isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

We can use evlog.submit_time in the call to eventlog_alert().

Browse Source 
This is set to the current wallclock time by sudoers_to_eventlog().
This commit is contained in:
Todd C. Miller
2023-11-23 09:08:04 -05:00
parent 39ea3176c1
commit 0e53d5fddf
2 changed files with 2 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/sudoers/audit.c
View File

@@ -434,7 +434,6 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type,
{ {
const struct sudoers_context *ctx = sudoers_get_context(); const struct sudoers_context *ctx = sudoers_get_context();
struct eventlog evlog; struct eventlog evlog;
struct timespec now;
int ret = true; int ret = true;
debug_decl(sudoers_audit_error, SUDOERS_DEBUG_PLUGIN); debug_decl(sudoers_audit_error, SUDOERS_DEBUG_PLUGIN);
@@ -447,13 +446,8 @@ sudoers_audit_error(const char *plugin_name, unsigned int plugin_type,
ret = false; ret = false;
} }
if (sudo_gettime_real(&now)) {
sudo_warn("%s", U_("unable to get time of day"));
debug_return_bool(false);
}
audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, NULL, NULL); audit_to_eventlog(ctx, &evlog, command_info, ctx->runas.argv, NULL, NULL);
if (!eventlog_alert(&evlog, 0, &now, message, NULL)) if (!eventlog_alert(&evlog, 0, &evlog.submit_time, message, NULL))
ret = false; ret = false;
if (!log_server_alert(ctx, &evlog, message, NULL)) if (!log_server_alert(ctx, &evlog, message, NULL))

7
plugins/sudoers/logging.c
View File

@@ -688,7 +688,6 @@ vlog_warning(const struct sudoers_context *ctx, unsigned int flags,
int errnum, const char * restrict fmt, va_list ap) int errnum, const char * restrict fmt, va_list ap)
{ {
struct eventlog evlog; struct eventlog evlog;
struct timespec now;
const char *errstr = NULL; const char *errstr = NULL;
char *message; char *message;
bool ret = true; bool ret = true;
@@ -733,10 +732,6 @@ vlog_warning(const struct sudoers_context *ctx, unsigned int flags,
} }
if (ISSET(flags, SLOG_SEND_MAIL) || !ISSET(flags, SLOG_NO_LOG)) { if (ISSET(flags, SLOG_SEND_MAIL) || !ISSET(flags, SLOG_NO_LOG)) {
if (sudo_gettime_real(&now) == -1) {
sudo_warn("%s", U_("unable to get time of day"));
goto done;
}
if (ISSET(flags, SLOG_RAW_MSG)) if (ISSET(flags, SLOG_RAW_MSG))
SET(evl_flags, EVLOG_RAW); SET(evl_flags, EVLOG_RAW);
if (ISSET(flags, SLOG_SEND_MAIL)) { if (ISSET(flags, SLOG_SEND_MAIL)) {
@@ -746,7 +741,7 @@ vlog_warning(const struct sudoers_context *ctx, unsigned int flags,
} }
sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd, ctx->runas.argv, sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd, ctx->runas.argv,
NULL, ctx->uuid_str); NULL, ctx->uuid_str);
if (!eventlog_alert(&evlog, evl_flags, &now, message, errstr)) if (!eventlog_alert(&evlog, evl_flags, &evlog.submit_time, message, errstr))
ret = false; ret = false;
if (!log_server_alert(ctx, &evlog, message, errstr)) if (!log_server_alert(ctx, &evlog, message, errstr))
ret = false; ret = false;