isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,559 Commits 1 Branch 0 Tags
8fa5a519a0b15429fc0c5b9b02d08d30268be9c5
Commit Graph

52 Commits

Author SHA1 Message Date
Todd C. Miller
8fa5a519a0 include selinux.h for is_selinux_enabled() proto 2009-10-22 13:47:32 +00:00
Todd C. Miller
b231f074a2 Don't use log_error() in the child process. 2009-10-22 13:40:41 +00:00
Todd C. Miller
425026fa11 Do I/O in parent instead of child since the parent can have both 
/dev/tty as well as the pty fds open.  The child just sets things
up and waits for its grandchild and writes the signal description
to the pty master if the command was killed by a signal.
 2009-10-22 00:58:41 +00:00
Todd C. Miller
27b221e439 Make comment at the top of script_exec() match reality. 2009-10-18 17:32:44 +00:00
Todd C. Miller
1a5afcbb15 Make transcript mode work as long as we can figure out our tty, even if 
it is not stdin.  We'd like to use /dev/tty but that won't be valid after
the setsid().
 2009-10-18 14:46:01 +00:00
Todd C. Miller
9544845ef8 Break out pty code into pty.c 2009-10-16 13:29:38 +00:00
Todd C. Miller
babf9292df Push ptem and ldterm for STERAMS-based systems when allocating a pty. 2009-10-16 00:07:11 +00:00
Todd C. Miller
7d79b1da35 Sprinkle some more O_NOCTTY and call grantpt() before unlockpt() 2009-10-15 21:48:19 +00:00
Todd C. Miller
3ece4c837f Call tcgetpgrp() in the parent, not the child and have the child spin 
until it is granted.  Fixes a race on darwin.
 2009-10-15 13:46:11 +00:00
Todd C. Miller
52f3374ce3 Only use TIOCNOTTY in the non-setsid case. If no TIOCSCTTY, just 
reopen slave.
 2009-10-15 13:38:11 +00:00
Todd C. Miller
7411b071e4 In script mode, if the command is killed by a signal, print the 
signal description as well as a core dump notification like the
shell does.
 2009-10-14 20:04:16 +00:00
Todd C. Miller
7bfe0fe957 Add missing WUNTRACED and store the signal that stopped the grandchild 
in suspended, not signo.
 2009-10-14 13:37:23 +00:00
Todd C. Miller
cd8ba12194 g/c unused code 2009-10-14 13:20:24 +00:00
Todd C. Miller
0d04ffc40c Associate the grandchild's pgrp with the tty instead of the child's 
and just get suspend notifications via SIGCHLD instead of directly.
This fixes a hang with programs that try to set terminal attributes
and is more consistent with how the shell handles things.
 2009-10-14 13:01:04 +00:00
Todd C. Miller
d72afb29a3 Move setpgid() of child into the parent side of the fork() where it 
belongs.
 2009-10-12 14:30:46 +00:00
Todd C. Miller
bc1769df24 fix typo 2009-10-11 22:02:02 +00:00
Todd C. Miller
88b93973fe Run command in its own pgrp (like the shell does) for easier signalling. 
No need to relay SIGINT or SIGQUIT to parent, just send to grandchild.
Don't want grandchild stopped events in the child (only termination).
Flush output after suspending grandchild before signalling parent.
 2009-10-11 21:41:36 +00:00
Todd C. Miller
a3185d3e25 Back out revision 1.34; the problem lies elsewhere. 2009-10-11 14:16:22 +00:00
Todd C. Miller
f44c2261fd Don't set stdout to blocking mode when flushing remaining output. It 
can cause us to hang when trying to exit.  Need to investigate why.
 2009-10-11 14:13:35 +00:00
Todd C. Miller
03e3ca08db Handle SIGTTOU and remove some debugging. 2009-10-11 13:25:23 +00:00
Todd C. Miller
09a7bb78fe Apparently we need to send SIGSTOP to the command as well as ourself 
when we get SIGTSTP, the kernel doesn't automatically stop the process
for us.
 2009-10-11 12:42:03 +00:00
Todd C. Miller
2cf1b81abf Use an extra process to act as the glue bewteen the sessions 
associated with the user's controlling tty (what the shell uses)
and the tty that sudo is using to do its logging.  Basically, this
means that if we get, e.g. SIGTSTP from the process sudo is running,
we relay the signal to the parent so it's shell can do the job control.
 2009-10-11 12:27:11 +00:00
Todd C. Miller
50b62b694d Already define O_NOCTTY in compat.h, don't need it here 2009-10-07 00:17:38 +00:00
Todd C. Miller
fe9fc5ad1b Retain NL to NLCR conversion on the real tty and skip it on the pty 
we allocate.  That way, if stdout is not a pty there are no extra carriage
returns.
 2009-09-30 02:12:35 +00:00
Todd C. Miller
e6331c0773 Fix log_output(); just pass in a string and a length. 2009-09-30 02:00:16 +00:00
Todd C. Miller
8e4379b264 do not use errno when complaining out lack of a tty 2009-09-28 11:44:26 +00:00
Todd C. Miller
577fb346fd Convert a do {} while into a while 2009-09-27 22:11:11 +00:00
Todd C. Miller
4283bbcb2f Add O_NOCTTY when opening a tty device. 
Explicitly disconnect from old tty before associatng with new one.
 2009-09-27 18:34:18 +00:00
Todd C. Miller
7d19478501 First cut at refactoring some of the selinux code so it can be used 
in conjunction with sudo's transcript support.
 2009-09-27 13:03:56 +00:00
Todd C. Miller
d111b0d9bb Use _PATH_SUDO_TRANSCRIPT instead of _PATH_SUDO_SESSDIR 2009-09-26 15:41:14 +00:00
Todd C. Miller
7bb38284b0 Go back to dropping out of the select() loop when the process dies; Linux 
ptys apparently don't behave the same as BSD in regards to select().
No need to flush remaining output to the transcript, only to stdout.
Add back code to check the master pty for additional data when we exit
the main select loop.
 2009-09-20 13:51:51 +00:00
Todd C. Miller
f68a24fb3b Fix final flush. 2009-09-19 11:43:24 +00:00
Todd C. Miller
3223231b1f Keep reading from the pty master -> log file until read returns <= 0. 
Do our best to write everything to stdout when flushing any remaining bits.
 2009-09-19 11:35:20 +00:00
Todd C. Miller
3cc02be8aa Fix comment after #endif 2009-09-18 13:18:03 +00:00
Todd C. Miller
798867ed27 Refactor code to update output and timing files. 2009-09-18 00:32:32 +00:00
Todd C. Miller
74844b1787 When flushing remaining output, also update timing file. 2009-09-17 10:14:01 +00:00
Todd C. Miller
88a063b047 Create session dir earlier now that we update the seq number early. 2009-09-17 09:54:33 +00:00
Todd C. Miller
a418f78117 Log the cwd in the script log file. 
Add sudo_getln() to read arbitrarily long lines.
 2009-09-16 11:49:40 +00:00
Todd C. Miller
10fa87dfa8 Remove vhangup as it was hanging up the wrong tty. Should really 
vhangup in the child after it as set its tty.
 2009-09-07 15:07:48 +00:00
Todd C. Miller
c1fe4492f4 Sanity check sessid before using it. 2009-09-03 23:27:24 +00:00
Todd C. Miller
568c99b099 Actually. qsort is fine since most versions fal back to a cheaper 
sort when the number of elements to sort is small (like in our case).
 2009-09-03 13:21:43 +00:00
Todd C. Miller
2935e2a5ba Check for dup2 and use dup instead if we don't have it. 2009-09-03 11:28:07 +00:00
Todd C. Miller
c57b8bb7b3 Move the code to dup2 the script fds to low numbered descriptors into 
script_duplow() and fix the fd sorting.
 2009-09-03 10:36:02 +00:00
Todd C. Miller
ad9ab8dab2 Move script_setup() back to immediately before we drop privs and 
call the new script_nextid() in its place, which will set
sudo_user.sessid for the logging functions.
 2009-09-03 10:21:18 +00:00
Todd C. Miller
6184eb9461 Log the session ID, if there is one. Currently logs ID=XXXXXX, perhaps 
should be SESSIONID or SESSID.
 2009-08-30 15:18:50 +00:00
Todd C. Miller
b9f38b2aca Use base36 number for the ID and store script files with paths like 
/var/log/sudo-session/00/00/00{,.tim,.scr}.
This gives us 36^6 (2,176,782,336) unique IDs.
 2009-08-30 11:22:53 +00:00
Todd C. Miller
946ea4c970 Fix wait() usage and use correct wait status. 2009-08-08 20:00:17 +00:00
Todd C. Miller
40a21a6c75 Fix detection of the child process exiting. Since the child is in 
its own session we should only ever get SIGCHLD for that process but
better safe than sorry.
 2009-08-08 12:55:43 +00:00
Todd C. Miller
c3c6c299e3 Add UNIX98 pty support. 2009-08-08 00:26:13 +00:00
Todd C. Miller
ee20527bf0 On Linux, the openpty proto libes in pty.h 2009-08-07 13:23:07 +00:00