isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix logic bug. We only want to return -1 from linux_audit_open()

Browse Source 
when audit_open() fails and errno is not one of EINVAL, EPROTONOSUPPORT,
or EAFNOSUPPORT.  For those errno values, we return AUDIT_NOT_CONFIGURED
which is not a fatal error.  Bug #671
This commit is contained in:
Todd C. Miller
2014-10-13 08:33:25 -06:00
parent 2c5239a3a7
commit 38c7d7abc4
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/sudoers/linux_audit.c
View File

@@ -57,10 +57,10 @@ linux_audit_open(void)
au_fd = audit_open(); au_fd = audit_open();
if (au_fd == -1) { if (au_fd == -1) {
/* Kernel may not have audit support. */ /* Kernel may not have audit support. */
if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT) { if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)
sudo_warn(U_("unable to open audit system"));
au_fd = AUDIT_NOT_CONFIGURED; au_fd = AUDIT_NOT_CONFIGURED;
} else
sudo_warn(U_("unable to open audit system"));
} else { } else {
(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC); (void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
} }