isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add log_allowed and log_denied sudoers flags, defaulting to true.

Browse Source
This commit is contained in:
Todd C. Miller
2019-10-17 13:43:04 -06:00
parent 4229dfc566
commit cf6c60c102
8 changed files with 205 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
doc/sudoers.man.in
View File

@@ -25,7 +25,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.TH "SUDOERS" "@mansectform@" "October 16, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .TH "SUDOERS" "@mansectform@" "October 17, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@@ -191,10 +191,10 @@ flags are enabled.
This allows users to This allows users to
determine for themselves whether or not they are allowed to use determine for themselves whether or not they are allowed to use
\fBsudo\fR. \fBsudo\fR.
All attempts to run By default, all attempts to run
\fBsudo\fR \fBsudo\fR
(successful or not) (successful or not)
will be logged, regardless of whether or not mail is sent. are logged, regardless of whether or not mail is sent.
.PP .PP
If If
\fBsudo\fR \fBsudo\fR
@@ -242,16 +242,21 @@ option can be used to select the type of time stamp record
\fBsudoers\fR \fBsudoers\fR
will use. will use.
.SS "Logging" .SS "Logging"
\fBsudoers\fR
can log both successful and unsuccessful attempts (as well
as errors) to
syslog(3),
a log file, or both.
By default, By default,
\fBsudoers\fR \fBsudoers\fR
will log via logs both successful and unsuccessful attempts (as well
as errors).
The
\fIlog_allowed\fR
and
\fIlog_denied\fR
flags can be used to control this behavior.
Messages can be logged to
syslog(3),
a log file, or both.
The default is to log to
syslog(3) syslog(3)
but this is changeable via the but this is configurable via the
\fIsyslog\fR \fIsyslog\fR
and and
\fIlogfile\fR \fIlogfile\fR
@@ -2508,10 +2513,33 @@ This flag is
\fI@insults@\fR \fI@insults@\fR
by default. by default.
.TP 18n .TP 18n
log_allowed
If set,
\fBsudoers\fR
will log commands allowed by the policy to the system audit log
(where supported) as well as to syslog and/or a log file.
This flag is
\fIon\fR
by default.
.sp
This setting is only supported by version 1.8.29 or higher.
.TP 18n
log_denied
If set,
\fBsudoers\fR
will log commands denied by the policy to the system audit log
(where supported) as well as to syslog and/or a log file.
This flag is
\fIon\fR
by default.
.sp
This setting is only supported by version 1.8.29 or higher.
.TP 18n
log_host log_host
If set, the host name will be logged in the (non-syslog) If set, the host name will be included in log entries written to
\fBsudo\fR the file configured by the
log file. \fIlogfile\fR
setting.
This flag is This flag is
\fIoff\fR \fIoff\fR
by default. by default.

116
doc/sudoers.mdoc.in
View File

@@ -24,7 +24,7 @@
.nr BA @BAMAN@ .nr BA @BAMAN@
.nr LC @LCMAN@ .nr LC @LCMAN@
.nr PS @PSMAN@ .nr PS @PSMAN@
.Dd October 16, 2019 .Dd October 17, 2019
.Dt SUDOERS @mansectform@ .Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@@ -47,7 +47,7 @@ The policy format is described in detail in the
.Sx SUDOERS FILE FORMAT .Sx SUDOERS FILE FORMAT
section. section.
For information on storing For information on storing
.Nm sudoers .Nm
policy information policy information
in LDAP, please see in LDAP, please see
.Xr sudoers.ldap @mansectform@ . .Xr sudoers.ldap @mansectform@ .
@@ -131,7 +131,7 @@ For more information on configuring
please refer to its manual. please refer to its manual.
.Ss User Authentication .Ss User Authentication
The The
.Nm sudoers .Nm
security policy requires that most users authenticate security policy requires that most users authenticate
themselves before they can use themselves before they can use
.Nm sudo . .Nm sudo .
@@ -142,7 +142,7 @@ user or command.
Unlike Unlike
.Xr su 1 , .Xr su 1 ,
when when
.Nm sudoers .Nm
requires requires
authentication, it validates the invoking user's credentials, not authentication, it validates the invoking user's credentials, not
the target user's (or root's) credentials. the target user's (or root's) credentials.
@@ -180,10 +180,10 @@ flags are enabled.
This allows users to This allows users to
determine for themselves whether or not they are allowed to use determine for themselves whether or not they are allowed to use
.Nm sudo . .Nm sudo .
All attempts to run By default, all attempts to run
.Nm sudo .Nm sudo
(successful or not) (successful or not)
will be logged, regardless of whether or not mail is sent. are logged, regardless of whether or not mail is sent.
.Pp .Pp
If If
.Nm sudo .Nm sudo
@@ -191,7 +191,7 @@ is run by root and the
.Ev SUDO_USER .Ev SUDO_USER
environment variable environment variable
is set, the is set, the
.Nm sudoers .Nm
policy will use this value to determine who policy will use this value to determine who
the actual user is. the actual user is.
This can be used by a user to log commands This can be used by a user to log commands
@@ -206,7 +206,7 @@ Note, however, that the
file lookup is still done for root, not the user specified by file lookup is still done for root, not the user specified by
.Ev SUDO_USER . .Ev SUDO_USER .
.Pp .Pp
.Nm sudoers .Nm
uses per-user time stamp files for credential caching. uses per-user time stamp files for credential caching.
Once a user has been authenticated, a record is written Once a user has been authenticated, a record is written
containing the user ID that was used to authenticate, the containing the user ID that was used to authenticate, the
@@ -223,25 +223,30 @@ minutes unless overridden by the
option option
.Pc . .Pc .
By default, By default,
.Nm sudoers .Nm
uses a separate record for each terminal, which means that uses a separate record for each terminal, which means that
a user's login sessions are authenticated separately. a user's login sessions are authenticated separately.
The The
.Em timestamp_type .Em timestamp_type
option can be used to select the type of time stamp record option can be used to select the type of time stamp record
.Nm sudoers .Nm
will use. will use.
.Ss Logging .Ss Logging
.Nm sudoers By default,
can log both successful and unsuccessful attempts (as well .Nm
as errors) to logs both successful and unsuccessful attempts (as well
as errors).
The
.Em log_allowed
and
.Em log_denied
flags can be used to control this behavior.
Messages can be logged to
.Xr syslog 3 , .Xr syslog 3 ,
a log file, or both. a log file, or both.
By default, The default is to log to
.Nm sudoers
will log via
.Xr syslog 3 .Xr syslog 3
but this is changeable via the but this is configurable via the
.Em syslog .Em syslog
and and
.Em logfile .Em logfile
@@ -250,7 +255,7 @@ See
.Sx "LOG FORMAT" .Sx "LOG FORMAT"
for a description of the log file format. for a description of the log file format.
.Pp .Pp
.Nm sudoers .Nm
is also capable of running a command in a pseudo-terminal and logging all is also capable of running a command in a pseudo-terminal and logging all
input and/or output. input and/or output.
The standard input, standard output and standard error can be logged The standard input, standard output and standard error can be logged
@@ -270,12 +275,12 @@ See
for details on how I/O log files are stored. for details on how I/O log files are stored.
.Ss Command environment .Ss Command environment
Since environment variables can influence program behavior, Since environment variables can influence program behavior,
.Nm sudoers .Nm
provides a means to restrict which variables from the user's provides a means to restrict which variables from the user's
environment are inherited by the command to be run. environment are inherited by the command to be run.
There are two There are two
distinct ways distinct ways
.Nm sudoers .Nm
can deal with environment variables. can deal with environment variables.
.Pp .Pp
By default, the By default, the
@@ -482,7 +487,7 @@ As a special case, if the
.Fl i .Fl i
option (initial login) is option (initial login) is
specified, specified,
.Nm sudoers .Nm
will initialize the environment regardless will initialize the environment regardless
of the value of of the value of
.Em env_reset . .Em env_reset .
@@ -1293,7 +1298,7 @@ or
character. character.
.\} .\}
.Ss Date_Spec .Ss Date_Spec
.Nm sudoers .Nm
rules can be specified with a start and end date via the rules can be specified with a start and end date via the
.Li NOTBEFORE .Li NOTBEFORE
and and
@@ -2360,10 +2365,31 @@ will insult users when they enter an incorrect password.
This flag is This flag is
.Em @insults@ .Em @insults@
by default. by default.
.It log_allowed
If set,
.Nm
will log commands allowed by the policy to the system audit log
(where supported) as well as to syslog and/or a log file.
This flag is
.Em on
by default.
.Pp
This setting is only supported by version 1.8.29 or higher.
.It log_denied
If set,
.Nm
will log commands denied by the policy to the system audit log
(where supported) as well as to syslog and/or a log file.
This flag is
.Em on
by default.
.Pp
This setting is only supported by version 1.8.29 or higher.
.It log_host .It log_host
If set, the host name will be logged in the (non-syslog) If set, the host name will be included in log entries written to
.Nm sudo the file configured by the
log file. .Em logfile
setting.
This flag is This flag is
.Em off .Em off
by default. by default.
@@ -2452,7 +2478,7 @@ user if the user running
.Nm sudo .Nm sudo
does not enter the correct password. does not enter the correct password.
If the command the user is attempting to run is not permitted by If the command the user is attempting to run is not permitted by
.Nm sudoers .Nm
and one of the and one of the
.Em mail_all_cmnds , .Em mail_all_cmnds ,
.Em mail_always , .Em mail_always ,
@@ -3562,7 +3588,7 @@ Note that changing the locale may affect how sudoers is interpreted.
Defaults to Defaults to
.Dq Li C . .Dq Li C .
.It timestamp_type .It timestamp_type
.Nm sudoers .Nm
uses per-user time stamp files for credential caching. uses per-user time stamp files for credential caching.
The The
.Em timestamp_type .Em timestamp_type
@@ -3720,7 +3746,7 @@ If the operating system does not support the
system call, this setting has no effect. system call, this setting has no effect.
.It group_plugin .It group_plugin
A string containing a A string containing a
.Nm sudoers .Nm
group plugin with optional arguments. group plugin with optional arguments.
The string should consist of the plugin The string should consist of the plugin
path, either fully-qualified or relative to the path, either fully-qualified or relative to the
@@ -4392,7 +4418,7 @@ line in the
.Xr sudo.conf @mansectform@ .Xr sudo.conf @mansectform@
file. file.
.It unable to open @rundir@/ts/username .It unable to open @rundir@/ts/username
.Nm sudoers .Nm
was unable to read or create the user's time stamp file. was unable to read or create the user's time stamp file.
This can happen when This can happen when
.Em timestampowner .Em timestampowner
@@ -4403,7 +4429,7 @@ The default mode for
.Pa @rundir@ .Pa @rundir@
is 0711. is 0711.
.It unable to write to @rundir@/ts/username .It unable to write to @rundir@/ts/username
.Nm sudoers .Nm
was unable to write to the user's time stamp file. was unable to write to the user's time stamp file.
.It @rundir@/ts is owned by uid X, should be Y .It @rundir@/ts is owned by uid X, should be Y
The time stamp directory is owned by a user other than The time stamp directory is owned by a user other than
@@ -4411,18 +4437,18 @@ The time stamp directory is owned by a user other than
This can occur when the value of This can occur when the value of
.Em timestampowner .Em timestampowner
has been changed. has been changed.
.Nm sudoers .Nm
will ignore the time stamp directory until the owner is corrected. will ignore the time stamp directory until the owner is corrected.
.It @rundir@/ts is group writable .It @rundir@/ts is group writable
The time stamp directory is group-writable; it should be writable only by The time stamp directory is group-writable; it should be writable only by
.Em timestampowner . .Em timestampowner .
The default mode for the time stamp directory is 0700. The default mode for the time stamp directory is 0700.
.Nm sudoers .Nm
will ignore the time stamp directory until the mode is corrected. will ignore the time stamp directory until the mode is corrected.
.El .El
.Ss Notes on logging via syslog .Ss Notes on logging via syslog
By default, By default,
.Nm sudoers .Nm
logs messages via logs messages via
.Xr syslog 3 . .Xr syslog 3 .
The The
@@ -4448,11 +4474,11 @@ For more information, see the description of
If the If the
.Em logfile .Em logfile
option is set, option is set,
.Nm sudoers .Nm
will log to a local file, such as will log to a local file, such as
.Pa /var/log/sudo . .Pa /var/log/sudo .
When logging to a file, When logging to a file,
.Nm sudoers .Nm
uses a format similar to uses a format similar to
.Xr syslog 3 , .Xr syslog 3 ,
with a few important differences: with a few important differences:
@@ -4620,11 +4646,11 @@ List of network groups
I/O log files I/O log files
.It Pa @rundir@/ts .It Pa @rundir@/ts
Directory containing time stamps for the Directory containing time stamps for the
.Nm sudoers .Nm
security policy security policy
.It Pa @vardir@/lectured .It Pa @vardir@/lectured
Directory containing lecture status files for the Directory containing lecture status files for the
.Nm sudoers .Nm
security policy security policy
.It Pa /etc/environment .It Pa /etc/environment
Initial environment for Initial environment for
@@ -5168,7 +5194,7 @@ user permission to run
(see below). (see below).
.Ss Secure editing .Ss Secure editing
The The
.Nm sudoers .Nm
plugin includes plugin includes
.Nm sudoedit .Nm sudoedit
support which allows users to securely edit files with the editor support which allows users to securely edit files with the editor
@@ -5242,7 +5268,7 @@ tag in the
.Em sudoers .Em sudoers
file. file.
.Ss Time stamp file checks .Ss Time stamp file checks
.Nm sudoers .Nm
will check the ownership of its time stamp directory will check the ownership of its time stamp directory
.Po .Po
.Pa @rundir@/ts .Pa @rundir@/ts
@@ -5266,14 +5292,14 @@ or
.Pa /var/run .Pa /var/run
directory. directory.
To avoid potential problems, To avoid potential problems,
.Nm sudoers .Nm
will ignore time stamp files that date from before the machine booted will ignore time stamp files that date from before the machine booted
on systems where the boot time is available. on systems where the boot time is available.
.Pp .Pp
Some systems with graphical desktop environments allow unprivileged Some systems with graphical desktop environments allow unprivileged
users to change the system clock. users to change the system clock.
Since Since
.Nm sudoers .Nm
relies on the system clock for time stamp validation, it may be relies on the system clock for time stamp validation, it may be
possible on such systems for a user to run possible on such systems for a user to run
.Nm sudo .Nm sudo
@@ -5281,16 +5307,16 @@ for longer than
.Em timestamp_timeout .Em timestamp_timeout
by setting the clock back. by setting the clock back.
To combat this, To combat this,
.Nm sudoers .Nm
uses a monotonic clock (which never moves backwards) for its time stamps uses a monotonic clock (which never moves backwards) for its time stamps
if the system supports it. if the system supports it.
.Pp .Pp
.Nm sudoers .Nm
will not honor time stamps set far in the future. will not honor time stamps set far in the future.
Time stamps with a date greater than current_time + 2 * Time stamps with a date greater than current_time + 2 *
.Li TIMEOUT .Li TIMEOUT
will be ignored and will be ignored and
.Nm sudoers .Nm
will log and complain. will log and complain.
.Pp .Pp
If the If the
@@ -5387,7 +5413,7 @@ file
network interface handling network interface handling
.It Em nss .It Em nss
network service switch handling in network service switch handling in
.Nm sudoers .Nm
.It Em parser .It Em parser
.Em sudoers .Em sudoers
file parsing file parsing

6
plugins/sudoers/audit.c
View File

@@ -45,6 +45,9 @@ audit_success(int argc, char *argv[])
int rc = 0; int rc = 0;
debug_decl(audit_success, SUDOERS_DEBUG_AUDIT) debug_decl(audit_success, SUDOERS_DEBUG_AUDIT)
if (!def_log_allowed)
debug_return_int(0);
if (argv != NULL) { if (argv != NULL) {
#ifdef HAVE_BSM_AUDIT #ifdef HAVE_BSM_AUDIT
if (bsm_audit_success(argv) == -1) if (bsm_audit_success(argv) == -1)
@@ -69,6 +72,9 @@ audit_failure(int argc, char *argv[], char const *const fmt, ...)
int rc = 0; int rc = 0;
debug_decl(audit_success, SUDOERS_DEBUG_AUDIT) debug_decl(audit_success, SUDOERS_DEBUG_AUDIT)
if (!def_log_denied)
debug_return_int(0);
#if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT) #if defined(HAVE_BSM_AUDIT) || defined(HAVE_LINUX_AUDIT)
if (argv != NULL) { if (argv != NULL) {
va_list ap; va_list ap;

8
plugins/sudoers/def_data.c
View File

@@ -497,6 +497,14 @@ struct sudo_defs_types sudo_defs_table[] = {
"case_insensitive_group", T_FLAG, "case_insensitive_group", T_FLAG,
N_("Ignore case when matching group names"), N_("Ignore case when matching group names"),
NULL, NULL,
}, {
"log_allowed", T_FLAG,
N_("Log when a command is allowed by sudoers"),
NULL,
}, {
"log_denied", T_FLAG,
N_("Log when a command is denied by sudoers"),
NULL,
}, { }, {
NULL, 0, NULL NULL, 0, NULL
} }

4
plugins/sudoers/def_data.h
View File

@@ -228,6 +228,10 @@
#define def_case_insensitive_user (sudo_defs_table[I_CASE_INSENSITIVE_USER].sd_un.flag) #define def_case_insensitive_user (sudo_defs_table[I_CASE_INSENSITIVE_USER].sd_un.flag)
#define I_CASE_INSENSITIVE_GROUP 114 #define I_CASE_INSENSITIVE_GROUP 114
#define def_case_insensitive_group (sudo_defs_table[I_CASE_INSENSITIVE_GROUP].sd_un.flag) #define def_case_insensitive_group (sudo_defs_table[I_CASE_INSENSITIVE_GROUP].sd_un.flag)
#define I_LOG_ALLOWED 115
#define def_log_allowed (sudo_defs_table[I_LOG_ALLOWED].sd_un.flag)
#define I_LOG_DENIED 116
#define def_log_denied (sudo_defs_table[I_LOG_DENIED].sd_un.flag)
enum def_tuple { enum def_tuple {
never, never,

6
plugins/sudoers/def_data.in
View File

@@ -360,3 +360,9 @@ case_insensitive_user
case_insensitive_group case_insensitive_group
T_FLAG T_FLAG
"Ignore case when matching group names" "Ignore case when matching group names"
log_allowed
T_FLAG
"Log when a command is allowed by sudoers"
log_denied
T_FLAG
"Log when a command is denied by sudoers"

2
plugins/sudoers/defaults.c
View File

@@ -576,6 +576,8 @@ init_defaults(void)
def_sudoedit_checkdir = true; def_sudoedit_checkdir = true;
def_iolog_mode = S_IRUSR|S_IWUSR; def_iolog_mode = S_IRUSR|S_IWUSR;
def_fdexec = digest_only; def_fdexec = digest_only;
def_log_allowed = true;
def_log_denied = true;
/* Syslog options need special care since they both strings and ints */ /* Syslog options need special care since they both strings and ints */
#if (LOGGING & SLOG_SYSLOG) #if (LOGGING & SLOG_SYSLOG)

121
plugins/sudoers/logging.c
View File

@@ -240,6 +240,7 @@ log_denial(int status, bool inform_user)
char *logline; char *logline;
int oldlocale; int oldlocale;
bool uid_changed, ret = true; bool uid_changed, ret = true;
bool mailit;
debug_decl(log_denial, SUDOERS_DEBUG_LOGGING) debug_decl(log_denial, SUDOERS_DEBUG_LOGGING)
/* Handle auditing first (audit_failure() handles the locale itself). */ /* Handle auditing first (audit_failure() handles the locale itself). */
@@ -248,45 +249,50 @@ log_denial(int status, bool inform_user)
else else
audit_failure(NewArgc, NewArgv, N_("validation failure")); audit_failure(NewArgc, NewArgv, N_("validation failure"));
/* Log and mail messages should be in the sudoers locale. */ /* Send mail based on status. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); mailit = should_mail(status);
/* Set error message. */ if (def_log_denied || mailit) {
if (ISSET(status, FLAG_NO_USER)) /* Log and mail messages should be in the sudoers locale. */
message = _("user NOT in sudoers"); sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
else if (ISSET(status, FLAG_NO_HOST))
message = _("user NOT authorized on host");
else
message = _("command not allowed");
logline = new_logline(message, NULL); /* Set error message. */
if (logline == NULL) if (ISSET(status, FLAG_NO_USER))
debug_return_bool(false); message = _("user NOT in sudoers");
else if (ISSET(status, FLAG_NO_HOST))
message = _("user NOT authorized on host");
else
message = _("command not allowed");
/* Become root if we are not already. */ logline = new_logline(message, NULL);
uid_changed = set_perms(PERM_ROOT); if (logline == NULL)
debug_return_bool(false);
if (should_mail(status)) /* Become root if we are not already. */
send_mail("%s", logline); /* send mail based on status */ uid_changed = set_perms(PERM_ROOT);
/* if (mailit)
* Log via syslog and/or a file. send_mail("%s", logline); /* XXX - return value */
*/
if (def_syslog)
do_syslog(def_syslog_badpri, logline);
if (def_logfile && !do_logfile(logline))
ret = false;
if (uid_changed) { /* Log via syslog and/or a file. */
if (!restore_perms()) if (def_log_denied) {
ret = false; /* XXX - return -1 instead? */ if (def_syslog)
do_syslog(def_syslog_badpri, logline);
if (def_logfile && !do_logfile(logline))
ret = false;
}
if (uid_changed) {
if (!restore_perms())
ret = false; /* XXX - return -1 instead? */
}
free(logline);
/* Restore locale. */
sudoers_setlocale(oldlocale, NULL);
} }
free(logline);
/* Restore locale. */
sudoers_setlocale(oldlocale, NULL);
/* Inform the user if they failed to authenticate (in their locale). */ /* Inform the user if they failed to authenticate (in their locale). */
if (inform_user) { if (inform_user) {
sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale); sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
@@ -398,38 +404,45 @@ log_allowed(int status)
char *logline; char *logline;
int oldlocale; int oldlocale;
bool uid_changed, ret = true; bool uid_changed, ret = true;
bool mailit;
debug_decl(log_allowed, SUDOERS_DEBUG_LOGGING) debug_decl(log_allowed, SUDOERS_DEBUG_LOGGING)
/* Log and mail messages should be in the sudoers locale. */ /* Send mail based on status. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale); mailit = should_mail(status);
if ((logline = new_logline(NULL, NULL)) == NULL) if (def_log_allowed || mailit) {
debug_return_bool(false); /* Log and mail messages should be in the sudoers locale. */
sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
/* Become root if we are not already. */ if ((logline = new_logline(NULL, NULL)) == NULL)
uid_changed = set_perms(PERM_ROOT); debug_return_bool(false);
/* XXX - return value */ /* Become root if we are not already. */
if (should_mail(status)) uid_changed = set_perms(PERM_ROOT);
send_mail("%s", logline); /* send mail based on status */
/* if (mailit)
* Log via syslog and/or a file. send_mail("%s", logline); /* XXX - return value */
*/
if (def_syslog)
do_syslog(def_syslog_goodpri, logline);
if (def_logfile && !do_logfile(logline))
ret = false;
if (uid_changed) { /*
if (!restore_perms()) * Log via syslog and/or a file.
ret = false; /* XXX - return -1 instead? */ */
if (def_log_allowed) {
if (def_syslog)
do_syslog(def_syslog_goodpri, logline);
if (def_logfile && !do_logfile(logline))
ret = false;
}
if (uid_changed) {
if (!restore_perms())
ret = false; /* XXX - return -1 instead? */
}
free(logline);
sudoers_setlocale(oldlocale, NULL);
} }
free(logline);
sudoers_setlocale(oldlocale, NULL);
debug_return_bool(ret); debug_return_bool(ret);
} }