int linux_audit_command(char *argv[], int result) { int au_fd, rc; char *command, *cp, **av; size_t size, n; if ((au_fd = linux_audit_open()) == -1) return -1; /* Convert argv to a flat string. */ for (size = 0, av = argv; *av != NULL; av++) size += strlen(*av) + 1; command = cp = emalloc(size); for (av = argv; *av != NULL; av++) { n = strlcpy(cp, *av, size - (cp - command)); if (n >= size - (cp - command)) errorx(1, "internal error, linux_audit_command() overflow"); cp += n; *cp++ = ' '; } *--cp = '\0'; /* Log command, ignoring ECONNREFUSED on error. */ rc = audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result); if (rc <= 0 && errno != ECONNREFUSED) warning("unable to send audit message"); efree(command); return rc; }
int linux_audit_command(char *argv[], int result) { int au_fd, rc = -1; char *command, *cp, **av; size_t size, n; debug_decl(linux_audit_command, SUDOERS_DEBUG_AUDIT) /* Don't return an error if auditing is not configured. */ if ((au_fd = linux_audit_open()) < 0) debug_return_int(au_fd == AUDIT_NOT_CONFIGURED ? 0 : -1); /* Convert argv to a flat string. */ for (size = 0, av = argv; *av != NULL; av++) size += strlen(*av) + 1; command = cp = sudo_emalloc(size); for (av = argv; *av != NULL; av++) { n = strlcpy(cp, *av, size - (cp - command)); if (n >= size - (cp - command)) { sudo_warnx(U_("internal error, %s overflow"), __func__); goto done; } cp += n; *cp++ = ' '; } *--cp = '\0'; /* Log command, ignoring ECONNREFUSED on error. */ if (audit_log_user_command(au_fd, AUDIT_USER_CMD, command, NULL, result) <= 0) { if (errno != ECONNREFUSED) { sudo_warn(U_("unable to send audit message")); goto done; } } rc = 0; done: sudo_efree(command); debug_return_int(rc); }
int linux_audit_role_change(const char *old_context, const char *new_context, const char *ttyn) { int au_fd, rc; char *message; if ((au_fd = linux_audit_open()) == -1) return -1; /* audit role change using the same format as newrole(1) */ easprintf(&message, "newrole: old-context=%s new-context=%s", old_context, new_context); rc = audit_log_user_message(au_fd, AUDIT_USER_ROLE_CHANGE, message, NULL, NULL, ttyn, 1); if (rc <= 0) warning("unable to send audit message"); efree(message); return rc; }