From 51515c6c01adb99ef81f5bd82c29c2c862ca9c87 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Mon, 24 Jan 2011 15:39:09 -0500
Subject: [PATCH] Prepend "list " to the command logged when "sudo -l command"
 is used to make it clear that the command was listed, not run.

---
 plugins/sudoers/logging.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c
index 4453dcfef..d550d5030 100644
--- a/plugins/sudoers/logging.c
+++ b/plugins/sudoers/logging.c
@@ -630,7 +630,10 @@ new_logline(const char *message, int serrno)
 	len += sizeof(LL_ENV_STR) + 2 + evlen;
     }
     if (user_cmnd != NULL) {
+	/* Note: we log "sudo -l command arg ..." as "list command arg ..." */
 	len += sizeof(LL_CMND_STR) - 1 + strlen(user_cmnd);
+	if (ISSET(sudo_mode, MODE_CHECK))
+	    len += sizeof("list ") - 1;
 	if (user_args != NULL)
 	    len += strlen(user_args) + 1;
     }
@@ -685,8 +688,11 @@ new_logline(const char *message, int serrno)
 	efree(evstr);
     }
     if (user_cmnd != NULL) {
-	if (strlcat(line, LL_CMND_STR, len) >= len ||
-	    strlcat(line, user_cmnd, len) >= len)
+	if (strlcat(line, LL_CMND_STR, len) >= len)
+	    goto toobig;
+	if (ISSET(sudo_mode, MODE_CHECK) && strlcat(line, "list ", len) >= len)
+	    goto toobig;
+	if (strlcat(line, user_cmnd, len) >= len)
 	    goto toobig;
 	if (user_args != NULL) {
 	    if (strlcat(line, " ", len) >= len ||
-- 
2.40.0