+ sudoers_setlocale(oldlocale, NULL);
+ }
+ debug_return;
+}
+
+/*
+ * Log and audit that user was not allowed to run the command.
+ */
+void
+log_failure(int status, int flags)
+{
+ bool inform_user = true;
+ debug_decl(log_failure, SUDO_DEBUG_LOGGING)
+
+ /* The user doesn't always get to see the log message (path info). */
+ if (!ISSET(status, FLAG_NO_USER | FLAG_NO_HOST) && def_path_info &&
+ (flags == NOT_FOUND_DOT || flags == NOT_FOUND))
+ inform_user = false;
+ log_denial(status, inform_user);
+
+ if (!inform_user) {
+ /*
+ * We'd like to not leak path info at all here, but that can
+ * *really* confuse the users. To really close the leak we'd
+ * have to say "not allowed to run foo" even when the problem
+ * is just "no foo in path" since the user can trivially set
+ * their path to just contain a single dir.
+ */
+ if (flags == NOT_FOUND)
+ warningx(_("%s: command not found"), user_cmnd);
+ else if (flags == NOT_FOUND_DOT)
+ warningx(_("ignoring `%s' found in '.'\nUse `sudo ./%s' if this is the `%s' you wish to run."), user_cmnd, user_cmnd, user_cmnd);
+ }
+
+ debug_return;
+}
+
+/*
+ * Log and audit that user was not able to authenticate themselves.
+ */
+void
+log_auth_failure(int status, int tries)
+{
+ int flags = NO_MAIL;
+ debug_decl(log_auth_failure, SUDO_DEBUG_LOGGING)
+
+ /* Handle auditing first. */
+ audit_failure(NewArgv, N_("authentication failure"));
+
+ /*
+ * Do we need to send mail?
+ * We want to avoid sending multiple messages for the same command
+ * so if we are going to send an email about the denial, that takes
+ * precedence.
+ */
+ if (ISSET(status, VALIDATE_OK)) {
+ /* Command allowed, auth failed; do we need to send mail? */
+ if (def_mail_badpass || def_mail_always)
+ flags = 0;
+ } else {
+ /* Command denied, auth failed; make sure we don't send mail twice. */
+ if (def_mail_badpass && !should_mail(status))
+ flags = 0;
+ /* Don't log the bad password message, we'll log a denial instead. */
+ flags |= NO_LOG;