sudo fails on bad /etc/sudoers permissions
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sudo (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: sudo
Package version is 1.6.8p12-4ubuntu5
I've reported this bug upstream as well:
http://
but since it more severely affects ubuntu I'm also reporting it here.
Main issue:
The visudo -c -s -f check should ensure that the file which is about to
replace sudoers will have no issues whatsoever when accessed by sudo.
i.e. any requirements sudo has on /etc/sudoers must be reflected and
verified with visudo, this is not the case.
Specific fail case:
sudo will fail if the /etc/sudoers file's permissions are not set to
440, which is potentially disastrous in ubuntu since the root account
is locked and the only way to edit /etc/sudoers is through sudo -s.
Thus if you make this mistake, you have to rescue the system.
If this is a requirement of the /etc/sudoers file, and if this means
that sudo will not run without it, then visudo should detect this
issue, but it doesn't. Running "visudo -c -s -f <file>" on a sudoers
file that has permissions other than 440 returns no error.
| mabovo (mabovo) wrote | #1 |
| Dennis Heinson (dheinson) wrote | #2 |
| Dennis Heinson (dheinson) wrote | #3 |
| Dennis Heinson (dheinson) wrote | #4 |
| Dennis Heinson (dheinson) wrote | #5 |
| Changed in sudo: | |
| status: | New → Invalid |
Probably this is what happening with Hardy now !
Trying to run sudo to update system or install a new program but root is not allowed to.
Terminal prompt ask for the root password and nothing happen.