Sun Country's Weblog

The Makefile for pfexec is at:

http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/pfexec/Makefile

The actual code for pfexec is at:

http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/pfexec/pfexec.c

If you look at the top bar you will notice a link that says "Download".

Click on the link and it will download the code to your computer.

Modify the Makefile

The first thing that I did was to remove the two extraneous lines from the makefile.

These are:

include ../Makefile.cmd

include ../Makefile.targ

I searched around for the files but never could find them and pfexec seems to run fine without them.

Next you need to modify the main section of the pfexec source code.

In the #include section add:

#include<syslog.h>

At line 166 it says:

(void) execvp(cmd, cmdargs);

You can check the manpages if you wish to see what execvp actually does.

So just before the execvp command add the following three lines:

openlog (“pfexec”, LOG_PID, LOG_AUTH);
syslog (LOG_NOTICE, “%s started by pfexec” , cmd );
closelog ();

Then it looks like:

(void) setreuid(uid, uid);

openlog (“pfexec”, LOG_PID, LOG_AUTH);
syslog (LOG_NOTICE, “%s started by pfexec” , cmd );
closelog ();

(void) execvp(cmd, cmdargs);

and the last change is on line 182.

Do the same routine. So it looks like:

exit(EXIT_FAILURE);

openlog (“pfexec”, LOG_PID, LOG_AUTH);
syslog (LOG_NOTICE, “%s started by pfexec”, cmd );
closelog ();

(void) execv(cmd, cmdargs);

To compile I just used Sun Studio 12.1.

unset CFLAGS, CPPFLAGS, LDFLAGS; make

Be sure to set the mode to 4555 and the owner to root:bin. Verify this against the pfexec installed onto the system by default.

After that backup the current pfexec and then copy the new binary to /usr/bin/pfexec.

Then all successful commands started via pfexec are logged to auth.notice through syslog.

Original content – no link

alan