Re-enable bsm audit. Currently auditing is done within the sudoers
plugin itself. If possible, this should really be done in the main driver but we don't presently have the needed data to do that. This will be re-evaluated when Linux audit support is added.
This commit is contained in:
Todd C. Miller
4
configure
vendored
4
configure
vendored
@@ -2278,8 +2278,8 @@ if test "${with_bsm_audit+set}" = set; then
|
||||
#define HAVE_BSM_AUDIT 1
|
||||
_ACEOF
|
||||
|
||||
SUDO_LIBS="${SUDO_LIBS} -lbsm"
|
||||
SUDO_OBJS="${SUDO_OBJS} bsm_audit.o"
|
||||
SUDOERS_LIBS="${SUDOERS_LIBS} -lbsm"
|
||||
SUDOERS_OBJS="${SUDOERS_OBJS} bsm_audit.lo"
|
||||
;;
|
||||
no) ;;
|
||||
*) { { echo "$as_me:$LINENO: error: \"--with-bsm-audit does not take an argument.\"" >&5
|
||||
|
||||
@@ -221,8 +221,8 @@ dnl
|
||||
AC_ARG_WITH(bsm-audit, [AS_HELP_STRING([--with-bsm-audit], [enable BSM audit support])],
|
||||
[case $with_bsm_audit in
|
||||
yes) AC_DEFINE(HAVE_BSM_AUDIT)
|
||||
SUDO_LIBS="${SUDO_LIBS} -lbsm"
|
||||
SUDO_OBJS="${SUDO_OBJS} bsm_audit.o"
|
||||
SUDOERS_LIBS="${SUDOERS_LIBS} -lbsm"
|
||||
SUDOERS_OBJS="${SUDOERS_OBJS} bsm_audit.o"
|
||||
;;
|
||||
no) ;;
|
||||
*) AC_MSG_ERROR(["--with-bsm-audit does not take an argument."])
|
||||
|
||||
@@ -95,8 +95,8 @@ SHELL = /bin/sh
|
||||
|
||||
AUTH_OBJS = sudo_auth.lo @AUTH_OBJS@
|
||||
|
||||
LIBSUDOERS_OBJS = alias.lo alloc.lo atobool.lo defaults.lo gram.lo list.lo \
|
||||
match.lo pwutil.lo timestr.lo toke.lo redblack.lo \
|
||||
LIBSUDOERS_OBJS = alias.lo alloc.lo atobool.lo audit.lo defaults.lo gram.lo \
|
||||
list.lo match.lo pwutil.lo timestr.lo toke.lo redblack.lo \
|
||||
zero_bytes.lo @NONUNIX_GROUPS_IMPL@
|
||||
|
||||
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo fmt_string.lo \
|
||||
@@ -212,6 +212,10 @@ list.lo: $(top_srcdir)/src/list.c $(SUDODEP)
|
||||
lbuf.lo: $(top_srcdir)/src/lbuf.c $(SUDODEP)
|
||||
zero_bytes.lo: $(top_srcdir)/src/zero_bytes.c $(incdir)/compat.h $(top_builddir)/config.h
|
||||
|
||||
# Upper level audit dependencies (XXX - move into sudoers?)
|
||||
audit.lo: $(top_srcdir)/src/audit.c $(SUDODEP)
|
||||
bsm_audit.lo: $(top_srcdir)/src/bsm_audit.c $(SUDODEP) $(top_srcdir)/src/bsm_audit.h
|
||||
|
||||
# Auth dependencies
|
||||
sudo_auth.lo: $(authdir)/sudo_auth.c $(AUTHDEP) $(INSDEP)
|
||||
afs.lo: $(authdir)/afs.c $(AUTHDEP)
|
||||
|
||||
@@ -93,9 +93,7 @@ verify_user(struct passwd *pw, char *prompt)
|
||||
char *p;
|
||||
sudo_auth *auth;
|
||||
sigaction_t sa, osa;
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
extern char **NewArgv;
|
||||
#endif
|
||||
extern char **NewArgv; /* XXX */
|
||||
|
||||
/* Enable suspend during password entry. */
|
||||
sigemptyset(&sa.sa_mask);
|
||||
@@ -105,9 +103,7 @@ verify_user(struct passwd *pw, char *prompt)
|
||||
|
||||
/* Make sure we have at least one auth method. */
|
||||
if (auth_switch[0].name == NULL) {
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "no authentication methods");
|
||||
#endif
|
||||
log_error(0, "%s %s %s",
|
||||
"There are no authentication methods compiled into sudo!",
|
||||
"If you want to turn off authentication, use the",
|
||||
@@ -129,9 +125,7 @@ verify_user(struct passwd *pw, char *prompt)
|
||||
if (status == AUTH_FAILURE)
|
||||
CLR(auth->flags, FLAG_CONFIGURED);
|
||||
else if (status == AUTH_FATAL) { /* XXX log */
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "authentication failure");
|
||||
#endif
|
||||
return -1; /* assume error msg already printed */
|
||||
}
|
||||
|
||||
@@ -151,9 +145,7 @@ verify_user(struct passwd *pw, char *prompt)
|
||||
if (status == AUTH_FAILURE)
|
||||
CLR(auth->flags, FLAG_CONFIGURED);
|
||||
else if (status == AUTH_FATAL) {/* XXX log */
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "authentication failure");
|
||||
#endif
|
||||
return -1; /* assume error msg already printed */
|
||||
}
|
||||
|
||||
@@ -203,9 +195,7 @@ cleanup:
|
||||
|
||||
status = (auth->cleanup)(pw, auth);
|
||||
if (status == AUTH_FATAL) { /* XXX log */
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "authentication failure");
|
||||
#endif
|
||||
return -1; /* assume error msg already printed */
|
||||
}
|
||||
|
||||
@@ -230,16 +220,12 @@ cleanup:
|
||||
def_passwd_tries - counter,
|
||||
(def_passwd_tries - counter == 1) ? "" : "s");
|
||||
}
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "authentication failure");
|
||||
#endif
|
||||
rval = FALSE;
|
||||
break;
|
||||
case AUTH_FATAL:
|
||||
default:
|
||||
#ifdef HAVE_BSM_AUDIT
|
||||
audit_failure(NewArgv, "authentication failure");
|
||||
#endif
|
||||
rval = -1;
|
||||
break;
|
||||
}
|
||||
|
||||
@@ -153,8 +153,9 @@ static char *runas_user;
|
||||
static char *runas_group;
|
||||
static struct sudo_nss_list *snl;
|
||||
|
||||
static int NewArgc;
|
||||
static char **NewArgv;
|
||||
/* XXX - must be extern for audit bits of sudo_auth.c */
|
||||
int NewArgc;
|
||||
char **NewArgv;
|
||||
|
||||
/* error.c */
|
||||
extern sigjmp_buf error_jmp;
|
||||
@@ -396,7 +397,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
if (def_requiretty) {
|
||||
int fd = open(_PATH_TTY, O_RDWR|O_NOCTTY);
|
||||
if (fd == -1) {
|
||||
//audit_failure(NewArgv, "no tty");
|
||||
audit_failure(NewArgv, "no tty");
|
||||
warningx("sorry, you must have a tty to run sudo");
|
||||
goto done;
|
||||
} else
|
||||
@@ -440,7 +441,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
/* If the user was not allowed to run the command we are done. */
|
||||
if (!ISSET(validated, VALIDATE_OK)) {
|
||||
if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
|
||||
//audit_failure(NewArgv, "No user or host");
|
||||
audit_failure(NewArgv, "No user or host");
|
||||
log_denial(validated, 1);
|
||||
} else {
|
||||
if (def_path_info) {
|
||||
@@ -461,18 +462,18 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
/* Just tell the user they are not allowed to run foo. */
|
||||
log_denial(validated, 1);
|
||||
}
|
||||
//audit_failure(NewArgv, "validation failure");
|
||||
audit_failure(NewArgv, "validation failure");
|
||||
}
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* Finally tell the user if the command did not exist. */
|
||||
if (cmnd_status == NOT_FOUND_DOT) {
|
||||
//audit_failure(NewArgv, "command in current directory");
|
||||
audit_failure(NewArgv, "command in current directory");
|
||||
warningx("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run.", user_cmnd, user_cmnd, user_cmnd);
|
||||
goto done;
|
||||
} else if (cmnd_status == NOT_FOUND) {
|
||||
//audit_failure(NewArgv, "%s: command not found", user_cmnd);
|
||||
audit_failure(NewArgv, "%s: command not found", user_cmnd);
|
||||
warningx("%s: command not found", user_cmnd);
|
||||
goto done;
|
||||
}
|
||||
@@ -580,7 +581,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
|
||||
}
|
||||
|
||||
/* Must audit before uid change. */
|
||||
//audit_success(NewArgv); /* XXX */
|
||||
audit_success(NewArgv);
|
||||
|
||||
*command_infop = command_info;
|
||||
|
||||
@@ -1025,7 +1026,7 @@ set_runaspw(char *user)
|
||||
runas_pw = sudo_fakepwnam(user, runas_gr ? runas_gr->gr_gid : 0);
|
||||
} else {
|
||||
if ((runas_pw = sudo_getpwnam(user)) == NULL) {
|
||||
//audit_failure(NewArgv, "unknown user: %s", user);
|
||||
audit_failure(NewArgv, "unknown user: %s", user);
|
||||
log_error(NO_MAIL|MSG_ONLY, "unknown user: %s", user);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -108,8 +108,6 @@ sesh: sesh.o
|
||||
aix.o: $(srcdir)/aix.c $(top_builddir)/config.h $(incdir)/compat.h
|
||||
alloc.o: $(srcdir)/alloc.c $(SUDODEP)
|
||||
atobool.o: $(srcdir)/atobool.c $(SUDODEP)
|
||||
audit.o: $(srcdir)/audit.c $(SUDODEP)
|
||||
bsm_audit.o: $(srcdir)/bsm_audit.c $(SUDODEP) bsm_audit.h
|
||||
conversation.o: $(srcdir)/conversation.c $(SUDODEP)
|
||||
error.o: $(srcdir)/error.c $(incdir)/compat.h $(incdir)/error.h $(top_builddir)/config.h
|
||||
fileops.o: $(srcdir)/fileops.c $(SUDODEP)
|
||||
|
||||
Reference in New Issue
Block a user