mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 09:57:41 +00:00
Code Issues Releases Wiki Activity

mon_handle_revoke: only send SIGHUP to the foreground process group.

Browse Source 
There's no need to signal both the foreground process group and the
command itself (if different).  This matches the behavior of the
session leader exiting, which is what we want to simulate.
This commit is contained in:
Todd C. Miller 2024-04-29 09:11:14 -06:00
parent a2d01a957d
commit 195b7c2bc6
1 changed files with 16 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/exec_monitor.c
View File

@ -312,42 +312,35 @@ mon_errsock_cb(int fd, int what, void *v)
/* /*
* Called when the user's terminal has gone away but before our pty is * Called when the user's terminal has gone away but before our pty is
* actually revoked. We simulate the effect of ioctl(TIOCNOTTY) on Linux * actually revoked. We simulate the effect of the session leader
* by sending SIGHUP and SIGCONT to the foreground process group. * (sudo) exiting by sending SIGHUP to the foreground process group.
* The monitor process will not actually exit until the command exits.
*/ */
static void static void
mon_handle_revoke(int fd, pid_t cmnd_pid, struct command_status *cstat) mon_handle_revoke(int fd, pid_t pgrp, struct command_status *cstat)
{ {
debug_decl(mon_handle_revoke, SUDO_DEBUG_EXEC); debug_decl(mon_handle_revoke, SUDO_DEBUG_EXEC);
/* /*
* Signal the foreground process group and the command's process group * Signal the foreground process group (or the command's process group
* (if different). We must do this before the pty is revoked be the * if no pty). We must do this before the pty is revoked by the main
* main sudo process so we can determine the foreground process group. * sudo process so we can determine the foreground process group.
* Otherwise, if the foreground process group is different from the * Otherwise, if the foreground process group is different from the
* command's process group it will not be signaled. * command's process group, it will not be signaled. This fixes a
* problem on Linux with, e.g. "sudo su" where su(1) blocks SIGHUP.
*/ */
if (io_fds[SFD_FOLLOWER] != -1) { if (io_fds[SFD_FOLLOWER] != -1) {
const pid_t pgrp = tcgetpgrp(io_fds[SFD_FOLLOWER]); const pid_t tcpgrp = tcgetpgrp(io_fds[SFD_FOLLOWER]);
if (pgrp != -1 && pgrp != cmnd_pid) { if (tcpgrp != -1)
sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGHUP)", pgrp = tcpgrp;
__func__, pgrp);
killpg(pgrp, SIGHUP);
sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGCONT)",
__func__, pgrp);
killpg(pgrp, SIGCONT);
}
} }
sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGHUP)", sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGHUP)",
__func__, cmnd_pid); __func__, pgrp);
killpg(cmnd_pid, SIGHUP); killpg(pgrp, SIGHUP);
sudo_debug_printf(SUDO_DEBUG_NOTICE, "%s: killpg(%d, SIGCONT)",
__func__, cmnd_pid);
killpg(cmnd_pid, SIGCONT);
/* /*
* Now that the running command as been signaled, tell the * Now that the foreground process as been signaled, send the
* parent it is OK to close the pty leader, revoking the pty. * parent CMD_REVOKE to close the pty leader, revoking the pty.
*/ */
send_status(fd, cstat); send_status(fd, cstat);
} }