From: Todd C. Miller Date: Fri, 22 Dec 2017 18:10:22 +0000 (-0700) Subject: Use a tty lock even for kernel time stamps so we can avoid simultaneous X-Git-Tag: SUDO_1_8_22^2~13 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7f99af859a5e8bfbfa1104306f28ce0e9a1e3fed;p=sudo Use a tty lock even for kernel time stamps so we can avoid simultaneous password prompts. --- diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c index d2cd3a705..8a6f8e4e2 100644 --- a/plugins/sudoers/timestamp.c +++ b/plugins/sudoers/timestamp.c @@ -393,7 +393,8 @@ timestamp_open(const char *user, pid_t sid) fd = open(_PATH_TTY, O_RDWR); if (fd == -1) goto bad; - goto done; + close(fd); + fd = -1; } /* Sanity check timestamp dir and create if missing. */ @@ -443,7 +444,6 @@ timestamp_open(const char *user, pid_t sid) break; } -done: /* Allocate and fill in cookie to store state. */ cookie = malloc(sizeof(*cookie)); if (cookie == NULL) { @@ -599,11 +599,6 @@ timestamp_lock(void *vcookie, struct passwd *pw) debug_return_bool(false); } - if (def_timestamp_type == kernel) { - cookie->pos = 0; - debug_return_bool(true); - } - /* * Take a lock on the "write" record (the first record in the file). * This will let us seek for the record or extend as needed @@ -651,7 +646,8 @@ timestamp_lock(void *vcookie, struct passwd *pw) lock_pos = lseek(cookie->fd, 0, SEEK_CUR) - (off_t)entry.size; } else { sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO, - "appending new tty time stamp record"); + "appending new %s time stamp record", + def_timestamp_type == ppid ? "ppid" : "tty"); lock_pos = lseek(cookie->fd, 0, SEEK_CUR); if (ts_write(cookie->fd, cookie->fname, &cookie->key, -1) == -1) debug_return_bool(false);