isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix user warning message for "sudo -l command" when not allowed.

Browse Source 
Reported by the sudo-rs project.

There was a missing space between "list" and the actual command.
This also changes the output to include the command as specified
by the user, not the path found in the path.  Previously, if the
command did not exist it would not be included in the message.
This commit is contained in:
Todd C. Miller
2023-07-25 13:56:08 -06:00
parent 1a00423afd
commit d486db46cf
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/sudoers/logging.c
View File

@@ -321,9 +321,17 @@ log_denial(unsigned int status, bool inform_user)
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s may not run "
"sudo on %s.\n"), user_name, user_srunhost);
} else {
const char *cmnd1 = user_cmnd;
const char *cmnd2 = "";
if (ISSET(sudo_mode, MODE_CHECK)) {
/* For "sudo -l command" the command run is in NewArgv[1]. */
cmnd1 = "list ";
cmnd2 = NewArgv[1];
}
sudo_printf(SUDO_CONV_ERROR_MSG, _("Sorry, user %s is not allowed "
"to execute '%s%s%s%s' as %s%s%s on %s.\n"),
user_name, user_cmnd, list_cmnd ? list_cmnd : "",
user_name, cmnd1, cmnd2,
user_args ? " " : "", user_args ? user_args : "",
list_pw ? list_pw->pw_name : runas_pw ?
runas_pw->pw_name : user_name, runas_gr ? ":" : "",