#include <errno.h>
#include <unistd.h>
+#include "error.h"
#include "bsm_audit.h"
/*
# define AUDIT_NOT_CONFIGURED ENOSYS
#endif
-void log_fatal(int flags, const char *fmt, ...) __attribute__((__noreturn__));
-
static int
audit_sudo_selected(int sf)
{
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) < 0) {
if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
mask = &ainfo.ai_mask;
} else
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
} else
mask = &ainfo_addr.ai_mask;
sorf = (sf == 0) ? AU_PRS_SUCCESS : AU_PRS_FAILURE;
if (auditon(A_GETCOND, (caddr_t)&au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
return;
- log_fatal(0, "Could not determine audit condition");
+ error(1, "Could not determine audit condition");
}
if (au_cond == AUC_NOAUDIT)
return;
if (!audit_sudo_selected(0))
return;
if (getauid(&auid) < 0)
- log_fatal(0, "getauid failed");
+ error(1, "getauid failed");
if ((aufd = au_open()) == -1)
- log_fatal(0, "au_open: failed");
+ error(1, "au_open: failed");
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);
* NB: We should probably watch out for ERANGE here.
*/
if (getaudit(&ainfo) < 0)
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);
} else
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
if (tok == NULL)
- log_fatal(0, "au_to_subject: failed");
+ error(1, "au_to_subject: failed");
au_write(aufd, tok);
tok = au_to_exec_args(exec_args);
if (tok == NULL)
- log_fatal(0, "au_to_exec_args: failed");
+ error(1, "au_to_exec_args: failed");
au_write(aufd, tok);
tok = au_to_return32(0, 0);
if (tok == NULL)
- log_fatal(0, "au_to_return32: failed");
+ error(1, "au_to_return32: failed");
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
- log_fatal(0, "unable to commit audit record");
+ error(1, "unable to commit audit record");
}
void
if (auditon(A_GETCOND, &au_cond, sizeof(long)) < 0) {
if (errno == AUDIT_NOT_CONFIGURED)
return;
- log_fatal(0, "Could not determine audit condition");
+ error(1, "Could not determine audit condition");
}
if (au_cond == AUC_NOAUDIT)
return;
if (!audit_sudo_selected(1))
return;
if (getauid(&auid) < 0)
- log_fatal(0, "getauid: failed");
+ error(1, "getauid: failed");
if ((aufd = au_open()) == -1)
- log_fatal(0, "au_open: failed");
+ error(1, "au_open: failed");
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo_addr.ai_termid);
} else if (errno == ENOSYS) {
if (getaudit(&ainfo) < 0)
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
getuid(), pid, pid, &ainfo.ai_termid);
} else
- log_fatal(0, "getaudit: failed");
+ error(1, "getaudit: failed");
if (tok == NULL)
- log_fatal(0, "au_to_subject: failed");
+ error(1, "au_to_subject: failed");
au_write(aufd, tok);
tok = au_to_exec_args(exec_args);
if (tok == NULL)
- log_fatal(0, "au_to_exec_args: failed");
+ error(1, "au_to_exec_args: failed");
au_write(aufd, tok);
(void) vsnprintf(text, sizeof(text), fmt, ap);
tok = au_to_text(text);
if (tok == NULL)
- log_fatal(0, "au_to_text: failed");
+ error(1, "au_to_text: failed");
au_write(aufd, tok);
tok = au_to_return32(EPERM, 1);
if (tok == NULL)
- log_fatal(0, "au_to_return32: failed");
+ error(1, "au_to_return32: failed");
au_write(aufd, tok);
if (au_close(aufd, 1, AUE_sudo) == -1)
- log_fatal(0, "unable to commit audit record");
+ error(1, "unable to commit audit record");
}
projects / sudo / commitdiff