Add intercept_type sudoers option to set intercept/log_subcmds mechanism.

2022-05-24 13:39:28 -06:00
parent b203753013
commit f053f174bc
13 changed files with 243 additions and 37 deletions
--- a/src/sudo_exec.h
+++ b/src/sudo_exec.h
@@ -92,7 +92,6 @@ union sudo_token_un {

 /*
 * Use ptrace-based intercept (using seccomp) on Linux if possible.
- * TODO: test other architectures
 */
 #if defined(_PATH_SUDO_INTERCEPT) && defined(__linux__)
 # if defined(HAVE_DECL_SECCOMP_SET_MODE_FILTER) && HAVE_DECL_SECCOMP_SET_MODE_FILTER
@@ -100,7 +99,7 @@ union sudo_token_un {
 #   ifndef HAVE_PTRACE_INTERCEPT
 #    define HAVE_PTRACE_INTERCEPT 1
 #   endif /* HAVE_PTRACE_INTERCEPT */
-#  endif /* __amd64__ || __i386__ || __aarch64__ || __riscv */
+#  endif /* __amd64__ || __i386__ || __aarch64__ || __riscv || __s390__ */
 # endif /* HAVE_DECL_SECCOMP_SET_MODE_FILTER */
 #endif /* _PATH_SUDO_INTERCEPT && __linux__ */