mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-05 08:45:28 +00:00
Code Issues Releases Wiki Activity

Set MODE_POLICY_INTERCEPTED for log_subcmds too.

Browse Source 
This fixes a problem where sub-commands were not being logged to
the remote log server, if configured.  Since we don't go through
sudoers_policy_main() again for log_subcmds, we set the flag in
sudoers_audit_accept() instead.  The reason this is complicated is
that when I/O logging is enabled the initial accept message gets
sent as part of the remote logging handshake.  GitHub issue #174
This commit is contained in:
Todd C. Miller
2022-09-03 09:43:41 -06:00
parent 21b48a3034
commit 02e92c2afd
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/sudoers/audit.c
View File

@@ -341,6 +341,7 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
{
const char *uuid_str = NULL;
struct eventlog evlog;
static bool first = true;
int ret = true;
debug_decl(sudoers_audit_accept, SUDOERS_DEBUG_PLUGIN);
@@ -366,6 +367,13 @@ sudoers_audit_accept(const char *plugin_name, unsigned int plugin_type,
ret = false;
}
if (first) {
/* log_subcmds doesn't go through sudo_policy_main again to set this. */
if (def_log_subcmds)
SET(sudo_mode, MODE_POLICY_INTERCEPTED);
first = false;
}
debug_return_int(ret);
}