We can't use run_command() to run sesh, that will use the sudo event
loop (and might run it in a pty!).
There's no need to relabel the tty when copying files.
Get the path to sesh from sudo.conf.
Currently, for SELinux RBAC, the editor runs with the target user's
security context. This defeats the purpose of sudoedit. Fixing
that requires passing file descriptors between the main sudo process
(running with the invoking user's security context) and sesh (runnning
with the target user's security context).
non-pty code paths into their own event loops. The non-pty exec
code is now contained in exec_nopty.c and the pty exec code is split
between exec_pty.c (parent process) and exec_monitor.c (session leader).
This results in a small bit of duplicated code but improves readability.
Some of the duplicated code will fall out in future changes to the
event subsystem (the signal pipe).
the command. If we get SIGINT or SIGQUIT, call the plugin close()
functions as if the command was interrupted. If we get SIGTSTP,
uninstall the handler and deliver SIGTSTP to ourselves.
it back to the command. This fixes a problem with BSD-derived
versions of the reboot command which send SIGTERM to all other
processes, including the sudo process. Sudo would then deliver
SIGTERM to reboot which would die before calling the reboot() system
call, effectively leaving the system in single user mode.
use by sesh.c. This fixes NOEXEC when SELinux is used. Instead
of disabling exec in exec_setup(), disable it immediately before
executing the command. Adapted from a diff by Arno Schuring.
have the signal handler write the signal number to one end and
select() on the other end. This makes it possible to handle signals
similar to I/O without race conditions.
