fprintf (stderr, _("%s: failure forking: %s"),
is_newgrp ? "newgrp" : "sg", strerror (errno));
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing",
- NULL, getuid (), 0);
+ if (group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog, "changing",
+ NULL, getuid (), 0);
+ }
#endif
exit (1);
} else if (child) {
#endif
#ifdef WITH_AUDIT
+ char audit_buf[80];
+
audit_help_open ();
#endif
setlocale (LC_ALL, "");
if (!pwd) {
fprintf (stderr, _("unknown UID: %u\n"), getuid ());
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing", NULL,
+ audit_logger (AUDIT_CHGRP_ID, Prog, "changing", NULL,
getuid (), 0);
#endif
SYSLOG ((LOG_WARN, "unknown UID %u", getuid ()));
if (ngroups < 0) {
perror ("getgroups");
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog,
- "changing", NULL, getuid (), 0);
+ if (group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL, getuid (), 0);
+ }
#endif
exit (1);
}
* to the real UID. For root, this also sets the real GID to the
* new group id.
*/
- if (setgid (gid))
+ if (setgid (gid)) {
perror ("setgid");
+#ifdef WITH_AUDIT
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%d", gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
+#endif
+ exit (1);
+ }
if (setuid (getuid ())) {
perror ("setuid");
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing",
- NULL, getuid (), 0);
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%d", gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
#endif
exit (1);
}
closelog ();
execl ("/bin/sh", "sh", "-c", command, (char *) 0);
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing",
- NULL, getuid (), 0);
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-gid=%d", gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
#endif
perror ("/bin/sh");
exit (errno == ENOENT ? E_CMD_NOTFOUND : E_CMD_NOEXEC);
}
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing", NULL, getuid (), 1);
+ snprintf (audit_buf, sizeof(audit_buf), "changing new-gid=%d", gid);
+ audit_logger (AUDIT_CHGRP_ID, Prog, audit_buf, NULL, getuid (), 1);
#endif
/*
* Exec the login shell and go away. We are trying to get back to
*/
closelog ();
#ifdef WITH_AUDIT
- audit_logger (AUDIT_USER_START, Prog, "changing", NULL, getuid (), 0);
+ if (group) {
+ snprintf (audit_buf, sizeof(audit_buf),
+ "changing new-group=%s", group);
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ audit_buf, NULL, getuid (), 0);
+ } else {
+ audit_logger (AUDIT_CHGRP_ID, Prog,
+ "changing", NULL, getuid (), 0);
+ }
#endif
exit (1);
}
projects / shadow / commitdiff