From e86106f2e1f9a45039138aa7fbc1ee7d44f94659 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Tue, 7 Apr 2020 19:26:37 -0600
Subject: [PATCH] Create the pid file parent directory if it doesn't already
 exist. Also package the run directory in the sudo_logsrvd PolyPkg file.

---
 etc/sudo-logsrvd.pp |  3 ++-
 logsrvd/logsrvd.c   | 40 +++++++++++++++++++++++++++++++---------
 2 files changed, 33 insertions(+), 10 deletions(-)

diff --git a/etc/sudo-logsrvd.pp b/etc/sudo-logsrvd.pp
index b0ec93fd1..05da78fed 100644
--- a/etc/sudo-logsrvd.pp
+++ b/etc/sudo-logsrvd.pp
@@ -111,7 +111,7 @@ This makes it possible to have all sudo I/O logs on a central server."
 	# Package parent directories when not installing under /usr
 	if test "${prefix}" != "/usr"; then
 	    extradirs=`echo ${pp_destdir}${mandir}/[mc]* | sed "s#${pp_destdir}##g"`
-	    extradirs="$extradirs `dirname $docdir`"
+	    extradirs="$extradirs `dirname $docdir` `dirname $rundir`"
 	    test "`dirname $exampledir`" != "$docdir" && extradirs="$extradirs `dirname $exampledir`"
 	    for dir in $sbindir $extradirs; do
 		    while test "$dir" != "/"; do
@@ -148,6 +148,7 @@ This makes it possible to have all sudo I/O logs on a central server."
 %endif
 	$sbindir/sudo_logsrvd   0755 ignore-others
 	$mandir/man*/*logsrv*	0644 ignore-others
+	$rundir/		0711 root: ignore-others
 	$docdir/		0755 ignore-others
 	$exampledir/		0755 ignore-others
 	$exampledir/*logsrv*	0644 ignore-others
diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c
index 4e7369962..1cd7f11a6 100644
--- a/logsrvd/logsrvd.c
+++ b/logsrvd/logsrvd.c
@@ -1650,6 +1650,36 @@ logsrvd_cleanup(void)
     return;
 }
 
+/*
+ * Write the process ID into a file, typically /var/run/sudo/sudo_logsrvd.pid.
+ * If the parent directory doesn't exist, it will be created.
+ */
+static void
+write_pidfile(void)
+{
+    FILE *fp;
+    bool success;
+    char *pid_file = (char *)logsrvd_conf_pid_file();
+    debug_decl(write_pidfile, SUDO_DEBUG_UTIL);
+
+    /* sudo_mkdir_parents() modifies the path but restores it before return. */
+    success = sudo_mkdir_parents(pid_file, ROOT_UID, ROOT_GID,
+	S_IRWXU|S_IXGRP|S_IXOTH, false);
+    if (success) {
+	fp = fopen(logsrvd_conf_pid_file(), "w");
+	if (fp == NULL) {
+	    sudo_warn("%s", pid_file);
+	} else {
+	    fprintf(fp, "%u\n", (unsigned int)getpid());
+	    fflush(fp);
+	    if (ferror(fp))
+		sudo_warn("%s", pid_file);
+	    fclose(fp);
+	}
+    }
+    debug_return;
+}
+
 /*
  * Fork, detatch from the terminal and write pid file unless nofork set.
  */
@@ -1660,8 +1690,6 @@ daemonize(bool nofork)
     debug_decl(daemonize, SUDO_DEBUG_UTIL);
 
     if (!nofork) {
-	FILE *fp;
-
 	switch (fork()) {
 	case -1:
 	    sudo_fatal("fork");
@@ -1676,13 +1704,7 @@ daemonize(bool nofork)
 	/* detach from terminal and write pid file. */
 	if (setsid() == -1)
 	    sudo_fatal("setsid");
-	fp = fopen(logsrvd_conf_pid_file(), "w");
-	if (fp == NULL) {
-	    sudo_warn("%s", logsrvd_conf_pid_file());
-	} else {
-	    fprintf(fp, "%u\n", (unsigned int)getpid());
-	    fclose(fp);
-	}
+	write_pidfile();
     }
 
     if (chdir("/") == -1)