Do not inform the user that the command was not permitted by the

policy if they do not successfully authenticate. This is a regression introduced in sudo 1.8.6.
2025-08-31 06:15:37 +00:00 · 2012-11-06 11:19:51 -05:00
parent 941d759c51
commit 5d052aeb60
4 changed files with 15 additions and 9 deletions
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -379,7 +379,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
    rval = check_user(validated, sudo_mode);
    if (rval != true) {
 	if (!ISSET(validated, VALIDATE_OK))
-	    log_failure(validated, cmnd_status);
+	    log_denial(validated, false);
 	goto done;
    }