Don't wait for child to finish in log_error(), let the signal handler

get it if we are still running, else let init reap it for us.  The extra
time it takes to wait lets the user know that mail is being sent.

Install SIGCHLD handler in main() and for POSIX signals, block everything
*except* SIGCHLD.

diff --git a/logging.c b/logging.c
index bd4ce1936d81a18db9d9f68b4af37709b181a206..74174e11d3294119b89de8da2b93edad2d395c4b 100644 (file)
--- a/logging.c
+++ b/logging.c
@@ -407,12 +407,6 @@ log_error(va_alist)
     free(logline);
     if (message != logline);
        free(message);
-
-    /* Wait for mail to finish sending and exit. */
-    if (!(flags & NO_EXIT)) {
-       reapchild(0);
-       exit(1);
-    }
 }
 
 #ifdef _PATH_SENDMAIL
@@ -424,32 +418,14 @@ send_mail(line)
     char *p;
     int pfd[2], pid;
     time_t now;
-#ifdef POSIX_SIGNALS
-    struct sigaction sa;
-
-    (void) memset((VOID *)&sa, 0, sizeof(sa));
-#endif /* POSIX_SIGNALS */
-
-    /* Catch children as they die... */
-#ifdef POSIX_SIGNALS
-    sa.sa_handler = reapchild;
-    (void) sigaction(SIGCHLD, &sa, NULL);
-#else
-    (void) signal(SIGCHLD, reapchild);
-#endif /* POSIX_SIGNALS */
 
     if ((pid = fork()) > 0) {  /* Child. */
 
        /* We do an explicit wait() later on... */
-#ifdef POSIX_SIGNALS
-       sa.sa_handler = SIG_DFL;
-       (void) sigaction(SIGCHLD, &sa, NULL);
-#else
-       (void) signal(SIGCHLD, SIG_DFL);
-#endif /* POSIX_SIGNALS */
+       (void) signal(SIGCHLD, SIG_IGN);
 
        if (pipe(pfd) == -1) {
-           (void) fprintf(stderr, "%s: cannot open pipe failed: %s\n",
+           (void) fprintf(stderr, "%s: cannot open pipe: %s\n",
                Argv[0], strerror(errno));
            exit(1);
        }
@@ -468,8 +444,9 @@ send_mail(line)
                (void) close(pfd[1]);
                (void) dup2(pfd[0], STDIN_FILENO);
                (void) close(pfd[0]);
-               /* Run sendmail as invoking user, not root. */
-               set_perms(PERM_FULL_USER, 0);
+
+               /* Run sendmail as root so user cannot kill it. */
+               set_perms(PERM_ROOT, 0);
                execl(_PATH_SENDMAIL, "sendmail", "-t", NULL);
                _exit(127);
                break;
@@ -479,7 +456,8 @@ send_mail(line)
        (void) close(pfd[0]);
 
        /* Pipes are all setup, send message via sendmail. */
-       (void) fprintf(mail, "To: %s\nSubject: ", ALERTMAIL);
+       (void) fprintf(mail, "To: %s\nFrom: %s\nSubject: ", ALERTMAIL,
+           user_name);
        for (p = MAILSUBJECT; *p; p++) {
            /* Expand escapes in the subject */
            if (*p == '%' && *(p+1) != '%') {

diff --git a/sudo.c b/sudo.c
index 92d3947df875848bd694ca5c857ad5e4452a63c9..06b9c34ea1cdb7242b335a697f87fc2f292667bc 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -153,6 +153,7 @@ main(argc, argv)
     int sudo_mode;
 #ifdef POSIX_SIGNALS
     sigset_t set, oset;
+    struct sigaction sa;
 #else
     int omask;
 #endif /* POSIX_SIGNALS */
@@ -184,18 +185,22 @@ main(argc, argv)
 # endif /* LOG_NFACILITIES */
 #endif /* LOGGING & SLOG_SYSLOG */
 
+    /* Catch children as they die... */
+#ifdef POSIX_SIGNALS
+    (void) memset((VOID *)&sa, 0, sizeof(sa));
+    sa.sa_handler = reapchild;
+    (void) sigaction(SIGCHLD, &sa, NULL);
+#else
+    (void) signal(SIGCHLD, reapchild);
+#endif /* POSIX_SIGNALS */
+
     /*
      * Block signals so the user cannot kill us at some point and
      * avoid the logging.
-     * XXX - this list is not complete!
      */
 #ifdef POSIX_SIGNALS
-    (void) sigemptyset(&set);
-    (void) sigaddset(&set, SIGHUP);
-    (void) sigaddset(&set, SIGINT);
-    (void) sigaddset(&set, SIGQUIT);
-    (void) sigaddset(&set, SIGILL);
-    (void) sigaddset(&set, SIGTSTP);
+    (void) sigfillset(&set);
+    (void) sigdelset(&set, SIGCHLD);
     (void) sigprocmask(SIG_BLOCK, &set, &oset);
 #else
     omask = sigblock(sigmask(SIGHUP)|sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGILL)|sigmask(SIGTSTP));
@@ -313,7 +318,7 @@ main(argc, argv)
        closelog();
 #endif
 
-       /* Reset signal mask. */
+       /* Reset signal mask before we exec. */
 #ifdef POSIX_SIGNALS
        (void) sigprocmask(SIG_SETMASK, &oset, NULL);
 #else