Author: asomers
Date: Fri Aug 3 14:37:23 2018
New Revision: 337257
URL: https://svnweb.freebsd.org/changeset/base/337257
Log:
MFC r335899:
auditd(8): register signal handlers interrutibly
auditd_wait_for_events() relies on read(2) being interrupted by signals,
but it registers signal handlers with signal(3), which sets SA_RESTART.
That breaks asynchronous signal handling. It means that signals don't
actually get handled until after an audit(8) trigger is received.
Symptoms include:
* Sending SIGTERM to auditd doesn't kill it right away; you must send
SIGTERM and then send a trigger with auditon(2).
* Same with SIGHUP
* Zombie child processes don't get reaped until auditd receives a trigger
sent by auditon. This includes children created by expiring audit trails
at auditd startup.
Fix by using sigaction(2) instead of signal(3).
Cherry pick https://github.com/openbsm/openbsm/commit/d060887
PR: 229381
Reviewed by: cem
Obtained from: OpenBSM
Differential Revision: https://github.com/openbsm/openbsm/pull/36
Modified:
stable/10/contrib/openbsm/bin/auditd/auditd.c
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/contrib/openbsm/bin/auditd/auditd.c
==============================================================================
--- stable/10/contrib/openbsm/bin/auditd/auditd.c Fri Aug 3 14:36:29
2018 (r337256)
+++ stable/10/contrib/openbsm/bin/auditd/auditd.c Fri Aug 3 14:37:23
2018 (r337257)
@@ -415,27 +415,35 @@ close_all(void)
static int
register_daemon(void)
{
+ struct sigaction action;
FILE * pidfile;
int fd;
pid_t pid;
/* Set up the signal hander. */
- if (signal(SIGTERM, auditd_relay_signal) == SIG_ERR) {
+ action.sa_handler = auditd_relay_signal;
+ /*
+ * sa_flags must not include SA_RESTART, so that read(2) will be
+ * interruptible in auditd_wait_for_events
+ */
+ action.sa_flags = 0;
+ sigemptyset(&action.sa_mask);
+ if (sigaction(SIGTERM, &action, NULL) != 0) {
auditd_log_err(
"Could not set signal handler for SIGTERM");
fail_exit();
}
- if (signal(SIGCHLD, auditd_relay_signal) == SIG_ERR) {
+ if (sigaction(SIGCHLD, &action, NULL) != 0) {
auditd_log_err(
"Could not set signal handler for SIGCHLD");
fail_exit();
}
- if (signal(SIGHUP, auditd_relay_signal) == SIG_ERR) {
+ if (sigaction(SIGHUP, &action, NULL) != 0) {
auditd_log_err(
"Could not set signal handler for SIGHUP");
fail_exit();
}
- if (signal(SIGALRM, auditd_relay_signal) == SIG_ERR) {
+ if (sigaction(SIGALRM, &action, NULL) != 0) {
auditd_log_err(
"Could not set signal handler for SIGALRM");
fail_exit();
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
