Add a plugin interface to sudo main event loop.

2019-11-15 13:36:01 -07:00
parent 58cede6fee
commit 5793023ffd
17 changed files with 1114 additions and 199 deletions
--- a/doc/sudo_plugin.man.in
+++ b/doc/sudo_plugin.man.in
@@ -16,7 +16,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.TH "SUDO_PLUGIN" "5" "October 20, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
+.TH "SUDO_PLUGIN" "5" "November 12, 2019" "Sudo @PACKAGE_VERSION@" "File Formats Manual"
 .nh
 .if n .ad l
 .SH "NAME"
@@ -88,6 +88,7 @@ struct policy_plugin {
       int (*register_hook)(struct sudo_hook *hook));
    void (*deregister_hooks)(int version,
       int (*deregister_hook)(struct sudo_hook *hook));
    struct sudo_plugin_event * (*event_alloc)(void);
 };
 .RE
 .fi
@@ -1154,17 +1155,9 @@ Privileges should be output via the
 or
 \fBplugin_printf\fR()
 function using
-\fRSUDO_CONV_INFO_MSG\fR,
+\fRSUDO_CONV_INFO_MSG\fR.
-.TP 6n
+.sp
-verbose
+The function arguments are as follows:
 Flag indicating whether to list in verbose mode or not.
 .TP 6n
 list_user
 The name of a different user to list privileges for if the policy
 allows it.
 If
 \fRNULL\fR,
 the plugin should list the privileges of the invoking user.
 .TP 6n
 argc
 The number of elements in
@@ -1183,6 +1176,16 @@ execve(2)
 system call.
 If the command is permitted by the policy, the fully-qualified path
 to the command should be displayed along with any command line arguments.
 .TP 6n
 verbose
 Flag indicating whether to list in verbose mode or not.
 .TP 6n
 list_user
 The name of a different user to list privileges for if the policy
 allows it.
 If
 \fRNULL\fR,
 the plugin should list the privileges of the invoking user.
 .PD 0
 .PP
 .RE
@@ -1442,6 +1445,44 @@ version 1.2 or higher,
 \fRderegister_hooks\fR
 will not be called.
 .RE
 .TP 6n
 event_alloc
 .nf
 .RS 6n
 struct sudo_plugin_event * (*event_alloc)(void);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBevent_alloc\fR()
 function is used to allocate a
 \fRstruct sudo_plugin_event\fR
 which provides access to the main
 \fBsudo\fR
 event loop.
 Unlike the other fields, the
 \fBevent_alloc\fR()
 pointer is filled in by the
 \fBsudo\fR
 front end, not by the plugin.
 .sp
 See the
 \fIEvent API\fR
 section below for more information
 about events.
 .sp
 NOTE: the
 \fBevent_alloc\fR()
 function is only available starting
 with API version 1.15.
 If the
 \fBsudo\fR
 front end doesn't support API
 version 1.15 or higher,
 \fBevent_alloc\fR()
 will not be set.
 .RE
 .PP
 \fIPolicy Plugin Version Macros\fR
 .nf
@@ -1490,6 +1531,7 @@ struct io_plugin {
       int (*deregister_hook)(struct sudo_hook *hook));
    int (*change_winsize)(unsigned int lines, unsigned int cols);
    int (*log_suspend)(int signo);
    struct sudo_plugin_event * (*event_alloc)(void);
 };
 .RE
 .fi
@@ -2049,6 +2091,44 @@ Returns \-1 if an error occurred, in which case no further calls to
 \fBlog_suspend\fR()
 will be made,
 .RE
 .TP 6n
 event_alloc
 .nf
 .RS 6n
 struct sudo_plugin_event * (*event_alloc)(void);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBevent_alloc\fR()
 function is used to allocate a
 \fRstruct sudo_plugin_event\fR
 which provides access to the main
 \fBsudo\fR
 event loop.
 Unlike the other fields, the
 \fBevent_alloc\fR()
 pointer is filled in by the
 \fBsudo\fR
 front end, not by the plugin.
 .sp
 See the
 \fIEvent API\fR
 section below for more information
 about events.
 .sp
 NOTE: the
 \fBevent_alloc\fR()
 function is only available starting
 with API version 1.15.
 If the
 \fBsudo\fR
 front end doesn't support API
 version 1.15 or higher,
 \fBevent_alloc\fR()
 will not be set.
 .RE
 .PP
 \fII/O Plugin Version Macros\fR
 .PP
@@ -2338,6 +2418,295 @@ return SUDO_HOOK_RET_STOP;
 .PP
 For getters and setters see the
 \fIPolicy plugin API\fR.
 .SS "Event API"
 When
 \fBsudo\fR
 runs a command, it uses an event loop to service signals and I/O.
 Events may be triggered based on time, a file or socket descriptor
 becoming ready, or due to receipt of a signal.
 Starting with API version 1.15, it is possible for a plugin to
 participate in this event loop by calling the
 \fBevent_alloc\fR()
 function.
 .PP
 \fIEvent structure\fR
 .PP
 Events are described by the following structure:
 .nf
 .RS 0n
 typedef void (*sudo_plugin_ev_callback_t)(int fd, int what,
    void *closure);
 struct sudo_plugin_event {
    int (*set)(struct sudo_plugin_event *pev, int fd, int events,
        sudo_plugin_ev_callback_t callback, void *closure);
    int (*add)(struct sudo_plugin_event *pev, struct timespec *timeout);
    int (*del)(struct sudo_plugin_event *pev);
    int (*timeleft)(struct sudo_plugin_event *pev, struct timespec *ts);
    int (*fd)(struct sudo_plugin_event *pev);
    void (*setbase)(struct sudo_plugin_event *pev, void *base);
    void (*loopbreak)(struct sudo_plugin_event *pev);
    void (*free)(struct sudo_plugin_event *pev);
 };
 .RE
 .fi
 .PP
 The sudo_plugin_event struct contains the following function pointers:
 .TP 6n
 \fBset\fR()
 .br
 .nf
 .RS 6n
 int (*set)(struct sudo_plugin_event *pev, int fd, int events,
    sudo_plugin_ev_callback_t callback, void *closure);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBset\fR()
 function takes the following arguments:
 .TP 6n
 struct sudo_plugin_event *\fIpev\fR
 A pointer to the struct sudo_plugin_event itself.
 .TP 6n
 \fIfd\fR
 The file or socket descriptor for I/O-based events or the signal
 number for signal events.
 For time-based events,
 \fIfd\fR
 must be -1.
 .TP 6n
 \fIevents\fR
 The following values determine what will trigger the event callback:
 .PP
 .RS 6n
 .PD 0
 .TP 6n
 SUDO_PLUGIN_EV_TIMEOUT
 callback is run after the specified timeout expires
 .PD
 .TP 6n
 SUDO_PLUGIN_EV_READ
 callback is run when the file descriptor is readable
 .TP 6n
 SUDO_PLUGIN_EV_WRITE
 callback is run when the file descriptor is writable
 .TP 6n
 SUDO_PLUGIN_EV_PERSIST
 event is persistent and remains enabled until explicitly deleted
 .TP 6n
 SUDO_PLUGIN_EV_SIGNAL
 callback is run when the specified signal is received
 .PP
 The
 \fRSUDO_PLUGIN_EV_PERSIST\fR
 flag may be ORed with any of the event types.
 It is also possible to OR
 \fRSUDO_PLUGIN_EV_READ\fR
 and
 \fRSUDO_PLUGIN_EV_WRITE\fR
 together to run the callback when a descriptor is ready to be
 either read from or written to.
 All other event values are mutually exclusive.
 .RE
 .TP 6n
 sudo_plugin_ev_callback_t \fIcallback\fR
 .nf
 .RS 6n
 typedef void (*sudo_plugin_ev_callback_t)(int fd, int what,
    void *closure);
 .RE
 .fi
 .RS 6n
 .sp
 The function to call when an event is triggered.
 The
 \fBcallback\fR()
 function is run with the following arguments:
 .TP 6n
 \fIfd\fR
 The file or socket descriptor for I/O-based events or the signal
 number for signal events.
 .TP 6n
 \fIwhat\fR
 The event type that triggered that callback.
 For events that have multiple event types (for example
 \fRSUDO_PLUGIN_EV_READ\fR
 and
 \fRSUDO_PLUGIN_EV_WRITE\fR)
 or have an associated timeout,
 \fIwhat\fR
 can be used to determine why the callback was run.
 .TP 6n
 \fIclosure\fR
 The generic pointer that was specified in the
 \fBset\fR()
 function.
 .PD 0
 .PP
 .RE
 .PD
 .TP 6n
 closure
 A generic pointer that will be passed to the callback function.
 .PP
 The
 \fBset\fR()
 function returns 1 on success, and \-1 if a error occurred.
 .RE
 .TP 6n
 \fBadd\fR()
 .br
 .nf
 .RS 6n
 int (*add)(struct sudo_plugin_event *pev, struct timespec *timeout);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBadd\fR()
 function adds the event
 \fIpev\fR
 to
 \fBsudo\fR's
 event loop.
 The event must have previously been initialized via the
 \fBset\fR()
 function.
 If the
 \fItimeout\fR
 argument is not NULL, it should specify a (relative) timeout after
 which the event will be triggered if the main event criteria has
 not been met.
 This is often used to implement an I/O timeout where the event
 will fire if a descriptor is not ready within a certain time
 period.
 If the event is already present in the event loop, its
 \fItimeout\fR
 will be adjusted to match the new value, if any.
 .sp
 The
 \fBadd\fR()
 function returns 1 on success, and \-1 if a error occurred.
 .RE
 .TP 6n
 \fBdel\fR()
 .br
 .nf
 .RS 6n
 int (*del)(struct sudo_plugin_event *pev);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBdel\fR()
 function deletes the event
 \fIpev\fR
 from
 \fBsudo\fR's
 event loop.
 Deleted events can be added back via the
 \fBadd\fR()
 function.
 .sp
 The
 \fBdel\fR()
 function returns 1 on success, and \-1 if a error occurred.
 .RE
 .TP 6n
 \fBtimeleft\fR()
 .nf
 .RS 6n
 int (*timeleft)(struct sudo_plugin_event *pev, struct timespec *ts);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBtimeleft\fR()
 function can be used to determine how much time remains in an event's
 timeout, if one was specified when the event was added.
 The
 \fIts\fR
 pointer is filled in with the remaining time.
 .sp
 The
 \fBtimeleft\fR()
 function returns 1 on success, and \-1 if the event has no associated timeout.
 .RE
 .TP 6n
 \fBfd\fR()
 .nf
 .RS 6n
 int (*fd)(struct sudo_plugin_event *pev);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBfd\fR()
 function returns the descriptor or signal number associated with
 the event
 \fIpev\fR.
 .RE
 .TP 6n
 \fBsetbase\fR()
 .nf
 .RS 6n
 void (*setbase)(struct sudo_plugin_event *pev, void *base);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBsetbase\fR()
 function sets the underlying event
 \fIbase\fR
 for
 \fIpev\fR
 to the specified value.
 This can be used to move an event created via
 \fBevent_alloc\fR()
 to a new event loop allocated by sudo's event subsystem.
 Using this function requires linking the plugin with the sudo_util
 library.
 It is unlikely to be used outside of the
 \fBsudoers\fR
 plugin.
 .RE
 .TP 6n
 \fBloopbreak\fR()
 .nf
 .RS 6n
 void (*loopbreak)(struct sudo_plugin_event *pev);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBloopbreak\fR()
 function causes
 \fBsudo\fR's
 event loop to exit immediately and the running command to be terminated.
 .RE
 .TP 6n
 \fBfree\fR()
 .nf
 .RS 6n
 void (*free)(struct sudo_plugin_event *pev);
 .RE
 .fi
 .RS 6n
 .sp
 The
 \fBfree\fR()
 function deletes the event
 \fIpev\fR
 from the event loop and frees the memory associated with it.
 .RE
 .SS "Remote command execution"
 The
 \fBsudo\fR
@@ -2966,6 +3335,11 @@ The
 entry was added to the
 \fRcommand_info\fR
 list.
 .TP 6n
 Version 1.15 (sudo 1.9.0)
 The
 \fIevent_alloc\fR
 field was added to the policy_plugin and io_plugin structs.
 .SH "SEE ALSO"
 sudo.conf(@mansectform@),
 sudoers(@mansectform@),
--- a/doc/sudo_plugin.mdoc.in
+++ b/doc/sudo_plugin.mdoc.in
@@ -15,7 +15,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd October 20, 2019
+.Dd November 12, 2019
 .Dt SUDO_PLUGIN @mansectform@
 .Os Sudo @PACKAGE_VERSION@
 .Sh NAME
@@ -85,6 +85,7 @@ struct policy_plugin {
       int (*register_hook)(struct sudo_hook *hook));
    void (*deregister_hooks)(int version,
       int (*deregister_hook)(struct sudo_hook *hook));
    struct sudo_plugin_event * (*event_alloc)(void);
 };
 .Ed
 .Pp
@@ -1016,16 +1017,10 @@ Privileges should be output via the
 or
 .Fn plugin_printf
 function using
-.Dv SUDO_CONV_INFO_MSG ,
+.Dv SUDO_CONV_INFO_MSG .
 .Pp
 The function arguments are as follows:
 .Bl -tag -width 4n
 .It verbose
 Flag indicating whether to list in verbose mode or not.
 .It list_user
 The name of a different user to list privileges for if the policy
 allows it.
 If
 .Dv NULL ,
 the plugin should list the privileges of the invoking user.
 .It argc
 The number of elements in
 .Em argv ,
@@ -1042,6 +1037,14 @@ be passed to the
 system call.
 If the command is permitted by the policy, the fully-qualified path
 to the command should be displayed along with any command line arguments.
 .It verbose
 Flag indicating whether to list in verbose mode or not.
 .It list_user
 The name of a different user to list privileges for if the policy
 allows it.
 If
 .Dv NULL ,
 the plugin should list the privileges of the invoking user.
 .El
 .It validate
 .Bd -literal -compact
@@ -1273,6 +1276,39 @@ front end doesn't support API
 version 1.2 or higher,
 .Li deregister_hooks
 will not be called.
 .It event_alloc
 .Bd -literal -compact
 struct sudo_plugin_event * (*event_alloc)(void);
 .Ed
 .Pp
 The
 .Fn event_alloc
 function is used to allocate a
 .Li struct sudo_plugin_event
 which provides access to the main
 .Nm sudo
 event loop.
 Unlike the other fields, the
 .Fn event_alloc
 pointer is filled in by the
 .Nm sudo
 front end, not by the plugin.
 .Pp
 See the
 .Sx Event API
 section below for more information
 about events.
 .Pp
 NOTE: the
 .Fn event_alloc
 function is only available starting
 with API version 1.15.
 If the
 .Nm sudo
 front end doesn't support API
 version 1.15 or higher,
 .Fn event_alloc
 will not be set.
 .El
 .Pp
 .Em Policy Plugin Version Macros
@@ -1318,6 +1354,7 @@ struct io_plugin {
       int (*deregister_hook)(struct sudo_hook *hook));
    int (*change_winsize)(unsigned int lines, unsigned int cols);
    int (*log_suspend)(int signo);
    struct sudo_plugin_event * (*event_alloc)(void);
 };
 .Ed
 .Pp
@@ -1793,6 +1830,39 @@ the command was suspended during playback of a session.
 Returns \-1 if an error occurred, in which case no further calls to
 .Fn log_suspend
 will be made,
 .It event_alloc
 .Bd -literal -compact
 struct sudo_plugin_event * (*event_alloc)(void);
 .Ed
 .Pp
 The
 .Fn event_alloc
 function is used to allocate a
 .Li struct sudo_plugin_event
 which provides access to the main
 .Nm sudo
 event loop.
 Unlike the other fields, the
 .Fn event_alloc
 pointer is filled in by the
 .Nm sudo
 front end, not by the plugin.
 .Pp
 See the
 .Sx Event API
 section below for more information
 about events.
 .Pp
 NOTE: the
 .Fn event_alloc
 function is only available starting
 with API version 1.15.
 If the
 .Nm sudo
 front end doesn't support API
 version 1.15 or higher,
 .Fn event_alloc
 will not be set.
 .El
 .Pp
 .Em I/O Plugin Version Macros
@@ -2028,6 +2098,234 @@ return SUDO_HOOK_RET_STOP;
 .Pp
 For getters and setters see the
 .Sx Policy plugin API .
 .Ss Event API
 When
 .Nm sudo
 runs a command, it uses an event loop to service signals and I/O.
 Events may be triggered based on time, a file or socket descriptor
 becoming ready, or due to receipt of a signal.
 Starting with API version 1.15, it is possible for a plugin to
 participate in this event loop by calling the
 .Fn event_alloc
 function.
 .Pp
 .Em Event structure
 .Pp
 Events are described by the following structure:
 .Pp
 .Bd -literal -compact
 typedef void (*sudo_plugin_ev_callback_t)(int fd, int what,
    void *closure);
 struct sudo_plugin_event {
    int (*set)(struct sudo_plugin_event *pev, int fd, int events,
        sudo_plugin_ev_callback_t callback, void *closure);
    int (*add)(struct sudo_plugin_event *pev, struct timespec *timeout);
    int (*del)(struct sudo_plugin_event *pev);
    int (*timeleft)(struct sudo_plugin_event *pev, struct timespec *ts);
    int (*fd)(struct sudo_plugin_event *pev);
    void (*setbase)(struct sudo_plugin_event *pev, void *base);
    void (*loopbreak)(struct sudo_plugin_event *pev);
    void (*free)(struct sudo_plugin_event *pev);
 };
 .Ed
 .Pp
 The sudo_plugin_event struct contains the following function pointers:
 .Bl -tag -width 4n
 .It Fn set
 .Bd -literal -compact
 int (*set)(struct sudo_plugin_event *pev, int fd, int events,
    sudo_plugin_ev_callback_t callback, void *closure);
 .Ed
 .Pp
 The
 .Fn set
 function takes the following arguments:
 .Bl -tag -width 4n
 .It struct sudo_plugin_event * Ns Fa pev
 A pointer to the struct sudo_plugin_event itself.
 .It Fa fd
 The file or socket descriptor for I/O-based events or the signal
 number for signal events.
 For time-based events,
 .Fa fd
 must be -1.
 .It Fa events
 The following values determine what will trigger the event callback:
 .Bl -tag -width 4n
 .It SUDO_PLUGIN_EV_TIMEOUT
 callback is run after the specified timeout expires
 .It SUDO_PLUGIN_EV_READ
 callback is run when the file descriptor is readable
 .It SUDO_PLUGIN_EV_WRITE
 callback is run when the file descriptor is writable
 .It SUDO_PLUGIN_EV_PERSIST
 event is persistent and remains enabled until explicitly deleted
 .It SUDO_PLUGIN_EV_SIGNAL
 callback is run when the specified signal is received
 .El
 .Pp
 The
 .Ev SUDO_PLUGIN_EV_PERSIST
 flag may be ORed with any of the event types.
 It is also possible to OR
 .Ev SUDO_PLUGIN_EV_READ
 and
 .Ev SUDO_PLUGIN_EV_WRITE
 together to run the callback when a descriptor is ready to be
 either read from or written to.
 All other event values are mutually exclusive.
 .It sudo_plugin_ev_callback_t Fa callback
 .Bd -literal -compact
 typedef void (*sudo_plugin_ev_callback_t)(int fd, int what,
    void *closure);
 .Ed
 .Pp
 The function to call when an event is triggered.
 The
 .Fn callback
 function is run with the following arguments:
 .Bl -tag -width 4n
 .It Fa fd
 The file or socket descriptor for I/O-based events or the signal
 number for signal events.
 .It Fa what
 The event type that triggered that callback.
 For events that have multiple event types (for example
 .Ev SUDO_PLUGIN_EV_READ
 and
 .Ev SUDO_PLUGIN_EV_WRITE )
 or have an associated timeout,
 .Fa what
 can be used to determine why the callback was run.
 .It Fa closure
 The generic pointer that was specified in the
 .Fn set
 function.
 .El
 .It closure
 A generic pointer that will be passed to the callback function.
 .El
 .Pp
 The
 .Fn set
 function returns 1 on success, and \-1 if a error occurred.
 .It Fn add
 .Bd -literal -compact
 int (*add)(struct sudo_plugin_event *pev, struct timespec *timeout);
 .Ed
 .Pp
 The
 .Fn add
 function adds the event
 .Fa pev
 to
 .Nm sudo Ns No 's
 event loop.
 The event must have previously been initialized via the
 .Fn set
 function.
 If the
 .Fa timeout
 argument is not NULL, it should specify a (relative) timeout after
 which the event will be triggered if the main event criteria has
 not been met.
 This is often used to implement an I/O timeout where the event
 will fire if a descriptor is not ready within a certain time
 period.
 If the event is already present in the event loop, its
 .Fa timeout
 will be adjusted to match the new value, if any.
 .Pp
 The
 .Fn add
 function returns 1 on success, and \-1 if a error occurred.
 .It Fn del
 .Bd -literal -compact
 int (*del)(struct sudo_plugin_event *pev);
 .Ed
 .Pp
 The
 .Fn del
 function deletes the event
 .Fa pev
 from
 .Nm sudo Ns No 's
 event loop.
 Deleted events can be added back via the
 .Fn add
 function.
 .Pp
 The
 .Fn del
 function returns 1 on success, and \-1 if a error occurred.
 .It Fn timeleft
 .Bd -literal -compact
 int (*timeleft)(struct sudo_plugin_event *pev, struct timespec *ts);
 .Ed
 .Pp
 The
 .Fn timeleft
 function can be used to determine how much time remains in an event's
 timeout, if one was specified when the event was added.
 The
 .Fa ts
 pointer is filled in with the remaining time.
 .Pp
 The
 .Fn timeleft
 function returns 1 on success, and \-1 if the event has no associated timeout.
 .It Fn fd
 .Bd -literal -compact
 int (*fd)(struct sudo_plugin_event *pev);
 .Ed
 .Pp
 The
 .Fn fd
 function returns the descriptor or signal number associated with
 the event
 .Fa pev .
 .It Fn setbase
 .Bd -literal -compact
 void (*setbase)(struct sudo_plugin_event *pev, void *base);
 .Ed
 .Pp
 The
 .Fn setbase
 function sets the underlying event
 .Fa base
 for
 .Fa pev
 to the specified value.
 This can be used to move an event created via
 .Fn event_alloc
 to a new event loop allocated by sudo's event subsystem.
 Using this function requires linking the plugin with the sudo_util
 library.
 It is unlikely to be used outside of the
 .Nm sudoers
 plugin.
 .It Fn loopbreak
 .Bd -literal -compact
 void (*loopbreak)(struct sudo_plugin_event *pev);
 .Ed
 .Pp
 The
 .Fn loopbreak
 function causes
 .Nm sudo Ns No 's
 event loop to exit immediately and the running command to be terminated.
 .It Fn free
 .Bd -literal -compact
 void (*free)(struct sudo_plugin_event *pev);
 .Ed
 .Pp
 The
 .Fn free
 function deletes the event
 .Fa pev
 from the event loop and frees the memory associated with it.
 .El
 .Ss Remote command execution
 The
 .Nm sudo
@@ -2603,6 +2901,10 @@ The
 entry was added to the
 .Li command_info
 list.
 .It Version 1.15 (sudo 1.9.0)
 The
 .Em event_alloc
 field was added to the policy_plugin and io_plugin structs.
 .El
 .Sh SEE ALSO
 .Xr sudo.conf @mansectform@ ,
--- a/include/sudo_event.h
+++ b/include/sudo_event.h
@@ -22,7 +22,7 @@
 #include <signal.h>	/* for sigatomic_t and NSIG */
 #include "sudo_queue.h"
-/* Event types */
+/* Event types (keep in sync with sudo_plugin.h) */
 #define SUDO_EV_TIMEOUT		0x01	/* fire after timeout */
 #define SUDO_EV_READ		0x02	/* fire when readable */
 #define SUDO_EV_WRITE		0x04	/* fire when writable */
@@ -48,6 +48,7 @@
 #define SUDO_EVBASE_GOT_BREAK	0x20
 #define SUDO_EVBASE_GOT_MASK	0xf0
 /* Must match sudo_plugin_ev_callback_t in sudo_plugin.h */
 typedef void (*sudo_ev_callback_t)(int fd, int what, void *closure);
 /*
@@ -125,6 +126,10 @@ __dso_public struct sudo_event *sudo_ev_alloc_v1(int fd, short events, sudo_ev_c
 __dso_public void sudo_ev_free_v1(struct sudo_event *ev);
 #define sudo_ev_free(_a) sudo_ev_free_v1((_a))
 /* Set an event struct that was pre-allocated. */
 __dso_public int sudo_ev_set_v1(struct sudo_event *ev, int fd, short events, sudo_ev_callback_t callback, void *closure);
 #define sudo_ev_set(_a, _b, _c, _d, _e) sudo_ev_set_v1((_a), (_b), (_c), (_d), (_e))
 /* Add an event, returns 0 on success, -1 on error */
 __dso_public int sudo_ev_add_v1(struct sudo_event_base *head, struct sudo_event *ev, struct timeval *timo, bool tohead);
 __dso_public int sudo_ev_add_v2(struct sudo_event_base *head, struct sudo_event *ev, struct timespec *timo, bool tohead);
--- a/include/sudo_plugin.h
+++ b/include/sudo_plugin.h
@@ -21,7 +21,7 @@
 /* API version major/minor */
 #define SUDO_API_VERSION_MAJOR 1
-#define SUDO_API_VERSION_MINOR 14
+#define SUDO_API_VERSION_MINOR 15
 #define SUDO_API_MKVERSION(x, y) (((x) << 16) | (y))
 #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR)
@@ -128,7 +128,32 @@ struct sudo_hook {
 #define SUDO_HOOK_PUTENV	3
 #define SUDO_HOOK_GETENV	4
-/* Policy plugin type and defines */
+/*
 * Plugin interface to sudo's main event loop.
 */
 typedef void (*sudo_plugin_ev_callback_t)(int fd, int what, void *closure);
 struct timespec;
 struct sudo_plugin_event {
    int (*set)(struct sudo_plugin_event *pev, int fd, int events, sudo_plugin_ev_callback_t callback, void *closure);
    int (*add)(struct sudo_plugin_event *pev, struct timespec *timeout);
    int (*del)(struct sudo_plugin_event *pev);
    int (*timeleft)(struct sudo_plugin_event *pev, struct timespec *ts);
    int (*fd)(struct sudo_plugin_event *pev);
    void (*setbase)(struct sudo_plugin_event *pev, void *base);
    void (*loopbreak)(struct sudo_plugin_event *pev);
    void (*free)(struct sudo_plugin_event *pev);
    /* actually larger... */
 };
 /* Sudo plugin Event types */
 #define SUDO_PLUGIN_EV_TIMEOUT	0x01	/* fire after timeout */
 #define SUDO_PLUGIN_EV_READ	0x02	/* fire when readable */
 #define SUDO_PLUGIN_EV_WRITE	0x04	/* fire when writable */
 #define SUDO_PLUGIN_EV_PERSIST	0x08	/* persist until deleted */
 #define SUDO_PLUGIN_EV_SIGNAL	0x10	/* fire on signal receipt */
 /* Policy plugin type and defines. */
 struct passwd;
 struct policy_plugin {
 #define SUDO_POLICY_PLUGIN     1
@@ -150,9 +175,10 @@ struct policy_plugin {
    int (*init_session)(struct passwd *pwd, char **user_env_out[]);
    void (*register_hooks)(int version, int (*register_hook)(struct sudo_hook *hook));
    void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
    struct sudo_plugin_event * (*event_alloc)(void);
 };
-/* I/O plugin type and defines */
+/* I/O plugin type and defines. */
 struct io_plugin {
 #define SUDO_IO_PLUGIN	    2
    unsigned int type; /* always SUDO_IO_PLUGIN */
@@ -173,6 +199,7 @@ struct io_plugin {
    void (*deregister_hooks)(int version, int (*deregister_hook)(struct sudo_hook *hook));
    int (*change_winsize)(unsigned int line, unsigned int cols);
    int (*log_suspend)(int signo);
    struct sudo_plugin_event * (*event_alloc)(void);
 };
 /* Sudoers group plugin version major/minor */
--- a/lib/util/event.c
+++ b/lib/util/event.c
@@ -284,6 +284,33 @@ sudo_ev_init(struct sudo_event *ev, int fd, short events,
    debug_return;
 }
 /*
 * Set a pre-allocated struct sudo_event.
 * Allocates space for siginfo_t for SUDO_EV_SIGINFO as needed.
 */
 int
 sudo_ev_set_v1(struct sudo_event *ev, int fd, short events,
    sudo_ev_callback_t callback, void *closure)
 {
    debug_decl(sudo_ev_set, SUDO_DEBUG_EVENT)
    /* For SUDO_EV_SIGINFO we use a container to store closure + siginfo_t */
    if (ISSET(events, SUDO_EV_SIGINFO)) {
 	struct sudo_ev_siginfo_container *container =
 	    malloc(sizeof(*container) + sizeof(siginfo_t) - 1);
 	if (container == NULL) {
 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
 		"%s: unable to allocate siginfo container", __func__);
 	    debug_return_int(-1);
 	}
 	container->closure = closure;
 	closure = container;
    }
    sudo_ev_init(ev, fd, events, callback, closure);
    debug_return_int(0);
 }
 struct sudo_event *
 sudo_ev_alloc_v1(int fd, short events, sudo_ev_callback_t callback, void *closure)
 {
@@ -296,21 +323,10 @@ sudo_ev_alloc_v1(int fd, short events, sudo_ev_callback_t callback, void *closur
 	    "%s: unable to allocate event", __func__);
 	debug_return_ptr(NULL);
    }
-    /* For SUDO_EV_SIGINFO we use a container to store closure + siginfo_t */
+    if (sudo_ev_set(ev, fd, events, callback, closure) == -1) {
-    if (ISSET(events, SUDO_EV_SIGINFO)) {
+	free(ev);
-	struct sudo_ev_siginfo_container *container =
+	debug_return_ptr(NULL);
 	    malloc(sizeof(*container) + sizeof(siginfo_t) - 1);
 	if (container == NULL) {
 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
 		"%s: unable to allocate siginfo container", __func__);
 	    free(ev);
 	    debug_return_ptr(NULL);
 	}
 	container->closure = closure;
 	closure = container;
    }
    sudo_ev_init(ev, fd, events, callback, closure);
    debug_return_ptr(ev);
 }
--- a/plugins/sudoers/iolog.c
+++ b/plugins/sudoers/iolog.c
@@ -828,5 +828,6 @@ __dso_public struct io_plugin sudoers_io = {
    NULL, /* register_hooks */
    NULL, /* deregister_hooks */
    sudoers_io_change_winsize,
-    sudoers_io_suspend
+    sudoers_io_suspend,
    NULL /* event_alloc() filled in by sudo */
 };
--- a/plugins/sudoers/policy.c
+++ b/plugins/sudoers/policy.c
@@ -1003,5 +1003,6 @@ __dso_public struct policy_plugin sudoers_policy = {
    sudoers_policy_validate,
    sudoers_policy_invalidate,
    sudoers_policy_init_session,
-    sudoers_policy_register_hooks
+    sudoers_policy_register_hooks,
    NULL /* event_alloc() filled in by sudo */
 };
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -318,17 +318,19 @@ check_ttyname.plog: check_ttyname.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/regress/ttyname/check_ttyname.c --i-file $< --output-file $@
 conversation.o: $(srcdir)/conversation.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
                $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/conversation.c
 conversation.i: $(srcdir)/conversation.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
                $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
@@ -337,18 +339,18 @@ conversation.plog: conversation.i
 env_hooks.o: $(srcdir)/env_hooks.c $(incdir)/compat/stdbool.h \
             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
             $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
-             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
-             $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-             $(top_builddir)/pathnames.h
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/env_hooks.c
 env_hooks.i: $(srcdir)/env_hooks.c $(incdir)/compat/stdbool.h \
             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
             $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
-             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+             $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-             $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
-             $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-             $(top_builddir)/pathnames.h
+             $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 env_hooks.plog: env_hooks.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/env_hooks.c --i-file $< --output-file $@
@@ -370,17 +372,19 @@ exec.plog: exec.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/exec.c --i-file $< --output-file $@
 exec_common.o: $(srcdir)/exec_common.c $(incdir)/compat/stdbool.h \
               $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-               $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-               $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-               $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-               $(top_builddir)/config.h $(top_builddir)/pathnames.h
+               $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
               $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/exec_common.c
 exec_common.i: $(srcdir)/exec_common.c $(incdir)/compat/stdbool.h \
               $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-               $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+               $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-               $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-               $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+               $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-               $(top_builddir)/config.h $(top_builddir)/pathnames.h
+               $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
               $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 exec_common.plog: exec_common.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/exec_common.c --i-file $< --output-file $@
@@ -446,65 +450,67 @@ exec_pty.plog: exec_pty.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/exec_pty.c --i-file $< --output-file $@
 get_pty.o: $(srcdir)/get_pty.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/get_pty.c
 get_pty.i: $(srcdir)/get_pty.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 get_pty.plog: get_pty.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/get_pty.c --i-file $< --output-file $@
 hooks.o: $(srcdir)/hooks.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-         $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-         $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-         $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
+         $(srcdir)/sudo.h $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
         $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/hooks.c
 hooks.i: $(srcdir)/hooks.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+         $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-         $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+         $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-         $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+         $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-         $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
+         $(srcdir)/sudo.h $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
         $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 hooks.plog: hooks.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/hooks.c --i-file $< --output-file $@
 limits.o: $(srcdir)/limits.c $(incdir)/compat/stdbool.h \
          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+          $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
          $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/limits.c
 limits.i: $(srcdir)/limits.c $(incdir)/compat/stdbool.h \
          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-          $(top_builddir)/config.h $(top_builddir)/pathnames.h
+          $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
          $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 limits.plog: limits.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/limits.c --i-file $< --output-file $@
 load_plugins.o: $(srcdir)/load_plugins.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
                $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
-                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
-                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
                $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/load_plugins.c
 load_plugins.i: $(srcdir)/load_plugins.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
                $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h \
-                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+                $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-                $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
-                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
                $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
@@ -526,35 +532,37 @@ net_ifs.plog: net_ifs.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/net_ifs.c --i-file $< --output-file $@
 openbsd.o: $(srcdir)/openbsd.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/openbsd.c
 openbsd.i: $(srcdir)/openbsd.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 openbsd.plog: openbsd.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/openbsd.c --i-file $< --output-file $@
 parse_args.o: $(srcdir)/parse_args.c $(incdir)/compat/getopt.h \
              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-              $(incdir)/sudo_lbuf.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
-              $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-              $(top_builddir)/pathnames.h ./sudo_usage.h
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h \
              ./sudo_usage.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/parse_args.c
 parse_args.i: $(srcdir)/parse_args.c $(incdir)/compat/getopt.h \
              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+              $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-              $(incdir)/sudo_lbuf.h $(incdir)/sudo_queue.h \
+              $(incdir)/sudo_gettext.h $(incdir)/sudo_lbuf.h \
-              $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+              $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-              $(top_builddir)/pathnames.h ./sudo_usage.h
+              $(top_builddir)/config.h $(top_builddir)/pathnames.h \
              ./sudo_usage.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 parse_args.plog: parse_args.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/parse_args.c --i-file $< --output-file $@
@@ -568,33 +576,35 @@ preload.plog: preload.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/preload.c --i-file $< --output-file $@
 preserve_fds.o: $(srcdir)/preserve_fds.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/preserve_fds.c
 preserve_fds.i: $(srcdir)/preserve_fds.c $(incdir)/compat/stdbool.h \
                $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+                $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
                $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 preserve_fds.plog: preserve_fds.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/preserve_fds.c --i-file $< --output-file $@
 selinux.o: $(srcdir)/selinux.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+           $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
           $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/selinux.c
 selinux.i: $(srcdir)/selinux.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/config.h $(top_builddir)/pathnames.h
+           $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
           $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 selinux.plog: selinux.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/selinux.c --i-file $< --output-file $@
@@ -614,127 +624,133 @@ sesh.plog: sesh.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sesh.c --i-file $< --output-file $@
 signal.o: $(srcdir)/signal.c $(incdir)/compat/stdbool.h \
          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-          $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
+          $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
-          $(top_builddir)/pathnames.h
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/signal.c
 signal.i: $(srcdir)/signal.c $(incdir)/compat/stdbool.h \
          $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
-          $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
+          $(incdir)/sudo_event.h $(incdir)/sudo_fatal.h \
-          $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+          $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-          $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
+          $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
-          $(top_builddir)/pathnames.h
+          $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 signal.plog: signal.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/signal.c --i-file $< --output-file $@
 solaris.o: $(srcdir)/solaris.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/solaris.c
 solaris.i: $(srcdir)/solaris.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_dso.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 solaris.plog: solaris.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/solaris.c --i-file $< --output-file $@
 sudo.o: $(srcdir)/sudo.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-        $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-        $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-        $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
+        $(srcdir)/sudo.h $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
        $(top_builddir)/pathnames.h ./sudo_usage.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudo.c
 sudo.i: $(srcdir)/sudo.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-        $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-        $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+        $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-        $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
+        $(srcdir)/sudo.h $(srcdir)/sudo_plugin_int.h $(top_builddir)/config.h \
        $(top_builddir)/pathnames.h ./sudo_usage.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 sudo.plog: sudo.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudo.c --i-file $< --output-file $@
 sudo_edit.o: $(srcdir)/sudo_edit.c $(incdir)/compat/stdbool.h \
             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-             $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+             $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-             $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-             $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+             $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
             $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/sudo_edit.c
 sudo_edit.i: $(srcdir)/sudo_edit.c $(incdir)/compat/stdbool.h \
             $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-             $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+             $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-             $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+             $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-             $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
+             $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-             $(top_builddir)/config.h $(top_builddir)/pathnames.h
+             $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
             $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 sudo_edit.plog: sudo_edit.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/sudo_edit.c --i-file $< --output-file $@
 tcsetpgrp_nobg.o: $(srcdir)/tcsetpgrp_nobg.c $(incdir)/compat/stdbool.h \
                  $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                  $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                  $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                  $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                  $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                  $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+                  $(srcdir)/sudo.h $(top_builddir)/config.h \
                  $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tcsetpgrp_nobg.c
 tcsetpgrp_nobg.i: $(srcdir)/tcsetpgrp_nobg.c $(incdir)/compat/stdbool.h \
                  $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-                  $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+                  $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-                  $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+                  $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-                  $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+                  $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
-                  $(top_builddir)/config.h $(top_builddir)/pathnames.h
+                  $(srcdir)/sudo.h $(top_builddir)/config.h \
                  $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 tcsetpgrp_nobg.plog: tcsetpgrp_nobg.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/tcsetpgrp_nobg.c --i-file $< --output-file $@
 tgetpass.o: $(srcdir)/tgetpass.c $(incdir)/compat/stdbool.h \
            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
-            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+            $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
            $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/tgetpass.c
 tgetpass.i: $(srcdir)/tgetpass.c $(incdir)/compat/stdbool.h \
            $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-            $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+            $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-            $(incdir)/sudo_gettext.h $(incdir)/sudo_plugin.h \
+            $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-            $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
+            $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
-            $(top_builddir)/config.h $(top_builddir)/pathnames.h
+            $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
            $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 tgetpass.plog: tgetpass.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/tgetpass.c --i-file $< --output-file $@
 ttyname.o: $(srcdir)/ttyname.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/ttyname.c
 ttyname.i: $(srcdir)/ttyname.c $(incdir)/compat/stdbool.h \
           $(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
-           $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+           $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-           $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
+           $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
-           $(incdir)/sudo_util.h $(srcdir)/sudo.h $(top_builddir)/config.h \
+           $(incdir)/sudo_queue.h $(incdir)/sudo_util.h $(srcdir)/sudo.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 ttyname.plog: ttyname.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/ttyname.c --i-file $< --output-file $@
 utmp.o: $(srcdir)/utmp.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-        $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-        $(srcdir)/sudo.h $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
+        $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
-        $(top_builddir)/pathnames.h
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/utmp.c
 utmp.i: $(srcdir)/utmp.c $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
-        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_fatal.h \
+        $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h $(incdir)/sudo_event.h \
-        $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h $(incdir)/sudo_util.h \
+        $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h $(incdir)/sudo_queue.h \
-        $(srcdir)/sudo.h $(srcdir)/sudo_exec.h $(top_builddir)/config.h \
+        $(incdir)/sudo_util.h $(srcdir)/sudo.h $(srcdir)/sudo_exec.h \
-        $(top_builddir)/pathnames.h
+        $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(CC) -E -o $@ $(CPPFLAGS) $<
 utmp.plog: utmp.i
 	rm -f $@; pvs-studio --cfg $(PVS_CFG) --sourcetree-root $(top_srcdir) --skip-cl-exe yes --source-file $(srcdir)/utmp.c --i-file $< --output-file $@
--- a/src/exec.c
+++ b/src/exec.c
@@ -52,7 +52,6 @@
 #include "sudo.h"
 #include "sudo_exec.h"
 #include "sudo_event.h"
 #include "sudo_plugin.h"
 #include "sudo_plugin_int.h"
@@ -314,7 +313,7 @@ sudo_terminated(struct command_status *cstat)
    debug_return_bool(false);
 }
-#if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 14)
+#if SUDO_API_VERSION != SUDO_API_MKVERSION(1, 15)
 # error "Update sudo_needs_pty() after changing the plugin API"
 #endif
 static bool
--- a/src/exec_monitor.c
+++ b/src/exec_monitor.c
@@ -43,7 +43,6 @@
 #include <termios.h>
 #include "sudo.h"
 #include "sudo_event.h"
 #include "sudo_exec.h"
 #include "sudo_plugin.h"
 #include "sudo_plugin_int.h"
--- a/src/exec_nopty.c
+++ b/src/exec_nopty.c
@@ -40,7 +40,6 @@
 #include "sudo.h"
 #include "sudo_exec.h"
 #include "sudo_event.h"
 #include "sudo_plugin.h"
 #include "sudo_plugin_int.h"
@@ -209,9 +208,8 @@ fill_exec_closure_nopty(struct exec_closure_nopty *ec,
    ec->details = details;
    /* Setup event base and events. */
-    ec->evbase = sudo_ev_base_alloc();
+    ec->evbase = details->evbase;
-    if (ec->evbase == NULL)
+    details->evbase = NULL;
 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
    /* Event for command status via errfd. */
    ec->errpipe_event = sudo_ev_alloc(errfd,
--- a/src/exec_pty.c
+++ b/src/exec_pty.c
@@ -43,7 +43,6 @@
 #include <termios.h>		/* for struct winsize on HP-UX */
 #include "sudo.h"
 #include "sudo_event.h"
 #include "sudo_exec.h"
 #include "sudo_plugin.h"
 #include "sudo_plugin_int.h"
@@ -1160,9 +1159,8 @@ fill_exec_closure_pty(struct exec_closure_pty *ec, struct command_status *cstat,
    TAILQ_INIT(&ec->monitor_messages);
    /* Setup event base and events. */
-    ec->evbase = sudo_ev_base_alloc();
+    ec->evbase = details->evbase;
-    if (ec->evbase == NULL)
+    details->evbase = NULL;
 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
    /* Event for command status via backchannel. */
    ec->backchannel_event = sudo_ev_alloc(backchannel,
--- a/src/load_plugins.c
+++ b/src/load_plugins.c
@@ -368,6 +368,15 @@ sudo_load_plugins(struct plugin_container *policy_plugin,
 		container->u.io->register_hooks(SUDO_HOOK_VERSION, register_hook);
 	}
    }
    /* Set event_alloc() in plugins. */
    if (policy_plugin->u.policy->version >= SUDO_API_MKVERSION(1, 15))
 	policy_plugin->u.policy->event_alloc = sudo_plugin_event_alloc;
    TAILQ_FOREACH(container, io_plugins, entries) {
 	if (container->u.io->version >= SUDO_API_MKVERSION(1, 15))
 	    container->u.io->event_alloc = sudo_plugin_event_alloc;
    }
    sudo_debug_set_active_instance(sudo_debug_instance);
 done:
--- a/src/preload.c
+++ b/src/preload.c
@@ -53,8 +53,8 @@ static struct sudo_preload_symbol sudo_rtld_default_symbols[] = {
 /* XXX - can we autogenerate these? */
 static struct sudo_preload_symbol sudo_sudoers_plugin_symbols[] = {
-    { "sudoers_policy", (void *)&sudoers_policy},
+    { "sudoers_policy", (void *)&sudoers_policy },
-    { "sudoers_io", (void *)&sudoers_io},
+    { "sudoers_io", (void *)&sudoers_io },
    { (const char *)0, (void *)0 }
 };
--- a/src/sudo.c
+++ b/src/sudo.c
@@ -31,6 +31,7 @@
 #include <sys/stat.h>
 #include <sys/wait.h>
 #include <sys/socket.h>
 #include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #ifdef HAVE_STRING_H
@@ -79,6 +80,7 @@ const char *list_user; /* extern for parse_args.c */
 int sudo_debug_instance = SUDO_DEBUG_INSTANCE_INITIALIZER;
 static struct command_details command_details;
 static int sudo_mode;
 static struct sudo_event_base *sudo_event_base;
 struct sudo_gc_entry {
    SLIST_ENTRY(sudo_gc_entry) entries;
@@ -213,6 +215,10 @@ main(int argc, char *argv[], char *envp[])
    if (!sudo_load_plugins(&policy_plugin, &io_plugins))
 	sudo_fatalx(U_("fatal error, unable to load plugins"));
    /* Allocate event base so plugin can use it. */
    if ((sudo_event_base = sudo_ev_base_alloc()) == NULL)
 	sudo_fatalx("%s", U_("unable to allocate memory"));
    /* Open policy plugin. */
    ok = policy_open(&policy_plugin, settings, user_info, envp);
    if (ok != 1) {
@@ -288,6 +294,7 @@ main(int argc, char *argv[], char *envp[])
 	    command_details.tty = user_details.tty;
 	    command_details.argv = argv_out;
 	    command_details.envp = user_env_out;
 	    command_details.evbase = sudo_event_base;
 	    if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
 		SET(command_details.flags, CD_LOGIN_SHELL);
 	    if (ISSET(sudo_mode, MODE_BACKGROUND))
@@ -1328,6 +1335,158 @@ iolog_unlink(struct plugin_container *plugin)
    debug_return;
 }
 /*
 * Fill in a previously allocated struct sudo_plugin_event.
 */
 static int
 plugin_event_set(struct sudo_plugin_event *pev, int fd, int events,
    sudo_ev_callback_t callback, void *closure)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_set, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    if (sudo_ev_set(&ev_int->private, fd, events, callback, closure) == -1)
 	debug_return_int(-1);
    /* Plugin can only operate on the main event loop. */
    ev_int->private.base = sudo_event_base;
    debug_return_int(1);
 }
 /*
 * Add a struct sudo_plugin_event to the main event loop.
 */
 static int
 plugin_event_add(struct sudo_plugin_event *pev, struct timespec *timo)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_add, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    if (sudo_ev_add(NULL, &ev_int->private, timo, 0) == -1)
 	debug_return_int(-1);
    debug_return_int(1);
 }
 /*
 * Delete a struct sudo_plugin_event from the main event loop.
 */
 static int
 plugin_event_del(struct sudo_plugin_event *pev)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_del, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    if (sudo_ev_del(NULL, &ev_int->private) == -1)
 	debug_return_int(-1);
    debug_return_int(1);
 }
 /*
 * Get the amount of time remaining in a timeout event.
 */
 static int
 plugin_event_timeleft(struct sudo_plugin_event *pev, struct timespec *ts)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_timeleft, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    if (sudo_ev_get_timeleft(&ev_int->private, ts) == -1)
 	debug_return_int(-1);
    debug_return_int(1);
 }
 /*
 * Get the file descriptor associated with an event.
 */
 static int
 plugin_event_fd(struct sudo_plugin_event *pev)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_fd, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    debug_return_int(sudo_ev_get_fd(&ev_int->private));
 }
 /*
 * Break out of the event loop, killing the command if it is running.
 */
 static void
 plugin_event_loopbreak(struct sudo_plugin_event *pev)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_loopbreak, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    sudo_ev_loopbreak(ev_int->private.base);
    debug_return;
 }
 /*
 * Reset the event base of a struct sudo_plugin_event.
 * The event is removed from the old base (if any) first.
 */
 static void
 plugin_event_setbase(struct sudo_plugin_event *pev, void *base)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_setbase, SUDO_DEBUG_PCOMM)
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    if (ev_int->private.base != NULL)
 	sudo_ev_del(ev_int->private.base, &ev_int->private);
    ev_int->private.base = base;
    debug_return;
 }
 /*
 * Free a struct sudo_plugin_event allocated by plugin_event_alloc().
 */
 static void
 plugin_event_free(struct sudo_plugin_event *pev)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_free, SUDO_DEBUG_PCOMM)
    /* The private field is first so sudo_ev_free() can free the struct. */
    ev_int = __containerof(pev, struct sudo_plugin_event_int, public);
    sudo_ev_free(&ev_int->private);
    debug_return;
 }
 /*
 * Allocate a struct sudo_plugin_event and fill in the public fields.
 */
 struct sudo_plugin_event *
 sudo_plugin_event_alloc(void)
 {
    struct sudo_plugin_event_int *ev_int;
    debug_decl(plugin_event_alloc, SUDO_DEBUG_PCOMM)
    if ((ev_int = malloc(sizeof(*ev_int))) == NULL)
 	debug_return_ptr(NULL);
    /* Init public fields. */
    ev_int->public.set = plugin_event_set;
    ev_int->public.add = plugin_event_add;
    ev_int->public.del = plugin_event_del;
    ev_int->public.fd = plugin_event_fd;
    ev_int->public.timeleft = plugin_event_timeleft;
    ev_int->public.setbase = plugin_event_setbase;
    ev_int->public.free = plugin_event_free;
    /* Clear private portion in case caller tries to use us uninitialized. */
    memset(&ev_int->private, 0, sizeof(ev_int->private));
    debug_return_ptr(&ev_int->public);
 }
 static void
 free_plugin_container(struct plugin_container *plugin, bool ioplugin)
 {
--- a/src/sudo.h
+++ b/src/sudo.h
@@ -39,6 +39,7 @@
 #include "sudo_conf.h"
 #include "sudo_debug.h"
 #include "sudo_queue.h"
 #include "sudo_event.h"
 #include "sudo_util.h"
 #ifdef HAVE_PRIV_SET
@@ -169,6 +170,7 @@ struct command_details {
    const char *tty;
    char **argv;
    char **envp;
    struct sudo_event_base *evbase;
 #ifdef HAVE_PRIV_SET
    priv_set_t *privs;
    priv_set_t *limitprivs;
@@ -218,6 +220,7 @@ int run_command(struct command_details *details);
 int os_init_common(int argc, char *argv[], char *envp[]);
 bool gc_add(enum sudo_gc_types type, void *v);
 bool set_user_groups(struct command_details *details);
 struct sudo_plugin_event *sudo_plugin_event_alloc(void);
 extern const char *list_user;
 extern struct user_details user_details;
 extern int sudo_debug_instance;
--- a/src/sudo_plugin_int.h
+++ b/src/sudo_plugin_int.h
@@ -104,6 +104,14 @@ struct plugin_container {
 };
 TAILQ_HEAD(plugin_container_list, plugin_container);
 /*
 * Private implementation of struct sudo_plugin_event.
 */
 struct sudo_plugin_event_int {
    struct sudo_event private;		/* must be first */
    struct sudo_plugin_event public;
 };
 extern struct plugin_container policy_plugin;
 extern struct plugin_container_list io_plugins;