MFC r335899:
auditd(8): register signal handlers interrutibly
auditd_wait_for_events() relies on read(2) being interrupted by signals,
but it registers signal handlers with signal(3), which sets SA_RESTART.
That breaks asynchronous signal handling. It means that signals don't
actually get handled until after an audit(8) trigger is received.
Symptoms include:
* Sending SIGTERM to auditd doesn't kill it right away; you must send
SIGTERM and then send a trigger with auditon(2).
* Same with SIGHUP
* Zombie child processes don't get reaped until auditd receives a trigger
sent by auditon. This includes children created by expiring audit trails
at auditd startup.
Fix by using sigaction(2) instead of signal(3).
Cherry pick https://github.com/openbsm/openbsm/commit/
d060887
PR: 229381
Reviewed by: cem
Obtained from: OpenBSM
Differential Revision: https://github.com/openbsm/openbsm/pull/36
git-svn-id: svn://svn.freebsd.org/base/stable/10@337257
ccf9f872-aa2e-dd11-9fc8-
001c23d0bc1f
projects / FreeBSD / stable / 10.git / commit