From b9746389cec5e72acd4b1e5a5fa0da258b6077c4 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 19 Aug 1999 17:45:36 +0000
Subject: [PATCH] Don't wait for child to finish in log_error(), let the signal
 handler get it if we are still running, else let init reap it for us.  The
 extra time it takes to wait lets the user know that mail is being sent.

Install SIGCHLD handler in main() and for POSIX signals, block everything
*except* SIGCHLD.
---
 logging.c | 36 +++++++-----------------------------
 sudo.c    | 21 +++++++++++++--------
 2 files changed, 20 insertions(+), 37 deletions(-)

diff --git a/logging.c b/logging.c
index bd4ce1936..74174e11d 100644
--- a/logging.c
+++ b/logging.c
@@ -407,12 +407,6 @@ log_error(va_alist)
     free(logline);
     if (message != logline);
 	free(message);
-
-    /* Wait for mail to finish sending and exit. */
-    if (!(flags & NO_EXIT)) {
-	reapchild(0);
-	exit(1);
-    }
 }
 
 #ifdef _PATH_SENDMAIL
@@ -424,32 +418,14 @@ send_mail(line)
     char *p;
     int pfd[2], pid;
     time_t now;
-#ifdef POSIX_SIGNALS
-    struct sigaction sa;
-
-    (void) memset((VOID *)&sa, 0, sizeof(sa));
-#endif /* POSIX_SIGNALS */
-
-    /* Catch children as they die... */
-#ifdef POSIX_SIGNALS
-    sa.sa_handler = reapchild;
-    (void) sigaction(SIGCHLD, &sa, NULL);
-#else
-    (void) signal(SIGCHLD, reapchild);
-#endif /* POSIX_SIGNALS */
 
     if ((pid = fork()) > 0) {	/* Child. */
 
 	/* We do an explicit wait() later on... */
-#ifdef POSIX_SIGNALS
-	sa.sa_handler = SIG_DFL;
-	(void) sigaction(SIGCHLD, &sa, NULL);
-#else
-	(void) signal(SIGCHLD, SIG_DFL);
-#endif /* POSIX_SIGNALS */
+	(void) signal(SIGCHLD, SIG_IGN);
 
 	if (pipe(pfd) == -1) {
-	    (void) fprintf(stderr, "%s: cannot open pipe failed: %s\n",
+	    (void) fprintf(stderr, "%s: cannot open pipe: %s\n",
 		Argv[0], strerror(errno));
 	    exit(1);
 	}
@@ -468,8 +444,9 @@ send_mail(line)
 		(void) close(pfd[1]);
 		(void) dup2(pfd[0], STDIN_FILENO);
 		(void) close(pfd[0]);
-		/* Run sendmail as invoking user, not root. */
-		set_perms(PERM_FULL_USER, 0);
+
+		/* Run sendmail as root so user cannot kill it. */
+		set_perms(PERM_ROOT, 0);
 		execl(_PATH_SENDMAIL, "sendmail", "-t", NULL);
 		_exit(127);
 		break;
@@ -479,7 +456,8 @@ send_mail(line)
 	(void) close(pfd[0]);
 
 	/* Pipes are all setup, send message via sendmail. */
-	(void) fprintf(mail, "To: %s\nSubject: ", ALERTMAIL);
+	(void) fprintf(mail, "To: %s\nFrom: %s\nSubject: ", ALERTMAIL,
+	    user_name);
 	for (p = MAILSUBJECT; *p; p++) {
 	    /* Expand escapes in the subject */
 	    if (*p == '%' && *(p+1) != '%') {
diff --git a/sudo.c b/sudo.c
index 92d3947df..06b9c34ea 100644
--- a/sudo.c
+++ b/sudo.c
@@ -153,6 +153,7 @@ main(argc, argv)
     int sudo_mode;
 #ifdef POSIX_SIGNALS
     sigset_t set, oset;
+    struct sigaction sa;
 #else
     int omask;
 #endif /* POSIX_SIGNALS */
@@ -184,18 +185,22 @@ main(argc, argv)
 # endif /* LOG_NFACILITIES */
 #endif /* LOGGING & SLOG_SYSLOG */
 
+    /* Catch children as they die... */
+#ifdef POSIX_SIGNALS
+    (void) memset((VOID *)&sa, 0, sizeof(sa));
+    sa.sa_handler = reapchild;
+    (void) sigaction(SIGCHLD, &sa, NULL);
+#else
+    (void) signal(SIGCHLD, reapchild);
+#endif /* POSIX_SIGNALS */
+
     /*
      * Block signals so the user cannot kill us at some point and
      * avoid the logging.
-     * XXX - this list is not complete!
      */
 #ifdef POSIX_SIGNALS
-    (void) sigemptyset(&set);
-    (void) sigaddset(&set, SIGHUP);
-    (void) sigaddset(&set, SIGINT);
-    (void) sigaddset(&set, SIGQUIT);
-    (void) sigaddset(&set, SIGILL);
-    (void) sigaddset(&set, SIGTSTP);
+    (void) sigfillset(&set);
+    (void) sigdelset(&set, SIGCHLD);
     (void) sigprocmask(SIG_BLOCK, &set, &oset);
 #else
     omask = sigblock(sigmask(SIGHUP)|sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGILL)|sigmask(SIGTSTP));
@@ -313,7 +318,7 @@ main(argc, argv)
 	closelog();
 #endif
 
-	/* Reset signal mask. */
+	/* Reset signal mask before we exec. */
 #ifdef POSIX_SIGNALS
 	(void) sigprocmask(SIG_SETMASK, &oset, NULL);
 #else
-- 
2.40.0