Propagate errors in audit code to caller instead of using fatal().

If we fail to audit an otherwise successful command, return an error from the policy. For Linux audit, sudo may be compiled with audit support but auditing may not be setup, so we don't consider that an error.
2025-09-05 08:45:28 +00:00 · 2014-03-26 13:00:56 -06:00
parent 7d7f9cb55a
commit 2220f55aef
6 changed files with 150 additions and 85 deletions
--- a/plugins/sudoers/logging.h
+++ b/plugins/sudoers/logging.h
@@ -60,8 +60,8 @@

 bool sudoers_setlocale(int newlocale, int *prevlocale);
 int sudoers_getlocale(void);
-void audit_success(char *exec_args[]);
-void audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3);
+int audit_success(char *exec_args[]);
+int audit_failure(char *exec_args[], char const *const fmt, ...) __printflike(2, 3);
 void log_allowed(int status);
 void log_auth_failure(int status, unsigned int tries);
 void log_denial(int status, bool inform_user);