`sudo --login --user USERNAME` throws `setrlimit(RLIMIT_CORE): Operation not permitted` error when run inside a container.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sudo (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
High
|
Bryce Harrington | ||
Groovy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
Logging in as a sudo user in a Ubuntu Focal Linux container displays a
warning:
sudo: setrlimit(
The warning is entirely unnecessary - the container is trying to adjust
RLIMIT_CORE, but this isn't allowed inside a container anyway.
While this is "just" a warning, logging into a container as sudo is a
very common practice, so this warning risks creating confusion for LTS
users.
[Test Case]
$ lxc launch ubuntu:20.04/amd64 sudo-sru-
$ lxc shell sudo-sru-
# sudo --login --user ubuntu
sudo: setrlimit(
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
$ logout
Enable -proposed and update
# apt-get install sudo
# sudo --login --user ubuntu
$
[Regression Potential]
As this only affects printing of a couple warnings, the only behavioral
change is in stderr output.
[Discussion]
This changes a couple warnings into equivalent debug printfs, which
brings the sudo behavior in-line with the behavior in groovy, bionic,
etc. and should cause no troubles.
This patch originates from upstream, and is already in groovy's sudo
package (which thus can be seen not to exhibit the issue).
The upstream patch includes some new debug prints which should be
harmless but are unnecessary to the fix so they've been removed.
[Original Report]
When using `sudo --login --user USERNAME` with Ubuntu Focal currently, it will correctly operate but it will also throw the following error before continuing with the logon process (which completes successfully except for the stated error):
sudo: setrlimit(
A full run of this was tested in a Focal LXD container after dropping to a root shell to reproduce (arstotzka is the host system, focal-test is the test container):
teward@arstotzka:~$ lxc shell focal-test
root@focal-test:~# sudo --login --user ubuntu
sudo: setrlimit(
To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.
ubuntu@
This appears to be similar to this issue identified on RedHat's tracker: https:/
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: sudo 1.8.29-1ubuntu1
ProcVersionSign
Uname: Linux 4.15.0-72-generic x86_64
ApportVersion: 2.20.11-0ubuntu14
Architecture: amd64
Date: Thu Dec 19 17:16:31 2019
ProcEnviron:
TERM=xterm-
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
SourcePackage: sudo
UpgradeStatus: No upgrade log present (probably fresh install)
VisudoCheck:
/etc/sudoers: parsed OK
/etc/sudoers.
/etc/sudoers.
Related branches
- Sergio Durigan Junior (community): Approve
- Canonical Server Core Reviewers: Pending requested
-
Diff: 91 lines (+69/-0)3 files modifieddebian/changelog (+11/-0)
debian/patches/ignore-rlimit-core-failure.patch (+57/-0)
debian/patches/series (+1/-0)
description: | updated |
description: | updated |
Changed in sudo (Ubuntu Focal): | |
assignee: | nobody → Bryce Harrington (bryce) |
importance: | Undecided → High |
description: | updated |
Changed in sudo (Ubuntu Focal): | |
status: | Triaged → In Progress |
Changed in sudo (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Status changed to 'Confirmed' because the bug affects multiple users.