From c2faa9e6ef1d337911fbb8773ad1d38a1fcb508d Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Wed, 5 Feb 2020 10:53:50 -0700
Subject: [PATCH] Add runas_user and runas_group (if set) to command_info for
 audit plugin. Otherwise, the audit plugin has to look up the runas name and
 group by user or group ID.

---
 plugins/sudoers/policy.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/plugins/sudoers/policy.c b/plugins/sudoers/policy.c
index b7a8e19a2..cffafaf85 100644
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -564,7 +564,7 @@ sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask,
 	debug_return_bool(true);	/* nothing to do */
 
     /* Increase the length of command_info as needed, it is *not* checked. */
-    command_info = calloc(50, sizeof(char *));
+    command_info = calloc(52, sizeof(char *));
     if (command_info == NULL)
 	goto oom;
 
@@ -620,6 +620,12 @@ sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask,
 	if ((command_info[info_len++] = sudo_new_key_val("cwd", runas_pw->pw_dir)) == NULL)
 	    goto oom;
     }
+    if ((command_info[info_len++] = sudo_new_key_val("runas_user", runas_pw->pw_name)) == NULL)
+	goto oom;
+    if (runas_gr != NULL) {
+	if ((command_info[info_len++] = sudo_new_key_val("runas_group", runas_gr->gr_name)) == NULL)
+	    goto oom;
+    }
     if (def_stay_setuid) {
 	if (asprintf(&command_info[info_len++], "runas_uid=%u",
 	    (unsigned int)user_uid) == -1)