From 60e0e496ef09efecb158efeed68493b1fb20564f Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Mon, 24 May 2010 14:30:54 -0400 Subject: [PATCH] If running a command or sudoedit in transcript mode, call io_nextid() before log_allowed() so the session id is logged. --- plugins/sudoers/iolog.c | 3 +-- plugins/sudoers/sudoers.c | 2 ++ plugins/sudoers/sudoers.h | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/plugins/sudoers/iolog.c b/plugins/sudoers/iolog.c index 00b9205bb..ebd24d7e1 100644 --- a/plugins/sudoers/iolog.c +++ b/plugins/sudoers/iolog.c @@ -71,7 +71,7 @@ static sigset_t ttyblock; static struct timeval last_time; static union script_fd io_outfile, io_timfile; -static void +void io_nextid(void) { struct stat sb; @@ -197,7 +197,6 @@ sudoers_io_open(unsigned int version, sudo_conv_t conversation, * Build a path containing the session id split into two-digit subdirs, * so ID 000001 becomes /var/log/sudo-session/00/00/01. */ - io_nextid(); len = build_idpath(pathbuf, sizeof(pathbuf)); if (len == -1) return -1; diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c index f9a9bb466..7902f73bf 100644 --- a/plugins/sudoers/sudoers.c +++ b/plugins/sudoers/sudoers.c @@ -497,6 +497,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[], validate_env_vars(sudo_user.env_vars); } + if (def_transcript && (sudo_mode & (MODE_RUN | MODE_EDIT))) + io_nextid(); log_allowed(validated); if (ISSET(sudo_mode, MODE_CHECK)) rval = display_cmnd(snl, list_pw ? list_pw : sudo_user.pw); diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h index 136faf8d4..bf95ac783 100644 --- a/plugins/sudoers/sudoers.h +++ b/plugins/sudoers/sudoers.h @@ -295,6 +295,7 @@ int sudoers_io_open(unsigned int version, sudo_conv_t conversation, void sudoers_io_close(int exit_status, int error); int sudoers_io_version(int verbose); int sudoers_io_log_output(const char *buf, unsigned int len); +void io_nextid(void); /* env.c */ char **env_get(void); -- 2.40.0