Bug 103

Summary: syslog ID/daemon given to openlog() in logging.c
Product: Sudo Reporter: dbrenner <dbrenner>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: enhancement    
Priority: normal    
Version: 1.6.6   
Hardware: IBM   
OS: AIX   

Description dbrenner 2003-03-26 10:27:25 MST 
compiled on IBM AIX 5.1 and 4.3

If someone invokes sudo with a full pathname (e.g., /usr/local/bin/sudo) 
instead of using their PATH, the full pathname appears in syslog.

I'm not certain if this is be design or could be considered a bug.  In our 
environment, I'd rather just have the final path component logged.

I suspect adding some code like this to logging.c would log just the command 
name instead of the full path. (Untested code.)

#ifdef LOG_NFACILITIES
    char *argv0;
    if ((argv0 = strrchr(Argv[0],'/') == NULL)
       argv0 = Argv[0];
    openlog(argv0, 0, def_ival(I_LOGFAC));
#else
    openlog(argv0, 0);
#endif

Is this something that might be considered for addition to the code or perhaps 
as a configuration option?

I apologize if this has been discussed before.  I didn't see anything in the 
sudo bug database about syslog.  Thanks.
Comment 1 Todd C. Miller 2003-03-26 11:00:59 MST 
Hmm, I could have sworn that there was code to the equivalent of a basename() but apparently not.  It's too late to change this for sudo 1.6.7 but I'll change things for sudo 1.6.8 and use __progname if it exists as well.
Comment 2 Todd C. Miller 2003-04-05 12:47:56 MST 
The next release of sudo will hard-code the string passed to openlog to "sudo" since basing it on argv[0] allows the invoking user to place whatever he/she wants there, potentially causing problems for admins using log greppers as well as syslog daemons that can use this field.