From owner-freebsd-bugs@FreeBSD.ORG Tue Aug 19 18:28:17 2014 Return-Path: Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D1FD0A5 for ; Tue, 19 Aug 2014 18:28:17 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9EFE43067 for ; Tue, 19 Aug 2014 18:28:17 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s7JISHMx070164 for ; Tue, 19 Aug 2014 18:28:17 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 192837] New: [patch] su(1) does not need to fork; it causes terminal problems Date: Tue, 19 Aug 2014 18:28:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: 10.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: ta0kira@gmail.com X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Aug 2014 18:28:17 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192837 Bug ID: 192837 Summary: [patch] su(1) does not need to fork; it causes terminal problems Product: Base System Version: 10.0-RELEASE Hardware: amd64 OS: Any Status: Needs Triage Severity: Affects Some People Priority: --- Component: bin Assignee: freebsd-bugs@FreeBSD.org Reporter: ta0kira@gmail.com Created attachment 146044 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=146044&action=edit patch for the modification suggested above Problem: When calling /usr/bin/su, there are several unconditional calls to tcsetpgrp, which changes control of the terminal. This causes problems when the su call is a part of a pipeline and other processes in that pipeline require terminal access. For example, if I run the following: root@host$ su -m nobody -c 'find /' | less ...less will get stuck in the background. This is a problem when the call to su is embedded in a script (e.g., root scripts that need to occasionally do something as a normal user), and that script is a part of a pipeline, because one can't simply move the rest of the pipeline into the su command. The calls to tcsetpgrp are only necessary because su forks and creates a new process group for the child. Because the child potentially needs the terminal for authentication or executing the command, it needs terminal control, which takes it away from whatever process group su is a part of, e.g., a pipeline. Solution: I don't see a good reason for the fork+setpgid+waitpid code (https://svnweb.freebsd.org/base/stable/10/usr.bin/su/su.c?revision=256281&view=markup#l445). Really, the only thing it accomplishes is having the original suid process hang around until the command finishes, and it prevents the command from being a part of the pipeline it's embedded in. (e.g., in "su -m nobody -c 'find /' | less", "find" and "less" will not be in the same process group.) The fork code causes problems under these limited circumstances, without any apparent benefit. I therefore suggest that the fork code be removed, providing expected behavior to su. (Just for comparison, GNU su doesn't fork, and it exhibits the expected behavior.) -- You are receiving this mail because: You are the assignee for the bug.