components/sudo/patches/audit-event.patch
branchs11-sru
changeset 2285 cb43727425f0
parent 2273 f05fa0c3ac62
child 1209 5fd82ed384aa
equal deleted inserted replaced
2284:b4d13f692c04 2285:cb43727425f0
     1 --- sudo-1.8.3p2/plugins/sudoers/bsm_audit.c	Fri Oct 21 14:01:25 2011
     1 diff -rupN sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c sudo-1.8.4p5/plugins/sudoers/bsm_audit.c
     2 +++ /tmp/bsm_audit.c	Mon Jan 30 17:06:00 2012
     2 --- sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c	2012-03-29 10:37:01.000000000 -0700
     3 @@ -30,8 +30,10 @@
     3 +++ sudo-1.8.4p5/plugins/sudoers/bsm_audit.c	2012-05-18 14:20:39.003982000 -0700
     4  #include <errno.h>
     4 @@ -104,7 +104,7 @@ bsm_audit_success(char **exec_args)
     5  #include <unistd.h>
       
     6  
       
     7 +#include "gettext.h"
       
     8  #include "bsm_audit.h"
       
     9  
       
    10 +
       
    11  /*
       
    12   * Solaris auditon() returns EINVAL if BSM audit not configured.
       
    13   * OpenBSM returns ENOSYS for unimplemented options.
       
    14 @@ -100,7 +102,7 @@
       
    15  		log_error(0, _("au_open: failed"));
     5  		log_error(0, _("au_open: failed"));
    16  	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
     6  	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
    17  		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
     7  		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
    18 -		    getuid(), pid, pid, &ainfo_addr.ai_termid);
     8 -		    getuid(), pid, pid, &ainfo_addr.ai_termid);
    19 +		    getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
     9 +		    getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
    20  	} else if (errno == ENOSYS) {
    10  	} else if (errno == ENOSYS) {
    21  		/*
    11  		/*
    22  		 * NB: We should probably watch out for ERANGE here.
    12  		 * NB: We should probably watch out for ERANGE here.
    23 @@ -108,7 +110,7 @@
    13 @@ -112,7 +112,7 @@ bsm_audit_success(char **exec_args)
    24  		if (getaudit(&ainfo) < 0)
    14  		if (getaudit(&ainfo) < 0)
    25  			log_error(0, _("getaudit: failed"));
    15  			log_error(0, _("getaudit: failed"));
    26  		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
    16  		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
    27 -		    getuid(), pid, pid, &ainfo.ai_termid);
    17 -		    getuid(), pid, pid, &ainfo.ai_termid);
    28 +		    getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
    18 +		    getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
    29  	} else
    19  	} else
    30  		log_error(0, _("getaudit: failed"));
    20  		log_error(0, _("getaudit: failed"));
    31  	if (tok == NULL)
    21  	if (tok == NULL)
    32 @@ -122,7 +124,7 @@
    22 @@ -126,7 +126,7 @@ bsm_audit_success(char **exec_args)
    33  	if (tok == NULL)
    23  	if (tok == NULL)
    34  		log_error(0, _("au_to_return32: failed"));
    24  		log_error(0, _("au_to_return32: failed"));
    35  	au_write(aufd, tok);
    25  	au_write(aufd, tok);
    36 -	if (au_close(aufd, 1, AUE_sudo) == -1)
    26 -	if (au_close(aufd, 1, AUE_sudo) == -1)
    37 +	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
    27 +	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
    38  		log_error(0, _("unable to commit audit record"));
    28  		log_error(0, _("unable to commit audit record"));
       
    29  	debug_return;
    39  }
    30  }
    40  
    31 @@ -148,7 +148,7 @@ bsm_audit_failure(char **exec_args, char
    41 @@ -142,7 +144,7 @@
       
    42  	/*
    32  	/*
    43  	 * If we are not auditing, don't cut an audit record; just return.
    33  	 * If we are not auditing, don't cut an audit record; just return.
    44  	 */
    34  	 */
    45 -	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
    35 -	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
    46 +	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
    36 +	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
    47  		if (errno == AUDIT_NOT_CONFIGURED)
    37  		if (errno == AUDIT_NOT_CONFIGURED)
    48  			return;
    38  			debug_return;
    49  		log_error(0, _("Could not determine audit condition"));
    39  		log_error(0, _("Could not determine audit condition"));
    50 @@ -157,12 +159,12 @@
    40 @@ -163,12 +163,12 @@ bsm_audit_failure(char **exec_args, char
    51  		log_error(0, _("au_open: failed"));
    41  		log_error(0, _("au_open: failed"));
    52  	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { 
    42  	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { 
    53  		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
    43  		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
    54 -		    getuid(), pid, pid, &ainfo_addr.ai_termid);
    44 -		    getuid(), pid, pid, &ainfo_addr.ai_termid);
    55 +		    getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
    45 +		    getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
    56  	} else if (errno == ENOSYS) {
    46  	} else if (errno == ENOSYS) {
    57  		if (getaudit(&ainfo) < 0) 
    47  		if (getaudit(&ainfo) < 0) 
    58  			log_error(0, _("getaudit: failed"));
    48  			log_error(0, _("getaudit: failed"));
    59  		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
    49  		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
    60 -		    getuid(), pid, pid, &ainfo.ai_termid);
    50 -		    getuid(), pid, pid, &ainfo.ai_termid);
    61 +		    getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid);
    51 +		    getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
    62  	} else
    52  	} else
    63  		log_error(0, _("getaudit: failed"));
    53  		log_error(0, _("getaudit: failed"));
    64  	if (tok == NULL)
    54  	if (tok == NULL)
    65 @@ -181,6 +183,6 @@
    55 @@ -187,7 +187,7 @@ bsm_audit_failure(char **exec_args, char
    66  	if (tok == NULL)
    56  	if (tok == NULL)
    67  		log_error(0, _("au_to_return32: failed"));
    57  		log_error(0, _("au_to_return32: failed"));
    68  	au_write(aufd, tok);
    58  	au_write(aufd, tok);
    69 -	if (au_close(aufd, 1, AUE_sudo) == -1)
    59 -	if (au_close(aufd, 1, AUE_sudo) == -1)
    70 +	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
    60 +	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
    71  		log_error(0, _("unable to commit audit record"));
    61  		log_error(0, _("unable to commit audit record"));
       
    62  	debug_return;
    72  }
    63  }