1 Subject: [PATCH] Add BSM auditing support
3 At this point the only needed change for Apple is to avoid calling
4 au_to_exec_args with a NULL argument and two missing audit_failure
5 calls (and two comments).
7 bsm_audit.c | 10 ++++++----
10 3 files changed, 14 insertions(+), 6 deletions(-)
12 diff --git a/bsm_audit.c b/bsm_audit.c
13 index 4aebe031..8f315f43 100644
16 @@ -167,10 +167,12 @@ bsm_audit_failure(char **exec_args, char const *const fmt, va_list ap)
18 error(1, "au_to_subject: failed");
20 - tok = au_to_exec_args(exec_args);
22 - error(1, "au_to_exec_args: failed");
23 - au_write(aufd, tok);
24 + if (exec_args != NULL) {
25 + tok = au_to_exec_args(exec_args);
27 + error(1, "au_to_exec_args: failed");
28 + au_write(aufd, tok);
30 (void) vsnprintf(text, sizeof(text), fmt, ap);
31 tok = au_to_text(text);
33 diff --git a/check.c b/check.c
34 index a3433638..4c9ed85b 100644
37 @@ -759,9 +759,11 @@ get_authpw()
38 if ((pw = sudo_getpwnam(def_runas_default)) == NULL)
39 log_fatal(0, "unknown user: %s", def_runas_default);
40 } else if (def_targetpw) {
41 - if (runas_pw->pw_name == NULL)
42 + if (runas_pw->pw_name == NULL) {
43 + audit_failure(NULL, "unknown uid");
44 log_fatal(NO_MAIL|MSG_ONLY, "unknown uid: %u",
45 (unsigned int) runas_pw->pw_uid);
50 diff --git a/sudo.c b/sudo.c
51 index 1db99f4b..041b0e75 100644
54 @@ -331,12 +331,14 @@ main(argc, argv, envp)
56 /* This goes after sudoers is parsed since it may have timestamp options. */
57 if (sudo_mode == MODE_KILL || sudo_mode == MODE_INVALIDATE) {
58 + /* Not an audit event. */
59 remove_timestamp((sudo_mode == MODE_KILL));
63 /* Is root even allowed to run sudo? */
64 if (user_uid == 0 && !def_root_sudo) {
65 + /* Not an audit event. */
66 (void) fprintf(stderr,
67 "Sorry, %s has been configured to not allow root to run it.\n",
69 @@ -603,8 +605,10 @@ init_vars(envp)
72 /* Sanity check command from user. */
73 - if (user_cmnd == NULL && strlen(NewArgv[0]) >= PATH_MAX)
74 + if (user_cmnd == NULL && strlen(NewArgv[0]) >= PATH_MAX) {
75 + audit_failure(NULL, "pathname too long");
76 errorx(1, "%s: File name too long", NewArgv[0]);
80 (void) tzset(); /* set the timezone if applicable */