[sudo-users] Causing Sudo to terminate

Todd C. Miller Todd.Miller at sudo.ws
Tue Feb 19 12:53:37 MST 2019


On Tue, 19 Feb 2019 12:33:54 -0600, Bryan Christ wrote:

> With the logging plugin I am writing, there is a need to cause sudo (and
> the elevated program) to terminate early.  Since the plugin code only runs
> when certain events fire, I was contemplating using signals.  If I
> installed sent SIGTERM to sudo, would that be gracefully handled?  In other
> words, would the closed event fire?

If you send sudo a signal such as SIGTERM, what happens is that
sudo will catch the signal, deliver it to the actual command running,
and call the plugin's close function when the command dies.

If the command does not exit due to the SIGTERM, sudo will keep
running.  It's worth noting that interactive shells typically ignore
SIGINT, SIGQUIT, and SIGTERM signals.  The "nice" way to kill a
shell is via SIGHUP.

On the other hand, if one of the plugin's logging functions returns
an error (-1), sudo will terminate the command itself, first with
SIGHUP, then SIGTERM and finally SIGKILL.

 - todd


More information about the sudo-users mailing list