From owner-p4-projects@FreeBSD.ORG  Sun Apr  5 19:40:37 2009
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 72FD5106568A; Sun,  5 Apr 2009 19:40:37 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 264261065686;
	Sun,  5 Apr 2009 19:40:37 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42])
	by mx1.freebsd.org (Postfix) with ESMTP id F2F698FC0A;
	Sun,  5 Apr 2009 19:40:36 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [65.122.17.41])
	by cyrus.watson.org (Postfix) with ESMTPS id 7A14F46B98;
	Sun,  5 Apr 2009 15:40:36 -0400 (EDT)
Date: Sun, 5 Apr 2009 20:40:36 +0100 (BST)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: "Christian S.J. Peron" <csjp@FreeBSD.org>
In-Reply-To: <200904042122.n34LMuc6029648@repoman.freebsd.org>
Message-ID: <alpine.BSF.2.00.0904052038150.30930@fledge.watson.org>
References: <200904042122.n34LMuc6029648@repoman.freebsd.org>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Perforce Change Reviews <perforce@freebsd.org>
Subject: Re: PERFORCE change 160214 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Apr 2009 19:40:39 -0000


On Sat, 4 Apr 2009, Christian S.J. Peron wrote:

> -	if (getaudit_addr(&aia, sizeof(aia) < 0)
> +	error = getaudit_addr(&aia, sizeof(aia));
> +	if (error < 0 && errno == ENOSYS) {
> +		error = getaudit(&ai);
> +		if (error < 0)
> +			err(1, "getaudit");
> +		aid = ai.ai_auid;
> +	} else if (error < 0)
> 		err(1, "getaudit_addr");
> -	error = audit_submit(AUE_su, aia.ai_auid, EPERM, 1,
> +	else
> +		aid = aia.ai_auid;
> +	error = audit_submit(AUE_su, aid, EPERM, 1,
> 	    "bad su from %s to %s", from_login, to_login);

Something like this would be simpler, given that all they need is the auid:

error = getauid(&auid);
if (error == 0) {
 	if (audit_submit(AUE_su, auid, EPERM, 1,
 	    "bad su from %s to %s", from_login, to_login) < < 0)
 		err(1 "audit_submit");
} else if (errno != ENOSYS)
 	err(1, "getauid");

But then I'd explicitly point out that it's safe to call audit_submit() with 
an invalid auid.

Robert N M Watson
Computer Laboratory
University of Cambridge