|
|
a2b174 |
From 06b46ae226fecd4188af372ac0ccd7aa582e21c8 Mon Sep 17 00:00:00 2001
|
|
|
a2b174 |
From: Tomas Sykora <tosykora@redhat.com>
|
|
|
a2b174 |
Date: Wed, 17 Aug 2016 10:12:11 +0200
|
|
|
a2b174 |
Subject: [PATCH] Sudo logs username root instead of realuser
|
|
|
a2b174 |
|
|
|
a2b174 |
RHEL7 sudo logs username root instead of realuser in /var/log/secure
|
|
|
a2b174 |
|
|
|
a2b174 |
Rebased from:
|
|
|
a2b174 |
Patch50: sudo-1.8.6p7-logsudouser.patch
|
|
|
a2b174 |
|
|
|
a2b174 |
Resolves:
|
|
|
a2b174 |
rhbz#1312486
|
|
|
a2b174 |
---
|
|
|
a2b174 |
plugins/sudoers/logging.c | 14 +++++++-------
|
|
|
a2b174 |
plugins/sudoers/sudoers.h | 1 +
|
|
|
a2b174 |
2 files changed, 8 insertions(+), 7 deletions(-)
|
|
|
a2b174 |
|
|
|
a2b174 |
diff --git a/plugins/sudoers/logging.c b/plugins/sudoers/logging.c
|
|
|
a2b174 |
index 45cae67..74b2220 100644
|
|
|
a2b174 |
--- a/plugins/sudoers/logging.c
|
|
|
a2b174 |
+++ b/plugins/sudoers/logging.c
|
|
|
a2b174 |
@@ -104,7 +104,7 @@ do_syslog(int pri, char *msg)
|
|
|
a2b174 |
* Log the full line, breaking into multiple syslog(3) calls if necessary
|
|
|
a2b174 |
*/
|
|
|
a2b174 |
fmt = _("%8s : %s");
|
|
|
a2b174 |
- maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
|
|
|
a2b174 |
+ maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(sudo_user_name));
|
|
|
a2b174 |
for (p = msg; *p != '\0'; ) {
|
|
|
a2b174 |
len = strlen(p);
|
|
|
a2b174 |
if (len > maxlen) {
|
|
|
a2b174 |
@@ -120,7 +120,7 @@ do_syslog(int pri, char *msg)
|
|
|
a2b174 |
save = *tmp;
|
|
|
a2b174 |
*tmp = '\0';
|
|
|
a2b174 |
|
|
|
a2b174 |
- mysyslog(pri, fmt, user_name, p);
|
|
|
a2b174 |
+ mysyslog(pri, fmt, sudo_user_name, p);
|
|
|
a2b174 |
|
|
|
a2b174 |
*tmp = save; /* restore saved character */
|
|
|
a2b174 |
|
|
|
a2b174 |
@@ -128,11 +128,11 @@ do_syslog(int pri, char *msg)
|
|
|
a2b174 |
for (p = tmp; *p == ' '; p++)
|
|
|
a2b174 |
continue;
|
|
|
a2b174 |
} else {
|
|
|
a2b174 |
- mysyslog(pri, fmt, user_name, p);
|
|
|
a2b174 |
+ mysyslog(pri, fmt, sudo_user_name, p);
|
|
|
a2b174 |
p += len;
|
|
|
a2b174 |
}
|
|
|
a2b174 |
fmt = _("%8s : (command continued) %s");
|
|
|
a2b174 |
- maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(user_name));
|
|
|
a2b174 |
+ maxlen = def_syslog_maxlen - (strlen(fmt) - 5 + strlen(sudo_user_name));
|
|
|
a2b174 |
}
|
|
|
a2b174 |
|
|
|
a2b174 |
sudoers_setlocale(oldlocale, NULL);
|
|
|
a2b174 |
@@ -179,10 +179,10 @@ do_logfile(const char *msg)
|
|
|
a2b174 |
timestr = "invalid date";
|
|
|
a2b174 |
if (def_log_host) {
|
|
|
a2b174 |
len = asprintf(&full_line, "%s : %s : HOST=%s : %s",
|
|
|
a2b174 |
- timestr, user_name, user_srunhost, msg);
|
|
|
a2b174 |
+ timestr, sudo_user_name, user_srunhost, msg);
|
|
|
a2b174 |
} else {
|
|
|
a2b174 |
len = asprintf(&full_line, "%s : %s : %s",
|
|
|
a2b174 |
- timestr, user_name, msg);
|
|
|
a2b174 |
+ timestr, sudo_user_name, msg);
|
|
|
a2b174 |
}
|
|
|
a2b174 |
if (len == -1) {
|
|
|
a2b174 |
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
|
|
|
a2b174 |
@@ -746,7 +746,7 @@ send_mail(const char *fmt, ...)
|
|
|
a2b174 |
|
|
|
a2b174 |
if ((timestr = get_timestr(time(NULL), def_log_year)) == NULL)
|
|
|
a2b174 |
timestr = "invalid date";
|
|
|
a2b174 |
- (void) fprintf(mail, "\n\n%s : %s : %s : ", user_host, timestr, user_name);
|
|
|
a2b174 |
+ (void) fprintf(mail, "\n\n%s : %s : %s : ", user_host, timestr, sudo_user_name);
|
|
|
a2b174 |
va_start(ap, fmt);
|
|
|
a2b174 |
(void) vfprintf(mail, fmt, ap);
|
|
|
a2b174 |
va_end(ap);
|
|
|
a2b174 |
diff --git a/plugins/sudoers/sudoers.h b/plugins/sudoers/sudoers.h
|
|
|
a2b174 |
index cfd5abb..c69a043 100644
|
|
|
a2b174 |
--- a/plugins/sudoers/sudoers.h
|
|
|
a2b174 |
+++ b/plugins/sudoers/sudoers.h
|
|
|
a2b174 |
@@ -180,6 +180,7 @@ struct sudo_user {
|
|
|
a2b174 |
/*
|
|
|
a2b174 |
* Shortcuts for sudo_user contents.
|
|
|
a2b174 |
*/
|
|
|
a2b174 |
+#define sudo_user_name (sudo_user.pw->pw_name)
|
|
|
a2b174 |
#define user_name (sudo_user.name)
|
|
|
a2b174 |
#define user_uid (sudo_user.uid)
|
|
|
a2b174 |
#define user_gid (sudo_user.gid)
|
|
|
a2b174 |
--
|
|
|
a2b174 |
2.7.4
|
|
|
a2b174 |
|