Changes made to the terminal settings while the command is suspended
are now reflected in the pty when the command is resumed. This is
more consistent with the non-pty behavior and allows for the removal
of the "tty_initialized" global. One downside to this change is
that if a terminal-based program using the pty is stopped with
SIGSTOP it may have the wrong terminal settings on resume.
However, this is no different from the non-pty case.
Previously, we only did this when running in the foreground but
this can cause problems when running a program that reads the
terminal settings or window size in the background. If sudo is
running in the background, the terminal settings will be updated
if it transitions to the foreground process.
Based on a suggestion from From Duncan Overbruck.
While we cannot catch SIGSTOP, we _can_ catch SIGCONT and set
/dev/tty to raw mode when running in the foreground. Ignore SIGCONT
in suspend_sudo_pty() so we don't call resume_terminal() twice.
This fixes a hang when there is /dev/tty data in a buffer to be
flushed by the final call to del_io_events(). We do not want to
re-enable the reader when flushing the buffers as part of pty_finish().
See PR #247 for analysis of the problem and how to reproduce it.
We have to replace argv[0] with the pathname for the policy check
but want to restore it afterwards if the policy has not changed the
command's path name to avoid a mismatch later on.
If sudo is not the process group leader and stdin is not a tty, we
may be running as a background job via a shell script. Start the
command in the background to avoid changing the terminal mode from
a background process. GitHub issue #237
When sudo is not the process group leader, we still need to stop
sudo's process group and not just the sudo process itself. If we
only send the signal to sudo itself, the shell will not notice if
it is not in monitor mode. This can happen when sudo is run from
a shell script, for example. In this case we need to signal the
shell itself. If the process group leader is no longer present,
we must kill the command since there will be no one to resume us.
If we reallocate the buffer (via growbuf()) in ptrace_read_vec(),
the address of argbuf may change. If so, the value stored in
pathname will no longer be valid. GitHub issue #194.
The sudo.conf file is considered a trusted source of information
and these checks suffer from TOCTOU issues anyway. The checks
complicate loading of shared objects since we need to perform
fallback processing twice.
If the .so file is missing but the .a file exists, try to dlopen()
the AIX .a file using the .so name as the member. We need to avoid
breaking existing configurations if the type of AIX shared library
changes when sudo is upgraded.
This removes the need to use the -brtl linker flag which can cause
problems when there are both a .so and .a version of the same library
but with different versions. This was particularly problematic
when using the AIX freeware version of OpenSSL. The --with-aix-soname=svr4
option can be used to build SVR4-style shared libs instead.
