Date: Sat, 4 Apr 2009 20:58:18 +0000 (UTC) From: "Christian S.J. Peron" <csjp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r190700 - head/usr.bin/su Message-ID: <200904042058.n34KwIjC080902@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: csjp Date: Sat Apr 4 20:58:18 2009 New Revision: 190700 URL: http://svn.freebsd.org/changeset/base/190700 Log: Fixup the parameters to audit_submit(3) the order is errno then return value. This bug went un-noticed for so long because EPERM == 1 MFC after: 1 week Spotted by: sson, rwatson Modified: head/usr.bin/su/su.c Modified: head/usr.bin/su/su.c ============================================================================== --- head/usr.bin/su/su.c Sat Apr 4 20:08:08 2009 (r190699) +++ head/usr.bin/su/su.c Sat Apr 4 20:58:18 2009 (r190700) @@ -231,7 +231,7 @@ main(int argc, char *argv[]) if (strlen(user) > MAXLOGNAME - 1) { #ifdef USE_BSM_AUDIT if (audit_submit(AUE_su, auid, - 1, EPERM, "username too long: '%s'", user)) + EPERM, 1, "username too long: '%s'", user)) errx(1, "Permission denied"); #endif errx(1, "username too long"); @@ -264,7 +264,7 @@ main(int argc, char *argv[]) pwd = getpwuid(ruid); if (pwd == NULL) { #ifdef USE_BSM_AUDIT - if (audit_submit(AUE_su, auid, 1, EPERM, + if (audit_submit(AUE_su, auid, EPERM, 1, "unable to determine invoking subject: '%s'", username)) errx(1, "Permission denied"); #endif @@ -305,7 +305,7 @@ main(int argc, char *argv[]) retcode = pam_authenticate(pamh, 0); if (retcode != PAM_SUCCESS) { #ifdef USE_BSM_AUDIT - if (audit_submit(AUE_su, auid, 1, EPERM, "bad su %s to %s on %s", + if (audit_submit(AUE_su, auid, EPERM, 1, "bad su %s to %s on %s", username, user, mytty)) errx(1, "Permission denied"); #endif @@ -326,7 +326,7 @@ main(int argc, char *argv[]) pwd = getpwnam(user); if (pwd == NULL) { #ifdef USE_BSM_AUDIT - if (audit_submit(AUE_su, auid, 1, EPERM, + if (audit_submit(AUE_su, auid, EPERM, 1, "unknown subject: %s", user)) errx(1, "Permission denied"); #endif @@ -342,7 +342,7 @@ main(int argc, char *argv[]) aerr = pam_strerror(pamh, retcode); if (aerr == NULL) aerr = "Unknown PAM error"; - if (audit_submit(AUE_su, auid, 1, EPERM, + if (audit_submit(AUE_su, auid, EPERM, 1, "pam_chauthtok: %s", aerr)) errx(1, "Permission denied"); #endif @@ -353,7 +353,7 @@ main(int argc, char *argv[]) } if (retcode != PAM_SUCCESS) { #ifdef USE_BSM_AUDIT - if (audit_submit(AUE_su, auid, 1, EPERM, "pam_acct_mgmt: %s", + if (audit_submit(AUE_su, auid, EPERM, 1, "pam_acct_mgmt: %s", pam_strerror(pamh, retcode))) errx(1, "Permission denied"); #endif @@ -368,7 +368,7 @@ main(int argc, char *argv[]) else { if (ruid != 0) { #ifdef USE_BSM_AUDIT - if (audit_submit(AUE_su, auid, 1, EPERM, + if (audit_submit(AUE_su, auid, EPERM, 1, "only root may use -c")) errx(1, "Permission denied"); #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200904042058.n34KwIjC080902>