Ignore SIGSYS when BSM is compiled in. Otherwise, attempt to invoke su on

system that don't have audit framefork compiled into kernel or ia32 binary
on amd64 system will result in SIGSYS. There is one place in su.c itself
where it tries to check for errno != ENOSYS, but it has been a nop since su
does not catch SIGSYS anyway. There are few other places in libbsm,
where attempt to invoke audit syscal would result in SIGSYS if no audit
support is present in the kernel, so that the only reliable method for
now is to disable SIGSYS completely in the case when BSM is compiled in.

In the long run, both direct invocation of audit-related syscalls and
libbsm should be made more intellegent to handle the case when BSM is not
compiled into the kernel gracefully.

MFC after: 3 days
           (provided re@ approval)
This commit is contained in:
Maxim Sobolev 2006-10-24 08:18:10 +00:00
parent a4ae1f8999
commit a88ab48624
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=163641

View File

@ -173,6 +173,8 @@ main(int argc, char *argv[])
#ifdef USE_BSM_AUDIT #ifdef USE_BSM_AUDIT
const char *aerr; const char *aerr;
au_id_t auid; au_id_t auid;
signal(SIGSYS, SIG_IGN);
#endif #endif
shell = class = cleanenv = NULL; shell = class = cleanenv = NULL;