diff --git a/include/sudo_eventlog.h b/include/sudo_eventlog.h index 4dcdc3947..8867f8c90 100644 --- a/include/sudo_eventlog.h +++ b/include/sudo_eventlog.h @@ -112,8 +112,24 @@ typedef bool (*eventlog_json_callback_t)(struct json_container *, void *); bool eventlog_accept(const struct eventlog *details, int flags, eventlog_json_callback_t info_cb, void *info); bool eventlog_alert(const struct eventlog *details, int flags, struct timespec *alert_time, const char *reason, const char *errstr); bool eventlog_reject(const struct eventlog *details, int flags, const char *reason, eventlog_json_callback_t info_cb, void *info); -bool eventlog_setconf(struct eventlog_config *conf); bool eventlog_store_json(struct json_container *json, const struct eventlog *evlog); void eventlog_free(struct eventlog *evlog); +void eventlog_set_type(int type); +void eventlog_set_format(enum eventlog_format format); +void eventlog_set_syslog_acceptpri(int pri); +void eventlog_set_syslog_rejectpri(int pri); +void eventlog_set_syslog_alertpri(int pri); +void eventlog_set_syslog_maxlen(int len); +void eventlog_set_mailuid(uid_t uid); +void eventlog_set_omit_hostname(bool omit_hostname); +void eventlog_set_logpath(const char *path); +void eventlog_set_time_fmt(const char *fmt); +void eventlog_set_mailerpath(const char *path); +void eventlog_set_mailerflags(const char *mflags); +void eventlog_set_mailfrom(const char *from_addr); +void eventlog_set_mailto(const char *to_addr); +void eventlog_set_mailsub(const char *subject); +void eventlog_set_open_log(FILE *(*fn)(int type, const char *)); +void eventlog_set_close_log(void (*fn)(int type, FILE *)); #endif /* SUDO_EVENTLOG_H */ diff --git a/lib/eventlog/eventlog.c b/lib/eventlog/eventlog.c index 5a4e782a0..7907732bc 100644 --- a/lib/eventlog/eventlog.c +++ b/lib/eventlog/eventlog.c @@ -75,8 +75,29 @@ isalnum((unsigned char)(s)[6]) && isalnum((unsigned char)(s)[7]) && \ (s)[8] == '\0') +static FILE *eventlog_stub_open_log(int type, const char *logfile); +static void eventlog_stub_close_log(int type, FILE *fp); + /* Eventlog config settings */ -static struct eventlog_config evl_conf; +static struct eventlog_config evl_conf = { + EVLOG_NONE, /* type */ + EVLOG_SUDO, /* format */ + LOG_NOTICE, /* syslog_acceptpri */ + LOG_ALERT, /* syslog_rejectpri */ + LOG_ALERT, /* syslog_alertpri */ + MAXSYSLOGLEN, /* syslog_maxlen */ + ROOT_UID, /* mailuid */ + false, /* omit_hostname */ + _PATH_SUDO_LOGFILE, /* logpath */ + "%h %e %T", /* time_fmt */ + _PATH_SUDO_SENDMAIL, /* mailerpath */ + "-t", /* mailerflags */ + NULL, /* mailfrom */ + MAILTO, /* mailto */ + N_(MAILSUBJECT), /* mailsub */ + eventlog_stub_open_log, /* open_log */ + eventlog_stub_close_log /* close_log */ +}; /* * Allocate and fill in a new logline. @@ -1245,6 +1266,109 @@ eventlog_stub_close_log(int type, FILE *fp) /* * Set eventlog config settings. */ + +void +eventlog_set_type(int type) +{ + evl_conf.type = type; +} + +void +eventlog_set_format(enum eventlog_format format) +{ + evl_conf.format = format; +} + +void +eventlog_set_syslog_acceptpri(int pri) +{ + evl_conf.syslog_acceptpri = pri; +} + +void +eventlog_set_syslog_rejectpri(int pri) +{ + evl_conf.syslog_rejectpri = pri; +} + +void +eventlog_set_syslog_alertpri(int pri) +{ + evl_conf.syslog_alertpri = pri; +} + +void +eventlog_set_syslog_maxlen(int len) +{ + evl_conf.syslog_maxlen = len; +} + +void +eventlog_set_mailuid(uid_t uid) +{ + evl_conf.mailuid = uid; +} + +void +eventlog_set_omit_hostname(bool omit_hostname) +{ + evl_conf.omit_hostname = omit_hostname; +} + +void +eventlog_set_logpath(const char *path) +{ + evl_conf.logpath = path; +} + +void +eventlog_set_time_fmt(const char *fmt) +{ + evl_conf.time_fmt = fmt; +} + +void +eventlog_set_mailerpath(const char *path) +{ + evl_conf.mailerpath = path; +} + +void +eventlog_set_mailerflags(const char *mflags) +{ + evl_conf.mailerflags = mflags; +} + +void +eventlog_set_mailfrom(const char *from_addr) +{ + evl_conf.mailfrom = from_addr; +} + +void +eventlog_set_mailto(const char *to_addr) +{ + evl_conf.mailto = to_addr; +} + +void +eventlog_set_mailsub(const char *subject) +{ + evl_conf.mailsub = subject; +} + +void +eventlog_set_open_log(FILE *(*fn)(int type, const char *)) +{ + evl_conf.open_log = fn; +} + +void +eventlog_set_close_log(void (*fn)(int type, FILE *)) +{ + evl_conf.close_log = fn; +} + bool eventlog_setconf(struct eventlog_config *conf) { diff --git a/logsrvd/logsrvd_conf.c b/logsrvd/logsrvd_conf.c index 4e555a016..fb523827c 100644 --- a/logsrvd/logsrvd_conf.c +++ b/logsrvd/logsrvd_conf.c @@ -869,21 +869,18 @@ logsrvd_stub_close_log(int type, FILE *fp) static void logsrvd_conf_eventlog_setconf(struct logsrvd_config *config) { - struct eventlog_config evconf; debug_decl(logsrvd_conf_eventlog_setconf, SUDO_DEBUG_UTIL); - memset(&evconf, 0, sizeof(evconf)); - evconf.type = config->eventlog.log_type; - evconf.format = config->eventlog.log_format; - evconf.syslog_acceptpri = config->syslog.acceptpri; - evconf.syslog_rejectpri = config->syslog.rejectpri; - evconf.syslog_alertpri = config->syslog.alertpri; - evconf.syslog_maxlen = config->syslog.maxlen; - evconf.logpath = config->logfile.path; - evconf.time_fmt = config->logfile.time_format; - evconf.open_log = logsrvd_stub_open_log; - evconf.close_log = logsrvd_stub_close_log; - eventlog_setconf(&evconf); + eventlog_set_type(config->eventlog.log_type); + eventlog_set_format(config->eventlog.log_format); + eventlog_set_syslog_acceptpri(config->syslog.acceptpri); + eventlog_set_syslog_rejectpri(config->syslog.rejectpri); + eventlog_set_syslog_alertpri(config->syslog.alertpri); + eventlog_set_syslog_maxlen(config->syslog.maxlen); + eventlog_set_logpath(config->logfile.path); + eventlog_set_time_fmt(config->logfile.time_format); + eventlog_set_open_log(logsrvd_stub_open_log); + eventlog_set_close_log(logsrvd_stub_close_log); debug_return; } diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index 61218bb07..4b8f28e85 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -620,8 +620,8 @@ init_defaults(void) if (!init_envtables()) goto oom; - /* Update eventlog config. */ - update_eventlog_config(); + /* Init eventlog config. */ + init_eventlog_config(); firsttime = 0; @@ -758,9 +758,6 @@ update_defaults(struct sudoers_parse_tree *parse_tree, ret = false; } - /* Update eventlog config. */ - update_eventlog_config(); - debug_return_bool(ret); } diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c index 14be28b77..5fde1de8c 100644 --- a/plugins/sudoers/logging.c +++ b/plugins/sudoers/logging.c @@ -568,40 +568,38 @@ sudoers_log_close(int type, FILE *fp) } void -update_eventlog_config(void) +init_eventlog_config(void) { - struct eventlog_config evconf; - debug_decl(update_eventlog_config, SUDOERS_DEBUG_DEFAULTS); - - memset(&evconf, 0, sizeof(evconf)); - if (def_syslog) { - evconf.type |= EVLOG_SYSLOG; - evconf.syslog_acceptpri = def_syslog_goodpri; - evconf.syslog_rejectpri = def_syslog_badpri; - evconf.syslog_alertpri = def_syslog_badpri; - evconf.syslog_maxlen = def_syslog_maxlen; - } - if (def_logfile) { - evconf.type |= EVLOG_FILE; - evconf.logpath = def_logfile; - } - evconf.format = EVLOG_SUDO; - evconf.time_fmt = def_log_year ? "%h %e %T %Y" : "%h %e %T"; - if (!def_log_host) - evconf.omit_hostname = true; + int logtype = 0; #ifdef NO_ROOT_MAILER - evconf.mailuid = user_uid; + uid_t mailuid = user_uid; #else - evconf.mailuid = ROOT_UID; + uid_t mailuid = ROOT_UID; #endif - evconf.mailerpath = def_mailerpath; - evconf.mailerflags = def_mailerflags; - evconf.mailfrom = def_mailfrom; - evconf.mailto = def_mailto; - evconf.open_log = sudoers_log_open; - evconf.close_log = sudoers_log_close; + debug_decl(init_eventlog_config, SUDOERS_DEBUG_DEFAULTS); - eventlog_setconf(&evconf); + if (def_syslog) + logtype |= EVLOG_SYSLOG; + if (def_logfile) + logtype |= EVLOG_FILE; + + eventlog_set_type(logtype); + eventlog_set_format(EVLOG_SUDO); + eventlog_set_syslog_acceptpri(def_syslog_goodpri); + eventlog_set_syslog_rejectpri(def_syslog_badpri); + eventlog_set_syslog_alertpri(def_syslog_badpri); + eventlog_set_syslog_maxlen(def_syslog_maxlen); + eventlog_set_mailuid(mailuid); + eventlog_set_omit_hostname(!def_log_host); + eventlog_set_logpath(def_logfile); + eventlog_set_time_fmt(def_log_year ? "%h %e %T %Y" : "%h %e %T"); + eventlog_set_mailerpath(def_mailerpath); + eventlog_set_mailerflags(def_mailerflags); + eventlog_set_mailfrom(def_mailfrom); + eventlog_set_mailto(def_mailto); + eventlog_set_mailsub(def_mailsub); + eventlog_set_open_log(sudoers_log_open); + eventlog_set_close_log(sudoers_log_close); debug_return; } diff --git a/plugins/sudoers/logging.h b/plugins/sudoers/logging.h index e01ea73a5..de5027944 100644 --- a/plugins/sudoers/logging.h +++ b/plugins/sudoers/logging.h @@ -74,6 +74,6 @@ bool sudoers_initlocale(const char *ulocale, const char *slocale); bool sudoers_locale_callback(const union sudo_defs_val *); int writeln_wrap(FILE *fp, char *line, size_t len, size_t maxlen); void sudoers_to_eventlog(struct eventlog *evlog); -void update_eventlog_config(void); +void init_eventlog_config(void); #endif /* SUDOERS_LOGGING_H */ diff --git a/plugins/sudoers/stubs.c b/plugins/sudoers/stubs.c index 7d8695bd9..ce7cc5026 100644 --- a/plugins/sudoers/stubs.c +++ b/plugins/sudoers/stubs.c @@ -89,7 +89,7 @@ set_cmnd_path(const char *runchroot) /* STUB */ void -update_eventlog_config(void) +init_eventlog_config(void) { return; } diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index 12f5d789c..cf115b197 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -69,11 +69,6 @@ /* * Prototypes */ -static bool cb_fqdn(const union sudo_defs_val *); -static bool cb_runas_default(const union sudo_defs_val *); -static bool cb_tty_tickets(const union sudo_defs_val *); -static bool cb_umask(const union sudo_defs_val *); -static bool cb_runchroot(const union sudo_defs_val *); static int set_cmnd(void); static int create_admin_success_flag(void); static bool init_vars(char * const *); @@ -81,6 +76,7 @@ static bool set_loginclass(struct passwd *); static bool set_runasgr(const char *, bool); static bool set_runaspw(const char *, bool); static bool tty_present(void); +static void set_callbacks(void); /* * Globals @@ -854,38 +850,8 @@ init_vars(char * const envp[]) if (!set_perms(PERM_INITIAL)) debug_return_bool(false); - /* Set fqdn callback. */ - sudo_defs_table[I_FQDN].callback = cb_fqdn; - - /* Set group_plugin callback. */ - sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin; - - /* Set runas callback. */ - sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default; - - /* Set locale callback. */ - sudo_defs_table[I_SUDOERS_LOCALE].callback = sudoers_locale_callback; - - /* Set maxseq callback. */ - sudo_defs_table[I_MAXSEQ].callback = cb_maxseq; - - /* Set iolog_user callback. */ - sudo_defs_table[I_IOLOG_USER].callback = cb_iolog_user; - - /* Set iolog_group callback. */ - sudo_defs_table[I_IOLOG_GROUP].callback = cb_iolog_group; - - /* Set iolog_mode callback. */ - sudo_defs_table[I_IOLOG_MODE].callback = cb_iolog_mode; - - /* Set tty_tickets callback. */ - sudo_defs_table[I_TTY_TICKETS].callback = cb_tty_tickets; - - /* Set umask callback. */ - sudo_defs_table[I_UMASK].callback = cb_umask; - - /* Set runchroot callback. */ - sudo_defs_table[I_RUNCHROOT].callback = cb_runchroot; + /* Set parse callbacks */ + set_callbacks(); /* It is now safe to use log_warningx() and set_perms() */ if (unknown_user) { @@ -1446,6 +1412,194 @@ cb_runchroot(const union sudo_defs_val *sd_un) debug_return_bool(true); } +static bool +cb_logfile(const union sudo_defs_val *sd_un) +{ + int logtype = def_syslog ? EVLOG_SYSLOG : EVLOG_NONE; + debug_decl(cb_logfile, SUDOERS_DEBUG_PLUGIN); + + if (sd_un->str != NULL) + SET(logtype, EVLOG_FILE); + eventlog_set_type(logtype); + eventlog_set_logpath(sd_un->str); + + debug_return_bool(true); +} + +static bool +cb_syslog(const union sudo_defs_val *sd_un) +{ + int logtype = def_logfile ? EVLOG_FILE : EVLOG_NONE; + debug_decl(cb_syslog, SUDOERS_DEBUG_PLUGIN); + + if (sd_un->str != NULL) + SET(logtype, EVLOG_SYSLOG); + eventlog_set_type(logtype); + + debug_return_bool(true); +} + +static bool +cb_syslog_goodpri(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_syslog_goodpri, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_syslog_acceptpri(sd_un->ival); + + debug_return_bool(true); +} + +static bool +cb_syslog_badpri(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_syslog_badpri, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_syslog_rejectpri(sd_un->ival); + eventlog_set_syslog_alertpri(sd_un->ival); + + debug_return_bool(true); +} + +static bool +cb_syslog_maxlen(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_syslog_maxlen(sd_un->ival); + + debug_return_bool(true); +} + +static bool +cb_log_year(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_time_fmt(sd_un->flag ? "%h %e %T %Y" : "%h %e %T"); + + debug_return_bool(true); +} + +static bool +cb_log_host(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_syslog_maxlen, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_omit_hostname(!sd_un->flag); + + debug_return_bool(true); +} + +static bool +cb_mailerpath(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_mailerpath, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_mailerpath(sd_un->str); + + debug_return_bool(true); +} + +static bool +cb_mailerflags(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_mailerflags, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_mailerflags(sd_un->str); + + debug_return_bool(true); +} + +static bool +cb_mailfrom(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_mailfrom, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_mailfrom(sd_un->str); + + debug_return_bool(true); +} + +static bool +cb_mailto(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_mailto, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_mailto(sd_un->str); + + debug_return_bool(true); +} + +static bool +cb_mailsub(const union sudo_defs_val *sd_un) +{ + debug_decl(cb_mailsub, SUDOERS_DEBUG_PLUGIN); + + eventlog_set_mailsub(sd_un->str); + + debug_return_bool(true); +} + +/* + * Set parse Defaults callbacks. + * We do this here instead in def_data.in so we don't have to + * stub out the callbacks for visudo and testsudoers. + */ +static void +set_callbacks(void) +{ + debug_decl(set_callbacks, SUDOERS_DEBUG_PLUGIN); + + /* Set fqdn callback. */ + sudo_defs_table[I_FQDN].callback = cb_fqdn; + + /* Set group_plugin callback. */ + sudo_defs_table[I_GROUP_PLUGIN].callback = cb_group_plugin; + + /* Set runas callback. */ + sudo_defs_table[I_RUNAS_DEFAULT].callback = cb_runas_default; + + /* Set locale callback. */ + sudo_defs_table[I_SUDOERS_LOCALE].callback = sudoers_locale_callback; + + /* Set maxseq callback. */ + sudo_defs_table[I_MAXSEQ].callback = cb_maxseq; + + /* Set iolog_user callback. */ + sudo_defs_table[I_IOLOG_USER].callback = cb_iolog_user; + + /* Set iolog_group callback. */ + sudo_defs_table[I_IOLOG_GROUP].callback = cb_iolog_group; + + /* Set iolog_mode callback. */ + sudo_defs_table[I_IOLOG_MODE].callback = cb_iolog_mode; + + /* Set tty_tickets callback. */ + sudo_defs_table[I_TTY_TICKETS].callback = cb_tty_tickets; + + /* Set umask callback. */ + sudo_defs_table[I_UMASK].callback = cb_umask; + + /* Set runchroot callback. */ + sudo_defs_table[I_RUNCHROOT].callback = cb_runchroot; + + /* eventlog callbacks */ + sudo_defs_table[I_SYSLOG].callback = cb_syslog; + sudo_defs_table[I_SYSLOG_GOODPRI].callback = cb_syslog_goodpri; + sudo_defs_table[I_SYSLOG_BADPRI].callback = cb_syslog_badpri; + sudo_defs_table[I_SYSLOG_MAXLEN].callback = cb_syslog_maxlen; + sudo_defs_table[I_LOG_HOST].callback = cb_log_host; + sudo_defs_table[I_LOGFILE].callback = cb_logfile; + sudo_defs_table[I_LOG_YEAR].callback = cb_log_year; + sudo_defs_table[I_MAILERPATH].callback = cb_mailerpath; + sudo_defs_table[I_MAILERFLAGS].callback = cb_mailerflags; + sudo_defs_table[I_MAILFROM].callback = cb_mailfrom; + sudo_defs_table[I_MAILTO].callback = cb_mailto; + sudo_defs_table[I_MAILSUB].callback = cb_mailsub; + + debug_return; +} + /* * Cleanup hook for sudo_fatal()/sudo_fatalx() */ diff --git a/plugins/sudoers/testsudoers.c b/plugins/sudoers/testsudoers.c index 87c61538a..1217da7f4 100644 --- a/plugins/sudoers/testsudoers.c +++ b/plugins/sudoers/testsudoers.c @@ -501,7 +501,7 @@ restore_perms(void) } void -update_eventlog_config(void) +init_eventlog_config(void) { return; }