isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add argc and argv to I/O logger open function.

Browse Source
This commit is contained in:
Todd C. Miller
2010-05-17 10:38:56 -04:00
parent fa717176b2
commit 55ef027d88
8 changed files with 191 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

302
doc/sudo_plugin.cat
View File

@@ -61,7 +61,7 @@ SSuuddoo PPlluuggiinn AAPPII
1.8.0a1 May 14, 2010 1
1.8.0a1 May 17, 2010 1
@@ -86,9 +86,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
const char *list_user);
int (*validate)(void);
void (*invalidate)(int remove);
int (*check_sudoedit)(int argc, char * const argv[],
char *env_add[], char **command_info[],
char **argv_out[], char **user_env_out[]);
};
The policy_plugin struct has the following fields:
@@ -125,9 +122,12 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
A pointer to the conversation function that can be used by the
plugin to interact with the user (see below).
plugin_printf
A pointer to a printf-style function that may be used to
1.8.0a1 May 14, 2010 2
1.8.0a1 May 17, 2010 2
@@ -136,8 +136,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
plugin_printf
A pointer to a printf-style function that may be used to
display informational or error messages (see below).
settings
@@ -189,11 +187,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
from the check_policy function, which will cause ssuuddoo to
print a usage message and exit.
preserve_groups=bool
Set to true if the user specified the -P flag, indicating
that the user wishes to preserve the group vector instead
1.8.0a1 May 14, 2010 3
1.8.0a1 May 17, 2010 3
@@ -202,9 +202,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
preserve_groups=bool
Set to true if the user specified the -P flag, indicating
that the user wishes to preserve the group vector instead
of setting it based on the runas user.
ignore_ticket=bool
@@ -238,6 +235,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The command name that sudo was run as, typically "sudo" or
"sudoedit".
sudoedit=bool
Set to true when the -e flag is is specified or if invoked
as ssuuddooeeddiitt. The plugin shall substitute an editor into
_a_r_g_v in the _c_h_e_c_k___p_o_l_i_c_y function or return -2 with a usage
error if the plugin does not support _s_u_d_o_e_d_i_t. For more
information, see the _c_h_e_c_k___p_o_l_i_c_y section.
Additional settings may be added in the future so the plugin
should silently ignore settings that it does not recognize.
@@ -253,13 +257,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
user=string
The name of the user invoking ssuuddoo.
uid=uid_t
The real user ID of the user invoking ssuuddoo.
1.8.0a1 May 14, 2010 4
1.8.0a1 May 17, 2010 4
@@ -268,6 +268,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
uid=uid_t
The real user ID of the user invoking ssuuddoo.
gid=gid_t
The real group ID of the user invoking ssuuddoo.
@@ -318,14 +321,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
call. The value of exit_status is undefined if error is non-
zero.
error
If the command could not be executed, this is set to the value
of errno set by the _e_x_e_c_v_e(2) system call. The plugin is
responsible for displaying error information via the
1.8.0a1 May 14, 2010 5
1.8.0a1 May 17, 2010 5
@@ -334,6 +334,10 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
error
If the command could not be executed, this is set to the value
of errno set by the _e_x_e_c_v_e(2) system call. The plugin is
responsible for displaying error information via the
conversation or plugin_printf function. If the command was
successfully executed, the value of error is 0.
@@ -352,13 +356,31 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
char **argv_out[], char **user_env_out[]);
The _c_h_e_c_k___p_o_l_i_c_y function is called by ssuuddoo to determine whether
the user is allowed to run the specified commands. Returns 1 if
the command is allowed, 0 if not allowed, -1 for a general error,
or -2 for a usage error. In the latter case, ssuuddoo will print a
usage message before it exits. If an error occurs, the plugin may
optionally call the conversation or plugin_printf function with
SUDO_CONF_ERROR_MSG to present additional error information to the
user.
the user is allowed to run the specified commands.
If the _s_u_d_o_e_d_i_t option was enabled in the _s_e_t_t_i_n_g_s array passed to
the _o_p_e_n function, the user has requested _s_u_d_o_e_d_i_t mode. _s_u_d_o_e_d_i_t
is a mechanism for editing one or more files where an editor is run
with the user's credentials instead of with elevated privileges.
ssuuddoo achieves this by creating user-writable temporary copies of
the files to be edited and then overwriting the originals with the
temporary copies after editing is complete. If the plugin supports
ssuuddooeeddiitt, it should choose the editor to be used, potentially from
a variable in the user's environment, such as EDITOR, and include
it in _a_r_g_v___o_u_t (note that environment variables may include command
line flags). The files to be edited should be copied from _a_r_g_v
into _a_r_g_v___o_u_t, separated from the editor and its arguments by a
"--" element. The "--" will be removed by ssuuddoo before the editor
is executed. The plugin should also set _s_u_d_o_e_d_i_t_=_t_r_u_e in the
_c_o_m_m_a_n_d___i_n_f_o list.
The _c_h_e_c_k___p_o_l_i_c_y function returns 1 if the command is allowed, 0 if
not allowed, -1 for a general error, or -2 for a usage error or if
ssuuddooeeddiitt was specified but is unsupported by the plugin. In the
latter case, ssuuddoo will print a usage message before it exits. If
an error occurs, the plugin may optionally call the conversation or
plugin_printf function with SUDO_CONF_ERROR_MSG to present
additional error information to the user.
The function arguments are as follows:
@@ -366,6 +388,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The number of elements in _a_r_g_v, not counting the final NULL
pointer.
1.8.0a1 May 17, 2010 6
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
argv
The argument vector describing the command the user wishes to
run, in the same form as what would be passed to the _e_x_e_c_v_e_(_)
@@ -388,18 +422,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
execution environment when running a command. The plugin is
responsible for creating and populating the vector, which must
be terminated with a NULL pointer. The following values are
1.8.0a1 May 14, 2010 6
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
recognized by ssuuddoo:
command=string
@@ -433,6 +455,17 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
If set, ssuuddoo will preserve the user's group vector instead
of initializing the group vector based on runas_user.
1.8.0a1 May 17, 2010 7
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
cwd=string
The current working directory to change to when executing
the command.
@@ -454,18 +487,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
selinux_role=string
SELinux role to use when executing the command.
1.8.0a1 May 14, 2010 7
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
selinux_type=string
SELinux type to use when executing the command.
@@ -473,6 +494,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
Command timeout. If non-zero then when the timeout expires
the command will be killed.
sudoedit=bool
Set to true when in _s_u_d_o_e_d_i_t mode. The plugin may enable
_s_u_d_o_e_d_i_t mode even if ssuuddoo was not invoked as ssuuddooeeddiitt.
This allows the plugin to perform command substitution and
transparently enable _s_u_d_o_e_d_i_t when the user attempts to run
an editor.
Unsupported values will be ignored.
argv_out
@@ -492,6 +520,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
List available privileges for the invoking user. Returns 1 on
success, 0 on failure and -1 on error. On error, the plugin may
optionally call the conversation or plugin_printf function with
1.8.0a1 May 17, 2010 8
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_CONF_ERROR_MSG to present additional error information to the
user.
@@ -521,17 +561,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
validate
int (*validate)(void);
1.8.0a1 May 14, 2010 8
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The validate function is called when ssuuddoo is run with the -v flag.
For policy plugins such as _s_u_d_o_e_r_s that cache authentication
credentials, this function will validate and cache the credentials.
@@ -556,40 +585,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The invalidate function should be NULL if the plugin does not
support credential caching.
check_sudoedit
int (*check_sudoedit)(int argc, char * const argv[]
char *env_add[], char **command_info[],
char **argv_out[], char **user_env_out[]);
The _c_h_e_c_k___s_u_d_o_e_d_i_t function is called instead of _c_h_e_c_k___p_o_l_i_c_y when
ssuuddoo is invoked as ssuuddooeeddiitt or when the -e flag is specified.
ssuuddooeeddiitt is a mechanism for editing one or more files where an
editor is run with the user's credentials instead of with elevated
privileges. ssuuddoo achieves this by creating user-writable temporary
copies of the files to be edited and then overwriting the originals
with the temporary copies after editing is complete.
The plugin should choose the editor to be used, potentially from a
variable in the user's environment, such as EDITOR, and include it
in _a_r_g_v___o_u_t. The files to be edited should be copied from _a_r_g_v
into _a_r_g_v___o_u_t, separated from the editor and its arguments by a
"--" element. The "--" will be removed by ssuuddoo before the editor
is executed.
Returns 1 if the command is allowed, 0 if not allowed, -1 for a
general error, or -2 for a usage error. In the latter case, ssuuddoo
will print a usage message before it exits. If an error occurs,
the plugin may optionally call the conversation or plugin_printf
function with SUDO_CONF_ERROR_MSG to present additional error
information to the user.
The function arguments are the same as for _c_h_e_c_k___p_o_l_i_c_y, except
that _a_r_g_v_[_0_] will always be the string "sudoedit".
_C_o_n_v_e_r_s_a_t_i_o_n _A_P_I
1.8.0a1 May 14, 2010 9
1.8.0a1 May 17, 2010 9
@@ -598,8 +598,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
_C_o_n_v_e_r_s_a_t_i_o_n _A_P_I
If the plugin needs to interact with the user, it may do so via the
conversation function. A plugin should not attempt to read directly
from the standard input or the user's tty (neither of which are
@@ -655,7 +653,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
1.8.0a1 May 14, 2010 10
1.8.0a1 May 17, 2010 10
@@ -670,7 +670,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);
@@ -712,16 +713,15 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
open
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
The _o_p_e_n function is run before the _l_o_g___i_n_p_u_t, _l_o_g___o_u_t_p_u_t or
_s_h_o_w___v_e_r_s_i_o_n functions are called. It is only called if the
version is being requested or the _c_h_e_c_k___p_o_l_i_c_y function has
returned successfully. It returns 1 on success, 0 on failure, -1
1.8.0a1 May 14, 2010 11
1.8.0a1 May 17, 2010 11
@@ -730,6 +730,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
version is being requested or the _c_h_e_c_k___p_o_l_i_c_y function has
returned successfully. It returns 1 on success, 0 on failure, -1
if a general error occurred, or -2 if there was a usage error. In
the latter case, ssuuddoo will print a usage message before it exits.
If an error occurs, the plugin may optionally call the conversation
@@ -781,13 +783,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
See the "Policy Plugin API" section for a list of all possible
strings.
user_env
The user's environment in the form of a NULL-terminated vector
of "name=value" strings.
1.8.0a1 May 14, 2010 12
1.8.0a1 May 17, 2010 12
@@ -796,6 +796,19 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
argc
The number of elements in _a_r_g_v, not counting the final NULL
pointer.
argv
If non-NULL, an argument vector describing a command the user
wishes to run in the same form as what would be passed to the
_e_x_e_c_v_e_(_) system call.
user_env
The user's environment in the form of a NULL-terminated vector
of "name=value" strings.
When parsing _u_s_e_r___e_n_v, the plugin should split on the ffiirrsstt
equal sign ('=') since the _n_a_m_e field will never include one
itself but the _v_a_l_u_e might.
@@ -837,6 +850,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
passed to the command, 0 if the data is rejected (which will
terminate the command) or -1 if an error occurred.
1.8.0a1 May 17, 2010 13
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The function arguments are as follows:
buf The buffer containing user input.
@@ -850,18 +875,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
the command but before it is written to the user's terminal. This
allows the plugin to reject data if it chooses to (for instance if
the output contains banned content). Returns 1 if the data should
1.8.0a1 May 14, 2010 13
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
be passed to the user, 0 if the data is rejected (which will
terminate the command) or -1 if an error occurred.
@@ -903,6 +916,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
buf The buffer containing command output.
1.8.0a1 May 17, 2010 14
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
len The length of _b_u_f in bytes.
log_stderr
@@ -916,18 +941,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
data should be passed to the user, 0 if the data is rejected (which
will terminate the command) or -1 if an error occurred.
1.8.0a1 May 14, 2010 14
SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
The function arguments are as follows:
buf The buffer containing command output.
@@ -962,29 +975,16 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m)
struct io_plugin io;
};
PPOODD EERRRROORRSS
Hey! TThhee aabboovvee ddooccuummeenntt hhaadd ssoommee ccooddiinngg eerrrroorrss,, wwhhiicchh aarree eexxppllaaiinneedd
bbeellooww::
Around line 597:
You forgot a '=back' before '=head3'
1.8.0a1 May 14, 2010 15
1.8.0a1 May 17, 2010 15

17
doc/sudo_plugin.man.in
View File

@@ -728,7 +728,8 @@ See the sample plugin for an example of the conversation function usage.
\& unsigned int version; /* always SUDO_API_VERSION */
\& int (*open)(unsigned int version, sudo_conv_t conversation
\& sudo_printf_t plugin_printf, char * const settings[],
\& char * const user_info[], char * const user_env[]);
\& char * const user_info[], int argc, char * const argv[],
\& char * const user_env[]);
\& void (*close)(int exit_status, int error); /* wait status or error */
\& int (*show_version)(int verbose);
\& int (*log_ttyin)(const char *buf, unsigned int len);
@@ -770,10 +771,11 @@ This allows \fBsudo\fR to determine the \s-1API\s0 version the plugin was
built against.
.IP "open" 4
.IX Item "open"
.Vb 3
.Vb 4
\& int (*open)(unsigned int version, sudo_conv_t conversation
\& sudo_printf_t plugin_printf, char * const settings[],
\& char * const user_info[], char * const user_env[]);
\& char * const user_info[], int argc, char * const argv[],
\& char * const user_env[]);
.Ve
.Sp
The \fIopen\fR function is run before the \fIlog_input\fR, \fIlog_output\fR
@@ -828,6 +830,15 @@ equal sign ('=') since the \fIname\fR field will never include one
itself but the \fIvalue\fR might.
.Sp
See the \*(L"Policy Plugin \s-1API\s0\*(R" section for a list of all possible strings.
.IP "argc" 4
.IX Item "argc"
The number of elements in \fIargv\fR, not counting the final \f(CW\*(C`NULL\*(C'\fR
pointer.
.IP "argv" 4
.IX Item "argv"
If non\-\f(CW\*(C`NULL\*(C'\fR, an argument vector describing a command the user
wishes to run in the same form as what would be passed to the
\&\fIexecve()\fR system call.
.IP "user_env" 4
.IX Item "user_env"
The user's environment in the form of a \f(CW\*(C`NULL\*(C'\fR\-terminated vector of

17
doc/sudo_plugin.pod
View File

@@ -652,7 +652,8 @@ See the sample plugin for an example of the conversation function usage.
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);
@@ -700,7 +701,8 @@ built against.
int (*open)(unsigned int version, sudo_conv_t conversation
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
The I<open> function is run before the I<log_input>, I<log_output>
or I<show_version> functions are called. It is only called if the
@@ -761,6 +763,17 @@ itself but the I<value> might.
See the L<Policy Plugin API> section for a list of all possible strings.
=item argc
The number of elements in I<argv>, not counting the final C<NULL>
pointer.
=item argv
If non-C<NULL>, an argument vector describing a command the user
wishes to run in the same form as what would be passed to the
execve() system call.
=item user_env
The user's environment in the form of a C<NULL>-terminated vector of

3
include/sudo_plugin.h
View File

@@ -77,7 +77,8 @@ struct io_plugin {
unsigned int version; /* always SUDO_API_VERSION */
int (*open)(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
void (*close)(int exit_status, int error); /* wait status or error */
int (*show_version)(int verbose);
int (*log_ttyin)(const char *buf, unsigned int len);

3
plugins/sample/sample_plugin.c
View File

@@ -420,7 +420,8 @@ policy_close(int exit_status, int error)
static int
io_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
char * const user_info[], char * const user_env[])
char * const user_info[], int argc, char * const argv[],
char * const user_env[])
{
int fd;
char path[PATH_MAX];

4
plugins/sudoers/iolog.c
View File

@@ -178,7 +178,8 @@ build_idpath(char *pathbuf, size_t pathsize)
int
sudoers_io_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t plugin_printf, char * const settings[],
char * const user_info[], char * const user_env[])
char * const user_info[], int argc, char * const argv[],
char * const user_env[])
{
char pathbuf[PATH_MAX];
FILE *io_logfile;
@@ -250,6 +251,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
gettimeofday(&last_time, NULL);
/* XXX - log more stuff? window size? environment? */
/* XXX - use passed in argv instead of using sudoers policy info. */
fprintf(io_logfile, "%ld:%s:%s:%s:%s\n", last_time.tv_sec, user_name,
runas_pw->pw_name, runas_gr ? runas_gr->gr_name : "", user_tty);
fprintf(io_logfile, "%s\n", user_cwd);

3
plugins/sudoers/sudoers.h
View File

@@ -290,7 +290,8 @@ int get_boottime(struct timeval *);
/* iolog.c */
int sudoers_io_open(unsigned int version, sudo_conv_t conversation,
sudo_printf_t sudo_printf, char * const settings[],
char * const user_info[], char * const user_env[]);
char * const user_info[], int argc, char * const argv[],
char * const user_env[]);
void sudoers_io_close(int exit_status, int error);
int sudoers_io_version(int verbose);
int sudoers_io_log_output(const char *buf, unsigned int len);

4
src/sudo.c
View File

@@ -160,7 +160,7 @@ main(int argc, char *argv[], char *envp[])
policy_plugin.u.policy->show_version(!user_details.uid);
tq_foreach_fwd(&io_plugins, plugin) {
ok = plugin->u.io->open(SUDO_API_VERSION, sudo_conversation,
sudo_printf, settings, user_info, envp);
sudo_printf, settings, user_info, nargc, nargv, envp);
if (ok == TRUE)
plugin->u.io->show_version(user_details.uid == ROOT_UID);
}
@@ -212,7 +212,7 @@ main(int argc, char *argv[], char *envp[])
for (plugin = io_plugins.first; plugin != NULL; plugin = next) {
next = plugin->next;
ok = plugin->u.io->open(SUDO_API_VERSION, sudo_conversation,
sudo_printf, settings, user_info, envp);
sudo_printf, settings, user_info, nargc, nargv, envp);
switch (ok) {
case TRUE:
break;