[sudo-workers] SIGINT signal before exec

Aurélien Rausch aurel at aurel-r.fr
Wed Feb 1 16:19:43 MST 2017


I'm developping a PAM module for sudo and I would like to be able to catch the 
SIGINT signal from the shell (Ctrl-c) before exec. (Because my module can take 
some time to end)

I know some suid authentication apps block signals (like 'su', user can't
Ctrl-c during the password prompt), as it seems the case in sudo (after 
password prompt and until command exec).

I have tried to unblock the SIGINT signal from my module, but it doesn't seem 
to work. If I understood properly, sudo block signals sent by the kernel ?
(When app is running or before too ?) How I can unblock (and reset after use)
these signals ?

What I have tried for the moment: (simplified code)

sigset_t sigmask;
struct sigaction sa;

sa.sa_flags = 0;
sa.sa_handler = sigint_handler;
sigaddset(&sigmask, SIGINT);
sigprocmask(SIG_UNBLOCK, &sigmask, NULL);
sigaction(SIGINT, &sa, NULL);



More information about the sudo-workers mailing list