Bug#443251: sudo: sudo -l should never hang with a prompt
Tags 443251 unreproducible thanks Subject: Re: sudo: sudo -l should never hang with a prompt Followup-For: Bug #443251 Package: sudo Hi, I tried to reproduce your reported bug with the following steps: 1) Remove any line from /etc/sudoers except Defaults, which effectively gives permissions to nobody. 2) sudo -l Output: [EMAIL PROTECTED] ~ % sudo -l Sorry, user schoenfeld may not run sudo on maggie. zsh: exit 1 sudo -l Well, as you see it does not exit with an exit code of zero, but imho this is a better behaviour instead of exiting with exit code zero if user is not allowed to use sudo due to missing rights and can be easily handled in scripts. Could you comment weither the bug is still present for you? Best Regards, Patrick -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages sudo depends on: ii libc6 2.7-16 GNU C Library: Shared libraries ii libpam-modules1.0.1-4Pluggable Authentication Modules f ii libpam0g 1.0.1-4Pluggable Authentication Modules l sudo recommends no packages. sudo suggests no packages. -- no debconf information signature.asc Description: Digital signature
Bug#443251: sudo: sudo -l should never hang with a prompt
On Fri, Nov 14, 2008 at 12:10:07PM +0100, Patrick Schoenfeld wrote: I tried to reproduce your reported bug with the following steps: 1) Remove any line from /etc/sudoers except Defaults, which effectively gives permissions to nobody. 2) sudo -l Output: [EMAIL PROTECTED] ~ % sudo -l Sorry, user schoenfeld may not run sudo on maggie. zsh: exit 1 sudo -l Well, as you see it does not exit with an exit code of zero, but imho hm, I get this: $ dpkg -s sudo|grep ^Vers Version: 1.6.8p12-4 # egrep -v '^ *#|^ *$' /etc/sudoers Defaultsenv_reset User_Alias UTE=uest2,amsis Cmnd_Alias ODBC=/usr/bin/ODBCConfig,/usr/bin/iodbcadm-gtk,/usr/bin/odbcinst rootALL=(ALL) ALL secvpn ALL=NOPASSWD: /usr/sbin/secvpn, /usr/sbin/pppd amsis ALL=NOPASSWD: /usr/sbin/hibernate %cdrom ALL=NOPASSWD: /bin/mount, /bin/umount, /usr/sbin/scsiinfo, /sbin/scsiinfo amsis ALL=/usr/bin/dselect,/usr/bin/apt-*,/usr/bin/aptitude,/usr/bin/dpkg amsis ALL=/usr/bin/m-a,ODBC # su - deltas [EMAIL PROTECTED]:~$ sudo -l We trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Password: and it hangs there. And it doesn't make any sense imho. As you see, seems it WFY (Works For You) but is BFM (Broken For Me). thanx regards -- paolo GPG/PGP id:0x3A47DE45 - B5F9 AAA0 44BD 2B63 81E0 971F C6C0 0B87 3A47 DE45 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#443251: sudo: sudo -l should never hang with a prompt
On Fri, Nov 14, 2008 at 02:49:37PM +0100, Patrick Schoenfeld wrote: ... Anyway this is not a bug, but a configuration problem. Given that ... Defaultslistpw=never ... This is described in the sudoers(5) manpage. hm, ok, so the bug was behind the keyboard :} ... I think this bug can be closed therefore and doing so now. Please ropen if you find that this does not fix your problem. yep, still I think this is not properly implemented: I ack the RTFM issue above, but hanging on pwd prompt when the tty isn't a terminal is wrong. sudo(1), like other utils do in such case, should exit with proper return code. I think that deserves it's own bug#. thanx regards -- paolo GPG/PGP id:0x3A47DE45 - B5F9 AAA0 44BD 2B63 81E0 971F C6C0 0B87 3A47 DE45 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#443251: sudo: sudo -l should never hang with a prompt
Package: sudo Version: 1.6.8p12-4 Severity: normal The -l flag is used to get allowed/forbidden commands for the current user, *if any*. It shouldn't prompt for a pwd if no commands are allowed for the invoking user. That breaks scripts that call some commands via sudo, but want/need to check whether the user is allowed before trying, just to avoid hanging in bg with the pwd prompt. I think that 'sudo -l' should simply exit with 0 and no lines, besides the header, if user has no references in sudoers. -- paolo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]