If not set, s\bsu\bud\bdo\bo will base the new entry on the
invoking user's existing entry.
+ exec_background=bool
+ By default, s\bsu\bud\bdo\bo runs a command as the foreground
+ process as long as s\bsu\bud\bdo\bo itself is running in the
+ foreground. When _\be_\bx_\be_\bc_\b__\bb_\ba_\bc_\bk_\bg_\br_\bo_\bu_\bn_\bd is enabled and the
+ command is being run in a pty (due to I/O logging or
+ the _\bu_\bs_\be_\b__\bp_\bt_\by setting), the command will be run as a
+ background process. Attempts to read from the
+ controlling terminal (or to change terminal settings)
+ will result in the command being suspended with the
+ SIGTTIN signal (or SIGTTOU in the case of terminal
+ settings). If this happens when s\bsu\bud\bdo\bo is a foreground
+ process, the command will be granted the controlling
+ terminal and resumed in the foreground with no user
+ intervention required. The advantage of initially
+ running the command in the background is that s\bsu\bud\bdo\bo need
+ not read from the terminal unless the command
+ explicitly requests it. Otherwise, any terminal input
+ must be passed to the command, whether it has required
+ it or not (the kernel buffers terminals so it is not
+ possible to tell whether the command really wants the
+ input). This is different from historic _\bs_\bu_\bd_\bo behavior
+ or when the command is not being run in a pty.
+
+ For this to work seamlessly, the operating system must
+ support the automatic restarting of system calls.
+ Unfortunately, not all operating systems do this by
+ default, and even those that do may have bugs. For
+ example, Mac OS X fails to restart the t\btc\bcg\bge\bet\bta\bat\btt\btr\br() and
+ t\btc\bcs\bse\bet\bta\bat\btt\btr\br() system calls (this is a bug in Mac OS X).
+ Furthermore, because this behavior depends on the
+ command stopping with the SIGTTIN or SIGTTOU signals,
+ programs that catch these signals and suspend
+ themselves with a different signal (usually SIGTOP)
+ will not be automatically foregrounded. Some versions
+ of the linux su(1) command behave this way. Because of
+ this, a plugin should not set _\be_\bx_\be_\bc_\b__\bb_\ba_\bc_\bk_\bg_\br_\bo_\bu_\bn_\bd unless it
+ is explicitly enabled by the administrator and there
+ should be a way to enabled or disable it on a per-
+ command basis.
+
+ This setting has no effect unless I/O logging is
+ enabled or _\bu_\bs_\be_\b__\bp_\bt_\by is enabled.
+
Unsupported values will be ignored.
argv_out
file distributed with s\bsu\bud\bdo\bo or http://www.sudo.ws/sudo/license.html for
complete details.
-Sudo 1.8.7 November 26, 2012 Sudo 1.8.7
+Sudo 1.8.7 Janurary 11, 2013 Sudo 1.8.7
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM sudo_plugin.mdoc.in
.\"
-.\" Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+.\" Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.TH "SUDO_PLUGIN" "5" "November 26, 2012" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual"
+.TH "SUDO_PLUGIN" "5" "Janurary 11, 2013" "Sudo @PACKAGE_VERSION@" "OpenBSD Programmer's Manual"
.nh
.if n .ad l
.SH "NAME"
\fBsudo\fR
will base the new entry on
the invoking user's existing entry.
+.TP 6n
+exec_background=bool
+By default,
+\fBsudo\fR
+runs a command as the foreground process as long as
+\fBsudo\fR
+itself is running in the foreground.
+When
+\fIexec_background\fR
+is enabled and the command is being run in a pty (due to I/O logging
+or the
+\fIuse_pty\fR
+setting), the command will be run as a background process.
+Attempts to read from the controlling terminal (or to change terminal
+settings) will result in the command being suspended with the
+\fRSIGTTIN\fR
+signal (or
+\fRSIGTTOU\fR
+in the case of terminal settings).
+If this happens when
+\fBsudo\fR
+is a foreground process, the command will be granted the controlling terminal
+and resumed in the foreground with no user intervention required.
+The advantage of initially running the command in the background is that
+\fBsudo\fR
+need not read from the terminal unless the command explicitly requests it.
+Otherwise, any terminal input must be passed to the command, whether it
+has required it or not (the kernel buffers terminals so it is not possible
+to tell whether the command really wants the input).
+This is different from historic
+\fIsudo\fR
+behavior or when the command is not being run in a pty.
+.sp
+For this to work seamlessly, the operating system must support the
+automatic restarting of system calls.
+Unfortunately, not all operating systems do this by default,
+and even those that do may have bugs.
+For example, Mac OS X fails to restart the
+\fBtcgetattr\fR()
+and
+\fBtcsetattr\fR()
+system calls (this is a bug in Mac OS X).
+Furthermore, because this behavior depends on the command stopping with the
+\fRSIGTTIN\fR
+or
+\fRSIGTTOU\fR
+signals, programs that catch these signals and suspend themselves
+with a different signal (usually
+\fRSIGTOP\fR)
+will not be automatically foregrounded.
+Some versions of the linux
+su(1)
+command behave this way.
+Because of this, a plugin should not set
+\fIexec_background\fR
+unless it is explicitly enabled by the administrator and there should
+be a way to enabled or disable it on a per-command basis.
+.sp
+This setting has no effect unless I/O logging is enabled or
+\fIuse_pty\fR
+is enabled.
.PP
Unsupported values will be ignored.
.PP
.\"
-.\" Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+.\" Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd November 26, 2012
+.Dd Janurary 11, 2013
.Dt SUDO_PLUGIN @mansectform@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
.Nm sudo
will base the new entry on
the invoking user's existing entry.
+.It exec_background=bool
+By default,
+.Nm sudo
+runs a command as the foreground process as long as
+.Nm sudo
+itself is running in the foreground.
+When
+.Em exec_background
+is enabled and the command is being run in a pty (due to I/O logging
+or the
+.Em use_pty
+setting), the command will be run as a background process.
+Attempts to read from the controlling terminal (or to change terminal
+settings) will result in the command being suspended with the
+.Dv SIGTTIN
+signal (or
+.Dv SIGTTOU
+in the case of terminal settings).
+If this happens when
+.Nm sudo
+is a foreground process, the command will be granted the controlling terminal
+and resumed in the foreground with no user intervention required.
+The advantage of initially running the command in the background is that
+.Nm sudo
+need not read from the terminal unless the command explicitly requests it.
+Otherwise, any terminal input must be passed to the command, whether it
+has required it or not (the kernel buffers terminals so it is not possible
+to tell whether the command really wants the input).
+This is different from historic
+.Em sudo
+behavior or when the command is not being run in a pty.
+.Pp
+For this to work seamlessly, the operating system must support the
+automatic restarting of system calls.
+Unfortunately, not all operating systems do this by default,
+and even those that do may have bugs.
+For example, Mac OS X fails to restart the
+.Fn tcgetattr
+and
+.Fn tcsetattr
+system calls (this is a bug in Mac OS X).
+Furthermore, because this behavior depends on the command stopping with the
+.Dv SIGTTIN
+or
+.Dv SIGTTOU
+signals, programs that catch these signals and suspend themselves
+with a different signal (usually
+.Dv SIGTOP )
+will not be automatically foregrounded.
+Some versions of the linux
+.Xr su 1
+command behave this way.
+Because of this, a plugin should not set
+.Em exec_background
+unless it is explicitly enabled by the administrator and there should
+be a way to enabled or disable it on a per-command basis.
+.Pp
+This setting has no effect unless I/O logging is enabled or
+.Em use_pty
+is enabled.
.El
.Pp
Unsupported values will be ignored.
This flag is _\bo_\bn by default when s\bsu\bud\bdo\bo is compiled with
z\bzl\bli\bib\bb support.
+ exec_background By default, s\bsu\bud\bdo\bo runs a command as the foreground
+ process as long as s\bsu\bud\bdo\bo itself is running in the
+ foreground. When the _\be_\bx_\be_\bc_\b__\bb_\ba_\bc_\bk_\bg_\br_\bo_\bu_\bn_\bd flag is enabled
+ and the command is being run in a pty (due to I/O
+ logging or the _\bu_\bs_\be_\b__\bp_\bt_\by flag), the command will be run
+ as a background process. Attempts to read from the
+ controlling terminal (or to change terminal settings)
+ will result in the command being suspended with the
+ SIGTTIN signal (or SIGTTOU in the case of terminal
+ settings). If this happens when s\bsu\bud\bdo\bo is a foreground
+ process, the command will be granted the controlling
+ terminal and resumed in the foreground with no user
+ intervention required. The advantage of initially
+ running the command in the background is that s\bsu\bud\bdo\bo need
+ not read from the terminal unless the command
+ explicitly requests it. Otherwise, any terminal input
+ must be passed to the command, whether it has required
+ it or not (the kernel buffers terminals so it is not
+ possible to tell whether the command really wants the
+ input). This is different from historic _\bs_\bu_\bd_\bo behavior
+ or when the command is not being run in a pty.
+
+ For this to work seamlessly, the operating system must
+ support the automatic restarting of system calls.
+ Unfortunately, not all operating systems do this by
+ default, and even those that do may have bugs. For
+ example, Mac OS X fails to restart the t\btc\bcg\bge\bet\bta\bat\btt\btr\br() and
+ t\btc\bcs\bse\bet\bta\bat\btt\btr\br() system calls (this is a bug in Mac OS X).
+ Furthermore, because this behavior depends on the
+ command stopping with the SIGTTIN or SIGTTOU signals,
+ programs that catch these signals and suspend
+ themselves with a different signal (usually SIGTOP)
+ will not be automatically foregrounded. Some versions
+ of the linux su(1) command behave this way.
+
+ This setting has no effect unless I/O logging is
+ enabled or _\bu_\bs_\be_\b__\bp_\bt_\by is enabled.
+
env_editor If set, v\bvi\bis\bsu\bud\bdo\bo will use the value of the EDITOR or
VISUAL environment variables before falling back on the
default editor list. Note that this may create a
file distributed with s\bsu\bud\bdo\bo or http://www.sudo.ws/sudo/license.html for
complete details.
-Sudo 1.8.6 October 23, 2012 Sudo 1.8.6
+Sudo 1.8.7 October 23, 2012 Sudo 1.8.7
.\" DO NOT EDIT THIS FILE, IT IS NOT THE MASTER!
.\" IT IS GENERATED AUTOMATICALLY FROM sudoers.mdoc.in
.\"
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2013
.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
\fBzlib\fR
support.
.TP 18n
+exec_background
+By default,
+\fBsudo\fR
+runs a command as the foreground process as long as
+\fBsudo\fR
+itself is running in the foreground.
+When the
+\fIexec_background\fR
+flag is enabled and the command is being run in a pty (due to I/O logging
+or the
+\fIuse_pty\fR
+flag), the command will be run as a background process.
+Attempts to read from the controlling terminal (or to change terminal
+settings) will result in the command being suspended with the
+\fRSIGTTIN\fR
+signal (or
+\fRSIGTTOU\fR
+in the case of terminal settings).
+If this happens when
+\fBsudo\fR
+is a foreground process, the command will be granted the controlling terminal
+and resumed in the foreground with no user intervention required.
+The advantage of initially running the command in the background is that
+\fBsudo\fR
+need not read from the terminal unless the command explicitly requests it.
+Otherwise, any terminal input must be passed to the command, whether it
+has required it or not (the kernel buffers terminals so it is not possible
+to tell whether the command really wants the input).
+This is different from historic
+\fIsudo\fR
+behavior or when the command is not being run in a pty.
+.sp
+For this to work seamlessly, the operating system must support the
+automatic restarting of system calls.
+Unfortunately, not all operating systems do this by default,
+and even those that do may have bugs.
+For example, Mac OS X fails to restart the
+\fBtcgetattr\fR()
+and
+\fBtcsetattr\fR()
+system calls (this is a bug in Mac OS X).
+Furthermore, because this behavior depends on the command stopping with the
+\fRSIGTTIN\fR
+or
+\fRSIGTTOU\fR
+signals, programs that catch these signals and suspend themselves
+with a different signal (usually
+\fRSIGTOP\fR)
+will not be automatically foregrounded.
+Some versions of the linux
+su(1)
+command behave this way.
+.sp
+This setting has no effect unless I/O logging is enabled or
+\fIuse_pty\fR
+is enabled.
+.TP 18n
env_editor
If set,
\fBvisudo\fR
.\"
-.\" Copyright (c) 1994-1996, 1998-2005, 2007-2012
+.\" Copyright (c) 1994-1996, 1998-2005, 2007-2013
.\" Todd C. Miller <Todd.Miller@courtesan.com>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" Agency (DARPA) and Air Force Research Laboratory, Air Force
.\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
.\"
-.Dd October 23, 2012
+.Dd January 11, 2013
.Dt SUDOERS @mansectform@
.Os Sudo @PACKAGE_VERSION@
.Sh NAME
is compiled with
.Sy zlib
support.
+.It exec_background
+By default,
+.Nm sudo
+runs a command as the foreground process as long as
+.Nm sudo
+itself is running in the foreground.
+When the
+.Em exec_background
+flag is enabled and the command is being run in a pty (due to I/O logging
+or the
+.Em use_pty
+flag), the command will be run as a background process.
+Attempts to read from the controlling terminal (or to change terminal
+settings) will result in the command being suspended with the
+.Dv SIGTTIN
+signal (or
+.Dv SIGTTOU
+in the case of terminal settings).
+If this happens when
+.Nm sudo
+is a foreground process, the command will be granted the controlling terminal
+and resumed in the foreground with no user intervention required.
+The advantage of initially running the command in the background is that
+.Nm sudo
+need not read from the terminal unless the command explicitly requests it.
+Otherwise, any terminal input must be passed to the command, whether it
+has required it or not (the kernel buffers terminals so it is not possible
+to tell whether the command really wants the input).
+This is different from historic
+.Em sudo
+behavior or when the command is not being run in a pty.
+.Pp
+For this to work seamlessly, the operating system must support the
+automatic restarting of system calls.
+Unfortunately, not all operating systems do this by default,
+and even those that do may have bugs.
+For example, Mac OS X fails to restart the
+.Fn tcgetattr
+and
+.Fn tcsetattr
+system calls (this is a bug in Mac OS X).
+Furthermore, because this behavior depends on the command stopping with the
+.Dv SIGTTIN
+or
+.Dv SIGTTOU
+signals, programs that catch these signals and suspend themselves
+with a different signal (usually
+.Dv SIGTOP )
+will not be automatically foregrounded.
+Some versions of the linux
+.Xr su 1
+command behave this way.
+.Pp
+This setting has no effect unless I/O logging is enabled or
+.Em use_pty
+is enabled.
.It env_editor
If set,
.Nm visudo
"limitprivs", T_STR,
N_("Set of limit privileges"),
NULL,
+ }, {
+ "exec_background", T_FLAG,
+ N_("Run commands on a pty in the background"),
+ NULL,
}, {
NULL, 0, NULL
}
#define I_PRIVS 80
#define def_limitprivs (sudo_defs_table[81].sd_un.str)
#define I_LIMITPRIVS 81
+#define def_exec_background (sudo_defs_table[82].sd_un.flag)
+#define I_EXEC_BACKGROUND 82
enum def_tuple {
never,
limitprivs
T_STR
"Set of limit privileges"
+exec_background
+ T_FLAG
+ "Run commands on a pty in the background"
/*
- * Copyright (c) 1993-1996, 1998-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1993-1996, 1998-2013 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
error_disable_setjmp();
rewind_perms();
- /* Restore signal handlers before we exec. */
+ /* Restore signal handlers before we return. */
(void) sigaction(SIGINT, &saved_sa_int, NULL);
(void) sigaction(SIGQUIT, &saved_sa_quit, NULL);
(void) sigaction(SIGTSTP, &saved_sa_tstp, NULL);
/*
- * Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
# define winsize ttysize
#endif
-/*
- * Mac OS X has a bug wrt tc[gs]etpgrp where it returns EINTR if interrupted
- * by a signal (usually SIGTTOU or SIGTTIN) instead of being restarted
- * automatically (via ERESTART in the kernel). On other systems we can start
- * the command in the background which prevents sudo from stealing /dev/tty
- * input when it doesn't need to. When the command receives SIGTTOU or SIGTTIN,
- * sudo will continue it in the foreground (assuming sudo is in the foreground).
- */
-#ifdef __APPLE__
-# define TCSETATTR_NO_RESTART
-#endif
-
struct io_buffer {
struct io_buffer *next;
int len; /* buffer length (how much produced) */
sync_ttysize(io_fds[SFD_USERTTY], io_fds[SFD_SLAVE]);
}
-#ifdef TCSETATTR_NO_RESTART
- /* Start out in raw mode if we are not part of a pipeline. */
- if (!pipeline) {
+ /* Start out in raw mode unless part of a pipeline or backgrounded. */
+ if (!pipeline && !ISSET(details->flags, CD_EXEC_BG)) {
ttymode = TERM_RAW;
do {
n = term_raw(io_fds[SFD_USERTTY], 0);
if (!n)
error(1, _("unable to set terminal to raw mode"));
}
-#endif
}
/*
/* Put command in its own process group. */
cmnd_pgrp = cmnd_pid;
setpgid(cmnd_pid, cmnd_pgrp);
-#ifdef TCSETATTR_NO_RESTART
+
/* Make the command the foreground process for the pty slave. */
- if (foreground) {
+ if (foreground && !ISSET(details->flags, CD_EXEC_BG)) {
do {
n = tcsetpgrp(io_fds[SFD_SLAVE], cmnd_pgrp);
} while (n == -1 && errno == EINTR);
}
-#endif
/* Wait for errno on pipe, signal on backchannel or for SIGCHLD */
maxfd = MAX(MAX(errpipe[0], signal_pipe[0]), backchannel);
dup2(io_fds[SFD_STDERR], STDERR_FILENO) == -1)
error(1, "dup2");
-#ifdef TCSETATTR_NO_RESTART
/* Wait for parent to grant us the tty if we are foreground. */
- if (foreground) {
+ if (foreground && !ISSET(details->flags, CD_EXEC_BG)) {
while (tcgetpgrp(io_fds[SFD_SLAVE]) != self)
; /* spin */
}
-#endif
/* We have guaranteed that the slave fd is > 2 */
if (io_fds[SFD_SLAVE] != -1)
/*
- * Copyright (c) 2009-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 2009-2013 Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
break;
}
break;
+ case 'e':
+ if (strncmp("exec_background=", info[i], sizeof("exec_background=") - 1) == 0) {
+ if (atobool(info[i] + sizeof("exec_background=") - 1) == true)
+ SET(details->flags, CD_EXEC_BG);
+ break;
+ }
+ break;
case 'l':
SET_STRING("login_class=", login_class)
break;
/*
- * Copyright (c) 1993-1996, 1998-2005, 2007-2012
+ * Copyright (c) 1993-1996, 1998-2005, 2007-2013
* Todd C. Miller <Todd.Miller@courtesan.com>
*
* Permission to use, copy, modify, and distribute this software for any
#define CD_RBAC_ENABLED 0x0800
#define CD_USE_PTY 0x1000
#define CD_SET_UTMP 0x2000
+#define CD_EXEC_BG 0x4000
struct command_details {
uid_t uid;
projects / sudo / commitdiff