mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-04 16:25:25 +00:00
Code Issues Releases Wiki Activity

Add mail_all_cmnds to always mail when a user runs a command (or

Browse Source 
tries to) including sudoedit.  The mail_always flag goes back to
its old semantic of always mailing when sudo is run.
This commit is contained in:
Todd C. Miller
2015-02-15 20:30:11 -07:00
parent 8bb5897091
commit 53ac30b63a
7 changed files with 217 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
doc/sudoers.cat
View File

@@ -1050,19 +1050,23 @@ SSUUDDOOEERRSS OOPPTTIIOONNSS
some people find it more convenient. This flag is _o_f_f
by default.
mail_always Send mail to the _m_a_i_l_t_o user every time a user attempts
to run a command via ssuuddoo. Mail will be sent for both
successful and unsuccessful attempts. No mail will be
sent if the user runs ssuuddoo with the --ll or --vv option
unless there is an authentication error. This flag is
_o_f_f by default.
mail_all_cmnds Send mail to the _m_a_i_l_t_o user every time a user attempts
to run a command via ssuuddoo (this includes ssuuddooeeddiitt). No
mail will be sent if the user runs ssuuddoo with the --ll or
--vv option unless there is an authentication error and
the _m_a_i_l___b_a_d_p_a_s_s flag is also set. This flag is _o_f_f by
default.
mail_always Send mail to the _m_a_i_l_t_o user every time a user runs
ssuuddoo. This flag is _o_f_f by default.
mail_badpass Send mail to the _m_a_i_l_t_o user if the user running ssuuddoo
does not enter the correct password. If the command
the user is attempting to run is not permitted by
_s_u_d_o_e_r_s and one of the _m_a_i_l___a_l_w_a_y_s, _m_a_i_l___n_o___h_o_s_t,
_m_a_i_l___n_o___p_e_r_m_s or _m_a_i_l___n_o___u_s_e_r flags are set, this flag
will have no effect. This flag is _o_f_f by default.
_s_u_d_o_e_r_s and one of the _m_a_i_l___a_l_l___c_m_n_d_s, _m_a_i_l___a_l_w_a_y_s,
_m_a_i_l___n_o___h_o_s_t, _m_a_i_l___n_o___p_e_r_m_s or _m_a_i_l___n_o___u_s_e_r flags are
set, this flag will have no effect. This flag is _o_f_f
by default.
mail_no_host If set, mail will be sent to the _m_a_i_l_t_o user if the
invoking user exists in the _s_u_d_o_e_r_s file, but is not

21
doc/sudoers.man.in
View File

@@ -2223,19 +2223,31 @@ This flag is
\fI@long_otp_prompt@\fR
by default.
.TP 18n
mail_always
mail_all_cmnds
Send mail to the
\fImailto\fR
user every time a user attempts to run a command via
\fBsudo\fR.
Mail will be sent for both successful and unsuccessful attempts.
\fBsudo\fR
(this includes
\fBsudoedit\fR).
No mail will be sent if the user runs
\fBsudo\fR
with the
\fB\-l\fR
or
\fB\-v\fR
option unless there is an authentication error.
option unless there is an authentication error and the
\fImail_badpass\fR
flag is also set.
This flag is
\fIoff\fR
by default.
.TP 18n
mail_always
Send mail to the
\fImailto\fR
user every time a user runs
\fBsudo\fR.
This flag is
\fIoff\fR
by default.
@@ -2249,6 +2261,7 @@ does not enter the correct password.
If the command the user is attempting to run is not permitted by
\fIsudoers\fR
and one of the
\fImail_all_cmnds\fR,
\fImail_always\fR,
\fImail_no_host\fR,
\fImail_no_perms\fR

20
doc/sudoers.mdoc.in
View File

@@ -2080,19 +2080,30 @@ It's not as pretty as the default but some people find it more convenient.
This flag is
.Em @long_otp_prompt@
by default.
.It mail_always
.It mail_all_cmnds
Send mail to the
.Em mailto
user every time a user attempts to run a command via
.Nm sudo .
Mail will be sent for both successful and unsuccessful attempts.
.Nm sudo
(this includes
.Nm sudoedit ) .
No mail will be sent if the user runs
.Nm sudo
with the
.Fl l
or
.Fl v
option unless there is an authentication error.
option unless there is an authentication error and the
.Em mail_badpass
flag is also set.
This flag is
.Em off
by default.
.It mail_always
Send mail to the
.Em mailto
user every time a user runs
.Nm sudo .
This flag is
.Em off
by default.
@@ -2105,6 +2116,7 @@ does not enter the correct password.
If the command the user is attempting to run is not permitted by
.Em sudoers
and one of the
.Em mail_all_cmnds ,
.Em mail_always ,
.Em mail_no_host ,
.Em mail_no_perms

4
plugins/sudoers/def_data.c
View File

@@ -62,6 +62,10 @@ struct sudo_defs_types sudo_defs_table[] = {
"mail_no_perms", T_FLAG,
N_("Send mail if the user is not allowed to run a command"),
NULL,
}, {
"mail_all_cmnds", T_FLAG,
N_("Send mail if the user tries to run a command"),
NULL,
}, {
"tty_tickets", T_FLAG,
N_("Use a separate timestamp for each user/tty combo"),

322
plugins/sudoers/def_data.h
View File

@@ -18,166 +18,168 @@
#define I_MAIL_NO_HOST 8
#define def_mail_no_perms (sudo_defs_table[9].sd_un.flag)
#define I_MAIL_NO_PERMS 9
#define def_tty_tickets (sudo_defs_table[10].sd_un.flag)
#define I_TTY_TICKETS 10
#define def_lecture (sudo_defs_table[11].sd_un.tuple)
#define I_LECTURE 11
#define def_lecture_file (sudo_defs_table[12].sd_un.str)
#define I_LECTURE_FILE 12
#define def_authenticate (sudo_defs_table[13].sd_un.flag)
#define I_AUTHENTICATE 13
#define def_root_sudo (sudo_defs_table[14].sd_un.flag)
#define I_ROOT_SUDO 14
#define def_log_host (sudo_defs_table[15].sd_un.flag)
#define I_LOG_HOST 15
#define def_log_year (sudo_defs_table[16].sd_un.flag)
#define I_LOG_YEAR 16
#define def_shell_noargs (sudo_defs_table[17].sd_un.flag)
#define I_SHELL_NOARGS 17
#define def_set_home (sudo_defs_table[18].sd_un.flag)
#define I_SET_HOME 18
#define def_always_set_home (sudo_defs_table[19].sd_un.flag)
#define I_ALWAYS_SET_HOME 19
#define def_path_info (sudo_defs_table[20].sd_un.flag)
#define I_PATH_INFO 20
#define def_fqdn (sudo_defs_table[21].sd_un.flag)
#define I_FQDN 21
#define def_insults (sudo_defs_table[22].sd_un.flag)
#define I_INSULTS 22
#define def_requiretty (sudo_defs_table[23].sd_un.flag)
#define I_REQUIRETTY 23
#define def_env_editor (sudo_defs_table[24].sd_un.flag)
#define I_ENV_EDITOR 24
#define def_rootpw (sudo_defs_table[25].sd_un.flag)
#define I_ROOTPW 25
#define def_runaspw (sudo_defs_table[26].sd_un.flag)
#define I_RUNASPW 26
#define def_targetpw (sudo_defs_table[27].sd_un.flag)
#define I_TARGETPW 27
#define def_use_loginclass (sudo_defs_table[28].sd_un.flag)
#define I_USE_LOGINCLASS 28
#define def_set_logname (sudo_defs_table[29].sd_un.flag)
#define I_SET_LOGNAME 29
#define def_stay_setuid (sudo_defs_table[30].sd_un.flag)
#define I_STAY_SETUID 30
#define def_preserve_groups (sudo_defs_table[31].sd_un.flag)
#define I_PRESERVE_GROUPS 31
#define def_loglinelen (sudo_defs_table[32].sd_un.uival)
#define I_LOGLINELEN 32
#define def_timestamp_timeout (sudo_defs_table[33].sd_un.fval)
#define I_TIMESTAMP_TIMEOUT 33
#define def_passwd_timeout (sudo_defs_table[34].sd_un.fval)
#define I_PASSWD_TIMEOUT 34
#define def_passwd_tries (sudo_defs_table[35].sd_un.uival)
#define I_PASSWD_TRIES 35
#define def_umask (sudo_defs_table[36].sd_un.mode)
#define I_UMASK 36
#define def_logfile (sudo_defs_table[37].sd_un.str)
#define I_LOGFILE 37
#define def_mailerpath (sudo_defs_table[38].sd_un.str)
#define I_MAILERPATH 38
#define def_mailerflags (sudo_defs_table[39].sd_un.str)
#define I_MAILERFLAGS 39
#define def_mailto (sudo_defs_table[40].sd_un.str)
#define I_MAILTO 40
#define def_mailfrom (sudo_defs_table[41].sd_un.str)
#define I_MAILFROM 41
#define def_mailsub (sudo_defs_table[42].sd_un.str)
#define I_MAILSUB 42
#define def_badpass_message (sudo_defs_table[43].sd_un.str)
#define I_BADPASS_MESSAGE 43
#define def_lecture_status_dir (sudo_defs_table[44].sd_un.str)
#define I_LECTURE_STATUS_DIR 44
#define def_timestampdir (sudo_defs_table[45].sd_un.str)
#define I_TIMESTAMPDIR 45
#define def_timestampowner (sudo_defs_table[46].sd_un.str)
#define I_TIMESTAMPOWNER 46
#define def_exempt_group (sudo_defs_table[47].sd_un.str)
#define I_EXEMPT_GROUP 47
#define def_passprompt (sudo_defs_table[48].sd_un.str)
#define I_PASSPROMPT 48
#define def_passprompt_override (sudo_defs_table[49].sd_un.flag)
#define I_PASSPROMPT_OVERRIDE 49
#define def_runas_default (sudo_defs_table[50].sd_un.str)
#define I_RUNAS_DEFAULT 50
#define def_secure_path (sudo_defs_table[51].sd_un.str)
#define I_SECURE_PATH 51
#define def_editor (sudo_defs_table[52].sd_un.str)
#define I_EDITOR 52
#define def_listpw (sudo_defs_table[53].sd_un.tuple)
#define I_LISTPW 53
#define def_verifypw (sudo_defs_table[54].sd_un.tuple)
#define I_VERIFYPW 54
#define def_noexec (sudo_defs_table[55].sd_un.flag)
#define I_NOEXEC 55
#define def_ignore_local_sudoers (sudo_defs_table[56].sd_un.flag)
#define I_IGNORE_LOCAL_SUDOERS 56
#define def_closefrom (sudo_defs_table[57].sd_un.ival)
#define I_CLOSEFROM 57
#define def_closefrom_override (sudo_defs_table[58].sd_un.flag)
#define I_CLOSEFROM_OVERRIDE 58
#define def_setenv (sudo_defs_table[59].sd_un.flag)
#define I_SETENV 59
#define def_env_reset (sudo_defs_table[60].sd_un.flag)
#define I_ENV_RESET 60
#define def_env_check (sudo_defs_table[61].sd_un.list)
#define I_ENV_CHECK 61
#define def_env_delete (sudo_defs_table[62].sd_un.list)
#define I_ENV_DELETE 62
#define def_env_keep (sudo_defs_table[63].sd_un.list)
#define I_ENV_KEEP 63
#define def_role (sudo_defs_table[64].sd_un.str)
#define I_ROLE 64
#define def_type (sudo_defs_table[65].sd_un.str)
#define I_TYPE 65
#define def_env_file (sudo_defs_table[66].sd_un.str)
#define I_ENV_FILE 66
#define def_sudoers_locale (sudo_defs_table[67].sd_un.str)
#define I_SUDOERS_LOCALE 67
#define def_visiblepw (sudo_defs_table[68].sd_un.flag)
#define I_VISIBLEPW 68
#define def_pwfeedback (sudo_defs_table[69].sd_un.flag)
#define I_PWFEEDBACK 69
#define def_fast_glob (sudo_defs_table[70].sd_un.flag)
#define I_FAST_GLOB 70
#define def_umask_override (sudo_defs_table[71].sd_un.flag)
#define I_UMASK_OVERRIDE 71
#define def_log_input (sudo_defs_table[72].sd_un.flag)
#define I_LOG_INPUT 72
#define def_log_output (sudo_defs_table[73].sd_un.flag)
#define I_LOG_OUTPUT 73
#define def_compress_io (sudo_defs_table[74].sd_un.flag)
#define I_COMPRESS_IO 74
#define def_use_pty (sudo_defs_table[75].sd_un.flag)
#define I_USE_PTY 75
#define def_group_plugin (sudo_defs_table[76].sd_un.str)
#define I_GROUP_PLUGIN 76
#define def_iolog_dir (sudo_defs_table[77].sd_un.str)
#define I_IOLOG_DIR 77
#define def_iolog_file (sudo_defs_table[78].sd_un.str)
#define I_IOLOG_FILE 78
#define def_set_utmp (sudo_defs_table[79].sd_un.flag)
#define I_SET_UTMP 79
#define def_utmp_runas (sudo_defs_table[80].sd_un.flag)
#define I_UTMP_RUNAS 80
#define def_privs (sudo_defs_table[81].sd_un.str)
#define I_PRIVS 81
#define def_limitprivs (sudo_defs_table[82].sd_un.str)
#define I_LIMITPRIVS 82
#define def_exec_background (sudo_defs_table[83].sd_un.flag)
#define I_EXEC_BACKGROUND 83
#define def_pam_service (sudo_defs_table[84].sd_un.str)
#define I_PAM_SERVICE 84
#define def_pam_login_service (sudo_defs_table[85].sd_un.str)
#define I_PAM_LOGIN_SERVICE 85
#define def_pam_setcred (sudo_defs_table[86].sd_un.flag)
#define I_PAM_SETCRED 86
#define def_pam_session (sudo_defs_table[87].sd_un.flag)
#define I_PAM_SESSION 87
#define def_maxseq (sudo_defs_table[88].sd_un.uival)
#define I_MAXSEQ 88
#define def_use_netgroups (sudo_defs_table[89].sd_un.flag)
#define I_USE_NETGROUPS 89
#define def_mail_all_cmnds (sudo_defs_table[10].sd_un.flag)
#define I_MAIL_ALL_CMNDS 10
#define def_tty_tickets (sudo_defs_table[11].sd_un.flag)
#define I_TTY_TICKETS 11
#define def_lecture (sudo_defs_table[12].sd_un.tuple)
#define I_LECTURE 12
#define def_lecture_file (sudo_defs_table[13].sd_un.str)
#define I_LECTURE_FILE 13
#define def_authenticate (sudo_defs_table[14].sd_un.flag)
#define I_AUTHENTICATE 14
#define def_root_sudo (sudo_defs_table[15].sd_un.flag)
#define I_ROOT_SUDO 15
#define def_log_host (sudo_defs_table[16].sd_un.flag)
#define I_LOG_HOST 16
#define def_log_year (sudo_defs_table[17].sd_un.flag)
#define I_LOG_YEAR 17
#define def_shell_noargs (sudo_defs_table[18].sd_un.flag)
#define I_SHELL_NOARGS 18
#define def_set_home (sudo_defs_table[19].sd_un.flag)
#define I_SET_HOME 19
#define def_always_set_home (sudo_defs_table[20].sd_un.flag)
#define I_ALWAYS_SET_HOME 20
#define def_path_info (sudo_defs_table[21].sd_un.flag)
#define I_PATH_INFO 21
#define def_fqdn (sudo_defs_table[22].sd_un.flag)
#define I_FQDN 22
#define def_insults (sudo_defs_table[23].sd_un.flag)
#define I_INSULTS 23
#define def_requiretty (sudo_defs_table[24].sd_un.flag)
#define I_REQUIRETTY 24
#define def_env_editor (sudo_defs_table[25].sd_un.flag)
#define I_ENV_EDITOR 25
#define def_rootpw (sudo_defs_table[26].sd_un.flag)
#define I_ROOTPW 26
#define def_runaspw (sudo_defs_table[27].sd_un.flag)
#define I_RUNASPW 27
#define def_targetpw (sudo_defs_table[28].sd_un.flag)
#define I_TARGETPW 28
#define def_use_loginclass (sudo_defs_table[29].sd_un.flag)
#define I_USE_LOGINCLASS 29
#define def_set_logname (sudo_defs_table[30].sd_un.flag)
#define I_SET_LOGNAME 30
#define def_stay_setuid (sudo_defs_table[31].sd_un.flag)
#define I_STAY_SETUID 31
#define def_preserve_groups (sudo_defs_table[32].sd_un.flag)
#define I_PRESERVE_GROUPS 32
#define def_loglinelen (sudo_defs_table[33].sd_un.uival)
#define I_LOGLINELEN 33
#define def_timestamp_timeout (sudo_defs_table[34].sd_un.fval)
#define I_TIMESTAMP_TIMEOUT 34
#define def_passwd_timeout (sudo_defs_table[35].sd_un.fval)
#define I_PASSWD_TIMEOUT 35
#define def_passwd_tries (sudo_defs_table[36].sd_un.uival)
#define I_PASSWD_TRIES 36
#define def_umask (sudo_defs_table[37].sd_un.mode)
#define I_UMASK 37
#define def_logfile (sudo_defs_table[38].sd_un.str)
#define I_LOGFILE 38
#define def_mailerpath (sudo_defs_table[39].sd_un.str)
#define I_MAILERPATH 39
#define def_mailerflags (sudo_defs_table[40].sd_un.str)
#define I_MAILERFLAGS 40
#define def_mailto (sudo_defs_table[41].sd_un.str)
#define I_MAILTO 41
#define def_mailfrom (sudo_defs_table[42].sd_un.str)
#define I_MAILFROM 42
#define def_mailsub (sudo_defs_table[43].sd_un.str)
#define I_MAILSUB 43
#define def_badpass_message (sudo_defs_table[44].sd_un.str)
#define I_BADPASS_MESSAGE 44
#define def_lecture_status_dir (sudo_defs_table[45].sd_un.str)
#define I_LECTURE_STATUS_DIR 45
#define def_timestampdir (sudo_defs_table[46].sd_un.str)
#define I_TIMESTAMPDIR 46
#define def_timestampowner (sudo_defs_table[47].sd_un.str)
#define I_TIMESTAMPOWNER 47
#define def_exempt_group (sudo_defs_table[48].sd_un.str)
#define I_EXEMPT_GROUP 48
#define def_passprompt (sudo_defs_table[49].sd_un.str)
#define I_PASSPROMPT 49
#define def_passprompt_override (sudo_defs_table[50].sd_un.flag)
#define I_PASSPROMPT_OVERRIDE 50
#define def_runas_default (sudo_defs_table[51].sd_un.str)
#define I_RUNAS_DEFAULT 51
#define def_secure_path (sudo_defs_table[52].sd_un.str)
#define I_SECURE_PATH 52
#define def_editor (sudo_defs_table[53].sd_un.str)
#define I_EDITOR 53
#define def_listpw (sudo_defs_table[54].sd_un.tuple)
#define I_LISTPW 54
#define def_verifypw (sudo_defs_table[55].sd_un.tuple)
#define I_VERIFYPW 55
#define def_noexec (sudo_defs_table[56].sd_un.flag)
#define I_NOEXEC 56
#define def_ignore_local_sudoers (sudo_defs_table[57].sd_un.flag)
#define I_IGNORE_LOCAL_SUDOERS 57
#define def_closefrom (sudo_defs_table[58].sd_un.ival)
#define I_CLOSEFROM 58
#define def_closefrom_override (sudo_defs_table[59].sd_un.flag)
#define I_CLOSEFROM_OVERRIDE 59
#define def_setenv (sudo_defs_table[60].sd_un.flag)
#define I_SETENV 60
#define def_env_reset (sudo_defs_table[61].sd_un.flag)
#define I_ENV_RESET 61
#define def_env_check (sudo_defs_table[62].sd_un.list)
#define I_ENV_CHECK 62
#define def_env_delete (sudo_defs_table[63].sd_un.list)
#define I_ENV_DELETE 63
#define def_env_keep (sudo_defs_table[64].sd_un.list)
#define I_ENV_KEEP 64
#define def_role (sudo_defs_table[65].sd_un.str)
#define I_ROLE 65
#define def_type (sudo_defs_table[66].sd_un.str)
#define I_TYPE 66
#define def_env_file (sudo_defs_table[67].sd_un.str)
#define I_ENV_FILE 67
#define def_sudoers_locale (sudo_defs_table[68].sd_un.str)
#define I_SUDOERS_LOCALE 68
#define def_visiblepw (sudo_defs_table[69].sd_un.flag)
#define I_VISIBLEPW 69
#define def_pwfeedback (sudo_defs_table[70].sd_un.flag)
#define I_PWFEEDBACK 70
#define def_fast_glob (sudo_defs_table[71].sd_un.flag)
#define I_FAST_GLOB 71
#define def_umask_override (sudo_defs_table[72].sd_un.flag)
#define I_UMASK_OVERRIDE 72
#define def_log_input (sudo_defs_table[73].sd_un.flag)
#define I_LOG_INPUT 73
#define def_log_output (sudo_defs_table[74].sd_un.flag)
#define I_LOG_OUTPUT 74
#define def_compress_io (sudo_defs_table[75].sd_un.flag)
#define I_COMPRESS_IO 75
#define def_use_pty (sudo_defs_table[76].sd_un.flag)
#define I_USE_PTY 76
#define def_group_plugin (sudo_defs_table[77].sd_un.str)
#define I_GROUP_PLUGIN 77
#define def_iolog_dir (sudo_defs_table[78].sd_un.str)
#define I_IOLOG_DIR 78
#define def_iolog_file (sudo_defs_table[79].sd_un.str)
#define I_IOLOG_FILE 79
#define def_set_utmp (sudo_defs_table[80].sd_un.flag)
#define I_SET_UTMP 80
#define def_utmp_runas (sudo_defs_table[81].sd_un.flag)
#define I_UTMP_RUNAS 81
#define def_privs (sudo_defs_table[82].sd_un.str)
#define I_PRIVS 82
#define def_limitprivs (sudo_defs_table[83].sd_un.str)
#define I_LIMITPRIVS 83
#define def_exec_background (sudo_defs_table[84].sd_un.flag)
#define I_EXEC_BACKGROUND 84
#define def_pam_service (sudo_defs_table[85].sd_un.str)
#define I_PAM_SERVICE 85
#define def_pam_login_service (sudo_defs_table[86].sd_un.str)
#define I_PAM_LOGIN_SERVICE 86
#define def_pam_setcred (sudo_defs_table[87].sd_un.flag)
#define I_PAM_SETCRED 87
#define def_pam_session (sudo_defs_table[88].sd_un.flag)
#define I_PAM_SESSION 88
#define def_maxseq (sudo_defs_table[89].sd_un.uival)
#define I_MAXSEQ 89
#define def_use_netgroups (sudo_defs_table[90].sd_un.flag)
#define I_USE_NETGROUPS 90
enum def_tuple {
never,

3
plugins/sudoers/def_data.in
View File

@@ -40,6 +40,9 @@ mail_no_host
mail_no_perms
T_FLAG
"Send mail if the user is not allowed to run a command"
mail_all_cmnds
T_FLAG
"Send mail if the user tries to run a command"
tty_tickets
T_FLAG
"Use a separate timestamp for each user/tty combo"

7
plugins/sudoers/logging.c
View File

@@ -364,7 +364,7 @@ log_auth_failure(int status, unsigned int tries)
SET(flags, SLOG_SEND_MAIL);
} else {
/* Command denied, auth failed; make sure we don't send mail twice. */
if ((def_mail_badpass || def_mail_always) && !should_mail(status))
if (def_mail_badpass && !should_mail(status))
SET(flags, SLOG_SEND_MAIL);
/* Don't log the bad password message, we'll log a denial instead. */
SET(flags, SLOG_NO_LOG);
@@ -756,11 +756,8 @@ should_mail(int status)
{
debug_decl(should_mail, SUDOERS_DEBUG_LOGGING)
/* Never send mail about the "sudo -l" and "sudo -v" pseudo-commands. */
if (ISSET(sudo_mode, (MODE_VALIDATE|MODE_CHECK|MODE_LIST)))
debug_return_bool(false);
debug_return_bool(def_mail_always ||
(def_mail_all_cmnds && ISSET(sudo_mode, (MODE_RUN|MODE_EDIT))) ||
(def_mail_no_user && ISSET(status, FLAG_NO_USER)) ||
(def_mail_no_host && ISSET(status, FLAG_NO_HOST)) ||
(def_mail_no_perms && !ISSET(status, VALIDATE_SUCCESS)));