Automatically migrate lecture file path from name-based to uid-based.

GitHub issue #342.

config.h.in

@@ -758,6 +758,9 @@
 /* Define to 1 if you have the 'realpath' function. */
 #undef HAVE_REALPATH
 
+/* Define to 1 if you have the 'renameat' function. */
+#undef HAVE_RENAMEAT
+
 /* Define to 1 if you have the 'revoke' function. */
 #undef HAVE_REVOKE
 

configure

@@ -3439,13 +3439,14 @@ as_fn_append ac_header_c_list " sys/select.h sys_select_h HAVE_SYS_SELECT_H"
 as_fn_append ac_header_c_list " sys/stropts.h sys_stropts_h HAVE_SYS_STROPTS_H"
 as_fn_append ac_header_c_list " sys/sysmacros.h sys_sysmacros_h HAVE_SYS_SYSMACROS_H"
 as_fn_append ac_header_c_list " sys/statvfs.h sys_statvfs_h HAVE_SYS_STATVFS_H"
+as_fn_append ac_func_c_list " faccessat HAVE_FACCESSAT"
 as_fn_append ac_func_c_list " fexecve HAVE_FEXECVE"
 as_fn_append ac_func_c_list " fmemopen HAVE_FMEMOPEN"
 as_fn_append ac_func_c_list " killpg HAVE_KILLPG"
 as_fn_append ac_func_c_list " nl_langinfo HAVE_NL_LANGINFO"
-as_fn_append ac_func_c_list " faccessat HAVE_FACCESSAT"
-as_fn_append ac_func_c_list " wordexp HAVE_WORDEXP"
+as_fn_append ac_func_c_list " renameat HAVE_RENAMEAT"
 as_fn_append ac_func_c_list " strtoull HAVE_STRTOULL"
+as_fn_append ac_func_c_list " wordexp HAVE_WORDEXP"
 as_fn_append ac_func_c_list " seteuid HAVE_SETEUID"
 
 # Auxiliary files required by this configure script.
@@ -22306,6 +22307,7 @@ done
 
 
 
+
   for ac_func in execvpe
 do :
   ac_fn_c_check_func "$LINENO" "execvpe" "ac_cv_func_execvpe"

configure.ac

@@ -2660,7 +2660,7 @@ dnl Function checks
 dnl
 AC_FUNC_GETGROUPS
 AC_FUNC_FSEEKO
-AC_CHECK_FUNCS_ONCE([fexecve fmemopen killpg nl_langinfo faccessat wordexp strtoull])
+AC_CHECK_FUNCS_ONCE([faccessat fexecve fmemopen killpg nl_langinfo renameat strtoull wordexp])
 AC_CHECK_FUNCS([execvpe], [SUDO_APPEND_INTERCEPT_EXP(execvpe)])
 AC_CHECK_FUNCS([pread], [
     # pread/pwrite on 32-bit HP-UX 11.x may not support large files

plugins/sudoers/timestamp.c

@@ -1147,6 +1147,35 @@ already_lectured(const struct sudoers_context *ctx)
 	goto done;
 
     ret = fstatat(dfd, uidstr, &sb, AT_SYMLINK_NOFOLLOW) == 0;
+    if (!ret && errno == ENOENT && strchr(ctx->user.name, '/') == NULL) {
+	/* No uid-based lecture path, check for username-based path. */
+	ret = fstatat(dfd, ctx->user.name, &sb, AT_SYMLINK_NOFOLLOW) == 0;
+	if (ret) {
+	    /* Migrate lecture file to uid-based path. */
+#ifdef HAVE_RENAMEAT
+	    if (renameat(dfd, ctx->user.name, dfd, uidstr) == -1) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "%s: unable to rename %s/%s to %s/%s", __func__,
+		    def_lecture_status_dir, ctx->user.name,
+		    def_lecture_status_dir, uidstr);
+	    }
+#else
+	    char from[PATH_MAX], to[PATH_MAX];
+	    len = snprintf(from, sizeof(from), "%s/%s", def_lecture_status_dir,
+		ctx->user.name);
+	    if (len < 0 || len >= ssizeof(from))
+		goto done;
+	    len = snprintf(to, sizeof(to), "%s/%s", def_lecture_status_dir,
+		uidstr);
+	    if (len < 0 || len >= ssizeof(to))
+		goto done;
+	    if (rename(from, to) == -1) {
+		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
+		    "%s: unable to rename %s to %s", __func__, from, to);
+	    }
+#endif
+	}
+    }
 
 done:
     if (dfd != -1)