upstream/oracle/userland-gate: components/sudo/patches/audit-event.patch@926eb95ceab3


diff -rupN sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c sudo-1.8.4p5/plugins/sudoers/bsm_audit.c
--- sudo-1.8.4p5.orig/plugins/sudoers/bsm_audit.c	2012-03-29 10:37:01.000000000 -0700
+++ sudo-1.8.4p5/plugins/sudoers/bsm_audit.c	2012-05-18 14:20:39.003982000 -0700
@@ -104,7 +104,7 @@ bsm_audit_success(char **exec_args)
 		log_error(0, _("au_open: failed"));
 	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
 		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
-		    getuid(), pid, pid, &ainfo_addr.ai_termid);
+		    getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
 	} else if (errno == ENOSYS) {
 		/*
 		 * NB: We should probably watch out for ERANGE here.
@@ -112,7 +112,7 @@ bsm_audit_success(char **exec_args)
 		if (getaudit(&ainfo) < 0)
 			log_error(0, _("getaudit: failed"));
 		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
-		    getuid(), pid, pid, &ainfo.ai_termid);
+		    getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
 	} else
 		log_error(0, _("getaudit: failed"));
 	if (tok == NULL)
@@ -126,7 +126,7 @@ bsm_audit_success(char **exec_args)
 	if (tok == NULL)
 		log_error(0, _("au_to_return32: failed"));
 	au_write(aufd, tok);
-	if (au_close(aufd, 1, AUE_sudo) == -1)
+	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
 		log_error(0, _("unable to commit audit record"));
 	debug_return;
 }
@@ -148,7 +148,7 @@ bsm_audit_failure(char **exec_args, char
 	/*
 	 * If we are not auditing, don't cut an audit record; just return.
 	 */
-	if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
+	if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
 		if (errno == AUDIT_NOT_CONFIGURED)
 			debug_return;
 		log_error(0, _("Could not determine audit condition"));
@@ -163,12 +163,12 @@ bsm_audit_failure(char **exec_args, char
 		log_error(0, _("au_open: failed"));
 	if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) { 
 		tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
-		    getuid(), pid, pid, &ainfo_addr.ai_termid);
+		    getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
 	} else if (errno == ENOSYS) {
 		if (getaudit(&ainfo) < 0) 
 			log_error(0, _("getaudit: failed"));
 		tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
-		    getuid(), pid, pid, &ainfo.ai_termid);
+		    getuid(), pid, ainfo.ai_asid, &ainfo.ai_termid);
 	} else
 		log_error(0, _("getaudit: failed"));
 	if (tok == NULL)
@@ -187,7 +187,7 @@ bsm_audit_failure(char **exec_args, char
 	if (tok == NULL)
 		log_error(0, _("au_to_return32: failed"));
 	au_write(aufd, tok);
-	if (au_close(aufd, 1, AUE_sudo) == -1)
+	if (au_close(aufd, 1, AUE_sudo, PAD_FAILURE) == -1)
 		log_error(0, _("unable to commit audit record"));
 	debug_return;
 }
author	April Chin <april.chin@oracle.com>
	Wed, 30 May 2012 10:46:29 -0700
changeset 840	926eb95ceab3
parent 797	ef9656f77cca
child 1209	5fd82ed384aa
permissions	-rw-r--r--