We need to switch from SUDO_EV_WRITE to SUDO_EV_READ for this case.
Also make the tls connect events private to tls_timed_connect()
with their own closure. There is no need to store them in the
client closure.
Fixes sudoedit on macOS 10.15 and above where the root file system
is mounted read-only. See https://support.apple.com/en-us/HT210650.
From Dan Villiom Podlaski Christiansen. Bug #913
Now that we call fmt_exit_message() from client_close() we do not
need to try to determine whether the read or write events were
pending in the old base.
We can't tell anyway because the active flag in the event was cleared
when the old sudo event base was destroyed. It is correct to enable
both the read and write events after formatting the ExitMessage.
Otherwise, LD_LIBRARY_PATH does not work when running the tests.
The GNU linker's --enable-new-dtags can be used to do this.
We don't do this on NetBSD where RPATH already supports LD_LIBRARY_PATH.
If both sudoers policy and I/O log plugins are loaded, debug_files
will be empty when the I/O plugin is initialized. This changes the
logic to always increase the reference count if the instance is valid.
The warning message said the later I/O plugin was ignored but it
actually overwrote the existing one instead.
The first registered plugin of the same name now is used, as was intended.
Specifying more than one policy plugin is no longer a fatal error;
this allows the admin to fix the situation.
If the debug sudoers subsystem is not registered, because it does not
get any file names to deal with (TAILQ_EMPTY(debug_files)), deregistration
of the subsystem outputs a warning:
sudo: sudo_debug_deregister_v1: invalid instance ID -1, max -1
This patch prevents that by only increasing the refcount if the
debug_instance was registered successfully.
Examples are installed by default to "docdir", which refers to
PACKAGE_TARNAME variable which was empty for the python plugin Makefile.in
So the examples were installed to '.../share/doc/examples' instead
of '.../share/doc/sudo/examples'. This also made them be skipped from the
package.
Also the install target now depends on install-doc so the examples
gets installed also (similarly as other examples).
EINVAL. On NetBSD, setrlimit(2) can return EINVAL if the new soft
limit is lower than the current resource usage. This can be a
problem when restoring the old stack limit if sudo has raised it.
