From 31b16fd3e98b21fac834cdd654b0076f5b95518f Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Wed, 22 Mar 2017 15:55:16 -0600
Subject: [PATCH] Add fallback to PERM_IOLOG when making the final componenet
 of iolog_dir.

---
 plugins/sudoers/iolog.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c
index 743ec6ed9..53c040535 100644
--- a/plugins/sudoers/iolog.c
+++ b/plugins/sudoers/iolog.c
@@ -125,9 +125,15 @@ io_mkdirs(char *path)
 	/* Create final path component. */
 	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
 	    "mkdir %s, mode 0%o", path, (unsigned int) iolog_dirmode);
-	if (mkdir(path, iolog_dirmode) != 0 && errno != EEXIST) {
-	    sudo_warn(U_("unable to mkdir %s"), path);
-	    ok = false;
+	ok = mkdir(path, iolog_dirmode) == 0 || errno == EEXIST;
+	if (!ok) {
+	    if (!uid_changed) {
+		/* Try again as the I/O log owner (for NFS). */
+		uid_changed = set_perms(PERM_IOLOG);
+		ok = mkdir(path, iolog_dirmode) == 0 || errno == EEXIST;
+	    }
+	    if (!ok)
+		sudo_warn(U_("unable to mkdir %s"), path);
 	} else {
 	    ignore_result(chown(path, iolog_uid, iolog_gid));
 	}
-- 
2.40.0