Save the initial command run via sudo and use it when logging exit status.
Otherwise, if we are in intercept mode or logging sub-commands the exit status will be logged with the wrong command.
This commit is contained in:
Todd C. Miller
@@ -208,7 +208,7 @@ audit_to_eventlog(struct eventlog *evlog, char * const command_info[],
|
||||
debug_decl(audit_to_eventlog, SUDOERS_DEBUG_PLUGIN);
|
||||
|
||||
/* Fill in evlog from sudoers Defaults, run_argv and run_envp. */
|
||||
sudoers_to_eventlog(evlog, run_argv, run_envp, uuid_str);
|
||||
sudoers_to_eventlog(evlog, NULL, run_argv, run_envp, uuid_str);
|
||||
|
||||
/* Update iolog and execution environment from command_info[]. */
|
||||
if (command_info != NULL) {
|
||||
|
||||
@@ -263,7 +263,7 @@ log_reject(const char *message, bool logit, bool mailit)
|
||||
if (!logit)
|
||||
SET(evl_flags, EVLOG_MAIL_ONLY);
|
||||
}
|
||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), uuid_str);
|
||||
sudoers_to_eventlog(&evlog, safe_cmnd, NewArgv, env_get(), uuid_str);
|
||||
ret = eventlog_reject(&evlog, evl_flags, message, NULL, NULL);
|
||||
if (!log_server_reject(&evlog, message))
|
||||
ret = false;
|
||||
@@ -612,7 +612,8 @@ log_exit_status(int status)
|
||||
/* Log and mail messages should be in the sudoers locale. */
|
||||
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
|
||||
|
||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), sudo_user.uuid_str);
|
||||
sudoers_to_eventlog(&evlog, saved_cmnd, saved_argv, env_get(),
|
||||
sudo_user.uuid_str);
|
||||
if (def_mail_always) {
|
||||
SET(evl_flags, EVLOG_MAIL);
|
||||
if (!def_log_exit_status)
|
||||
@@ -695,7 +696,8 @@ vlog_warning(int flags, int errnum, const char *fmt, va_list ap)
|
||||
if (ISSET(flags, SLOG_NO_LOG))
|
||||
SET(evl_flags, EVLOG_MAIL_ONLY);
|
||||
}
|
||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), sudo_user.uuid_str);
|
||||
sudoers_to_eventlog(&evlog, safe_cmnd, NewArgv, env_get(),
|
||||
sudo_user.uuid_str);
|
||||
eventlog_alert(&evlog, evl_flags, &now, message, errstr);
|
||||
log_server_alert(&evlog, &now, message, errstr);
|
||||
}
|
||||
@@ -791,7 +793,8 @@ mail_parse_errors(void)
|
||||
ret = false;
|
||||
goto done;
|
||||
}
|
||||
sudoers_to_eventlog(&evlog, NewArgv, env_get(), sudo_user.uuid_str);
|
||||
sudoers_to_eventlog(&evlog, safe_cmnd, NewArgv, env_get(),
|
||||
sudo_user.uuid_str);
|
||||
|
||||
len = strlen(_("problem parsing sudoers")) + 1;
|
||||
STAILQ_FOREACH(pe, &parse_error_list, entries) {
|
||||
@@ -916,8 +919,8 @@ should_mail(int status)
|
||||
* The values in the resulting eventlog struct should not be freed.
|
||||
*/
|
||||
void
|
||||
sudoers_to_eventlog(struct eventlog *evlog, char * const argv[],
|
||||
char * const envp[], const char *uuid_str)
|
||||
sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd,
|
||||
char * const argv[], char * const envp[], const char *uuid_str)
|
||||
{
|
||||
struct group *grp;
|
||||
debug_decl(sudoers_to_eventlog, SUDOERS_DEBUG_LOGGING);
|
||||
@@ -929,7 +932,7 @@ sudoers_to_eventlog(struct eventlog *evlog, char * const argv[],
|
||||
memset(evlog, 0, sizeof(*evlog));
|
||||
evlog->iolog_file = sudo_user.iolog_file;
|
||||
evlog->iolog_path = sudo_user.iolog_path;
|
||||
evlog->command = safe_cmnd ? safe_cmnd : (argv ? argv[0] : NULL);
|
||||
evlog->command = cmnd ? (char *)cmnd : (argv ? argv[0] : NULL);
|
||||
evlog->cwd = user_cwd;
|
||||
if (def_runchroot != NULL && strcmp(def_runchroot, "*") != 0) {
|
||||
evlog->runchroot = def_runchroot;
|
||||
|
||||
@@ -62,6 +62,7 @@ typedef bool (*sudoers_logger_t)(const char *file, int line, int column, const c
|
||||
/* XXX - needed for auditing */
|
||||
extern int NewArgc;
|
||||
extern char **NewArgv;
|
||||
extern char **saved_argv;
|
||||
extern char *audit_msg;
|
||||
|
||||
union sudo_defs_val;
|
||||
@@ -85,7 +86,7 @@ bool log_warningx(int flags, const char *fmt, ...) __printflike(2, 3);
|
||||
bool gai_log_warning(int flags, int errnum, const char *fmt, ...) __printflike(3, 4);
|
||||
bool sudoers_initlocale(const char *ulocale, const char *slocale);
|
||||
bool sudoers_locale_callback(const char *file, int line, int column, const union sudo_defs_val *sd_un, int op);
|
||||
void sudoers_to_eventlog(struct eventlog *evlog, char * const argv[], char *const envp[], const char *uuid_str);
|
||||
void sudoers_to_eventlog(struct eventlog *evlog, const char *cmnd, char * const argv[], char *const envp[], const char *uuid_str);
|
||||
void init_eventlog_config(void);
|
||||
bool init_log_details(struct log_details *details, struct eventlog *evlog);
|
||||
bool log_parse_error(const char *file, int line, int column, const char *fmt, va_list ap) __printflike(4, 0);
|
||||
|
||||
@@ -102,6 +102,7 @@ static struct rlimit nproclimit;
|
||||
/* XXX - must be extern for audit bits of sudo_auth.c */
|
||||
int NewArgc;
|
||||
char **NewArgv;
|
||||
char **saved_argv;
|
||||
|
||||
#ifdef SUDOERS_LOG_CLIENT
|
||||
# define remote_iologs (!SLIST_EMPTY(&def_log_servers))
|
||||
@@ -433,7 +434,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
* Make a local copy of argc/argv, with special handling for the
|
||||
* '-i' option. We also allocate an extra slot for bash's --login.
|
||||
*/
|
||||
if (NewArgv != NULL) {
|
||||
if (NewArgv != NULL && NewArgv != saved_argv) {
|
||||
sudoers_gc_remove(GC_PTR, NewArgv);
|
||||
free(NewArgv);
|
||||
}
|
||||
@@ -803,8 +804,10 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
goto bad;
|
||||
}
|
||||
/* find_editor() already g/c'd edit_argv[] */
|
||||
sudoers_gc_remove(GC_PTR, NewArgv);
|
||||
free(NewArgv);
|
||||
if (NewArgv != saved_argv) {
|
||||
sudoers_gc_remove(GC_PTR, NewArgv);
|
||||
free(NewArgv);
|
||||
}
|
||||
NewArgv = edit_argv;
|
||||
NewArgc = edit_argc;
|
||||
|
||||
@@ -812,6 +815,16 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
env_swap_old();
|
||||
}
|
||||
|
||||
/* Save the initial command and argv so we have it for exit logging. */
|
||||
if (saved_cmnd == NULL) {
|
||||
saved_cmnd = strdup(safe_cmnd);
|
||||
if (saved_cmnd == NULL) {
|
||||
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
||||
goto done;
|
||||
}
|
||||
saved_argv = NewArgv;
|
||||
}
|
||||
|
||||
goto done;
|
||||
|
||||
bad:
|
||||
@@ -1764,6 +1777,7 @@ sudoers_cleanup(void)
|
||||
|
||||
/* Clear globals */
|
||||
list_pw = NULL;
|
||||
saved_argv = NULL;
|
||||
NewArgv = NULL;
|
||||
NewArgc = 0;
|
||||
prev_user = NULL;
|
||||
@@ -1820,6 +1834,7 @@ sudo_user_free(void)
|
||||
free(user_cmnd);
|
||||
free(user_args);
|
||||
free(safe_cmnd);
|
||||
free(saved_cmnd);
|
||||
free(user_stat);
|
||||
#ifdef HAVE_SELINUX
|
||||
free(user_role);
|
||||
|
||||
@@ -103,6 +103,7 @@ struct sudo_user {
|
||||
char *cmnd_args;
|
||||
char *cmnd_base;
|
||||
char *cmnd_safe;
|
||||
char *cmnd_saved;
|
||||
char *class_name;
|
||||
char *krb5_ccname;
|
||||
struct gid_list *gid_list;
|
||||
@@ -245,6 +246,7 @@ struct sudo_user {
|
||||
#define user_srunhost (sudo_user.srunhost)
|
||||
#define user_ccname (sudo_user.krb5_ccname)
|
||||
#define safe_cmnd (sudo_user.cmnd_safe)
|
||||
#define saved_cmnd (sudo_user.cmnd_saved)
|
||||
#define cmnd_fd (sudo_user.execfd)
|
||||
#define login_class (sudo_user.class_name)
|
||||
#define runas_pw (sudo_user._runas_pw)
|
||||
|
||||
Reference in New Issue
Block a user