Date: Sun, 5 Apr 2009 20:40:36 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: "Christian S.J. Peron" <csjp@FreeBSD.org> Cc: Perforce Change Reviews <perforce@freebsd.org> Subject: Re: PERFORCE change 160214 for review Message-ID: <alpine.BSF.2.00.0904052038150.30930@fledge.watson.org> In-Reply-To: <200904042122.n34LMuc6029648@repoman.freebsd.org> References: <200904042122.n34LMuc6029648@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 4 Apr 2009, Christian S.J. Peron wrote: > - if (getaudit_addr(&aia, sizeof(aia) < 0) > + error = getaudit_addr(&aia, sizeof(aia)); > + if (error < 0 && errno == ENOSYS) { > + error = getaudit(&ai); > + if (error < 0) > + err(1, "getaudit"); > + aid = ai.ai_auid; > + } else if (error < 0) > err(1, "getaudit_addr"); > - error = audit_submit(AUE_su, aia.ai_auid, EPERM, 1, > + else > + aid = aia.ai_auid; > + error = audit_submit(AUE_su, aid, EPERM, 1, > "bad su from %s to %s", from_login, to_login); Something like this would be simpler, given that all they need is the auid: error = getauid(&auid); if (error == 0) { if (audit_submit(AUE_su, auid, EPERM, 1, "bad su from %s to %s", from_login, to_login) < < 0) err(1 "audit_submit"); } else if (errno != ENOSYS) err(1, "getauid"); But then I'd explicitly point out that it's safe to call audit_submit() with an invalid auid. Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.0904052038150.30930>