env: fix handling of real-time signals

enr0n · enr0n · commit c938b58958f2 · 2026-05-05T12:50:09.000-04:00
The nix::sys::signal::Signal enum type does not cover real-time signals. In the current env code, this means that trying to block e.g. SIGRTMIN+7 is silently ignored, apply_signal_action() silently drops signals that cannot be represented as that enum. However, the enum cannot simply be extended to represent the real-time signals, because SIGRTMIN and SIGRTMAX cannot be considered constants. To workaround this, do not use the Signal enum type, and use libc where needed instead of the wrappers. Fixes: #11151
diff --git a/src/uu/env/src/env.rs b/src/uu/env/src/env.rs
@@ -20,10 +20,7 @@ use native_int_str::{
 #[cfg(unix)]
 use nix::libc;
 #[cfg(unix)]
-use nix::sys::signal::{
-    SigHandler::{SigDfl, SigIgn},
-    SigSet, SigmaskHow, Signal, signal, sigprocmask,
-};
+use nix::sys::signal::{sigprocmask, SigSet, SigmaskHow};
 #[cfg(unix)]
 use nix::unistd::execvp;
 use std::borrow::Cow;
@@ -36,6 +33,7 @@ use std::ffi::{OsStr, OsString};
 use std::io;
 use std::io::Write as _;
 use std::io::stderr;
+use std::mem::zeroed;
 #[cfg(unix)]
 use std::os::unix::ffi::OsStrExt;
 
@@ -294,19 +292,6 @@ fn build_signal_request(
     Ok(request)
 }
 
-#[cfg(unix)]
-fn signal_from_value(sig_value: usize) -> UResult<Signal> {
-    Signal::try_from(sig_value as i32).map_err(|_| {
-        USimpleError::new(
-            125,
-            translate!(
-                "env-error-invalid-signal",
-                "signal" => sig_value.to_string().quote()
-            ),
-        )
-    })
-}
-
 fn load_config_file(opts: &mut Options) -> UResult<()> {
     // NOTE: config files are parsed using an INI parser b/c it's available and compatible with ".env"-style files
     //   ... * but support for actual INI files, although working, is not intended, nor claimed
@@ -1072,15 +1057,10 @@ fn apply_signal_action<F>(
     signal_fn: F,
 ) -> UResult<()>
 where
-    F: Fn(Signal) -> UResult<()>,
+    F: Fn(usize) -> UResult<()>,
 {
     request.for_each_signal(|sig_value, explicit| {
-        // On some platforms ALL_SIGNALS may contain values that are not valid in libc.
-        // Skip those invalid ones and continue (GNU env also ignores undefined signals).
-        let Ok(sig) = signal_from_value(sig_value) else {
-            return Ok(());
-        };
-        signal_fn(sig)?;
+        signal_fn(sig_value)?;
         log.record(sig_value, action_kind, explicit);
 
         // Set environment variable to communicate to Rust child processes
@@ -1096,9 +1076,14 @@ where
 }
 
 #[cfg(unix)]
-fn ignore_signal(sig: Signal) -> UResult<()> {
+fn ignore_signal(sig: usize) -> UResult<()> {
     // SAFETY: This is safe because we write the handler for each signal only once, and therefore "the current handler is the default", as the documentation requires it.
-    let result = unsafe { signal(sig, SigIgn) };
+    // nix::sys::signal::Signal does not cover real-time signals, so we need to call
+    // libc::signal directly.
+    let result = unsafe {
+        let res = libc::signal(sig as libc::c_int, libc::SIG_IGN);
+        nix::errno::Errno::result(res)
+    };
     if let Err(err) = result {
         return Err(USimpleError::new(
             125,
@@ -1109,8 +1094,13 @@ fn ignore_signal(sig: Signal) -> UResult<()> {
 }
 
 #[cfg(unix)]
-fn reset_signal(sig: Signal) -> UResult<()> {
-    let result = unsafe { signal(sig, SigDfl) };
+fn reset_signal(sig: usize) -> UResult<()> {
+    // nix::sys::signal::Signal does not cover real-time signals, so we need to call
+    // libc::signal directly.
+    let result = unsafe {
+        let res = libc::signal(sig as libc::c_int, libc::SIG_DFL);
+        nix::errno::Errno::result(res)
+    };
     if let Err(err) = result {
         return Err(USimpleError::new(
             125,
@@ -1121,9 +1111,36 @@ fn reset_signal(sig: Signal) -> UResult<()> {
 }
 
 #[cfg(unix)]
-fn block_signal(sig: Signal) -> UResult<()> {
-    let mut set = SigSet::empty();
-    set.add(sig);
+fn block_signal(sig: usize) -> UResult<()> {
+    // nix::sys::signal::Signal does not cover real time signals, so we need to build
+    // sigset_t manually using libc.
+    let set = unsafe {
+        let mut sigset: libc::sigset_t = zeroed();
+
+        if let Err(err) = nix::errno::Errno::result(libc::sigemptyset(&mut sigset)) {
+            return Err(USimpleError::new(
+                125,
+                translate!(
+                    "env-error-failed-set-signal-action",
+                    "signal" => (sig as i32),
+                    "error" => err.desc()
+                ),
+            ));
+        }
+        if let Err(err) = nix::errno::Errno::result(libc::sigaddset(&mut sigset, sig as libc::c_int))
+        {
+            return Err(USimpleError::new(
+                125,
+                translate!(
+                    "env-error-failed-set-signal-action",
+                    "signal" => (sig as i32),
+                    "error" => err.desc()
+                ),
+            ));
+        }
+        SigSet::from_sigset_t_unchecked(sigset)
+    };
+
     if let Err(err) = sigprocmask(SigmaskHow::SIG_BLOCK, Some(&set), None) {
         return Err(USimpleError::new(
             125,
