usage of sudo in pm-utils/sleep.d script

Bug #489144 reported by amonnet
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
pulseaudio (Ubuntu)
Fix Released
Medium
Daniel T Chen

Bug Description

Binary package hint: pulseaudio

The /usr/lib/pm-utils/sleep.d/01PulseAudio uses sudo to execute pacmd as an unprivileged user.

On my system, i receive sudo mails, usually indicating a violation of sudo policies, with this subject "*** SECURITY information for system ***", whenever the system resumes, about 5 mails per connected user.

I think it is a missuse of sudo, which is described as 'Provide limited super user privileges to specific users', where here we want the root user executing some command with user privilege. Su command, described as 'The su command is used to become another user during a login session', is really the tool we want here.

By the way, pulseaudio fails to depend on sudo ...

Following is a patch to 01PulseAudio script.

PS:
I must add that this system uses libpam-ldap and libnss-ldap for the given users, but sudo is otherwise fully functionnal and doesn't sends theses mails when i issue it on a console. The problem might be due to the network being down at that time...

Revision history for this message
amonnet (tonio+ubu) wrote :
amonnet (tonio+ubu)
description: updated
description: updated
Revision history for this message
mwa (slash-dotnetslash) wrote :

I agree this is an abuse of sudo and the emails have been driving me crazy since I suspend and resume several times a day.

The patch works for me.

Daniel T Chen (crimsun)
Changed in pulseaudio (Ubuntu):
assignee: nobody → Daniel T Chen (crimsun)
importance: Undecided → Medium
status: New → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package pulseaudio - 1:0.9.22~0.9.21+stable-queue-32-g8478-0ubuntu2

---------------
pulseaudio (1:0.9.22~0.9.21+stable-queue-32-g8478-0ubuntu2) lucid; urgency=low

  * debian/01PulseAudio: Use su(1) instead of sudo(8)
    (LP: #489144, #498980).
  * debian/patches/series: To trim the startup time, don't lazy-load
    sounds by not applying 0005-load-sample-dir-lazy.patch.
  * 0091-dont-load-cork-music-on-phone.patch: Refresh.
  * 0057-load-module-x11-bell.patch: Don't explicitly load the daemon
    since it will autospawn if necessary, and if the system or user
    configuration has autospawn disabled it breaks that semantics
    (LP: #513120).
 -- Daniel T Chen <email address hidden> Fri, 29 Jan 2010 14:37:52 -0500

Changed in pulseaudio (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.