Propagate errors in audit code to caller instead of using fatal().

If we fail to audit an otherwise successful command, return an error from the policy. For Linux audit, sudo may be compiled with audit support but auditing may not be setup, so we don't consider that an error.
2014-03-26 13:00:56 -06:00
parent 7d7f9cb55a
commit 2220f55aef
6 changed files with 150 additions and 85 deletions
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -496,7 +496,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
    }

    /* Must audit before uid change. */
-    audit_success(NewArgv);
+    if (audit_success(NewArgv) != 0)
+	goto bad;

    /* Setup execution environment to pass back to front-end. */
    rval = sudoers_policy_exec_setup(edit_argv ? edit_argv : NewArgv,