On Tue, Oct 24, 2006 at 08:18:10AM +0000, Maxim Sobolev wrote: > sobomax 2006-10-24 08:18:10 UTC > > FreeBSD src repository > > Modified files: > usr.bin/su su.c > Log: > Ignore SIGSYS when BSM is compiled in. Otherwise, attempt to invoke su on > system that don't have audit framefork compiled into kernel or ia32 binary > on amd64 system will result in SIGSYS. There is one place in su.c itself > where it tries to check for errno != ENOSYS, but it has been a nop since su > does not catch SIGSYS anyway. There are few other places in libbsm, > where attempt to invoke audit syscal would result in SIGSYS if no audit > support is present in the kernel, so that the only reliable method for > now is to disable SIGSYS completely in the case when BSM is compiled in. > > In the long run, both direct invocation of audit-related syscalls and > libbsm should be made more intellegent to handle the case when BSM is not > compiled into the kernel gracefully. > > MFC after: 3 days > (provided re@ approval) > > Revision Changes Path > 1.82 +2 -0 src/usr.bin/su/su.c > I don't have "options AUDIT" compiled into my amd64/i386 kernels, and "truss su" shows this (on amd64):
: geteuid() = 0 (0x0)
: getauid(0x7fffffffe4fc) ERR#78 'Function not
implemented'
The audit_syscalls.c is always compiled in:
: # grep audit_syscalls /sys/conf/files
: security/audit/audit_syscalls.c standard
And in the "#else /* !AUDIT *" case, it just returns ENOSYS:
: int
: getauid(struct thread *td, struct getauid_args *uap)
: {
:
: return (ENOSYS);
: }
How that could result in SIGSYS, I don't get it?
Cheers,
--
Ruslan Ermilov
[EMAIL PROTECTED]
FreeBSD committer
pgpZRWc4TuwHx.pgp
Description: PGP signature
