[sudo-workers] sudoreplay & sudo command in a pipe line

V S, Nagendra (Nonstop Filesystems Team) nagendra.vs at hpe.com
Wed Nov 30 00:44:48 MST 2016 

Thanks a lot Todd for the information. Will this change be part of next upstream release?

> -----Original Message-----
> From: Todd C. Miller [mailto:Todd.Miller at courtesan.com]
> Sent: Tuesday, November 29, 2016 9:40 PM
> To: V S, Nagendra (Nonstop Filesystems Team) <nagendra.vs at hpe.com>
> Cc: sudo-workers at sudo.ws
> Subject: Re: [sudo-workers] sudoreplay & sudo command in a pipe line
> 
> The data is logged to the "stdin" file but sudoreplay does not
> currently use that file for display purposes.  You generally don't
> want the pipe input displayed for commands like "sudo tar xf -" but
> I can see how it would be useful in your case.
> 
> The best thing to do is probably to allow "stdin" in the filter for
> sudoreplay's -f option, which the below diff will do.  Be aware
> that the input and output will not line up the same way they do
> when input is via a tty.  Due to pipe buffering, the input is
> received before the program actually reads it.
> 
> So, given your test program:
> 
> $ sudo sudoreplay -f stdin,stdout,stderr,ttyout 000A60
> Replaying sudo session: /tmp/test.sh
> welcome
>      Enter a input:All done.
> 
> As you can see, "welcome" is displayed first since that is when it
> was received.
> 
>  - todd
> 
> diff -r 8a4ab570d132 plugins/sudoers/sudoreplay.c
> --- a/plugins/sudoers/sudoreplay.c	Mon Nov 28 10:47:09 2016 -0700
> +++ b/plugins/sudoers/sudoreplay.c	Tue Nov 29 09:04:36 2016 -0700
> @@ -222,10 +222,14 @@
>  	    /* Set the replay filter. */
>  	    def_filter = false;
>  	    for (cp = strtok_r(optarg, ",", &ep); cp; cp = strtok_r(NULL, ",",
> &ep)) {
> -		if (strcmp(cp, "stdout") == 0)
> +		if (strcmp(cp, "stdin") == 0)
> +		    io_log_files[IOFD_STDIN].enabled = true;
> +		else if (strcmp(cp, "stdout") == 0)
>  		    io_log_files[IOFD_STDOUT].enabled = true;
>  		else if (strcmp(cp, "stderr") == 0)
>  		    io_log_files[IOFD_STDERR].enabled = true;
> +		else if (strcmp(cp, "ttyin") == 0)
> +		    io_log_files[IOFD_TTYIN].enabled = true;
>  		else if (strcmp(cp, "ttyout") == 0)
>  		    io_log_files[IOFD_TTYOUT].enabled = true;
>  		else

More information about the sudo-workers mailing list