From 507ab6fdcd431041a758c59e2cf475a2b212414e Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Fri, 1 Sep 2017 09:22:31 -0600 Subject: [PATCH] Sprinkle a few more debugging printfs. --- plugins/sudoers/check.c | 7 +++++++ plugins/sudoers/defaults.c | 3 +++ 2 files changed, 10 insertions(+) diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c index 67cd7bf3b..28ec7b952 100644 --- a/plugins/sudoers/check.c +++ b/plugins/sudoers/check.c @@ -127,6 +127,8 @@ check_user_interactive(int validated, int mode, struct passwd *auth_pw) ret = true; break; } + sudo_debug_printf(SUDO_DEBUG_INFO, + "%s: check user flag overrides time stamp", __func__); /* FALLTHROUGH */ default: @@ -192,6 +194,9 @@ check_user(int validated, int mode) * If the user is not changing uid/gid, no need for a password. */ if (!def_authenticate || user_is_exempt()) { + sudo_debug_printf(SUDO_DEBUG_INFO, "%s: %s", __func__, + !def_authenticate ? "authentication disabled" : + "user exempt from authentication"); ret = true; goto done; } @@ -204,6 +209,8 @@ check_user(int validated, int mode) if (runas_privs == NULL && runas_limitprivs == NULL) #endif { + sudo_debug_printf(SUDO_DEBUG_INFO, + "%s: user running command as self", __func__); ret = true; goto done; } diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c index ab2e7cfd3..39115007a 100644 --- a/plugins/sudoers/defaults.c +++ b/plugins/sudoers/defaults.c @@ -238,6 +238,9 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op, int rc; debug_decl(parse_default_entry, SUDOERS_DEBUG_DEFAULTS) + sudo_debug_printf(SUDO_DEBUG_INFO, "%s: %s:%d %s=%s op=%d", + __func__, file, lineno, def->name, val ? val : "", op); + /* * If no value specified, the boolean flag must be set for non-flags. * Only flags and tuples support boolean "true". -- 2.40.0