[Bug 125] with BSM auditing, cron editing thru ssh session causes cron jobs to fail
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Jun 1 08:36:59 EST 2004
http://bugzilla.mindrot.org/show_bug.cgi?id=125
------- Additional Comments From djm at mindrot.org 2004-06-01 08:36 -------
(From update of attachment 647)
>+#ifdef AUDIT_EVENTS
>+ PRIVSEP(audit_event(LOGIN_EXCEED_MAXTRIES));
>+#endif
How about removing the #ifdefs and just making audit_event a no-op for the
non-audit case?
>Index: sshaudit.h
>===================================================================
>RCS file: sshaudit.h
>diff -N sshaudit.h
>--- /dev/null 1 Jan 1970 00:00:00 -0000
>+++ sshaudit.h 31 May 2004 12:10:20 -0000
>@@ -0,0 +1,22 @@
>+#include "auth.h"
>+
>+#ifndef SSHAUDIT_H
>+# define SSHAUDIT_H
>+enum audit_event_type {
>+ AUTH_FAILED, /* ? */
>+ LOGIN_SUCCESS,
>+ LOGIN_EXCEED_MAXTRIES,
>+ LOGIN_FAIL_BADPW,
>+ ILLEGAL_USER,
>+ ROOT_NOT_CONSOLE,
>+ NOLOGIN,
>+ LOGOUT
>+};
indenting looks wonky here
>+#if defined(HAVE_GETAUDIT_ADDR)
>+ (void) aug_get_machine(sav_host, &sav_machine[0], &sav_iptype);
>+ debug3("BSM audit: sav_iptype=%ld", (long)sav_iptype);
>+#else
>+ ia = inet_addr(host);
>+ memcpy(&sav_machine[0], &ia, sizeof(sav_machine[0]));
>+ sav_iptype = 0; /* not used, but just in case */
>+#endif
How does this cope with INET6 addresses? or is this code path only taken when
the machine is old ipv4 API only?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list