From 38c7d7abc4b9d42e171529a87ee4932e98f0a486 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 13 Oct 2014 08:33:25 -0600
Subject: [PATCH] Fix logic bug.  We only want to return -1 from
 linux_audit_open() when audit_open() fails and errno is not one of EINVAL,
 EPROTONOSUPPORT, or EAFNOSUPPORT.  For those errno values, we return
 AUDIT_NOT_CONFIGURED which is not a fatal error.  Bug #671

---
 plugins/sudoers/linux_audit.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/sudoers/linux_audit.c b/plugins/sudoers/linux_audit.c
index 2befd079b..2e5f43d74 100644
--- a/plugins/sudoers/linux_audit.c
+++ b/plugins/sudoers/linux_audit.c
@@ -57,10 +57,10 @@ linux_audit_open(void)
     au_fd = audit_open();
     if (au_fd == -1) {
 	/* Kernel may not have audit support. */
-	if (errno != EINVAL && errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT) {
-	    sudo_warn(U_("unable to open audit system"));
+	if (errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)
 	    au_fd = AUDIT_NOT_CONFIGURED;
-	}
+	else
+	    sudo_warn(U_("unable to open audit system"));
     } else {
 	(void)fcntl(au_fd, F_SETFD, FD_CLOEXEC);
     }
-- 
2.40.0