Skip to content

Commit 704b23c

Browse files
committed
sudo: enhanced patchset
1 parent 9bde950 commit 704b23c

File tree

7 files changed

+70
-58
lines changed

7 files changed

+70
-58
lines changed

build/sudo/build.sh

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
#!/usr/bin/bash
22
#
3-
# CDDL HEADER START
3+
# {{{ CDDL HEADER START
44
#
55
# The contents of this file are subject to the terms of the
66
# Common Development and Distribution License, Version 1.0 only
@@ -18,8 +18,7 @@
1818
# fields enclosed by brackets "[]" replaced with your own identifying
1919
# information: Portions Copyright [yyyy] [name of copyright owner]
2020
#
21-
# CDDL HEADER END
22-
#
21+
# CDDL HEADER END }}}
2322
#
2423
# Copyright 2011-2012 OmniTI Computer Consulting, Inc. All rights reserved.
2524
# Use is subject to license terms.
@@ -77,4 +76,4 @@ make_package
7776
clean_up
7877

7978
# Vim hints
80-
# vim:ts=4:sw=4:et:
79+
# vim:ts=4:sw=4:et:fdm=marker

build/sudo/patches/Makefile.in.patch

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
1-
--- sudo-1.8.20p2/Makefile.in Wed May 10 17:38:43 2017
2-
+++ sudo-1.8.20p2/Makefile.in Sun Jul 9 17:06:55 2017
3-
@@ -63,7 +63,6 @@
1+
diff -pruN '--exclude=*.orig' sudo-1.8.21p2~/Makefile.in sudo-1.8.21p2/Makefile.in
2+
--- sudo-1.8.21p2~/Makefile.in 2017-08-23 20:07:28.000000000 +0000
3+
+++ sudo-1.8.21p2/Makefile.in 2017-12-03 17:16:12.659692940 +0000
4+
@@ -63,7 +63,6 @@ SHELL = @SHELL@
45
SED = @SED@
56

67
INSTALL = $(SHELL) $(top_srcdir)/install-sh -c

build/sudo/patches/audit-event.patch

Lines changed: 51 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,66 @@
1-
--- sudo-1.8.20p2/plugins/sudoers/bsm_audit.c Sun Jul 9 12:35:16 2017
2-
+++ sudo-1.8.20p2/plugins/sudoers/bsm_audit.c Sun Jul 9 12:34:08 2017
3-
@@ -34,6 +34,7 @@
4-
1+
diff -pruN '--exclude=*.orig' sudo-1.8.21p2~/plugins/sudoers/bsm_audit.c sudo-1.8.21p2/plugins/sudoers/bsm_audit.c
2+
--- sudo-1.8.21p2~/plugins/sudoers/bsm_audit.c 2017-08-23 20:07:28.000000000 +0000
3+
+++ sudo-1.8.21p2/plugins/sudoers/bsm_audit.c 2017-12-03 17:16:10.173597057 +0000
4+
@@ -35,6 +35,8 @@
55
#include "sudoers.h"
66
#include "bsm_audit.h"
7+
78
+#define AUE_sudo 6650
8-
9+
+
910
/*
1011
* Solaris auditon() returns EINVAL if BSM audit not configured.
11-
@@ -163,11 +164,7 @@
12+
* OpenBSM returns ENOSYS for unimplemented options.
13+
@@ -140,7 +142,7 @@ bsm_audit_success(char *exec_args[])
14+
pid = getpid();
15+
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
16+
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
17+
- getuid(), pid, pid, &ainfo_addr.ai_termid);
18+
+ getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
19+
#ifdef BSM_AUDIT_COMPAT
20+
} else if (errno == ENOSYS) {
21+
/*
22+
@@ -151,7 +153,7 @@ bsm_audit_success(char *exec_args[])
23+
debug_return_int(-1);
24+
}
25+
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
26+
- getuid(), pid, pid, &ainfo.ai_termid);
27+
+ getuid(), pid, ainfo_addr.ai_asid, &ainfo.ai_termid);
28+
#endif /* BSM_AUDIT_COMPAT */
29+
} else {
30+
sudo_warn("getaudit_addr");
31+
@@ -174,7 +176,7 @@ bsm_audit_success(char *exec_args[])
1232
debug_return_int(-1);
1333
}
1434
au_write(aufd, tok);
1535
-#ifdef __sun
16-
- if (au_close(aufd, 1, sudo_audit_event, 0) == -1)
17-
-#else
36+
+#ifndef __sun
37+
if (au_close(aufd, 1, sudo_audit_event, 0) == -1)
38+
#else
1839
if (au_close(aufd, 1, sudo_audit_event) == -1)
19-
-#endif
20-
{
21-
sudo_warn(U_("unable to commit audit record"));
22-
debug_return_int(-1);
23-
@@ -251,11 +248,7 @@
40+
@@ -226,7 +228,7 @@ bsm_audit_failure(char *exec_args[], cha
41+
pid = getpid();
42+
if (getaudit_addr(&ainfo_addr, sizeof(ainfo_addr)) == 0) {
43+
tok = au_to_subject_ex(auid, geteuid(), getegid(), getuid(),
44+
- getuid(), pid, pid, &ainfo_addr.ai_termid);
45+
+ getuid(), pid, ainfo_addr.ai_asid, &ainfo_addr.ai_termid);
46+
#ifdef BSM_AUDIT_COMPAT
47+
} else if (errno == ENOSYS) {
48+
if (getaudit(&ainfo) < 0) {
49+
@@ -234,7 +236,7 @@ bsm_audit_failure(char *exec_args[], cha
50+
debug_return_int(-1);
51+
}
52+
tok = au_to_subject(auid, geteuid(), getegid(), getuid(),
53+
- getuid(), pid, pid, &ainfo.ai_termid);
54+
+ getuid(), pid, ainfo_addr.ai_asid, &ainfo.ai_termid);
55+
#endif /* BSM_AUDIT_COMPAT */
56+
} else {
57+
sudo_warn("getaudit_addr");
58+
@@ -264,7 +266,7 @@ bsm_audit_failure(char *exec_args[], cha
2459
debug_return_int(-1);
2560
}
2661
au_write(aufd, tok);
2762
-#ifdef __sun
28-
- if (au_close(aufd, 1, sudo_audit_event, PAD_FAILURE) == -1)
29-
-#else
63+
+#ifndef __sun
64+
if (au_close(aufd, 1, sudo_audit_event, PAD_FAILURE) == -1)
65+
#else
3066
if (au_close(aufd, 1, sudo_audit_event) == -1)
31-
-#endif
32-
{
33-
sudo_warn(U_("unable to commit audit record"));
34-
debug_return_int(-1);

build/sudo/patches/gettext.patch

Lines changed: 0 additions & 10 deletions
This file was deleted.

build/sudo/patches/printflike.patch

Lines changed: 0 additions & 10 deletions
This file was deleted.

build/sudo/patches/series

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,3 @@
11
audit-event.patch
2-
printflike.patch
3-
gettext.patch
42
sudo_edit.c.patch
53
Makefile.in.patch

build/sudo/patches/sudo_edit.c.patch

Lines changed: 12 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,16 @@
1-
--- sudo-1.8.20p2/src/sudo_edit.c Sat Jan 14 05:30:15 2017
2-
+++ sudo-1.8.20p2/src/sudo_edit.c Sun Jul 9 15:19:35 2017
3-
@@ -377,9 +377,9 @@
1+
diff -pruN '--exclude=*.orig' sudo-1.8.21p2~/src/sudo_edit.c sudo-1.8.21p2/src/sudo_edit.c
2+
--- sudo-1.8.21p2~/src/sudo_edit.c 2017-08-23 20:07:28.000000000 +0000
3+
+++ sudo-1.8.21p2/src/sudo_edit.c 2017-12-03 17:16:12.595790252 +0000
4+
@@ -374,6 +374,12 @@ dir_is_writable(int dfd, struct user_det
45
* Directory open flags for use with openat(2).
56
* Use O_SEARCH/O_PATH and/or O_DIRECTORY where possible.
67
*/
7-
-#if defined(O_SEARCH)
8-
+#if defined(O_SEARCH) && defined(O_DIRECTORY)
8+
+#ifdef __sun
9+
+#ifndef O_DIRECTORY
10+
+#define O_DIRECTORY 0
11+
+#endif
12+
+#endif
13+
+
14+
#if defined(O_SEARCH)
915
# define DIR_OPEN_FLAGS (O_SEARCH|O_DIRECTORY)
10-
-#elif defined(O_PATH)
11-
+#elif defined(O_PATH) && defined(O_DIRECTORY)
12-
# define DIR_OPEN_FLAGS (O_PATH|O_DIRECTORY)
13-
#elif defined(O_DIRECTORY)
14-
# define DIR_OPEN_FLAGS (O_RDONLY|O_DIRECTORY)
16+
#elif defined(O_PATH)

0 commit comments

Comments
 (0)