bash-3.2-audit.patch 2.65 KB
Newer Older
distrobuild-bot's avatar
distrobuild-bot committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
diff -up bash-4.2/config.h.in.audit bash-4.2/config.h.in
--- bash-4.2/config.h.in.audit	2013-01-31 16:26:16.857698992 +0100
+++ bash-4.2/config.h.in	2013-01-31 16:26:16.876699255 +0100
@@ -1131,6 +1131,14 @@
 
 /* End additions for lib/intl */
 
+
+/* Additions for lib/readline */
+
+/* Define if you have <linux/audit.h> and it defines AUDIT_USER_TTY */
+#undef HAVE_DECL_AUDIT_USER_TTY
+
+/* End additions for lib/readline */
+
 #include "config-bot.h"
 
 #endif /* _CONFIG_H_ */
diff -up bash-4.2/configure.in.audit bash-4.2/configure.in
--- bash-4.2/configure.in.audit	2013-01-31 16:26:16.858699005 +0100
+++ bash-4.2/configure.ac	2013-01-31 16:26:16.877699269 +0100
@@ -888,6 +888,8 @@ BASH_FUNC_DUP2_CLOEXEC_CHECK
 BASH_SYS_PGRP_SYNC
 BASH_SYS_SIGNAL_VINTAGE
 
+AC_CHECK_DECLS([AUDIT_USER_TTY],,, [[#include <linux/audit.h>]])
+
 dnl checking for the presence of certain library symbols
 BASH_SYS_ERRLIST
 BASH_SYS_SIGLIST
diff -up bash-4.2/lib/readline/readline.c.audit bash-4.2/lib/readline/readline.c
--- bash-4.2/lib/readline/readline.c.audit	2013-01-31 16:26:16.871699185 +0100
+++ bash-4.2/lib/readline/readline.c	2013-01-31 17:24:23.902744860 +0100
@@ -55,6 +55,12 @@
 extern int errno;
 #endif /* !errno */
 
+#if defined (HAVE_DECL_AUDIT_USER_TTY)
+#  include <sys/socket.h>
+#  include <linux/audit.h>
+#  include <linux/netlink.h>
+#endif
+
 /* System-specific feature definitions and include files. */
 #include "rldefs.h"
 #include "rlmbutil.h"
@@ -301,7 +307,48 @@ rl_set_prompt (prompt)
   rl_visible_prompt_length = rl_expand_prompt (rl_prompt);
   return 0;
 }
-  
+
+#if defined (HAVE_DECL_AUDIT_USER_TTY)
+/* Report STRING to the audit system. */
+static void
+audit_tty (char *string)
+{
+  struct sockaddr_nl addr;
+  struct msghdr msg;
+  struct nlmsghdr nlm;
+  struct iovec iov[2];
+  size_t size;
+  int fd;
+
+  size = strlen (string) + 1;
+  fd = socket (AF_NETLINK, SOCK_RAW, NETLINK_AUDIT);
+  if (fd < 0)
+    return;
+  nlm.nlmsg_len = NLMSG_LENGTH (size);
+  nlm.nlmsg_type = AUDIT_USER_TTY;
+  nlm.nlmsg_flags = NLM_F_REQUEST;
+  nlm.nlmsg_seq = 0;
+  nlm.nlmsg_pid = 0;
+  iov[0].iov_base = &nlm;
+  iov[0].iov_len = sizeof (nlm);
+  iov[1].iov_base = string;
+  iov[1].iov_len = size;
+  addr.nl_family = AF_NETLINK;
+  addr.nl_pad = 0;
+  addr.nl_pid = 0;
+  addr.nl_groups = 0;
+  msg.msg_name = &addr;
+  msg.msg_namelen = sizeof (addr);
+  msg.msg_iov = iov;
+  msg.msg_iovlen = 2;
+  msg.msg_control = NULL;
+  msg.msg_controllen = 0;
+  msg.msg_flags = 0;
+  (void)sendmsg (fd, &msg, 0);
+  close (fd);
+}
+#endif
+
 /* Read a line of input.  Prompt with PROMPT.  An empty PROMPT means
    none.  A return value of NULL means that EOF was encountered. */
 char *