From 5d2e9426b271592722b2f98d763a29ae23f38973 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Tue, 24 Feb 2015 11:19:21 -0700 Subject: [PATCH] We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as it may be present but not implemented. Add sudo_gettime_real() and sudo_gettime_mono() functions to get the real and monotonic times respectively. Now sudo_gettime_mono() checks the value of sysconf(_SC_MONOTONIC_CLOCK) before calling clock_gettime(CLOCK_MONOTONIC) and falls back on sudo_gettime_real() as needed. The Mach version of sudo_gettime_mono() uses mach_absolute_time(). This should fix problems with timestamp files on systems where the CLOCK_MONOTONIC is defined but not actually implemented. --- MANIFEST | 2 +- configure | 15 ---- configure.ac | 3 - include/sudo_compat.h | 11 --- lib/util/Makefile.in | 3 - lib/util/clock_gettime.c | 80 -------------------- mkdep.pl | 2 +- plugins/sudoers/Makefile.in | 6 +- plugins/sudoers/gettime.c | 132 +++++++++++++++++++++++++++++++++ plugins/sudoers/po/sudoers.pot | 58 ++++++++------- plugins/sudoers/sudoers.h | 4 + plugins/sudoers/timestamp.c | 17 +---- 12 files changed, 178 insertions(+), 155 deletions(-) delete mode 100644 lib/util/clock_gettime.c create mode 100644 plugins/sudoers/gettime.c diff --git a/MANIFEST b/MANIFEST index 5e1d2095b..aeee9d1b2 100644 --- a/MANIFEST +++ b/MANIFEST @@ -81,7 +81,6 @@ install-sh lib/util/Makefile.in lib/util/aix.c lib/util/alloc.c -lib/util/clock_gettime.c lib/util/closefrom.c lib/util/event.c lib/util/event_poll.c @@ -258,6 +257,7 @@ plugins/sudoers/find_path.c plugins/sudoers/getdate.c plugins/sudoers/getdate.y plugins/sudoers/getspwuid.c +plugins/sudoers/gettime.c plugins/sudoers/goodpath.c plugins/sudoers/gram.c plugins/sudoers/gram.h diff --git a/configure b/configure index a2ee36d4b..461d1d1d8 100755 --- a/configure +++ b/configure @@ -19297,21 +19297,6 @@ if test "x$ac_cv_lib_rt_clock_gettime" = xyes; then : SUDOERS_LIBS="${SUDOERS_LIBS} -lrt" -else - - case " $LIBOBJS " in - *" clock_gettime.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS clock_gettime.$ac_objext" - ;; -esac - - - for _sym in sudo_clock_gettime; do - COMPAT_EXP="${COMPAT_EXP}${_sym} -" - done - - fi diff --git a/configure.ac b/configure.ac index 21d96d9fe..6538ec85e 100644 --- a/configure.ac +++ b/configure.ac @@ -2537,9 +2537,6 @@ AC_CHECK_FUNCS([clock_gettime], [], [ AC_CHECK_LIB(rt, clock_gettime, [ AC_DEFINE(HAVE_CLOCK_GETTIME) SUDOERS_LIBS="${SUDOERS_LIBS} -lrt" - ], [ - AC_LIBOBJ(clock_gettime) - SUDO_APPEND_COMPAT_EXP(sudo_clock_gettime) ]) ]) AC_CHECK_FUNCS([getopt_long], [], [ diff --git a/include/sudo_compat.h b/include/sudo_compat.h index 49b6e732f..c112783d6 100644 --- a/include/sudo_compat.h +++ b/include/sudo_compat.h @@ -459,17 +459,6 @@ __dso_public int sudo_sig2str(int signo, char *signame); # undef sig2str # define sig2str(_a, _b) sudo_sig2str((_a), (_b)) #endif /* HAVE_SIG2STR */ -#ifndef HAVE_CLOCK_GETTIME -# if !defined(CLOCK_REALTIME) -# define CLOCK_REALTIME 0 -# endif -# if defined(__MACH__) && !defined(CLOCK_MONOTONIC) -# define CLOCK_MONOTONIC 1 -# endif -__dso_public int sudo_clock_gettime(clockid_t clock_id, struct timespec *tp); -# undef clock_gettime -# define clock_gettime(_a, _b) sudo_clock_gettime((_a), (_b)) -#endif /* HAVE_CLOCK_GETTIME */ #if !defined(HAVE_INET_NTOP) && defined(_SUDO_NET_IFS_C) __dso_public char *sudo_inet_ntop(int af, const void *src, char *dst, socklen_t size); # undef inet_ntop diff --git a/lib/util/Makefile.in b/lib/util/Makefile.in index fb71b8861..909588960 100644 --- a/lib/util/Makefile.in +++ b/lib/util/Makefile.in @@ -318,9 +318,6 @@ atofoo_test.lo: $(srcdir)/regress/atofoo/atofoo_test.c \ $(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \ $(top_builddir)/config.h $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/atofoo/atofoo_test.c -clock_gettime.lo: $(srcdir)/clock_gettime.c $(incdir)/compat/timespec.h \ - $(incdir)/sudo_compat.h $(top_builddir)/config.h - $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/clock_gettime.c closefrom.lo: $(srcdir)/closefrom.c $(incdir)/sudo_compat.h \ $(top_builddir)/config.h $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/closefrom.c diff --git a/lib/util/clock_gettime.c b/lib/util/clock_gettime.c deleted file mode 100644 index d66c14d35..000000000 --- a/lib/util/clock_gettime.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 2014 Todd C. Miller - * - * Permission to use, copy, modify, and distribute this software for any - * purpose with or without fee is hereby granted, provided that the above - * copyright notice and this permission notice appear in all copies. - * - * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES - * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR - * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES - * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN - * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - -#include - -#if !defined(HAVE_CLOCK_GETTIME) - -#include -#include - -#include -#include -#ifdef TIME_WITH_SYS_TIME -# include -#endif -#ifndef HAVE_STRUCT_TIMESPEC -# include "compat/timespec.h" -#endif - -#include "sudo_compat.h" - -#ifdef __MACH__ -# include -# include -# include -#endif - -/* - * Trivial clock_gettime() that supports CLOCK_REALTIME - * (and CLOCK_MONOTONIC on Mach). - */ -int -sudo_clock_gettime(clockid_t clock_id, struct timespec *ts) -{ - - switch (clock_id) { -#ifdef __MACH__ - case CLOCK_MONOTONIC: - { - uint64_t abstime, nsec; - static mach_timebase_info_data_t timebase_info; - - if (timebase_info.denom == 0) - (void) mach_timebase_info(&timebase_info); - abstime = mach_absolute_time(); - nsec = abstime * timebase_info.numer / timebase_info.denom; - ts->tv_sec = nsec / 1000000000; - ts->tv_nsec = nsec % 1000000000; - return 0; - } -#endif - case CLOCK_REALTIME: - { - struct timeval tv; - - gettimeofday(&tv, NULL); - ts->tv_sec = tv.tv_sec; - ts->tv_nsec = tv.tv_usec * 1000; - return 0; - } - default: - errno = EINVAL; - return -1; - } -} - -#endif /* !HAVE_CLOCK_GETTIME */ diff --git a/mkdep.pl b/mkdep.pl index d6774a9c8..e7af9f0f4 100755 --- a/mkdep.pl +++ b/mkdep.pl @@ -70,7 +70,7 @@ sub mkdep { $makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo solaris_audit.lo sssd.lo:; # XXX - fill in AUTH_OBJS from contents of the auth dir instead $makefile =~ s:\@AUTH_OBJS\@:afs.lo aix_auth.lo bsdauth.lo dce.lo fwtk.lo getspwuid.lo kerb5.lo pam.lo passwd.lo rfc1938.lo secureware.lo securid5.lo sia.lo:; - $makefile =~ s:\@LTLIBOBJS\@:clock_gettime.lo closefrom.lo fnmatch.lo getaddrinfo.lo getcwd.lo getgrouplist.lo getline.lo getopt_long.lo glob.lo inet_ntop_lo inet_pton.lo isblank.lo memrchr.lo memset_s.lo mksiglist.lo mksigname.lo mktemp.lo pw_dup.lo sha2.lo sig2str.lo siglist.lo signame.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo strtonum.lo utimes.lo:; + $makefile =~ s:\@LTLIBOBJS\@:closefrom.lo fnmatch.lo getaddrinfo.lo getcwd.lo getgrouplist.lo getline.lo getopt_long.lo glob.lo inet_ntop_lo inet_pton.lo isblank.lo memrchr.lo memset_s.lo mksiglist.lo mksigname.lo mktemp.lo pw_dup.lo sha2.lo sig2str.lo siglist.lo signame.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo strtonum.lo utimes.lo:; # Parse OBJS lines my %objs; diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index b8d9e7452..3aab586ee 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -143,7 +143,7 @@ LIBPARSESUDOERS_OBJS = alias.lo audit.lo base64.lo defaults.lo hexchar.lo \ toke_util.lo SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo find_path.lo \ - goodpath.lo group_plugin.lo interfaces.lo iolog.lo \ + gettime.lo goodpath.lo group_plugin.lo interfaces.lo iolog.lo \ iolog_path.lo locale.lo logging.lo logwrap.lo parse.lo \ policy.lo prompt.lo set_perms.lo sudo_nss.lo sudoers.lo \ timestamp.lo @SUDOERS_OBJS@ @@ -653,6 +653,10 @@ getspwuid.lo: $(srcdir)/getspwuid.c $(devdir)/def_data.h \ $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \ $(top_builddir)/config.h $(top_builddir)/pathnames.h $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getspwuid.c +gettime.lo: $(srcdir)/gettime.c $(incdir)/compat/stdbool.h \ + $(incdir)/compat/timespec.h $(incdir)/sudo_compat.h \ + $(incdir)/sudo_util.h $(top_builddir)/config.h + $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/gettime.c goodpath.lo: $(srcdir)/goodpath.c $(devdir)/def_data.h \ $(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \ $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \ diff --git a/plugins/sudoers/gettime.c b/plugins/sudoers/gettime.c new file mode 100644 index 000000000..1c9a77d2e --- /dev/null +++ b/plugins/sudoers/gettime.c @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2014-2015 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include +#include +#include +#ifdef STDC_HEADERS +# include +# include +#else +# ifdef HAVE_STDLIB_H +# include +# endif +#endif /* STDC_HEADERS */ +#ifdef HAVE_UNISTD_H +# include +#endif /* HAVE_UNISTD_H */ +#ifdef TIME_WITH_SYS_TIME +# include +#endif +#ifndef HAVE_STRUCT_TIMESPEC +# include "compat/timespec.h" +#endif +#include + +#if defined(__MACH__) && !defined(HAVE_CLOCK_GETTIME) +# include +# include +# include +#endif + +#include "sudoers.h" + +/* On Linux, CLOCK_MONOTONIC does not run while suspended. */ +#if defined(CLOCK_BOOTTIME) +# define SUDO_CLOCK_MONOTONIC CLOCK_BOOTTIME +#elif defined(CLOCK_MONOTONIC) +# define SUDO_CLOCK_MONOTONIC CLOCK_MONOTONIC +#endif + +#if defined(HAVE_CLOCK_GETTIME) +int +sudo_gettime_real(struct timespec *ts) +{ + debug_decl(sudo_gettime_real, SUDOERS_DEBUG_UTIL) + + if (clock_gettime(CLOCK_REALTIME, ts) == -1) { + struct timeval tv; + + sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO, + "clock_gettime(CLOCK_REALTIME) failed, trying gettimeofday()"); + if (gettimeofday(&tv, NULL) == -1) + debug_return_int(-1); + TIMEVAL_TO_TIMESPEC(&tv, ts); + } + debug_return_int(0); +} +#else +int +sudo_gettime_real(struct timespec *ts) +{ + struct timeval tv; + debug_decl(sudo_gettime_real, SUDOERS_DEBUG_UTIL) + + if (gettimeofday(&tv, NULL) == -1) + debug_return_int(-1); + TIMEVAL_TO_TIMESPEC(&tv, ts); + debug_return_int(0); +} +#endif + +#if defined(HAVE_CLOCK_GETTIME) && defined(SUDO_CLOCK_MONOTONIC) +int +sudo_gettime_mono(struct timespec *ts) +{ + static int has_monoclock = -1; + debug_decl(sudo_gettime_mono, SUDOERS_DEBUG_UTIL) + + /* Check whether the kernel/libc actually supports CLOCK_MONOTONIC. */ +# ifdef _SC_MONOTONIC_CLOCK + if (has_monoclock == -1) + has_monoclock = sysconf(_SC_MONOTONIC_CLOCK) != -1; +# endif + if (!has_monoclock) + debug_return_int(sudo_gettime_real(ts)); + if (clock_gettime(SUDO_CLOCK_MONOTONIC, ts) == -1) { + sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO, + "clock_gettime(%d) failed, using wall clock", SUDO_CLOCK_MONOTONIC); + has_monoclock = 0; + debug_return_int(sudo_gettime_real(ts)); + } + debug_return_int(0); +} +#elif defined(__MACH__) +int +sudo_gettime_mono(struct timespec *ts) +{ + uint64_t abstime, nsec; + static mach_timebase_info_data_t timebase_info; + debug_decl(sudo_gettime_mono, SUDOERS_DEBUG_UTIL) + + if (timebase_info.denom == 0) + (void) mach_timebase_info(&timebase_info); + abstime = mach_absolute_time(); + nsec = abstime * timebase_info.numer / timebase_info.denom; + ts->tv_sec = nsec / 1000000000; + ts->tv_nsec = nsec % 1000000000; + debug_return_int(0); +} +#else +int +sudo_gettime_mono(struct timespec *ts) +{ + /* No monotonic clock available, use wall clock. */ + return sudo_gettime_real(ts); +} +#endif diff --git a/plugins/sudoers/po/sudoers.pot b/plugins/sudoers/po/sudoers.pot index 1eb0d3f2b..aee172673 100644 --- a/plugins/sudoers/po/sudoers.pot +++ b/plugins/sudoers/po/sudoers.pot @@ -5,9 +5,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sudo 1.8.12\n" +"Project-Id-Version: sudo 1.8.13b2\n" "Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n" -"POT-Creation-Date: 2015-02-20 06:33-0700\n" +"POT-Creation-Date: 2015-02-24 11:20-0700\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -132,34 +132,34 @@ msgstr "" msgid "%s: Cannot verify TGT! Possible attack!: %s" msgstr "" -#: plugins/sudoers/auth/pam.c:98 +#: plugins/sudoers/auth/pam.c:97 msgid "unable to initialize PAM" msgstr "" -#: plugins/sudoers/auth/pam.c:149 +#: plugins/sudoers/auth/pam.c:153 msgid "account validation failure, is your account locked?" msgstr "" -#: plugins/sudoers/auth/pam.c:153 +#: plugins/sudoers/auth/pam.c:157 msgid "Account or password is expired, reset your password and try again" msgstr "" -#: plugins/sudoers/auth/pam.c:161 +#: plugins/sudoers/auth/pam.c:165 #, c-format msgid "unable to change expired password: %s" msgstr "" -#: plugins/sudoers/auth/pam.c:166 +#: plugins/sudoers/auth/pam.c:170 msgid "Password expired, contact your system administrator" msgstr "" -#: plugins/sudoers/auth/pam.c:170 +#: plugins/sudoers/auth/pam.c:174 msgid "" "Account expired or PAM config lacks an \"account\" section for sudo, contact " "your system administrator" msgstr "" -#: plugins/sudoers/auth/pam.c:187 +#: plugins/sudoers/auth/pam.c:186 #, c-format msgid "PAM authentication error: %s" msgstr "" @@ -205,31 +205,31 @@ msgstr "" msgid "unable to initialize SIA session" msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:115 +#: plugins/sudoers/auth/sudo_auth.c:135 msgid "invalid authentication methods" msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:117 +#: plugins/sudoers/auth/sudo_auth.c:137 msgid "" "Invalid authentication methods compiled into sudo! You may not mix " "standalone and non-standalone authentication." msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:203 plugins/sudoers/auth/sudo_auth.c:252 +#: plugins/sudoers/auth/sudo_auth.c:233 plugins/sudoers/auth/sudo_auth.c:282 msgid "no authentication methods" msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:205 +#: plugins/sudoers/auth/sudo_auth.c:235 msgid "" "There are no authentication methods compiled into sudo! If you want to turn " "off authentication, use the --disable-authentication configure option." msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:254 +#: plugins/sudoers/auth/sudo_auth.c:284 msgid "Unable to initialize authentication methods." msgstr "" -#: plugins/sudoers/auth/sudo_auth.c:412 +#: plugins/sudoers/auth/sudo_auth.c:442 msgid "Authentication methods:" msgstr "" @@ -754,21 +754,21 @@ msgid "Local IP address and netmask pairs:\n" msgstr "" #: plugins/sudoers/iolog.c:101 plugins/sudoers/iolog.c:119 -#: plugins/sudoers/timestamp.c:233 +#: plugins/sudoers/timestamp.c:224 #, c-format msgid "%s exists but is not a directory (0%o)" msgstr "" #: plugins/sudoers/iolog.c:112 plugins/sudoers/iolog.c:133 -#: plugins/sudoers/iolog.c:140 plugins/sudoers/timestamp.c:227 -#: plugins/sudoers/timestamp.c:248 +#: plugins/sudoers/iolog.c:140 plugins/sudoers/timestamp.c:218 +#: plugins/sudoers/timestamp.c:239 #, c-format msgid "unable to mkdir %s" msgstr "" #: plugins/sudoers/iolog.c:209 plugins/sudoers/sudoers.c:765 #: plugins/sudoers/sudoreplay.c:330 plugins/sudoers/sudoreplay.c:793 -#: plugins/sudoers/sudoreplay.c:990 plugins/sudoers/timestamp.c:357 +#: plugins/sudoers/sudoreplay.c:990 plugins/sudoers/timestamp.c:351 #: plugins/sudoers/visudo.c:832 plugins/sudoers/visudo_json.c:1035 #: plugins/sudoers/visudo_json.c:1048 #, c-format @@ -782,7 +782,7 @@ msgid "unable to read %s" msgstr "" #: plugins/sudoers/iolog.c:282 plugins/sudoers/sudoreplay.c:575 -#: plugins/sudoers/timestamp.c:186 plugins/sudoers/timestamp.c:189 +#: plugins/sudoers/timestamp.c:177 plugins/sudoers/timestamp.c:180 #, c-format msgid "unable to write to %s" msgstr "" @@ -1272,7 +1272,7 @@ msgstr "" msgid "%s is not a regular file" msgstr "" -#: plugins/sudoers/sudoers.c:788 plugins/sudoers/timestamp.c:289 toke.l:955 +#: plugins/sudoers/sudoers.c:788 plugins/sudoers/timestamp.c:280 toke.l:955 #, c-format msgid "%s is owned by uid %u, should be %u" msgstr "" @@ -1489,31 +1489,35 @@ msgid "" "Command unmatched" msgstr "" -#: plugins/sudoers/timestamp.c:197 +#: plugins/sudoers/timestamp.c:188 #, c-format msgid "unable to truncate time stamp file to %lld bytes" msgstr "" -#: plugins/sudoers/timestamp.c:297 +#: plugins/sudoers/timestamp.c:288 #, c-format msgid "%s is group writable" msgstr "" -#: plugins/sudoers/timestamp.c:318 +#: plugins/sudoers/timestamp.c:309 #, c-format msgid "timestamp path too long: %s/%s" msgstr "" -#: plugins/sudoers/timestamp.c:498 +#: plugins/sudoers/timestamp.c:340 plugins/sudoers/timestamp.c:425 +msgid "unable to read the clock" +msgstr "" + +#: plugins/sudoers/timestamp.c:495 msgid "ignoring time stamp from the future" msgstr "" -#: plugins/sudoers/timestamp.c:510 +#: plugins/sudoers/timestamp.c:507 #, c-format msgid "time stamp too far in the future: %20.20s" msgstr "" -#: plugins/sudoers/timestamp.c:613 plugins/sudoers/timestamp.c:634 +#: plugins/sudoers/timestamp.c:610 plugins/sudoers/timestamp.c:631 #, c-format msgid "lecture status path too long: %s/%s" msgstr "" diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index bda43f77f..af0b79a82 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -239,6 +239,10 @@ char *expand_prompt(const char *old_prompt, const char *auth_user); void remove_timestamp(bool); bool set_lectured(void); +/* gettime.c */ +int sudo_gettime_real(struct timespec *ts); +int sudo_gettime_mono(struct timespec *ts); + /* sudo_auth.c */ bool sudo_auth_needs_end_session(void); int verify_user(struct passwd *pw, char *prompt, int validated); diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c index 05e08ff1a..a94cd3762 100644 --- a/plugins/sudoers/timestamp.c +++ b/plugins/sudoers/timestamp.c @@ -51,15 +51,6 @@ #include "sudoers.h" #include "check.h" -/* On Linux, CLOCK_MONOTONIC does not run while suspended. */ -#if defined(CLOCK_BOOTTIME) -# define SUDO_CLOCK_MONOTONIC CLOCK_BOOTTIME -#elif defined(CLOCK_MONOTONIC) -# define SUDO_CLOCK_MONOTONIC CLOCK_MONOTONIC -#else -# define SUDO_CLOCK_MONOTONIC CLOCK_REALTIME -#endif - static char timestamp_file[PATH_MAX]; static off_t timestamp_hint = (off_t)-1; static struct timestamp_entry timestamp_key; @@ -345,8 +336,8 @@ update_timestamp(struct passwd *pw) /* Fill in time stamp. */ memcpy(&entry, ×tamp_key, sizeof(struct timestamp_entry)); - if (clock_gettime(SUDO_CLOCK_MONOTONIC, &entry.ts) == -1) { - log_warning(0, "clock_gettime(%d)", SUDO_CLOCK_MONOTONIC); + if (sudo_gettime_mono(&entry.ts) == -1) { + log_warning(0, N_("unable to read the clock")); goto done; } @@ -430,8 +421,8 @@ timestamp_status(struct passwd *pw) timestamp_key.u.ppid = getppid(); } } - if (clock_gettime(SUDO_CLOCK_MONOTONIC, ×tamp_key.ts) == -1) { - log_warning(0, "clock_gettime(%d)", SUDO_CLOCK_MONOTONIC); + if (sudo_gettime_mono(×tamp_key.ts) == -1) { + log_warning(0, N_("unable to read the clock")); status = TS_ERROR; } -- 2.40.0