2 * Copyright (c) 2009-2010 Todd C. Miller <Todd.Miller@courtesan.com>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 #include <sys/types.h>
20 #include <sys/param.h>
21 #ifdef HAVE_SYS_SYSMACROS_H
22 # include <sys/sysmacros.h>
24 #include <sys/socket.h>
31 #endif /* HAVE_TERMIOS_H */
32 #include <sys/ioctl.h>
33 #ifdef HAVE_SYS_SELECT_H
34 # include <sys/select.h>
35 #endif /* HAVE_SYS_SELECT_H */
44 #endif /* STDC_HEADERS */
46 # if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS)
50 #endif /* HAVE_STRING_H */
53 #endif /* HAVE_STRINGS_H */
56 #endif /* HAVE_UNISTD_H */
57 #if TIME_WITH_SYS_TIME
65 #include "sudo_exec.h"
77 /* Compatibility with older tty systems. */
78 #if !defined(TIOCGWINSZ) && defined(TIOCGSIZE)
79 # define TIOCGWINSZ TIOCGSIZE
80 # define TIOCSWINSZ TIOCSSIZE
81 # define winsize ttysize
85 struct io_buffer *next;
86 int len; /* buffer length (how much produced) */
87 int off; /* write position (how much already consumed) */
88 int rfd; /* reader (producer) */
89 int wfd; /* writer (consumer) */
90 int (*action) __P((const char *buf, unsigned int len));
94 static char slavename[PATH_MAX];
95 static int foreground;
96 static int io_fds[6] = { -1, -1, -1, -1, -1, -1};
97 static int pipeline = FALSE;
98 static int tty_initialized;
99 static int ttymode = TERM_COOKED;
100 static pid_t ppgrp, child, child_pgrp;
101 static struct io_buffer *iobufs;
103 static void flush_output __P((void));
104 static int exec_monitor __P((const char *path, char *argv[],
105 char *envp[], int, int));
106 static void exec_pty __P((const char *path, char *argv[],
108 static RETSIGTYPE sigwinch __P((int s));
109 static void sync_ttysize __P((int src, int dst));
110 static void deliver_signal __P((pid_t pid, int signo));
111 static int safe_close __P((int fd));
114 * Allocate a pty if /dev/tty is a tty.
115 * Fills in io_fds[SFD_USERTTY], io_fds[SFD_MASTER], io_fds[SFD_SLAVE]
116 * and slavename globals.
122 io_fds[SFD_USERTTY] = open(_PATH_TTY, O_RDWR|O_NOCTTY, 0);
123 if (io_fds[SFD_USERTTY] != -1) {
124 if (!get_pty(&io_fds[SFD_MASTER], &io_fds[SFD_SLAVE],
125 slavename, sizeof(slavename), uid))
126 error(1, "Can't get pty");
131 * Check whether we are running in the foregroup.
132 * Updates the foreground global and does lazy init of the
133 * the pty slave as needed.
138 if (io_fds[SFD_USERTTY] != -1) {
139 foreground = tcgetpgrp(io_fds[SFD_USERTTY]) == ppgrp;
140 if (foreground && !tty_initialized) {
141 if (term_copy(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE])) {
143 sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
150 * Suspend sudo if the underlying command is suspended.
151 * Returns SIGCONT_FG if the child should be resume in the
152 * foreground or SIGCONT_BG if it is a background process.
155 suspend_parent(signo)
159 int n, oldmode = ttymode, rval = 0;
165 * If we are the foreground process, just resume the child.
166 * Otherwise, re-send the signal with the handler disabled.
171 if (ttymode != TERM_RAW) {
173 n = term_raw(io_fds[SFD_USERTTY], 0);
174 } while (!n && errno == EINTR);
177 rval = SIGCONT_FG; /* resume child in foreground */
184 /* Flush any remaining output before suspending. */
187 /* Restore original tty mode before suspending. */
188 if (oldmode != TERM_COOKED) {
190 n = term_restore(io_fds[SFD_USERTTY], 0);
191 } while (!n && errno == EINTR);
194 /* Suspend self and continue child when we resume. */
195 sa.sa_handler = SIG_DFL;
196 sigaction(signo, &sa, &osa);
197 if (killpg(ppgrp, signo) != 0)
198 warning("killpg(%d, %d)", ppgrp, signo);
200 /* Check foreground/background status on resume. */
204 * Only modify term if we are foreground process and either
205 * the old tty mode was not cooked or child got SIGTT{IN,OU}
207 if (ttymode != TERM_COOKED) {
211 n = term_raw(io_fds[SFD_USERTTY], 0);
212 } while (!n && errno == EINTR);
214 /* Background process, no access to tty. */
215 ttymode = TERM_COOKED;
219 sigaction(signo, &osa, NULL);
220 rval = ttymode == TERM_RAW ? SIGCONT_FG : SIGCONT_BG;
228 * Kill child with increasing urgency.
231 terminate_child(pid, use_pgrp)
236 * Note that SIGCHLD will interrupt the sleep()
240 killpg(pid, SIGTERM);
242 killpg(pid, SIGKILL);
252 * Allocate a new io_buffer struct and insert it at the head of the list.
253 * Returns the new head element.
255 static struct io_buffer *
256 io_buf_new(rfd, wfd, action, head)
259 int (*action) __P((const char *, unsigned int));
260 struct io_buffer *head;
262 struct io_buffer *iob;
264 iob = emalloc(sizeof(*iob));
265 zero_bytes(iob, sizeof(*iob));
268 iob->action = action;
274 * Read/write iobufs depending on fdsr and fdsw.
275 * Fills in cstat on error.
276 * Returns the number of errors.
279 perform_io(fdsr, fdsw, cstat)
282 struct command_status *cstat;
284 struct io_buffer *iob;
287 for (iob = iobufs; iob; iob = iob->next) {
288 if (iob->rfd != -1 && FD_ISSET(iob->rfd, fdsr)) {
290 n = read(iob->rfd, iob->buf + iob->len,
291 sizeof(iob->buf) - iob->len);
292 } while (n == -1 && errno == EINTR);
297 if (errno != ENXIO && errno != EBADF) {
303 /* got EOF or pty has gone away */
304 safe_close(iob->rfd);
308 if (!iob->action(iob->buf + iob->len, n))
309 terminate_child(child, TRUE);
314 if (iob->wfd != -1 && FD_ISSET(iob->wfd, fdsw)) {
316 n = write(iob->wfd, iob->buf + iob->off,
317 iob->len - iob->off);
318 } while (n == -1 && errno == EINTR);
320 if (errno == EPIPE || errno == ENXIO || errno == EBADF) {
321 /* other end of pipe closed or pty revoked */
322 if (iob->rfd != -1) {
323 safe_close(iob->rfd);
326 safe_close(iob->wfd);
337 if (errors && cstat != NULL) {
338 cstat->type = CMD_ERRNO;
345 * Fork a monitor process which runs the actual command as its own child
346 * process with std{in,out,err} hooked up to the pty or pipes as appropriate.
347 * Returns the child pid.
350 fork_pty(path, argv, envp, sv, rbac_enabled, maxfd)
358 struct command_status cstat;
359 struct io_buffer *iob;
360 int io_pipe[3][2], n;
363 ppgrp = getpgrp(); /* parent's pgrp, so child can signal us */
365 zero_bytes(&sa, sizeof(sa));
366 sigemptyset(&sa.sa_mask);
368 if (io_fds[SFD_USERTTY] != -1) {
369 sa.sa_flags = SA_RESTART;
370 sa.sa_handler = sigwinch;
371 sigaction(SIGWINCH, &sa, NULL);
375 * Setup stdin/stdout/stderr for child, to be duped after forking.
377 io_fds[SFD_STDIN] = io_fds[SFD_SLAVE];
378 io_fds[SFD_STDOUT] = io_fds[SFD_SLAVE];
379 io_fds[SFD_STDERR] = io_fds[SFD_SLAVE];
381 /* Copy /dev/tty -> pty master */
382 if (io_fds[SFD_USERTTY] != -1) {
383 iobufs = io_buf_new(io_fds[SFD_USERTTY], io_fds[SFD_MASTER],
386 /* Copy pty master -> /dev/tty */
387 iobufs = io_buf_new(io_fds[SFD_MASTER], io_fds[SFD_USERTTY],
390 /* Are we the foreground process? */
391 foreground = tcgetpgrp(io_fds[SFD_USERTTY]) == ppgrp;
395 * If either stdin, stdout or stderr is not a tty we use a pipe
396 * to interpose ourselves instead of duping the pty fd.
398 memset(io_pipe, 0, sizeof(io_pipe));
399 if (io_fds[SFD_STDIN] == -1 || !isatty(STDIN_FILENO)) {
401 if (pipe(io_pipe[STDIN_FILENO]) != 0)
402 error(1, "unable to create pipe");
403 iobufs = io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
405 io_fds[SFD_STDIN] = io_pipe[STDIN_FILENO][0];
407 if (io_fds[SFD_STDOUT] == -1 || !isatty(STDOUT_FILENO)) {
409 if (pipe(io_pipe[STDOUT_FILENO]) != 0)
410 error(1, "unable to create pipe");
411 iobufs = io_buf_new(io_pipe[STDOUT_FILENO][0], STDOUT_FILENO,
413 io_fds[SFD_STDOUT] = io_pipe[STDOUT_FILENO][1];
415 if (io_fds[SFD_STDERR] == -1 || !isatty(STDERR_FILENO)) {
416 if (pipe(io_pipe[STDERR_FILENO]) != 0)
417 error(1, "unable to create pipe");
418 iobufs = io_buf_new(io_pipe[STDERR_FILENO][0], STDERR_FILENO,
420 io_fds[SFD_STDERR] = io_pipe[STDERR_FILENO][1];
423 /* Job control signals to relay from parent to child. */
424 sa.sa_flags = SA_INTERRUPT; /* do not restart syscalls */
425 sa.sa_handler = handler;
426 sigaction(SIGTSTP, &sa, NULL);
429 /* Copy terminal attrs from user tty -> pty slave. */
430 if (term_copy(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE])) {
432 sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
435 /* Start out in raw mode if we are not part of a pipeline. */
439 n = term_raw(io_fds[SFD_USERTTY], 0);
440 } while (!n && errno == EINTR);
442 error(1, "Can't set terminal to raw mode");
454 close(signal_pipe[0]);
455 close(signal_pipe[1]);
456 fcntl(sv[1], F_SETFD, FD_CLOEXEC);
457 if (exec_setup(rbac_enabled, slavename, io_fds[SFD_SLAVE]) == TRUE) {
458 /* Close the other end of the stdin/stdout/stderr pipes and exec. */
459 if (io_pipe[STDIN_FILENO][1])
460 close(io_pipe[STDIN_FILENO][1]);
461 if (io_pipe[STDOUT_FILENO][0])
462 close(io_pipe[STDOUT_FILENO][0]);
463 if (io_pipe[STDERR_FILENO][0])
464 close(io_pipe[STDERR_FILENO][0]);
465 exec_monitor(path, argv, envp, sv[1], rbac_enabled);
467 cstat.type = CMD_ERRNO;
469 send(sv[1], &cstat, sizeof(cstat), 0);
473 /* Close the other end of the stdin/stdout/stderr pipes. */
474 if (io_pipe[STDIN_FILENO][0])
475 close(io_pipe[STDIN_FILENO][0]);
476 if (io_pipe[STDOUT_FILENO][1])
477 close(io_pipe[STDOUT_FILENO][1]);
478 if (io_pipe[STDERR_FILENO][1])
479 close(io_pipe[STDERR_FILENO][1]);
481 for (iob = iobufs; iob; iob = iob->next) {
483 if (iob->rfd > *maxfd)
485 if (iob->wfd > *maxfd)
488 /* Set non-blocking mode. */
489 n = fcntl(iob->rfd, F_GETFL, 0);
490 if (n != -1 && !ISSET(n, O_NONBLOCK))
491 (void) fcntl(iob->rfd, F_SETFL, n | O_NONBLOCK);
492 n = fcntl(iob->wfd, F_GETFL, 0);
493 if (n != -1 && !ISSET(n, O_NONBLOCK))
494 (void) fcntl(iob->wfd, F_SETFL, n | O_NONBLOCK);
501 * Flush any remaining output and restore /dev/tty to the way we found it.
502 * If the command died due to a signal, writes the reason to stdout.
506 struct command_status *cstat;
510 /* Flush any remaining output (the plugin already got it) */
511 if (io_fds[SFD_USERTTY] != -1) {
512 n = fcntl(io_fds[SFD_USERTTY], F_GETFL, 0);
513 if (n != -1 && ISSET(n, O_NONBLOCK)) {
515 (void) fcntl(io_fds[SFD_USERTTY], F_SETFL, n);
520 if (io_fds[SFD_USERTTY] != -1) {
522 n = term_restore(io_fds[SFD_USERTTY], 0);
523 } while (!n && errno == EINTR);
526 /* If child was signalled, write the reason to stdout like the shell. */
527 if (cstat->type == CMD_WSTATUS && WIFSIGNALED(cstat->val)) {
528 int signo = WTERMSIG(cstat->val);
529 if (signo && signo != SIGINT && signo != SIGPIPE) {
530 const char *reason = strsignal(signo);
531 n = io_fds[SFD_USERTTY] != -1 ?
532 io_fds[SFD_USERTTY] : STDOUT_FILENO;
533 if (write(n, reason, strlen(reason)) != -1) {
534 if (WCOREDUMP(cstat->val)) {
535 if (write(n, " (core dumped)", 14) == -1)
538 if (write(n, "\n", 1) == -1)
547 * Fill in fdsr and fdsw based on the io buffers list.
548 * Called prior to select().
551 fd_set_iobs(fdsr, fdsw)
555 struct io_buffer *iob;
557 for (iob = iobufs; iob; iob = iob->next) {
558 if (iob->rfd == -1 && iob->wfd == -1)
560 if (iob->off == iob->len) {
561 iob->off = iob->len = 0;
562 /* Forward the EOF from reader to writer. */
563 if (iob->rfd == -1) {
564 safe_close(iob->wfd);
568 /* Don't read/write /dev/tty if we are not in the foreground. */
569 if (iob->rfd != -1 &&
570 (ttymode == TERM_RAW || iob->rfd != io_fds[SFD_USERTTY])) {
571 if (iob->len != sizeof(iob->buf))
572 FD_SET(iob->rfd, fdsr);
574 if (iob->wfd != -1 &&
575 (foreground || iob->wfd != io_fds[SFD_USERTTY])) {
576 if (iob->len > iob->off)
577 FD_SET(iob->wfd, fdsw);
583 * Deliver a relayed signal to the command.
586 deliver_signal(pid, signo)
592 /* Handle signal from parent. */
595 /* Continue in foreground, grant it controlling tty. */
597 status = tcsetpgrp(io_fds[SFD_SLAVE], child_pgrp);
598 } while (status == -1 && errno == EINTR);
599 killpg(pid, SIGCONT);
602 /* Continue in background, I take controlling tty. */
604 status = tcsetpgrp(io_fds[SFD_SLAVE], getpid());
605 } while (status == -1 && errno == EINTR);
606 killpg(pid, SIGCONT);
612 /* Relay signal to child. */
619 * Send status to parent over socketpair.
620 * Return value is the same as send(2).
623 send_status(fd, cstat)
625 struct command_status *cstat;
629 if (cstat->type != CMD_INVALID) {
631 n = send(fd, cstat, sizeof(*cstat), 0);
632 } while (n == -1 && errno == EINTR);
633 cstat->type = CMD_INVALID; /* prevent re-sending */
639 * Wait for child status after receiving SIGCHLD.
640 * If the child was stopped, the status is send back to the parent.
641 * Otherwise, cstat is filled in but not sent.
642 * Returns TRUE if child is still alive, else FALSE.
645 handle_sigchld(backchannel, cstat)
647 struct command_status *cstat;
649 int status, alive = TRUE;
652 /* read child status */
655 pid = sudo_waitpid(child, &status, WUNTRACED|WNOHANG);
659 } while (pid == -1 && errno == EINTR);
661 if (cstat->type != CMD_ERRNO) {
662 cstat->type = CMD_WSTATUS;
664 if (WIFSTOPPED(status)) {
666 child_pgrp = tcgetpgrp(io_fds[SFD_SLAVE]);
667 } while (child_pgrp == -1 && errno == EINTR);
668 if (send_status(backchannel, cstat) == -1)
669 return alive; /* XXX */
672 if (!WIFSTOPPED(status))
679 * Monitor process that creates a new session with the controlling tty,
680 * resets signal handlers and forks a child to call exec_pty().
681 * Waits for status changes from the command and relays them to the
682 * parent and relays signals from the parent to the command.
683 * Returns an error if fork(2) fails, else calls _exit(2).
686 exec_monitor(path, argv, envp, backchannel, rbac)
693 struct command_status cstat;
697 int errpipe[2], maxfd, n, status;
701 /* Close unused fds. */
702 if (io_fds[SFD_MASTER] != -1)
703 close(io_fds[SFD_MASTER]);
704 if (io_fds[SFD_USERTTY] != -1)
705 close(io_fds[SFD_USERTTY]);
708 * We use a pipe to atomically handle signal notification within
711 if (pipe_nonblock(signal_pipe) != 0)
712 error(1, "cannot create pipe");
714 /* Reset SIGWINCH. */
715 zero_bytes(&sa, sizeof(sa));
716 sigemptyset(&sa.sa_mask);
717 sa.sa_flags = SA_RESTART;
718 sa.sa_handler = SIG_DFL;
719 sigaction(SIGWINCH, &sa, NULL);
721 /* Ignore any SIGTTIN or SIGTTOU we get. */
722 sa.sa_handler = SIG_IGN;
723 sigaction(SIGTTIN, &sa, NULL);
724 sigaction(SIGTTOU, &sa, NULL);
726 /* Note: HP-UX select() will not be interrupted if SA_RESTART set */
727 sa.sa_flags = SA_INTERRUPT;
728 sa.sa_handler = handler;
729 sigaction(SIGCHLD, &sa, NULL);
732 * Start a new session with the parent as the session leader
733 * and the slave pty as the controlling terminal.
734 * This allows us to be notified when the child has been suspended.
736 if (setsid() == -1) {
740 if (io_fds[SFD_SLAVE] != -1) {
742 if (ioctl(io_fds[SFD_SLAVE], TIOCSCTTY, NULL) != 0)
743 error(1, "unable to set controlling tty");
745 /* Set controlling tty by reopening slave. */
746 if ((n = open(slavename, O_RDWR)) >= 0)
752 * If stdin/stdout is not a tty, start command in the background
753 * since it might be part of a pipeline that reads from /dev/tty.
754 * In this case, we rely on the command receiving SIGTTOU or SIGTTIN
755 * when it needs access to the controlling tty.
760 /* Start command and wait for it to stop or exit */
761 if (pipe(errpipe) == -1)
762 error(1, "unable to create pipe");
765 warning("Can't fork");
769 /* We pass errno back to our parent via pipe on exec failure. */
771 close(signal_pipe[0]);
772 close(signal_pipe[1]);
774 fcntl(errpipe[1], F_SETFD, FD_CLOEXEC);
777 /* setup tty and exec command */
778 exec_pty(path, argv, envp, rbac);
779 cstat.type = CMD_ERRNO;
781 if (write(errpipe[1], &cstat, sizeof(cstat)) == -1)
787 /* If any of stdin/stdout/stderr are pipes, close them in parent. */
788 if (io_fds[SFD_STDIN] != io_fds[SFD_SLAVE])
789 close(io_fds[SFD_STDIN]);
790 if (io_fds[SFD_STDOUT] != io_fds[SFD_SLAVE])
791 close(io_fds[SFD_STDOUT]);
792 if (io_fds[SFD_STDERR] != io_fds[SFD_SLAVE])
793 close(io_fds[SFD_STDERR]);
796 * Put child in its own process group. If we are starting the command
797 * in the foreground, assign its pgrp to the tty.
800 setpgid(child, child_pgrp);
803 status = tcsetpgrp(io_fds[SFD_SLAVE], child_pgrp);
804 } while (status == -1 && errno == EINTR);
807 /* Wait for errno on pipe, signal on backchannel or for SIGCHLD */
808 maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
809 fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
810 zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
811 zero_bytes(&cstat, sizeof(cstat));
815 /* Check for signal on backchannel or errno on errpipe. */
816 FD_SET(backchannel, fdsr);
817 FD_SET(signal_pipe[0], fdsr);
818 if (errpipe[0] != -1)
819 FD_SET(errpipe[0], fdsr);
820 maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
822 /* If command exited we just poll, there may be data on errpipe. */
823 n = select(maxfd + 1, fdsr, NULL, NULL, alive ? NULL : &tv);
829 error(1, "select failed");
832 if (FD_ISSET(signal_pipe[0], fdsr)) {
833 n = read(signal_pipe[0], &signo, sizeof(signo));
835 if (errno == EINTR || errno == EAGAIN)
837 warning("error reading from signal pipe");
841 * Handle SIGCHLD specially and deliver other signals
842 * directly to the child.
844 if (signo == SIGCHLD)
845 alive = handle_sigchld(backchannel, &cstat);
847 deliver_signal(child, signo);
850 if (errpipe[0] != -1 && FD_ISSET(errpipe[0], fdsr)) {
851 /* read errno or EOF from command pipe */
852 n = read(errpipe[0], &cstat, sizeof(cstat));
856 warning("error reading from pipe");
859 /* Got errno or EOF, either way we are done with errpipe. */
860 FD_CLR(errpipe[0], fdsr);
864 if (FD_ISSET(backchannel, fdsr)) {
865 struct command_status cstmp;
867 /* read command from backchannel, should be a signal */
868 n = recv(backchannel, &cstmp, sizeof(cstmp), 0);
872 warning("error reading from socketpair");
875 if (cstmp.type != CMD_SIGNO) {
876 warningx("unexpected reply type on backchannel: %d", cstmp.type);
879 deliver_signal(child, cstmp.val);
885 /* XXX An error occurred, should send an error back. */
886 kill(child, SIGKILL);
888 /* Send parent status. */
889 send_status(backchannel, &cstat);
898 * Flush any output buffered in iobufs or readable from the fds.
899 * Does not read from /dev/tty.
904 struct io_buffer *iob;
907 int nready, nwriters, maxfd = -1;
909 /* Determine maxfd */
910 for (iob = iobufs; iob; iob = iob->next) {
911 if (iob->rfd > maxfd)
913 if (iob->wfd > maxfd)
919 fdsr = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
920 fdsw = (fd_set *)emalloc2(howmany(maxfd + 1, NFDBITS), sizeof(fd_mask));
922 zero_bytes(fdsw, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
923 zero_bytes(fdsr, howmany(maxfd + 1, NFDBITS) * sizeof(fd_mask));
926 for (iob = iobufs; iob; iob = iob->next) {
927 /* Don't read from /dev/tty while flushing. */
928 if (io_fds[SFD_USERTTY] != -1 && iob->rfd == io_fds[SFD_USERTTY])
930 if (iob->rfd == -1 && iob->wfd == -1)
932 if (iob->off == iob->len) {
933 iob->off = iob->len = 0;
934 /* Forward the EOF from reader to writer. */
935 if (iob->rfd == -1) {
936 safe_close(iob->wfd);
940 if (iob->rfd != -1) {
941 if (iob->len != sizeof(iob->buf))
942 FD_SET(iob->rfd, fdsr);
944 if (iob->wfd != -1) {
945 if (iob->len > iob->off) {
947 FD_SET(iob->wfd, fdsw);
952 /* Don't sleep in select if there are no buffers that need writing. */
955 nready = select(maxfd + 1, fdsr, fdsw, NULL, nwriters ? NULL : &tv);
958 break; /* all I/O flushed */
961 error(1, "select failed");
963 if (perform_io(fdsr, fdsw, NULL) != 0)
971 * Sets up std{in,out,err} and executes the actual command.
972 * Returns only if execve() fails.
975 exec_pty(path, argv, envp, rbac_enabled)
981 pid_t self = getpid();
983 /* Set child process group here too to avoid a race. */
986 /* Wire up standard fds, note that stdout/stderr may be pipes. */
987 if (dup2(io_fds[SFD_STDIN], STDIN_FILENO) == -1 ||
988 dup2(io_fds[SFD_STDOUT], STDOUT_FILENO) == -1 ||
989 dup2(io_fds[SFD_STDERR], STDERR_FILENO) == -1)
992 /* Wait for parent to grant us the tty if we are foreground. */
994 while (tcgetpgrp(io_fds[SFD_SLAVE]) != self)
998 /* We have guaranteed that the slave fd is > 2 */
999 if (io_fds[SFD_SLAVE] != -1)
1000 close(io_fds[SFD_SLAVE]);
1001 if (io_fds[SFD_STDIN] != io_fds[SFD_SLAVE])
1002 close(io_fds[SFD_STDIN]);
1003 if (io_fds[SFD_STDOUT] != io_fds[SFD_SLAVE])
1004 close(io_fds[SFD_STDOUT]);
1005 if (io_fds[SFD_STDERR] != io_fds[SFD_SLAVE])
1006 close(io_fds[SFD_STDERR]);
1008 closefrom(def_closefrom);
1011 selinux_execve(path, argv, envp);
1014 my_execve(path, argv, envp);
1018 * Propagates tty size change signals to pty being used by the command.
1021 sync_ttysize(src, dst)
1026 struct winsize wsize;
1029 if (ioctl(src, TIOCGWINSZ, &wsize) == 0) {
1030 ioctl(dst, TIOCSWINSZ, &wsize);
1031 if ((pgrp = tcgetpgrp(dst)) != -1)
1032 killpg(pgrp, SIGWINCH);
1038 * Handler for SIGWINCH in parent.
1046 sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
1051 * Only close the fd if it is not /dev/tty or std{in,out,err}.
1052 * Return value is the same as send(2).
1058 /* Avoid closing /dev/tty or std{in,out,err}. */
1059 if (fd < 3 || fd == io_fds[SFD_USERTTY]) {
projects / debian / sudo / blob