1 --- sudo-1.8.1p2/plugins/sudoers/bsm_audit.c Wed Mar 16 10:40:56 2011 |
1 --- sudo-1.8.3p2/plugins/sudoers/bsm_audit.c Fri Oct 21 14:01:25 2011 |
2 +++ sudo-1.8.1p2-fixes/plugins/sudoers/bsm_audit.c Mon Aug 1 03:40:43 2011 |
2 +++ /tmp/bsm_audit.c Mon Jan 30 17:06:00 2012 |
3 @@ -31,6 +31,7 @@ |
3 @@ -30,8 +30,10 @@ |
|
4 #include <errno.h> |
4 #include <unistd.h> |
5 #include <unistd.h> |
5 |
6 |
|
7 +#include "gettext.h" |
6 #include "bsm_audit.h" |
8 #include "bsm_audit.h" |
7 +#define AUE_sudo 6650 |
|
8 |
9 |
|
10 + |
9 /* |
11 /* |
10 * Solaris auditon() returns EINVAL if BSM audit not configured. |
12 * Solaris auditon() returns EINVAL if BSM audit not configured. |
11 @@ -100,7 +101,7 @@ |
13 * OpenBSM returns ENOSYS for unimplemented options. |
12 log_error(0, "au_open: failed"); |
14 @@ -100,7 +102,7 @@ |
|
15 log_error(0, _("au_open: failed")); |
13 if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { |
16 if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { |
14 tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), |
17 tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), |
15 - getuid(), pid, pid, &ainfo_addr.ai_termid); |
18 - getuid(), pid, pid, &ainfo_addr.ai_termid); |
16 + getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid); |
19 + getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid); |
17 } else if (errno == ENOSYS) { |
20 } else if (errno == ENOSYS) { |
18 /* |
21 /* |
19 * NB: We should probably watch out for ERANGE here. |
22 * NB: We should probably watch out for ERANGE here. |
20 @@ -108,7 +109,7 @@ |
23 @@ -108,7 +110,7 @@ |
21 if (getaudit(&ainfo) < 0) |
24 if (getaudit(&ainfo) < 0) |
22 log_error(0, "getaudit: failed"); |
25 log_error(0, _("getaudit: failed")); |
23 tok = au_to_subject(auid, geteuid(), getegid(), getuid(), |
26 tok = au_to_subject(auid, geteuid(), getegid(), getuid(), |
24 - getuid(), pid, pid, &ainfo.ai_termid); |
27 - getuid(), pid, pid, &ainfo.ai_termid); |
25 + getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid); |
28 + getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid); |
26 } else |
29 } else |
27 log_error(0, "getaudit: failed"); |
30 log_error(0, _("getaudit: failed")); |
28 if (tok == NULL) |
31 if (tok == NULL) |
29 @@ -122,7 +123,7 @@ |
32 @@ -122,7 +124,7 @@ |
30 if (tok == NULL) |
33 if (tok == NULL) |
31 log_error(0, "au_to_return32: failed"); |
34 log_error(0, _("au_to_return32: failed")); |
32 au_write(aufd, tok); |
35 au_write(aufd, tok); |
33 - if (au_close(aufd, 1, AUE_sudo) == -1) |
36 - if (au_close(aufd, 1, AUE_sudo) == -1) |
34 + if (au_close(aufd, 1, AUE_sudo, 0) == -1) |
37 + if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1) |
35 log_error(0, "unable to commit audit record"); |
38 log_error(0, _("unable to commit audit record")); |
36 } |
39 } |
37 |
40 |
38 @@ -157,12 +158,12 @@ |
41 @@ -142,7 +144,7 @@ |
39 log_error(0, "au_open: failed"); |
42 /* |
|
43 * If we are not auditing, don't cut an audit record; just return. |
|
44 */ |
|
45 - if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) { |
|
46 + if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) { |
|
47 if (errno == AUDIT_NOT_CONFIGURED) |
|
48 return; |
|
49 log_error(0, _("Could not determine audit condition")); |
|
50 @@ -157,12 +159,12 @@ |
|
51 log_error(0, _("au_open: failed")); |
40 if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { |
52 if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { |
41 tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), |
53 tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(), |
42 - getuid(), pid, pid, &ainfo_addr.ai_termid); |
54 - getuid(), pid, pid, &ainfo_addr.ai_termid); |
43 + getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid); |
55 + getuid(), pid, &ainfo_addr.ai_asid, &ainfo_addr.ai_termid); |
44 } else if (errno == ENOSYS) { |
56 } else if (errno == ENOSYS) { |
45 if (getaudit(&ainfo) < 0) |
57 if (getaudit(&ainfo) < 0) |
46 log_error(0, "getaudit: failed"); |
58 log_error(0, _("getaudit: failed")); |
47 tok = au_to_subject(auid, geteuid(), getegid(), getuid(), |
59 tok = au_to_subject(auid, geteuid(), getegid(), getuid(), |
48 - getuid(), pid, pid, &ainfo.ai_termid); |
60 - getuid(), pid, pid, &ainfo.ai_termid); |
49 + getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid); |
61 + getuid(), pid, &ainfo.ai_asid, &ainfo.ai_termid); |
50 } else |
62 } else |
51 log_error(0, "getaudit: failed"); |
63 log_error(0, _("getaudit: failed")); |
52 if (tok == NULL) |
64 if (tok == NULL) |
53 @@ -181,6 +182,6 @@ |
65 @@ -181,6 +183,6 @@ |
54 if (tok == NULL) |
66 if (tok == NULL) |
55 log_error(0, "au_to_return32: failed"); |
67 log_error(0, _("au_to_return32: failed")); |
56 au_write(aufd, tok); |
68 au_write(aufd, tok); |
57 - if (au_close(aufd, 1, AUE_sudo) == -1) |
69 - if (au_close(aufd, 1, AUE_sudo) == -1) |
58 + if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1) |
70 + if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1) |
59 log_error(0, "unable to commit audit record"); |
71 log_error(0, _("unable to commit audit record")); |
60 } |
72 } |