Ubuntu
sudo package

Bug #1688034
Comment #2

Comment 2 for bug 1688034

Revision history for this message

Brian Candler (b-candler) wrote on 2017-05-03:

Some additional info.

I enabled sudo debugging by creating /etc/sudo.conf containing:

Debug sudo /var/log/sudo-debug all@info
Debug sudoers /var/log/sudoers-debug all@info

With the newer (non-functioning) sudo, /var/log/sudo-debug contains:

May 3 18:55:50 sudo[8003] comparing dev 34817 to /dev/pts/1: match! @ sudo_ttyname_dev() /build/sudo-40pSZP/sudo-1.8.16/src/ttyname.c:336
May 3 18:55:50 sudo[8003] settings: run_shell=true
May 3 18:55:50 sudo[8003] settings: progname=sudo
May 3 18:55:50 sudo[8003] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May 3 18:55:50 sudo[8003] settings: plugin_dir=/usr/lib/sudo/
May 3 18:55:51 sudo[8003] policy plugin returns 0

With the older (working) sudo, /var/log/sudo-debug contains:

May 3 19:00:19 sudo[8746] comparing dev 34817 to /dev/pts/1: match! @ sudo_ttyname_dev() /build/sudo-g3ghsu/sudo-1.8.16/src/ttyname.c:336
May 3 19:00:19 sudo[8746] settings: run_shell=true
May 3 19:00:19 sudo[8746] settings: progname=sudo
May 3 19:00:19 sudo[8746] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May 3 19:00:19 sudo[8746] settings: plugin_dir=/usr/lib/sudo/
May 3 19:00:22 sudo[8746] policy plugin returns 1
May 3 19:00:22 sudo[8746] settings: run_shell=true
May 3 19:00:22 sudo[8746] settings: progname=sudo
May 3 19:00:22 sudo[8746] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May 3 19:00:22 sudo[8746] settings: plugin_dir=/usr/lib/sudo/
May 3 19:00:22 sudo[8746] command info from plugin:
May 3 19:00:22 sudo[8746] 0: command=/bin/bash
May 3 19:00:22 sudo[8746] 1: runas_uid=0
May 3 19:00:22 sudo[8746] 2: runas_gid=0
May 3 19:00:22 sudo[8746] 3: runas_groups=0
May 3 19:00:22 sudo[8746] 4: closefrom=3
May 3 19:00:22 sudo[8746] 5: set_utmp=true
May 3 19:00:22 sudo[8746] 6: umask=022
May 3 19:00:22 sudo[8746] executed /bin/bash, pid 8754
May 3 19:00:22 sudo[8746] sudo_ev_add_v1: adding event 0x55e83b06c630 to base 0x55e83b07ea40
May 3 19:00:22 sudo[8746] sudo_ev_add_v1: adding event 0x55e83b078180 to base 0x55e83b07ea40
May 3 19:00:22 sudo[8746] signal pipe fd 10
May 3 19:00:22 sudo[8746] backchannel fd 5
May 3 19:00:22 sudo[8754] exec /bin/bash [/bin/bash]
May 3 19:00:22 sudo[8746] sudo_ev_scan_impl: 1 fds ready
May 3 19:00:22 sudo[8746] failed to read child status: EOF
May 3 19:00:22 sudo[8746] sudo_ev_del_v1: removing event 0x55e83b078180 from base 0x55e83b07ea40

(/var/log/sudoers-debug is not created in either case)

Note "policy plugin returns 0" in the first case.

Some additional info.

I enabled sudo debugging by creating /etc/sudo.conf containing:

Debug sudo /var/log/sudo-debug all@info
Debug sudoers /var/log/sudoers-debug all@info

With the newer (non-functioning) sudo, /var/log/sudo-debug contains:

May  3 18:55:50 sudo[8003] comparing dev 34817 to /dev/pts/1: match! @ sudo_ttyname_dev() /build/sudo-40pSZP/sudo-1.8.16/src/ttyname.c:336
May  3 18:55:50 sudo[8003] settings: run_shell=true
May  3 18:55:50 sudo[8003] settings: progname=sudo
May  3 18:55:50 sudo[8003] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May  3 18:55:50 sudo[8003] settings: plugin_dir=/usr/lib/sudo/
May  3 18:55:51 sudo[8003] policy plugin returns 0

With the older (working) sudo, /var/log/sudo-debug contains:

May  3 19:00:19 sudo[8746] comparing dev 34817 to /dev/pts/1: match! @ sudo_ttyname_dev() /build/sudo-g3ghsu/sudo-1.8.16/src/ttyname.c:336
May  3 19:00:19 sudo[8746] settings: run_shell=true
May  3 19:00:19 sudo[8746] settings: progname=sudo
May  3 19:00:19 sudo[8746] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May  3 19:00:19 sudo[8746] settings: plugin_dir=/usr/lib/sudo/
May  3 19:00:22 sudo[8746] policy plugin returns 1
May  3 19:00:22 sudo[8746] settings: run_shell=true
May  3 19:00:22 sudo[8746] settings: progname=sudo
May  3 19:00:22 sudo[8746] settings: network_addrs=10.0.0.230/255.255.255.0 xxxx:xxxx:xxxx:xxxx::230/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff fe80::1:xxxx:xxxx:xxxx/ffff:ffff:ffff:ffff::
May  3 19:00:22 sudo[8746] settings: plugin_dir=/usr/lib/sudo/
May  3 19:00:22 sudo[8746] command info from plugin:
May  3 19:00:22 sudo[8746]     0: command=/bin/bash
May  3 19:00:22 sudo[8746]     1: runas_uid=0
May  3 19:00:22 sudo[8746]     2: runas_gid=0
May  3 19:00:22 sudo[8746]     3: runas_groups=0
May  3 19:00:22 sudo[8746]     4: closefrom=3
May  3 19:00:22 sudo[8746]     5: set_utmp=true
May  3 19:00:22 sudo[8746]     6: umask=022
May  3 19:00:22 sudo[8746] executed /bin/bash, pid 8754
May  3 19:00:22 sudo[8746] sudo_ev_add_v1: adding event 0x55e83b06c630 to base 0x55e83b07ea40
May  3 19:00:22 sudo[8746] sudo_ev_add_v1: adding event 0x55e83b078180 to base 0x55e83b07ea40
May  3 19:00:22 sudo[8746] signal pipe fd 10
May  3 19:00:22 sudo[8746] backchannel fd 5
May  3 19:00:22 sudo[8754] exec /bin/bash [/bin/bash]
May  3 19:00:22 sudo[8746] sudo_ev_scan_impl: 1 fds ready
May  3 19:00:22 sudo[8746] failed to read child status: EOF
May  3 19:00:22 sudo[8746] sudo_ev_del_v1: removing event 0x55e83b078180 from base 0x55e83b07ea40

(/var/log/sudoers-debug is not created in either case)

Note "policy plugin returns 0" in the first case.

Ubuntusudo package

Comment 2 for bug 1688034

Ubuntu
sudo package