[Pkg-shadow-commits] r3070 - in upstream/trunk: . man src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Tue Sep 8 20:39:15 UTC 2009
Author: nekral-guest
Date: 2009-09-08 20:39:15 +0000 (Tue, 08 Sep 2009)
New Revision: 3070
Modified:
upstream/trunk/ChangeLog
upstream/trunk/NEWS
upstream/trunk/man/su.1.xml
upstream/trunk/src/su.c
Log:
* NEWS, src/su.c: When su receives a signal, wait for the child to
terminate (after sending a SIGTERM), and kill it only if it did
not terminate by itself. No delay will be enforced if the child
cooperates. See http://bugs.gentoo.org/282094
* NEWS, man/su.1.xml: Document su's exit values.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2009-09-08 13:16:58 UTC (rev 3069)
+++ upstream/trunk/ChangeLog 2009-09-08 20:39:15 UTC (rev 3070)
@@ -1,5 +1,13 @@
2009-09-08 Nicolas François <nicolas.francois at centraliens.net>
+ * NEWS, src/su.c: When su receives a signal, wait for the child to
+ terminate (after sending a SIGTERM), and kill it only if it did
+ not terminate by itself. No delay will be enforced if the child
+ cooperates. See http://bugs.gentoo.org/282094
+ * NEWS, man/su.1.xml: Document su's exit values.
+
+2009-09-08 Nicolas François <nicolas.francois at centraliens.net>
+
* src/useradd.c: The default value for the CREATE_MAIL_SPOOL
variable (i.e. if CREATE_MAIL_SPOOL= is specified without any
values) is "no", not DCREATE_MAIL_SPOOL ("CREATE_MAIL_SPOOL=").
Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS 2009-09-08 13:16:58 UTC (rev 3069)
+++ upstream/trunk/NEWS 2009-09-08 20:39:15 UTC (rev 3070)
@@ -6,6 +6,12 @@
* report usage error to stderr, but report usage help to stdout (and return
zero) when explicitly requested (e.g. with --help).
+- su
+ * Document the su exit values.
+ * When su receives a signal, wait for the child to terminate (after
+ sending a SIGTERM), and kill it only if it did not terminate by itself.
+ No delay will be enforced if the child cooperates.
+
shadow-4.1.4.1 -> shadow-4.1.4.2 2009-07-24
- general
Modified: upstream/trunk/man/su.1.xml
===================================================================
--- upstream/trunk/man/su.1.xml 2009-09-08 13:16:58 UTC (rev 3069)
+++ upstream/trunk/man/su.1.xml 2009-09-08 20:39:15 UTC (rev 3070)
@@ -358,6 +358,53 @@
</variablelist>
</refsect1>
+ <refsect1 id='exit_values'>
+ <title>EXIT VALUES</title>
+ <para>
+ On success, <command>su</command> returns the exit value of the
+ command it executed.
+ </para>
+ <para>
+ If this command was terminated by a signal, <command>su</command>
+ returns the number of this signal plus 128.
+ </para>
+ <para>
+ If su has to kill the command (because it was asked to terminate,
+ and the command did not terminate in time), <command>su</command>
+ returns 255.
+ </para>
+ <para>
+ Some exit values from <command>su</command> are independent from the
+ executed command:
+ <variablelist>
+ <varlistentry>
+ <term><replaceable>0</replaceable></term>
+ <listitem>
+ <para>success (<option>--help</option> only)</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>1</replaceable></term>
+ <listitem>
+ <para>System or authentication failure</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>126</replaceable></term>
+ <listitem>
+ <para>The requested command was not found</para>
+ </listitem>
+ </varlistentry>
+ <varlistentry>
+ <term><replaceable>127</replaceable></term>
+ <listitem>
+ <para>The requested command could not be executed</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+ </refsect1>
+
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para><citerefentry>
Modified: upstream/trunk/src/su.c
===================================================================
--- upstream/trunk/src/su.c 2009-09-08 13:16:58 UTC (rev 3069)
+++ upstream/trunk/src/su.c 2009-09-08 20:39:15 UTC (rev 3070)
@@ -78,6 +78,8 @@
* Global variables
*/
char *Prog;
+/* PID of the child, in case it needs to be killed */
+static pid_t pid_child = 0;
/* not needed by sulog.c anymore */
static char name[BUFSIZ];
@@ -103,11 +105,16 @@
/* local function prototypes */
+static void execve_shell (const char *shellstr,
+ char *args[],
+ char *const envp[]);
+static RETSIGTYPE kill_child (int s);
#ifndef USE_PAM
-
static RETSIGTYPE die (int);
static int iswheel (const char *);
+#endif /* !USE_PAM */
+#ifndef USE_PAM
/*
* die - set or reset termio modes.
*
@@ -126,7 +133,7 @@
if (killed) {
closelog ();
- exit (killed);
+ exit (128+killed);
}
}
@@ -143,6 +150,18 @@
}
#endif /* !USE_PAM */
+static RETSIGTYPE kill_child (int unused(s))
+{
+ if (0 != pid_child) {
+ (void) kill (pid_child, SIGKILL);
+ (void) fputs (_(" ...killed.\n"), stderr);
+ } else {
+ (void) fputs (_(" ...waiting for child to terminate.\n"),
+ stderr);
+ }
+ exit (255);
+}
+
/* borrowed from GNU sh-utils' "su.c" */
static bool restricted_shell (const char *shellstr)
{
@@ -252,6 +271,7 @@
exit (1);
}
/* parent only */
+ pid_child = child;
sigfillset (&ourset);
if (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0) {
(void) fprintf (stderr, "%s: signal malfunction\n", Prog);
@@ -293,7 +313,9 @@
}
if (caught) {
- fprintf (stderr, "\nSession terminated, killing shell...");
+ (void) fputs ("\n", stderr);
+ (void) fputs (_("Session terminated, terminating shell..."),
+ stderr);
kill (child, SIGTERM);
}
@@ -309,10 +331,11 @@
ret = pam_end (pamh, PAM_SUCCESS);
if (caught) {
- sleep (2);
- kill (child, SIGKILL);
- fprintf (stderr, " ...killed.\n");
- exit (-1);
+ (void) signal (SIGALRM, kill_child);
+ (void) alarm (2);
+
+ (void) wait (&status);
+ (void) fputs (_(" ...terminated.\n"), stderr);
}
exit ((0 != WIFEXITED (status)) ? WEXITSTATUS (status)
More information about the Pkg-shadow-commits
mailing list