Log the session ID, if there is one. Currently logs ID=XXXXXX, perhaps

should be SESSIONID or SESSID.
2009-08-30 15:18:50 +00:00
parent 5181d496c4
commit 6184eb9461
4 changed files with 18 additions and 4 deletions
--- a/logging.c
+++ b/logging.c
@@ -658,6 +658,7 @@ get_timestr()
 #define	LL_GROUP_STR	"GROUP="
 #define	LL_ENV_STR	"ENV="
 #define	LL_CMND_STR	"COMMAND="
+#define	LL_ID_STR	"ID="

 /*
 * Allocate and fill in a new logline.
@@ -687,6 +688,8 @@ new_logline(message, serrno)
 	len += sizeof(LL_USER_STR) + 2 + strlen(runas_pw->pw_name);
    if (runas_gr != NULL)
 	len += sizeof(LL_GROUP_STR) + 2 + strlen(runas_gr->gr_name);
+    if (sudo_user.sessid[0] != '\0')
+	len += sizeof(LL_ID_STR) + 2 + strlen(sudo_user.sessid);
    if (sudo_user.env_vars != NULL) {
 	size_t evlen = 0;
 	struct list_member *cur;
@@ -740,6 +743,12 @@ new_logline(message, serrno)
 	    strlcat(line, " ; ", len) >= len)
 	    goto toobig;
    }
+    if (sudo_user.sessid[0] != '\0') {
+	if (strlcat(line, LL_ID_STR, len) >= len ||
+	    strlcat(line, sudo_user.sessid, len) >= len ||
+	    strlcat(line, " ; ", len) >= len)
+	    goto toobig;
+    }
    if (evstr != NULL) {
 	if (strlcat(line, LL_ENV_STR, len) >= len ||
 	    strlcat(line, evstr, len) >= len ||
--- a/script.c
+++ b/script.c
@@ -160,6 +160,10 @@ next_seq(pathbuf)
    buf[6] = '\n';
    len += sizeof("/00/00/00") - 1;

+    /* For logging purposes */
+    memcpy(sudo_user.sessid, buf, 6);
+    sudo_user.sessid[6] = '\0';
+
    /* Rewind and overwrite old seq file. */
    if (lseek(fd, 0, SEEK_SET) == (off_t)-1 || write(fd, buf, 7) != 7)
 	log_error(USE_ERRNO, "Can't write to %s", pathbuf);
--- a/sudo.c
+++ b/sudo.c
@@ -461,6 +461,10 @@ main(argc, argv, envp)
 		validate_env_vars(sudo_user.env_vars);
 	}

+	/* Open tty and session ID as needed */
+	if (def_script)
+	    script_setup();
+
 	log_allowed(validated);
 	if (ISSET(sudo_mode, MODE_CHECK))
 	    rc = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw);
@@ -499,10 +503,6 @@ main(argc, argv, envp)
 	/* Must audit before uid change. */
 	audit_success(NewArgv);

-	/* Open tty as needed */
-	if (def_script)
-	    script_setup();
-
 	/* Become specified user or root if executing a command. */
 	if (ISSET(sudo_mode, MODE_RUN))
 	    set_perms(PERM_FULL_RUNAS);
--- a/sudo.h
+++ b/sudo.h
@@ -64,6 +64,7 @@ struct sudo_user {
    char *type;
 #endif
    char  cwd[PATH_MAX];
+    char  sessid[7];
 };

 /*