Ubuntu
sudo package

error message to sudo -s

Bug #987132 reported by KAMI
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

kami@darth:~$ sudo -s
[sudo] password for kami:
Sorry, try again.
[sudo] password for kami:
sudo: setresuid(ROOT_UID, ROOT_UID, ROOT_UID): A művelet nem engedélyezett
sudo: unable to open /var/lib/sudo/kami/0: A művelet nem engedélyezett
sudo: unable to set gid to runas gid 0: A művelet nem engedélyezett
sudo: unable to execute /bin/bash: Operation not permitted
kami@darth:~$ sudo -s
[sudo] password for kami:
root@darth:~#

"A művelet nem engedélyezett" means: "Operation not permitted"

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: sudo 1.8.3p1-1ubuntu3
ProcVersionSignature: Ubuntu 3.2.0-23.36-generic 3.2.14
Uname: Linux 3.2.0-23-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.0.1-0ubuntu5
Architecture: amd64
Date: Mon Apr 23 09:17:38 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.10 "Maverick Meerkat" - Release amd64 (20101007)
SourcePackage: sudo
UpgradeStatus: Upgraded to precise on 2012-03-28 (25 days ago)
VisudoCheck: /etc/sudoers: parsed OK

Revision history for this message
KAMI (kami911) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in sudo (Ubuntu):
status: New → Confirmed
Revision history for this message
Simon Fraser (simonfr) wrote :

Confirming:

$ sudo -s
[sudo] password for srf:
sudo: setresuid(ROOT_UID, ROOT_UID, ROOT_UID): Operation not permitted
sudo: unable to open /var/lib/sudo/srf/3: Operation not permitted
sudo: unable to set gid to runas gid 0: Operation not permitted
sudo: unable to execute /usr/local/bin/bash: Operation not permitted

Seems to work for users that are not in LDAP, and also if you modify /etc/ldap.conf so your name service lookups connect to the LDAP server without using SSL.

Have tried using libnss-ldapd rather than libnss-ldap, which was a fix to a previous ldap/ssl bug. No change here.

ProblemType: Bug
ApportVersion: 2.0.1-0ubuntu7
Architecture: amd64
Date: Fri May 11 16:31:08 2012
Dependencies:
 coreutils 8.13-3ubuntu3
 debconf 1.5.42ubuntu1
 dpkg 1.16.1.2ubuntu7
 gcc-4.6-base 4.6.3-1ubuntu5
 libacl1 2.2.51-5ubuntu1
 libattr1 1:2.4.46-5ubuntu1
 libbz2-1.0 1.0.6-1
 libc-bin 2.15-0ubuntu10
 libc6 2.15-0ubuntu10
 libdb5.1 5.1.25-11build1
 libgcc1 1:4.6.3-1ubuntu5
 liblzma5 5.1.1alpha+20110809-3
 libpam-modules 1.1.3-7ubuntu2
 libpam-modules-bin 1.1.3-7ubuntu2
 libpam0g 1.1.3-7ubuntu2
 libselinux1 2.1.0-4.1ubuntu1
 multiarch-support 2.15-0ubuntu10
 perl-base 5.14.2-6ubuntu2
 tar 1.26-4ubuntu1
 tzdata 2012b-1
 xz-utils 5.1.1alpha+20110809-3
 zlib1g 1:1.2.3.4.dfsg-3ubuntu4
DistroRelease: Ubuntu 12.04
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
Package: sudo 1.8.3p1-1ubuntu3
PackageArchitecture: amd64
ProcEnviron:
 LANGUAGE=en_GB:en
 LC_TIME=en_GB.UTF-8
 LC_MONETARY=en_GB.UTF-8
 TERM=xterm
 PATH=(custom, no user)
 LC_ADDRESS=en_GB.UTF-8
 LC_TELEPHONE=en_GB.UTF-8
 LANG=en_GB.UTF-8
 SHELL=/usr/local/bin/bash
 LC_NAME=en_GB.UTF-8
 LC_MEASUREMENT=en_GB.UTF-8
 LC_IDENTIFICATION=en_GB.UTF-8
 LC_NUMERIC=en_GB.UTF-8
 LC_PAPER=en_GB.UTF-8
ProcVersionSignature: Ubuntu 3.2.0-23.36-virtual 3.2.14
SourcePackage: sudo
Tags: precise
Uname: Linux 3.2.0-23-virtual x86_64
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Simon Fraser (simonfr) wrote :

This appears to be the same bug as: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658739 so the fault is actually in gnutls for using libgcrypt (which I believe was the same library that caused libnss-ldap to stop working for ldaps:// in the last release, forcing people to use libnss-ldapd instead)

Revision history for this message
Simon Fraser (simonfr) wrote :

Appears to be fixed with libgnutls26 2.12.14-5ubuntu3.1, but still no response to the bug report. Or any bug reports I've had to check.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.