File coreutils-bnc#697897-setsid.patch of Package coreutils.openSUSE_12.1_Update
Index: src/su.c
===================================================================
--- src/su.c.orig 2012-03-27 03:56:34.823879996 +0200
+++ src/su.c 2012-03-27 03:56:53.452427731 +0200
@@ -141,6 +141,9 @@ static bool simulate_login;
/* If true, change some environment vars to indicate the user su'd to. */
static bool change_environment;
+/* If true, then don't call setsid() with a command. */
+int same_session = 0;
+
#ifdef USE_PAM
static bool _pam_session_opened;
static bool _pam_cred_established;
@@ -149,6 +152,7 @@ static bool _pam_cred_established;
static struct option const longopts[] =
{
{"command", required_argument, NULL, 'c'},
+ {"session-command", required_argument, NULL, 'C'},
{"fast", no_argument, NULL, 'f'},
{"login", no_argument, NULL, 'l'},
{"preserve-environment", no_argument, NULL, 'p'},
@@ -323,14 +327,29 @@ create_watching_parent (void)
sigemptyset (&action.sa_mask);
action.sa_flags = 0;
sigemptyset (&ourset);
- if (sigaddset (&ourset, SIGTERM)
- || sigaddset (&ourset, SIGALRM)
- || sigaction (SIGTERM, &action, NULL)
- || sigprocmask (SIG_UNBLOCK, &ourset, NULL))
- {
+
+ if (!same_session)
+ {
+ if (sigaddset(&ourset, SIGINT) || sigaddset(&ourset, SIGQUIT))
+ {
+ error (0, errno, _("cannot set signal handler"));
+ caught_signal = true;
+ }
+ }
+ if (!caught_signal && (sigaddset(&ourset, SIGTERM)
+ || sigaddset(&ourset, SIGALRM)
+ || sigaction(SIGTERM, &action, NULL)
+ || sigprocmask(SIG_UNBLOCK, &ourset, NULL)))
+ {
error (0, errno, _("cannot set signal handler"));
caught_signal = true;
}
+ if (!caught_signal && !same_session && (sigaction(SIGINT, &action, NULL)
+ || sigaction(SIGQUIT, &action, NULL)))
+ {
+ error (0, errno, _("cannot set signal handler"));
+ caught_signal = true;
+ }
}
if (!caught_signal)
{
@@ -747,7 +766,10 @@ usage (int status)
Change the effective user id and group id to that of USER.\n\
\n\
-, -l, --login make the shell a login shell\n\
- -c, --command=COMMAND pass a single COMMAND to the shell with -c\n\
+ -c, --commmand=COMMAND pass a single COMMAND to the shell with -c\n\
+ and start a new session for it\n\
+ -C, --session-command=COMMAND pass a single COMMAND to the shell with -c\n\
+ and do not create a new session\n\
-f, --fast pass -f to the shell (for csh or tcsh)\n\
-m, --preserve-environment do not reset environment variables\n\
-p same as -m\n\
@@ -770,6 +792,7 @@ main (int argc, char **argv)
int optc;
const char *new_user = DEFAULT_USER;
char *command = NULL;
+ int request_same_session = 0;
char *shell = NULL;
struct passwd *pw;
struct passwd pw_copy;
@@ -787,12 +810,19 @@ main (int argc, char **argv)
simulate_login = false;
change_environment = true;
- while ((optc = getopt_long (argc, argv, "c:flmps:", longopts, NULL)) != -1)
+ while ((optc = getopt_long (argc, argv, "c:C:flmps:", longopts, NULL)) != -1)
{
switch (optc)
{
case 'c':
command = optarg;
+ if (NULL != getenv("SU_C_SAME_SESSION"))
+ request_same_session = 1;
+ break;
+
+ case 'C':
+ command = optarg;
+ request_same_session = 1;
break;
case 'f':
@@ -865,6 +895,9 @@ main (int argc, char **argv)
}
#endif
+ if (request_same_session || !command || !pw->pw_uid)
+ same_session = 1;
+
if (!shell && !change_environment)
shell = getenv ("SHELL");
if (shell && getuid () != 0 && restricted_shell (pw->pw_shell))
@@ -886,6 +919,8 @@ main (int argc, char **argv)
#endif
change_identity (pw);
+ if (!same_session)
+ setsid ();
/* Set environment after pam_open_session, which may put KRB5CCNAME
into the pam_env, etc. */
Index: doc/coreutils.texi
===================================================================
--- doc/coreutils.texi.orig 2012-03-27 03:56:34.792880749 +0200
+++ doc/coreutils.texi 2012-03-27 03:56:34.864879002 +0200
@@ -15501,6 +15501,10 @@ This version of @command{su} has support
authentication. You can edit @file{/etc/pam.d/su} resp @file{/etc/pam.d/su-l}
to customize its behaviour.
+ If the environment variable SU_C_SAME_SESSION is set, su will
+not open a new session for running a command so that @option{-c} behaves
+just like @option{-C}.
+
The program accepts the following options. Also see @ref{Common options}.
@table @samp
@@ -15509,7 +15513,16 @@ The program accepts the following option
@opindex -c
@opindex --command
Pass @var{command}, a single command line to run, to the shell with
-a @option{-c} option instead of starting an interactive shell.
+a @option{-c} option instead of starting an interactive shell. Unless
+SU_C_SAME_SESSION is set, the shell is started in its own session.
+
+@item -C @var{command}
+@itemx --same-session=@var{command}
+@opindex -C
+@opindex --same-session
+Pass COMMAND, a single command line to run, to the shell with a
+@option{-c} option instead of starting an interactive and do not create
+a new session for it.
@item -f
@itemx --fast