From 55ef027d88abf7572f3100b042a1c20a5628da67 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 17 May 2010 10:38:56 -0400 Subject: [PATCH] Add argc and argv to I/O logger open function. --- doc/sudo_plugin.cat | 298 ++++++++++++++++----------------- doc/sudo_plugin.man.in | 17 +- doc/sudo_plugin.pod | 17 +- include/sudo_plugin.h | 3 +- plugins/sample/sample_plugin.c | 3 +- plugins/sudoers/iolog.c | 4 +- plugins/sudoers/sudoers.h | 3 +- src/sudo.c | 4 +- 8 files changed, 189 insertions(+), 160 deletions(-) diff --git a/doc/sudo_plugin.cat b/doc/sudo_plugin.cat index 91fa20a0b..63841c527 100644 --- a/doc/sudo_plugin.cat +++ b/doc/sudo_plugin.cat @@ -61,7 +61,7 @@ SSuuddoo PPlluuggiinn AAPPII -1.8.0a1 May 14, 2010 1 +1.8.0a1 May 17, 2010 1 @@ -86,9 +86,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) const char *list_user); int (*validate)(void); void (*invalidate)(int remove); - int (*check_sudoedit)(int argc, char * const argv[], - char *env_add[], char **command_info[], - char **argv_out[], char **user_env_out[]); }; The policy_plugin struct has the following fields: @@ -125,9 +122,12 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) A pointer to the conversation function that can be used by the plugin to interact with the user (see below). + plugin_printf + A pointer to a printf-style function that may be used to -1.8.0a1 May 14, 2010 2 + +1.8.0a1 May 17, 2010 2 @@ -136,8 +136,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - plugin_printf - A pointer to a printf-style function that may be used to display informational or error messages (see below). settings @@ -189,11 +187,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) from the check_policy function, which will cause ssuuddoo to print a usage message and exit. + preserve_groups=bool + Set to true if the user specified the -P flag, indicating + that the user wishes to preserve the group vector instead - -1.8.0a1 May 14, 2010 3 +1.8.0a1 May 17, 2010 3 @@ -202,9 +202,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - preserve_groups=bool - Set to true if the user specified the -P flag, indicating - that the user wishes to preserve the group vector instead of setting it based on the runas user. ignore_ticket=bool @@ -238,6 +235,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) The command name that sudo was run as, typically "sudo" or "sudoedit". + sudoedit=bool + Set to true when the -e flag is is specified or if invoked + as ssuuddooeeddiitt. The plugin shall substitute an editor into + _a_r_g_v in the _c_h_e_c_k___p_o_l_i_c_y function or return -2 with a usage + error if the plugin does not support _s_u_d_o_e_d_i_t. For more + information, see the _c_h_e_c_k___p_o_l_i_c_y section. + Additional settings may be added in the future so the plugin should silently ignore settings that it does not recognize. @@ -253,13 +257,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) user=string The name of the user invoking ssuuddoo. - uid=uid_t - The real user ID of the user invoking ssuuddoo. - - -1.8.0a1 May 14, 2010 4 +1.8.0a1 May 17, 2010 4 @@ -268,6 +268,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + uid=uid_t + The real user ID of the user invoking ssuuddoo. + gid=gid_t The real group ID of the user invoking ssuuddoo. @@ -318,14 +321,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) call. The value of exit_status is undefined if error is non- zero. - error - If the command could not be executed, this is set to the value - of errno set by the _e_x_e_c_v_e(2) system call. The plugin is - responsible for displaying error information via the -1.8.0a1 May 14, 2010 5 + +1.8.0a1 May 17, 2010 5 @@ -334,6 +334,10 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + error + If the command could not be executed, this is set to the value + of errno set by the _e_x_e_c_v_e(2) system call. The plugin is + responsible for displaying error information via the conversation or plugin_printf function. If the command was successfully executed, the value of error is 0. @@ -352,13 +356,31 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) char **argv_out[], char **user_env_out[]); The _c_h_e_c_k___p_o_l_i_c_y function is called by ssuuddoo to determine whether - the user is allowed to run the specified commands. Returns 1 if - the command is allowed, 0 if not allowed, -1 for a general error, - or -2 for a usage error. In the latter case, ssuuddoo will print a - usage message before it exits. If an error occurs, the plugin may - optionally call the conversation or plugin_printf function with - SUDO_CONF_ERROR_MSG to present additional error information to the - user. + the user is allowed to run the specified commands. + + If the _s_u_d_o_e_d_i_t option was enabled in the _s_e_t_t_i_n_g_s array passed to + the _o_p_e_n function, the user has requested _s_u_d_o_e_d_i_t mode. _s_u_d_o_e_d_i_t + is a mechanism for editing one or more files where an editor is run + with the user's credentials instead of with elevated privileges. + ssuuddoo achieves this by creating user-writable temporary copies of + the files to be edited and then overwriting the originals with the + temporary copies after editing is complete. If the plugin supports + ssuuddooeeddiitt, it should choose the editor to be used, potentially from + a variable in the user's environment, such as EDITOR, and include + it in _a_r_g_v___o_u_t (note that environment variables may include command + line flags). The files to be edited should be copied from _a_r_g_v + into _a_r_g_v___o_u_t, separated from the editor and its arguments by a + "--" element. The "--" will be removed by ssuuddoo before the editor + is executed. The plugin should also set _s_u_d_o_e_d_i_t_=_t_r_u_e in the + _c_o_m_m_a_n_d___i_n_f_o list. + + The _c_h_e_c_k___p_o_l_i_c_y function returns 1 if the command is allowed, 0 if + not allowed, -1 for a general error, or -2 for a usage error or if + ssuuddooeeddiitt was specified but is unsupported by the plugin. In the + latter case, ssuuddoo will print a usage message before it exits. If + an error occurs, the plugin may optionally call the conversation or + plugin_printf function with SUDO_CONF_ERROR_MSG to present + additional error information to the user. The function arguments are as follows: @@ -366,6 +388,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) The number of elements in _a_r_g_v, not counting the final NULL pointer. + + + +1.8.0a1 May 17, 2010 6 + + + + + +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + + argv The argument vector describing the command the user wishes to run, in the same form as what would be passed to the _e_x_e_c_v_e_(_) @@ -388,18 +422,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) execution environment when running a command. The plugin is responsible for creating and populating the vector, which must be terminated with a NULL pointer. The following values are - - - -1.8.0a1 May 14, 2010 6 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - recognized by ssuuddoo: command=string @@ -433,6 +455,17 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) If set, ssuuddoo will preserve the user's group vector instead of initializing the group vector based on runas_user. + + +1.8.0a1 May 17, 2010 7 + + + + + +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + + cwd=string The current working directory to change to when executing the command. @@ -454,18 +487,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) selinux_role=string SELinux role to use when executing the command. - - - -1.8.0a1 May 14, 2010 7 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - selinux_type=string SELinux type to use when executing the command. @@ -473,6 +494,13 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) Command timeout. If non-zero then when the timeout expires the command will be killed. + sudoedit=bool + Set to true when in _s_u_d_o_e_d_i_t mode. The plugin may enable + _s_u_d_o_e_d_i_t mode even if ssuuddoo was not invoked as ssuuddooeeddiitt. + This allows the plugin to perform command substitution and + transparently enable _s_u_d_o_e_d_i_t when the user attempts to run + an editor. + Unsupported values will be ignored. argv_out @@ -492,6 +520,18 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) List available privileges for the invoking user. Returns 1 on success, 0 on failure and -1 on error. On error, the plugin may optionally call the conversation or plugin_printf function with + + + +1.8.0a1 May 17, 2010 8 + + + + + +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + + SUDO_CONF_ERROR_MSG to present additional error information to the user. @@ -521,17 +561,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) validate int (*validate)(void); - - -1.8.0a1 May 14, 2010 8 - - - - - -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - - The validate function is called when ssuuddoo is run with the -v flag. For policy plugins such as _s_u_d_o_e_r_s that cache authentication credentials, this function will validate and cache the credentials. @@ -556,40 +585,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) The invalidate function should be NULL if the plugin does not support credential caching. - check_sudoedit - int (*check_sudoedit)(int argc, char * const argv[] - char *env_add[], char **command_info[], - char **argv_out[], char **user_env_out[]); - - The _c_h_e_c_k___s_u_d_o_e_d_i_t function is called instead of _c_h_e_c_k___p_o_l_i_c_y when - ssuuddoo is invoked as ssuuddooeeddiitt or when the -e flag is specified. - ssuuddooeeddiitt is a mechanism for editing one or more files where an - editor is run with the user's credentials instead of with elevated - privileges. ssuuddoo achieves this by creating user-writable temporary - copies of the files to be edited and then overwriting the originals - with the temporary copies after editing is complete. - - The plugin should choose the editor to be used, potentially from a - variable in the user's environment, such as EDITOR, and include it - in _a_r_g_v___o_u_t. The files to be edited should be copied from _a_r_g_v - into _a_r_g_v___o_u_t, separated from the editor and its arguments by a - "--" element. The "--" will be removed by ssuuddoo before the editor - is executed. - - Returns 1 if the command is allowed, 0 if not allowed, -1 for a - general error, or -2 for a usage error. In the latter case, ssuuddoo - will print a usage message before it exits. If an error occurs, - the plugin may optionally call the conversation or plugin_printf - function with SUDO_CONF_ERROR_MSG to present additional error - information to the user. - - The function arguments are the same as for _c_h_e_c_k___p_o_l_i_c_y, except - that _a_r_g_v_[_0_] will always be the string "sudoedit". - + _C_o_n_v_e_r_s_a_t_i_o_n _A_P_I -1.8.0a1 May 14, 2010 9 +1.8.0a1 May 17, 2010 9 @@ -598,8 +598,6 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) - _C_o_n_v_e_r_s_a_t_i_o_n _A_P_I - If the plugin needs to interact with the user, it may do so via the conversation function. A plugin should not attempt to read directly from the standard input or the user's tty (neither of which are @@ -655,7 +653,9 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) -1.8.0a1 May 14, 2010 10 + + +1.8.0a1 May 17, 2010 10 @@ -670,7 +670,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) unsigned int version; /* always SUDO_API_VERSION */ int (*open)(unsigned int version, sudo_conv_t conversation sudo_printf_t plugin_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); void (*close)(int exit_status, int error); /* wait status or error */ int (*show_version)(int verbose); int (*log_ttyin)(const char *buf, unsigned int len); @@ -712,16 +713,15 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) open int (*open)(unsigned int version, sudo_conv_t conversation sudo_printf_t plugin_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); The _o_p_e_n function is run before the _l_o_g___i_n_p_u_t, _l_o_g___o_u_t_p_u_t or _s_h_o_w___v_e_r_s_i_o_n functions are called. It is only called if the - version is being requested or the _c_h_e_c_k___p_o_l_i_c_y function has - returned successfully. It returns 1 on success, 0 on failure, -1 -1.8.0a1 May 14, 2010 11 +1.8.0a1 May 17, 2010 11 @@ -730,6 +730,8 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + version is being requested or the _c_h_e_c_k___p_o_l_i_c_y function has + returned successfully. It returns 1 on success, 0 on failure, -1 if a general error occurred, or -2 if there was a usage error. In the latter case, ssuuddoo will print a usage message before it exits. If an error occurs, the plugin may optionally call the conversation @@ -781,13 +783,11 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) See the "Policy Plugin API" section for a list of all possible strings. - user_env - The user's environment in the form of a NULL-terminated vector - of "name=value" strings. -1.8.0a1 May 14, 2010 12 + +1.8.0a1 May 17, 2010 12 @@ -796,6 +796,19 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + argc + The number of elements in _a_r_g_v, not counting the final NULL + pointer. + + argv + If non-NULL, an argument vector describing a command the user + wishes to run in the same form as what would be passed to the + _e_x_e_c_v_e_(_) system call. + + user_env + The user's environment in the form of a NULL-terminated vector + of "name=value" strings. + When parsing _u_s_e_r___e_n_v, the plugin should split on the ffiirrsstt equal sign ('=') since the _n_a_m_e field will never include one itself but the _v_a_l_u_e might. @@ -837,31 +850,31 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) passed to the command, 0 if the data is rejected (which will terminate the command) or -1 if an error occurred. - The function arguments are as follows: - buf The buffer containing user input. - len The length of _b_u_f in bytes. - log_ttyout - int (*log_ttyout)(const char *buf, unsigned int len); +1.8.0a1 May 17, 2010 13 - The _l_o_g___t_t_y_o_u_t function is called whenever data can be read from - the command but before it is written to the user's terminal. This - allows the plugin to reject data if it chooses to (for instance if - the output contains banned content). Returns 1 if the data should -1.8.0a1 May 14, 2010 13 +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + The function arguments are as follows: + buf The buffer containing user input. -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + len The length of _b_u_f in bytes. + log_ttyout + int (*log_ttyout)(const char *buf, unsigned int len); + The _l_o_g___t_t_y_o_u_t function is called whenever data can be read from + the command but before it is written to the user's terminal. This + allows the plugin to reject data if it chooses to (for instance if + the output contains banned content). Returns 1 if the data should be passed to the user, 0 if the data is rejected (which will terminate the command) or -1 if an error occurred. @@ -903,30 +916,30 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) buf The buffer containing command output. - len The length of _b_u_f in bytes. - log_stderr - int (*log_stderr)(const char *buf, unsigned int len); - The _l_o_g___s_t_d_e_r_r function is only used if the standard error does not - correspond to a tty device. It is called whenever data can be read - from the command but before it is written to the standard error. - This allows the plugin to reject data if it chooses to (for - instance if the output contains banned content). Returns 1 if the - data should be passed to the user, 0 if the data is rejected (which - will terminate the command) or -1 if an error occurred. +1.8.0a1 May 17, 2010 14 -1.8.0a1 May 14, 2010 14 +SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + len The length of _b_u_f in bytes. -SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) + log_stderr + int (*log_stderr)(const char *buf, unsigned int len); + The _l_o_g___s_t_d_e_r_r function is only used if the standard error does not + correspond to a tty device. It is called whenever data can be read + from the command but before it is written to the standard error. + This allows the plugin to reject data if it chooses to (for + instance if the output contains banned content). Returns 1 if the + data should be passed to the user, 0 if the data is rejected (which + will terminate the command) or -1 if an error occurred. The function arguments are as follows: @@ -962,29 +975,16 @@ SUDO_PLUGIN(1m) MAINTENANCE COMMANDS SUDO_PLUGIN(1m) struct io_plugin io; }; +PPOODD EERRRROORRSS + Hey! TThhee aabboovvee ddooccuummeenntt hhaadd ssoommee ccooddiinngg eerrrroorrss,, wwhhiicchh aarree eexxppllaaiinneedd + bbeellooww:: + Around line 597: + You forgot a '=back' before '=head3' - - - - - - - - - - - - - - - - - - -1.8.0a1 May 14, 2010 15 +1.8.0a1 May 17, 2010 15 diff --git a/doc/sudo_plugin.man.in b/doc/sudo_plugin.man.in index 4ae007749..b3e76cc13 100644 --- a/doc/sudo_plugin.man.in +++ b/doc/sudo_plugin.man.in @@ -728,7 +728,8 @@ See the sample plugin for an example of the conversation function usage. \& unsigned int version; /* always SUDO_API_VERSION */ \& int (*open)(unsigned int version, sudo_conv_t conversation \& sudo_printf_t plugin_printf, char * const settings[], -\& char * const user_info[], char * const user_env[]); +\& char * const user_info[], int argc, char * const argv[], +\& char * const user_env[]); \& void (*close)(int exit_status, int error); /* wait status or error */ \& int (*show_version)(int verbose); \& int (*log_ttyin)(const char *buf, unsigned int len); @@ -770,10 +771,11 @@ This allows \fBsudo\fR to determine the \s-1API\s0 version the plugin was built against. .IP "open" 4 .IX Item "open" -.Vb 3 +.Vb 4 \& int (*open)(unsigned int version, sudo_conv_t conversation \& sudo_printf_t plugin_printf, char * const settings[], -\& char * const user_info[], char * const user_env[]); +\& char * const user_info[], int argc, char * const argv[], +\& char * const user_env[]); .Ve .Sp The \fIopen\fR function is run before the \fIlog_input\fR, \fIlog_output\fR @@ -828,6 +830,15 @@ equal sign ('=') since the \fIname\fR field will never include one itself but the \fIvalue\fR might. .Sp See the \*(L"Policy Plugin \s-1API\s0\*(R" section for a list of all possible strings. +.IP "argc" 4 +.IX Item "argc" +The number of elements in \fIargv\fR, not counting the final \f(CW\*(C`NULL\*(C'\fR +pointer. +.IP "argv" 4 +.IX Item "argv" +If non\-\f(CW\*(C`NULL\*(C'\fR, an argument vector describing a command the user +wishes to run in the same form as what would be passed to the +\&\fIexecve()\fR system call. .IP "user_env" 4 .IX Item "user_env" The user's environment in the form of a \f(CW\*(C`NULL\*(C'\fR\-terminated vector of diff --git a/doc/sudo_plugin.pod b/doc/sudo_plugin.pod index 0c03beeb0..07b9034a6 100644 --- a/doc/sudo_plugin.pod +++ b/doc/sudo_plugin.pod @@ -652,7 +652,8 @@ See the sample plugin for an example of the conversation function usage. unsigned int version; /* always SUDO_API_VERSION */ int (*open)(unsigned int version, sudo_conv_t conversation sudo_printf_t plugin_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); void (*close)(int exit_status, int error); /* wait status or error */ int (*show_version)(int verbose); int (*log_ttyin)(const char *buf, unsigned int len); @@ -700,7 +701,8 @@ built against. int (*open)(unsigned int version, sudo_conv_t conversation sudo_printf_t plugin_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); The I function is run before the I, I or I functions are called. It is only called if the @@ -761,6 +763,17 @@ itself but the I might. See the L section for a list of all possible strings. +=item argc + +The number of elements in I, not counting the final C +pointer. + +=item argv + +If non-C, an argument vector describing a command the user +wishes to run in the same form as what would be passed to the +execve() system call. + =item user_env The user's environment in the form of a C-terminated vector of diff --git a/include/sudo_plugin.h b/include/sudo_plugin.h index 26289f901..442388346 100644 --- a/include/sudo_plugin.h +++ b/include/sudo_plugin.h @@ -77,7 +77,8 @@ struct io_plugin { unsigned int version; /* always SUDO_API_VERSION */ int (*open)(unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); void (*close)(int exit_status, int error); /* wait status or error */ int (*show_version)(int verbose); int (*log_ttyin)(const char *buf, unsigned int len); diff --git a/plugins/sample/sample_plugin.c b/plugins/sample/sample_plugin.c index 07990a3d7..63d9e9158 100644 --- a/plugins/sample/sample_plugin.c +++ b/plugins/sample/sample_plugin.c @@ -420,7 +420,8 @@ policy_close(int exit_status, int error) static int io_open(unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], - char * const user_info[], char * const user_env[]) + char * const user_info[], int argc, char * const argv[], + char * const user_env[]) { int fd; char path[PATH_MAX]; diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c index ef0595915..ef29135b5 100644 --- a/plugins/sudoers/iolog.c +++ b/plugins/sudoers/iolog.c @@ -178,7 +178,8 @@ build_idpath(char *pathbuf, size_t pathsize) int sudoers_io_open(unsigned int version, sudo_conv_t conversation, sudo_printf_t plugin_printf, char * const settings[], - char * const user_info[], char * const user_env[]) + char * const user_info[], int argc, char * const argv[], + char * const user_env[]) { char pathbuf[PATH_MAX]; FILE *io_logfile; @@ -250,6 +251,7 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation, gettimeofday(&last_time, NULL); /* XXX - log more stuff? window size? environment? */ + /* XXX - use passed in argv instead of using sudoers policy info. */ fprintf(io_logfile, "%ld:%s:%s:%s:%s\n", last_time.tv_sec, user_name, runas_pw->pw_name, runas_gr ? runas_gr->gr_name : "", user_tty); fprintf(io_logfile, "%s\n", user_cwd); diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index 5a7d1f7f9..136faf8d4 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -290,7 +290,8 @@ int get_boottime(struct timeval *); /* iolog.c */ int sudoers_io_open(unsigned int version, sudo_conv_t conversation, sudo_printf_t sudo_printf, char * const settings[], - char * const user_info[], char * const user_env[]); + char * const user_info[], int argc, char * const argv[], + char * const user_env[]); void sudoers_io_close(int exit_status, int error); int sudoers_io_version(int verbose); int sudoers_io_log_output(const char *buf, unsigned int len); diff --git a/src/sudo.c b/src/sudo.c index 33df03b7f..36f6fcdf2 100644 --- a/src/sudo.c +++ b/src/sudo.c @@ -160,7 +160,7 @@ main(int argc, char *argv[], char *envp[]) policy_plugin.u.policy->show_version(!user_details.uid); tq_foreach_fwd(&io_plugins, plugin) { ok = plugin->u.io->open(SUDO_API_VERSION, sudo_conversation, - sudo_printf, settings, user_info, envp); + sudo_printf, settings, user_info, nargc, nargv, envp); if (ok == TRUE) plugin->u.io->show_version(user_details.uid == ROOT_UID); } @@ -212,7 +212,7 @@ main(int argc, char *argv[], char *envp[]) for (plugin = io_plugins.first; plugin != NULL; plugin = next) { next = plugin->next; ok = plugin->u.io->open(SUDO_API_VERSION, sudo_conversation, - sudo_printf, settings, user_info, envp); + sudo_printf, settings, user_info, nargc, nargv, envp); switch (ok) { case TRUE: break; -- 2.40.0