
 
 		if (getaudit(&ainfo) < 0)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    58
 
 			log_error(0, _("getaudit: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    59
 
 		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    60
 
-		    getuid(), pid, pid, &ainfo.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    61
 
+		    getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    62
 
 	} else
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    63
 
 		log_error(0, _("getaudit: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    64
 
 	if (tok == NULL)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    65
 
@@ -181,6 +183,6 @@
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    66
 
 	if (tok == NULL)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    67
 
 		log_error(0, _("au_to_return32: failed"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    68
 
 	au_write(aufd, tok);
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    69
 
-	if (au_close(aufd, 1, AUE_sudo) == -1)
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    70
 
+	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
797
ef9656f77cca 7140964 Problem with utility/sudo
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents: 447
diff changeset 
    71
 
 		log_error(0, _("unable to commit audit record"));
447
7ca7b95abd2f PSARC/2011/252 sudo 1.8.1
Darren J Moffat <Darren.Moffat@Oracle.COM>
parents:
diff changeset 
    72
 
 }
upstream/oracle/userland-gate