| 1 |
diff -up sudo-1.8.6p3/plugins/sudoers/audit.c.orig sudo-1.8.6p3/plugins/sudoers/audit.c |
| 2 |
--- sudo-1.8.6p3/plugins/sudoers/audit.c.orig 2012-11-07 13:04:55.424637797 +0100 |
| 3 |
+++ sudo-1.8.6p3/plugins/sudoers/audit.c 2012-11-07 13:06:53.705032954 +0100 |
| 4 |
@@ -26,6 +26,11 @@ |
| 5 |
# include <stdlib.h> |
| 6 |
# endif |
| 7 |
#endif /* STDC_HEADERS */ |
| 8 |
+#ifdef HAVE_STDBOOL_H |
| 9 |
+# include <stdbool.h> |
| 10 |
+#else |
| 11 |
+# include "compat/stdbool.h" |
| 12 |
+#endif /* HAVE_STDBOOL_H */ |
| 13 |
#include <stdarg.h> |
| 14 |
|
| 15 |
#include "missing.h" |
| 16 |
diff -up sudo-1.8.6p3/plugins/sudoers/logging.c.orig sudo-1.8.6p3/plugins/sudoers/logging.c |
| 17 |
--- sudo-1.8.6p3/plugins/sudoers/logging.c.orig 2012-11-07 13:04:55.424637797 +0100 |
| 18 |
+++ sudo-1.8.6p3/plugins/sudoers/logging.c 2012-11-07 13:06:53.705032954 +0100 |
| 19 |
@@ -247,14 +247,20 @@ do_logfile(char *msg) |
| 20 |
} |
| 21 |
|
| 22 |
/* |
| 23 |
- * Log and mail the denial message, optionally informing the user. |
| 24 |
+ * Log, audit and mail the denial message, optionally informing the user. |
| 25 |
*/ |
| 26 |
-static void |
| 27 |
+void |
| 28 |
log_denial(int status, bool inform_user) |
| 29 |
{ |
| 30 |
char *logline, *message; |
| 31 |
debug_decl(log_denial, SUDO_DEBUG_LOGGING) |
| 32 |
|
| 33 |
+ /* Handle auditing first. */ |
| 34 |
+ if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) |
| 35 |
+ audit_failure(NewArgv, _("No user or host")); |
| 36 |
+ else |
| 37 |
+ audit_failure(NewArgv, _("validation failure")); |
| 38 |
+ |
| 39 |
/* Set error message. */ |
| 40 |
if (ISSET(status, FLAG_NO_USER)) |
| 41 |
message = _("user NOT in sudoers"); |
| 42 |
@@ -312,12 +318,6 @@ log_failure(int status, int flags) |
| 43 |
debug_decl(log_failure, SUDO_DEBUG_LOGGING) |
| 44 |
bool inform_user = true; |
| 45 |
|
| 46 |
- /* Handle auditing first. */ |
| 47 |
- if (ISSET(status, FLAG_NO_USER | FLAG_NO_HOST)) |
| 48 |
- audit_failure(NewArgv, _("No user or host")); |
| 49 |
- else |
| 50 |
- audit_failure(NewArgv, _("validation failure")); |
| 51 |
- |
| 52 |
/* The user doesn't always get to see the log message (path info). */ |
| 53 |
if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && def_path_info && |
| 54 |
(flags == NOT_FOUND_DOT || flags == NOT_FOUND)) |
| 55 |
diff -up sudo-1.8.6p3/plugins/sudoers/logging.h.orig sudo-1.8.6p3/plugins/sudoers/logging.h |
| 56 |
--- sudo-1.8.6p3/plugins/sudoers/logging.h.orig 2012-11-07 13:04:55.425637802 +0100 |
| 57 |
+++ sudo-1.8.6p3/plugins/sudoers/logging.h 2012-11-07 13:06:53.706032965 +0100 |
| 58 |
@@ -56,6 +56,7 @@ void audit_success(char *exec_args[]); |
| 59 |
void audit_failure(char *exec_args[], char const *const fmt, ...); |
| 60 |
void log_allowed(int status); |
| 61 |
void log_auth_failure(int status, int tries); |
| 62 |
+void log_denial(int status, bool inform_user); |
| 63 |
void log_failure(int status, int flags); |
| 64 |
void log_error(int flags, const char *fmt, ...) __printflike(2, 3); |
| 65 |
void log_fatal(int flags, const char *fmt, ...) __printflike(2, 3) __attribute__((__noreturn__)); |
| 66 |
diff -up sudo-1.8.6p3/plugins/sudoers/sudoers.c.orig sudo-1.8.6p3/plugins/sudoers/sudoers.c |
| 67 |
--- sudo-1.8.6p3/plugins/sudoers/sudoers.c.orig 2012-11-07 13:04:55.425637802 +0100 |
| 68 |
+++ sudo-1.8.6p3/plugins/sudoers/sudoers.c 2012-11-07 13:06:53.706032965 +0100 |
| 69 |
@@ -466,7 +466,7 @@ sudoers_policy_main(int argc, char * con |
| 70 |
rval = check_user(validated, sudo_mode); |
| 71 |
if (rval != true) { |
| 72 |
if (!ISSET(validated, VALIDATE_OK)) |
| 73 |
- log_failure(validated, cmnd_status); |
| 74 |
+ log_denial(validated, false); |
| 75 |
goto done; |
| 76 |
} |
| 77 |
|
Parent Directory
| 
Revision Log
| 
Revision Graph
