From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 24 May 2010 18:30:54 +0000 (-0400)
Subject: If running a command or sudoedit in transcript mode, call io_nextid()
X-Git-Tag: SUDO_1_8_0~593
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=60e0e496ef09efecb158efeed68493b1fb20564f;p=sudo

If running a command or sudoedit in transcript mode, call io_nextid()
before log_allowed() so the session id is logged.
---

diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c
index 00b9205bb..ebd24d7e1 100644
--- a/plugins/sudoers/iolog.c
+++ b/plugins/sudoers/iolog.c
@@ -71,7 +71,7 @@ static sigset_t ttyblock;
 static struct timeval last_time;
 static union script_fd io_outfile, io_timfile;
 
-static void
+void
 io_nextid(void)
 {
     struct stat sb;
@@ -197,7 +197,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation,
      * Build a path containing the session id split into two-digit subdirs,
      * so ID 000001 becomes /var/log/sudo-session/00/00/01.
      */
-    io_nextid();
     len = build_idpath(pathbuf, sizeof(pathbuf));
     if (len == -1)
 	return -1;
diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index f9a9bb466..7902f73bf 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -497,6 +497,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
 	    validate_env_vars(sudo_user.env_vars);
     }
 
+    if (def_transcript && (sudo_mode & (MODE_RUN | MODE_EDIT)))
+	io_nextid();
     log_allowed(validated);
     if (ISSET(sudo_mode, MODE_CHECK))
 	rval = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw);
diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h
index 136faf8d4..bf95ac783 100644
--- a/plugins/sudoers/sudoers.h
+++ b/plugins/sudoers/sudoers.h
@@ -295,6 +295,7 @@ int sudoers_io_open(unsigned int version, sudo_conv_t conversation,
 void sudoers_io_close(int exit_status, int error);
 int sudoers_io_version(int verbose);
 int sudoers_io_log_output(const char *buf, unsigned int len);
+void io_nextid(void);
 
 /* env.c */
 char **env_get(void);