Date: Sun, 5 Apr 2009 20:40:36 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: "Christian S.J. Peron" <csjp@FreeBSD.org> Cc: Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 160214 for review Message-ID: <alpine.BSF.2.00.0904052038150.30930@fledge.watson.org> In-Reply-To: <200904042122.n34LMuc6029648@repoman.freebsd.org> References: <200904042122.n34LMuc6029648@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Apr 2009, Christian S.J. Peron wrote:
> - if (getaudit_addr(&aia, sizeof(aia) < 0)
> + error = getaudit_addr(&aia, sizeof(aia));
> + if (error < 0 && errno == ENOSYS) {
> + error = getaudit(&ai);
> + if (error < 0)
> + err(1, "getaudit");
> + aid = ai.ai_auid;
> + } else if (error < 0)
> err(1, "getaudit_addr");
> - error = audit_submit(AUE_su, aia.ai_auid, EPERM, 1,
> + else
> + aid = aia.ai_auid;
> + error = audit_submit(AUE_su, aid, EPERM, 1,
> "bad su from %s to %s", from_login, to_login);
Something like this would be simpler, given that all they need is the auid:
error = getauid(&auid);
if (error == 0) {
if (audit_submit(AUE_su, auid, EPERM, 1,
"bad su from %s to %s", from_login, to_login) < < 0)
err(1 "audit_submit");
} else if (errno != ENOSYS)
err(1, "getauid");
But then I'd explicitly point out that it's safe to call audit_submit() with
an invalid auid.
Robert N M Watson
Computer Laboratory
University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0904052038150.30930>