mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-28 12:57:50 +00:00
Code Issues Releases Wiki Activity

Background processes started by the command will no longer receive

Browse Source 
SIGHUP.
This commit is contained in:
Todd C. Miller 2017-12-01 13:53:09 -07:00
parent b561d0d7dd
commit c2eee7904d
3 changed files with 26 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
doc/sudo.cat
View File

@ -401,30 +401,20 @@ CCOOMMMMAANNDD EEXXEECCUUTTIIOONN
POSIX terms an "orphaned process group" and it would not receive any job POSIX terms an "orphaned process group" and it would not receive any job
control signals from the kernel. When the command exits or is terminated control signals from the kernel. When the command exits or is terminated
by a signal, the _m_o_n_i_t_o_r passes the command's exit status to the main by a signal, the _m_o_n_i_t_o_r passes the command's exit status to the main
ssuuddoo process and exits. On most systems, processes created by the ssuuddoo process and exits. After receiving the command's exit status, the
command that are still running in the background when the command exits main ssuuddoo passes the command's exit status to the security policy's close
and that have not changed their session will receive the SIGHUP signal function and exits.
when the monitor exits, since it is the terminal session leader. To
prevent this from happening, background processes started by the command
can be invoked via the nohup(1) command to ignore SIGHUP. Alternately,
some systems provide a setsid(1) command which can be used to run the
command in a new session. In both cases, there is a potential race
condition where the command being run via ssuuddoo could exit before nohup(1)
or setsid(1) have time to complete their setup.
If no pty is used, ssuuddoo calls fork(2), sets up the execution environment If no pty is used, ssuuddoo calls fork(2), sets up the execution environment
as described above, and uses the execve(2) system call to run the command as described above, and uses the execve(2) system call to run the command
in the child process. in the child process. The main ssuuddoo process waits until the command has
completed, then passes the command's exit status to the security policy's
In both cases, the main ssuuddoo process waits until the command (or monitor) close function and exits. As a special case, if the policy plugin does
has completed, then passes the command's exit status to the security not define a close function, ssuuddoo will execute the command directly
policy's close function and exits. As a special case, if the policy instead of calling fork(2) first. The _s_u_d_o_e_r_s policy plugin will only
plugin does not define a close function and no pty is required, ssuuddoo will define a close function when I/O logging is enabled, a pty is required,
execute the command directly instead of calling fork(2) first. The or the _p_a_m___s_e_s_s_i_o_n or _p_a_m___s_e_t_c_r_e_d options are enabled. Note that
_s_u_d_o_e_r_s policy plugin will only define a close function when I/O logging _p_a_m___s_e_s_s_i_o_n and _p_a_m___s_e_t_c_r_e_d are enabled by default on systems using PAM.
is enabled, a pty is required, or the _p_a_m___s_e_s_s_i_o_n or _p_a_m___s_e_t_c_r_e_d options
are enabled. Note that _p_a_m___s_e_s_s_i_o_n and _p_a_m___s_e_t_c_r_e_d are enabled by
default on systems using PAM.
SSiiggnnaall hhaannddlliinngg SSiiggnnaall hhaannddlliinngg
When the command is run as a child of the ssuuddoo process, ssuuddoo will relay When the command is run as a child of the ssuuddoo process, ssuuddoo will relay
@ -665,4 +655,4 @@ DDIISSCCLLAAIIMMEERR
file distributed with ssuuddoo or https://www.sudo.ws/license.html for file distributed with ssuuddoo or https://www.sudo.ws/license.html for
complete details. complete details.
Sudo 1.8.21 November 29, 2017 Sudo 1.8.21 Sudo 1.8.21 December 1, 2017 Sudo 1.8.21

32
doc/sudo.man.in
View File

@ -21,7 +21,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\" .\"
.TH "SUDO" "8" "November 29, 2017" "Sudo @PACKAGE_VERSION@" "System Manager's Manual" .TH "SUDO" "8" "December 1, 2017" "Sudo @PACKAGE_VERSION@" "System Manager's Manual"
.nh .nh
.if n .ad l .if n .ad l
.SH "NAME" .SH "NAME"
@ -756,27 +756,10 @@ When the command exits or is terminated by a signal, the
passes the command's exit status to the main passes the command's exit status to the main
\fBsudo\fR \fBsudo\fR
process and exits. process and exits.
On most systems, processes created by the command that are still After receiving the command's exit status, the main
running in the background when the command exits and that have
not changed their session will receive the
\fRSIGHUP\fR
signal when the monitor exits, since it is the terminal session leader.
To prevent this from happening, background processes started by the command
can be invoked via the
nohup(1)
command to ignore
\fRSIGHUP\fR.
Alternately, some systems provide a
setsid(1)
command which can be used to run the command in a new session.
In both cases, there is a potential race condition where the
command being run via
\fBsudo\fR \fBsudo\fR
could exit before passes the command's exit status to the security policy's close function
nohup(1) and exits.
or
setsid(1)
have time to complete their setup.
.PP .PP
If no pty is used, If no pty is used,
\fBsudo\fR \fBsudo\fR
@ -785,13 +768,12 @@ fork(2),
sets up the execution environment as described above, and uses the sets up the execution environment as described above, and uses the
execve(2) execve(2)
system call to run the command in the child process. system call to run the command in the child process.
.PP The main
In both cases, the main
\fBsudo\fR \fBsudo\fR
process waits until the command (or monitor) has completed, then passes the process waits until the command has completed, then passes the
command's exit status to the security policy's close function and exits. command's exit status to the security policy's close function and exits.
As a special case, if the policy plugin does not define a close As a special case, if the policy plugin does not define a close
function and no pty is required, function,
\fBsudo\fR \fBsudo\fR
will execute the command directly instead of calling will execute the command directly instead of calling
fork(2) fork(2)

32
doc/sudo.mdoc.in
View File

@ -19,7 +19,7 @@
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512. .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\" .\"
.Dd November 29, 2017 .Dd December 1, 2017
.Dt SUDO @mansectsu@ .Dt SUDO @mansectsu@
.Os Sudo @PACKAGE_VERSION@ .Os Sudo @PACKAGE_VERSION@
.Sh NAME .Sh NAME
@ -685,27 +685,10 @@ When the command exits or is terminated by a signal, the
passes the command's exit status to the main passes the command's exit status to the main
.Nm .Nm
process and exits. process and exits.
On most systems, processes created by the command that are still After receiving the command's exit status, the main
running in the background when the command exits and that have
not changed their session will receive the
.Dv SIGHUP
signal when the monitor exits, since it is the terminal session leader.
To prevent this from happening, background processes started by the command
can be invoked via the
.Xr nohup 1
command to ignore
.Dv SIGHUP .
Alternately, some systems provide a
.Xr setsid 1
command which can be used to run the command in a new session.
In both cases, there is a potential race condition where the
command being run via
.Nm .Nm
could exit before passes the command's exit status to the security policy's close function
.Xr nohup 1 and exits.
or
.Xr setsid 1
have time to complete their setup.
.Pp .Pp
If no pty is used, If no pty is used,
.Nm .Nm
@ -714,13 +697,12 @@ calls
sets up the execution environment as described above, and uses the sets up the execution environment as described above, and uses the
.Xr execve 2 .Xr execve 2
system call to run the command in the child process. system call to run the command in the child process.
.Pp The main
In both cases, the main
.Nm .Nm
process waits until the command (or monitor) has completed, then passes the process waits until the command has completed, then passes the
command's exit status to the security policy's close function and exits. command's exit status to the security policy's close function and exits.
As a special case, if the policy plugin does not define a close As a special case, if the policy plugin does not define a close
function and no pty is required, function,
.Nm .Nm
will execute the command directly instead of calling will execute the command directly instead of calling
.Xr fork 2 .Xr fork 2