[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Congratulations, Ubuntu team. You have now fallen behind *Debian's Stable Release* in a security update to sudo, despite several releases in between. They even released their newest (24 month development cycle) in the same month as you. This has been fixed, *fully fixed*, for over a year now. Epic fail. mscs@water:~$ sudo -V Sudo version 1.8.10p3 Sudoers policy plugin version 1.8.10p3 Sudoers file grammar version 43 Sudoers I/O plugin version 1.8.10p3 mscs@water:~$ https://packages.debian.org/search?keywords=sudo https://launchpad.net/ubuntu/+source/sudo -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in Cinnamon: New Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Confirmed Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/cinnamon-desktop/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Debian hasn't fixed this in squeeze or wheezy yet, it's fixed in jessie because they have a recent enough version of sudo. They haven't fixed it because they were never vulnerable: they don't allow you to change the clock without a password. We do plan on backporting monolithic timer support, we just have not had time yet. Was a year and two releases not enough time? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in Cinnamon: New Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Confirmed Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Confirmed Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Confirmed Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Confirmed Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Confirmed Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/cinnamon-desktop/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Really? If the terminal I last ran sudo in is open still on the machine, and it's unlocked, I couldn't simply change the time back to the previous sudo command an escalate? Even if it's a remote chance, it's still an easy exploit. /var/log/auth.log is certainly readable by a program that uses a different exploit to gain access to that admin user (say, a browser exploit) and contains the PTY and timestamp. It doesn't even have to be exact: It just has to be ~ 15 minutes after the last sudo, right? This is a simple upgrade that even your parent distribution has adopted for their stable. Why ignore it for over a year? Can you please show me the information about the inode? My impression was that it was based on the SID, rather than inode, but perhaps that has changed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in Cinnamon: New Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Confirmed Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Confirmed Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Confirmed Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Confirmed Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Confirmed Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/cinnamon-desktop/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Notice that only the SID changed though. That gives me a 1 in 32k chance, and I can generate them basically at will with setsid. In my testing so far, the inode of the TTY file for /dev/pts/0 has stayed 3 across several reboots. If it doesn't change, then it is moot from a security standpoint. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
To clarify: I reboot, log in, open gnome-terminal. The tty is always /dev/pts/0, and ls -i /dev/pts/0 shows an inode of 3. This occurs even if I shut down and power back on, though admittedly in a VM. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Yup, I think so. while true; do setsid something to run sudo; done; or the like. In my tests rolling through then all took about 5 minutes, and that was in a crappy VM with 1 core and 30% CPU being used by compiz. I haven't gotten it to pop an escalated shell yet, but I'll poke at it more tonight after work. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Without rebooting, the tty, inode, sid should change for every terminal you open. When I tried this on 15.04, the tty and inode didnt: only the SID changed. Closing a gnome-terminal and reopening it got the same tty and SID. For *additional* terminals, they got new ttys and inodes, but if you close the one on /dev/pty/0 the file will dissapear. The next gnome- terminal you launch will be on /dev/pty/0 with the same inode as the old one you closed. Can you confirm? Apologies for any typos, I'm on my phone. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Oh, nevermind! You're talking about outside of the sudo instance. In the case of Cron, etc: just let *the user* decide whether they want to be asked after the first time. Make it an option to unlock the clock, disabled by default but still available. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Kay, the update to sudo (1.8.10) actually solves this by using the monotonic clock. All that needs to happen is for Ubuntu to udpate to it. :) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
You can set the time with: timedatectl set-time 2000-01-01 10:00:00 Wow. Yeah, that'll make exploiting this *much* easier on desktop. Fortunately Ubuntu Server doesn't allow this without authenticating. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Tyler, it's great that this bug will be fixed. However, I have some concerns about the mitigations factors. 1) Timestamp: Easily found in the auth.log, and easily bypassed due to an unlocked clock. 2) TTY: The tty of the first gnome-terminal running is (as far as I can tell) /dev/pts/0. That's predictable, so if the auth.log contains a sudo session on /dev/pty/0, it's trivial to re-create the tty. 3) inode: Does this mean Session ID? If so, I'm worried. If not, we have a bigger problem. Here's why: hexdump -d /var/lib/sudo/mscs/0 000 00013 0 0 0 34816 0 0 0 010 3 0 0 0 01000 0 5 0 020 31291 0 0 0 028 hexdump -d /var/lib/sudo/mscs/0 000 00013 0 0 0 34816 0 0 0 010 3 0 0 0 01000 0 5 0 020 01464 0 0 0 028 See 31291, and 01464 in the second column near the bottom? It turns out that they correspond to SID. I checked using python: import os pid = os.getpid() sid = os.getsid(pid) print pid, sid 1775 1464 I tested this several times. Since the setsid can generate a new sid, and there are only 32768 possible SIDs as configured out of the box, how hard would it be to brute force the sid, simply running sudo -n -s? If SID isn't == to Inode, where's inode in that file? The ls -i command reports no difference in the inode of the file itself (545179 both times, even if the gnome-terminal is closed and re-opened.) I've poked at the sid option already, and have indeed had good success with getting sessions matching the sid using this brute force method. It's now a question of how I get that session lined up with the pty (which is predictable) and see if sudo -s works without a password at the last escalation time. Perhaps there is some other security feature that will block me, but right now I don't see it. Thoughts? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
Indeed. Trojaning those requires waiting for the user. Why lay a trap and wait when you can just break down the door? If I can use dogtail or similar to automate the clock and suddenly we're in drive-by territory. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in GNOME Control Center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Triaged Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to cat /var/log/auth.log and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in /var/lib/sudo/username/, a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via tty, find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) sudo -s and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the systemsetup command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1219337] Re: Users can change the clock without authenticating, allowing them to locally exploit sudo.
It looks like sudo 1.8.12 made it into 15.10 finally. Excellent. Apple went the other route and locked the clock back down. (https://support.apple.com/en-us/HT205031) The CVE associated with this bug seems to be about the TZ (seen on RedHat's security site: https://access.redhat.com/security/cve/CVE-2014-9680). Apple's CVE is about restricting access to the time settings (http://www.cve.mitre.org /cgi-bin/cvename.cgi?name=CVE-2015-3757). I don't think either one really reflects this bug. ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2015-3757 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1219337 Title: Users can change the clock without authenticating, allowing them to locally exploit sudo. Status in gnome-control-center: Unknown Status in sudo: Unknown Status in Unity: Invalid Status in policykit-desktop-privileges package in Ubuntu: Opinion Status in sudo package in Ubuntu: Fix Released Status in policykit-desktop-privileges source package in Precise: Opinion Status in sudo source package in Precise: Triaged Status in policykit-desktop-privileges source package in Trusty: Opinion Status in sudo source package in Trusty: Triaged Status in policykit-desktop-privileges source package in Utopic: Opinion Status in sudo source package in Utopic: Triaged Status in policykit-desktop-privileges source package in Vivid: Opinion Status in sudo source package in Vivid: Triaged Bug description: Under unity and cinnamon, it is possible for a user to turn off network-syncronized time and then change the time on the system. It is also possible to "cat /var/log/auth.log" and find the last time a user authenticated with sudo, along with which pty they used. If a user had used a terminal and successfully authenticated with sudo anytime in the past, and left the sudo file in "/var/lib/sudo//", a malicious user could walk up to an unlocked, logged in machine and gain sudo without knowing the password for the computer. To do this, a user would only need to launch a few terminals, figure out which pty they were on via "tty", find the an instance in /var/log/auth.log where sudo was used on that PTY, and set the clock to that time. Once this is done, they can run (for example) "sudo -s" and have a full access terminal. 1) This has been observed on Ubuntu 13.04, and may work on other versions. 2) This may have an effect on various window managers, but I confirmed it on Unity and Cinnamon 3) I expected to have to authenticate when I changed the time and date, as I do on Gnome and KDE. I also expected to be denied permission to auth.log 4) I was able to change the system time to whatever I wanted, and view auth.log. This was sufficient to access sudo without having to type my password. Note: This bug also affects any version of OS X, though the mechanism is different. Some versions don't require you to authenticate to change the time through the GUI, but some do. No version I've seen requires authentication to use the "systemsetup" command, which can alter the time from the command line. This may be an overall bug in sudo. Why can I bypass security by changing the time?! To manage notifications about this bug go to: https://bugs.launchpad.net/gnome-control-center/+bug/1219337/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1555147] Re: package linux-image-extra-4.4.0-11-generic 4.4.0-11.26 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 2
** Changed in: initramfs-tools (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1555147 Title: package linux-image-extra-4.4.0-11-generic 4.4.0-11.26 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 2 Status in initramfs-tools package in Ubuntu: Incomplete Bug description: Upgrading os from UbuntuGnome 15.10 to 16.04 ProblemType: Package DistroRelease: Ubuntu 16.04 Package: linux-image-extra-4.4.0-11-generic 4.4.0-11.26 ProcVersionSignature: Ubuntu 4.4.0-11.26-generic 4.4.4 Uname: Linux 4.4.0-11-generic i686 ApportVersion: 2.20-0ubuntu3 Architecture: i386 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: gdm1921 F pulseaudio erik 2172 F pulseaudio Date: Wed Mar 9 15:39:29 2016 ErrorMessage: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 2 HibernationDevice: RESUME=UUID=5acdc19a-0f61-4e1f-a39f-b89029d0a199 InstallationDate: Installed on 2015-10-13 (148 days ago) InstallationMedia: Ubuntu-GNOME 15.04 "Vivid Vervet" - Release i386 (20150422) MachineType: LENOVO 12985LG ProcFB: 0 inteldrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-11-generic root=/dev/mapper/fedora-home ro quiet splash vt.handoff=7 PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon. RelatedPackageVersions: grub-pc 2.02~beta2-36 SourcePackage: initramfs-tools Title: package linux-image-extra-4.4.0-11-generic 4.4.0-11.26 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 2 UpgradeStatus: Upgraded to xenial on 2016-03-09 (0 days ago) dmi.bios.date: 07/16/2013 dmi.bios.vendor: LENOVO dmi.bios.version: 8NET37WW (1.21 ) dmi.board.asset.tag: Not Available dmi.board.name: 12985LG dmi.board.vendor: LENOVO dmi.board.version: Not Available dmi.chassis.asset.tag: No Asset Information dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Not Available dmi.modalias: dmi:bvnLENOVO:bvr8NET37WW(1.21):bd07/16/2013:svnLENOVO:pn12985LG:pvrThinkPadEdgeE320:rvnLENOVO:rn12985LG:rvrNotAvailable:cvnLENOVO:ct10:cvrNotAvailable: dmi.product.name: 12985LG dmi.product.version: ThinkPad Edge E320 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/1555147/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672562] Re: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card
This turned out to be a problem with the user not being in the audio and pulse-access groups. Also the back panel speaker out only has one channel working, however the front panel headphone connector works fine. So I just use the front panel headphone jack. ** Attachment removed: "AlsaInfo.txt" https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+attachment/4837337/+files/AlsaInfo.txt ** Attachment removed: "Dependencies.txt" https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+attachment/4837339/+files/Dependencies.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1672562 Title: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card Status in pulseaudio package in Ubuntu: New Bug description: I have no audio output with the following configuration: *-multimedia description: Audio device product: MCP61 High Definition Audio vendor: NVIDIA Corporation physical id: 5 bus info: pci@:00:05.0 version: a2 width: 32 bits clock: 66MHz capabilities: bus_master cap_list configuration: driver=snd_hda_intel latency=0 maxlatency=5 mingnt=2 resources: irq:21 memory:fbff8000-fbffbfff ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: pulseaudio 1:8.0-0ubuntu3.2 ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44 Uname: Linux 4.4.0-66-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: XFCE Date: Mon Mar 13 18:56:40 2017 InstallationDate: Installed on 2017-02-07 (34 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) ProcEnviron: LANGUAGE=en_US TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pulseaudio Symptom: audio Symptom_Card: HDA-Intel - HDA NVidia Symptom_Jack: Green Line Out, Rear Title: [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/29/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 6.01 dmi.board.name: 2A6C dmi.board.vendor: PEGATRON CORPORATION dmi.board.version: 5.00 dmi.chassis.asset.tag: 3CR0510YC1 dmi.chassis.type: 3 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr6.01:bd09/29/2010:svnHewlett-Packard:pnp6714y:pvr:rvnPEGATRONCORPORATION:rn2A6C:rvr5.00:cvnHewlett-Packard:ct3:cvrChassisVersion: dmi.product.name: p6714y dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672562] [NEW] No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card
Public bug reported: I have no audio output with the following configuration: *-multimedia description: Audio device product: MCP61 High Definition Audio vendor: NVIDIA Corporation physical id: 5 bus info: pci@:00:05.0 version: a2 width: 32 bits clock: 66MHz capabilities: bus_master cap_list configuration: driver=snd_hda_intel latency=0 maxlatency=5 mingnt=2 resources: irq:21 memory:fbff8000-fbffbfff ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: pulseaudio 1:8.0-0ubuntu3.2 ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44 Uname: Linux 4.4.0-66-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: XFCE Date: Mon Mar 13 18:56:40 2017 InstallationDate: Installed on 2017-02-07 (34 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) ProcEnviron: LANGUAGE=en_US TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pulseaudio Symptom: audio Symptom_Card: HDA-Intel - HDA NVidia Symptom_Jack: Green Line Out, Rear Title: [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/29/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 6.01 dmi.board.name: 2A6C dmi.board.vendor: PEGATRON CORPORATION dmi.board.version: 5.00 dmi.chassis.asset.tag: 3CR0510YC1 dmi.chassis.type: 3 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr6.01:bd09/29/2010:svnHewlett-Packard:pnp6714y:pvr:rvnPEGATRONCORPORATION:rn2A6C:rvr5.00:cvnHewlett-Packard:ct3:cvrChassisVersion: dmi.product.name: p6714y dmi.sys.vendor: Hewlett-Packard ** Affects: pulseaudio (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1672562 Title: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card Status in pulseaudio package in Ubuntu: New Bug description: I have no audio output with the following configuration: *-multimedia description: Audio device product: MCP61 High Definition Audio vendor: NVIDIA Corporation physical id: 5 bus info: pci@:00:05.0 version: a2 width: 32 bits clock: 66MHz capabilities: bus_master cap_list configuration: driver=snd_hda_intel latency=0 maxlatency=5 mingnt=2 resources: irq:21 memory:fbff8000-fbffbfff ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: pulseaudio 1:8.0-0ubuntu3.2 ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44 Uname: Linux 4.4.0-66-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: XFCE Date: Mon Mar 13 18:56:40 2017 InstallationDate: Installed on 2017-02-07 (34 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) ProcEnviron: LANGUAGE=en_US TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pulseaudio Symptom: audio Symptom_Card: HDA-Intel - HDA NVidia Symptom_Jack: Green Line Out, Rear Title: [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/29/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 6.01 dmi.board.name: 2A6C dmi.board.vendor: PEGATRON CORPORATION dmi.board.version: 5.00 dmi.chassis.asset.tag: 3CR0510YC1 dmi.chassis.type: 3 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr6.01:bd09/29/2010:svnHewlett-Packard:pnp6714y:pvr:rvnPEGATRONCORPORATION:rn2A6C:rvr5.00:cvnHewlett-Packard:ct3:cvrChassisVersion: dmi.product.name: p6714y dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe :
[Touch-packages] [Bug 1672562] Re: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card
** Attachment removed: "PulseList.txt" https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+attachment/4837341/+files/PulseList.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1672562 Title: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card Status in pulseaudio package in Ubuntu: New Bug description: I have no audio output with the following configuration: *-multimedia description: Audio device product: MCP61 High Definition Audio vendor: NVIDIA Corporation physical id: 5 bus info: pci@:00:05.0 version: a2 width: 32 bits clock: 66MHz capabilities: bus_master cap_list configuration: driver=snd_hda_intel latency=0 maxlatency=5 mingnt=2 resources: irq:21 memory:fbff8000-fbffbfff ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: pulseaudio 1:8.0-0ubuntu3.2 ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44 Uname: Linux 4.4.0-66-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: XFCE Date: Mon Mar 13 18:56:40 2017 InstallationDate: Installed on 2017-02-07 (34 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) ProcEnviron: LANGUAGE=en_US TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pulseaudio Symptom: audio Symptom_Card: HDA-Intel - HDA NVidia Symptom_Jack: Green Line Out, Rear Title: [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/29/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 6.01 dmi.board.name: 2A6C dmi.board.vendor: PEGATRON CORPORATION dmi.board.version: 5.00 dmi.chassis.asset.tag: 3CR0510YC1 dmi.chassis.type: 3 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr6.01:bd09/29/2010:svnHewlett-Packard:pnp6714y:pvr:rvnPEGATRONCORPORATION:rn2A6C:rvr5.00:cvnHewlett-Packard:ct3:cvrChassisVersion: dmi.product.name: p6714y dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1672562] Re: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card
** Attachment removed: "CurrentDmesg.txt" https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+attachment/4837338/+files/CurrentDmesg.txt ** Attachment removed: "JournalErrors.txt" https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+attachment/4837340/+files/JournalErrors.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1672562 Title: No audio output on MCP61 Nvidia. [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card Status in pulseaudio package in Ubuntu: New Bug description: I have no audio output with the following configuration: *-multimedia description: Audio device product: MCP61 High Definition Audio vendor: NVIDIA Corporation physical id: 5 bus info: pci@:00:05.0 version: a2 width: 32 bits clock: 66MHz capabilities: bus_master cap_list configuration: driver=snd_hda_intel latency=0 maxlatency=5 mingnt=2 resources: irq:21 memory:fbff8000-fbffbfff ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: pulseaudio 1:8.0-0ubuntu3.2 ProcVersionSignature: Ubuntu 4.4.0-66.87-generic 4.4.44 Uname: Linux 4.4.0-66-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D2c', '/dev/snd/pcmC0D0c', '/dev/snd/pcmC0D0p', '/dev/snd/controlC0', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: CurrentDesktop: XFCE Date: Mon Mar 13 18:56:40 2017 InstallationDate: Installed on 2017-02-07 (34 days ago) InstallationMedia: Ubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64 (20160719) ProcEnviron: LANGUAGE=en_US TERM=xterm-256color PATH=(custom, no user) LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pulseaudio Symptom: audio Symptom_Card: HDA-Intel - HDA NVidia Symptom_Jack: Green Line Out, Rear Title: [p6714y, Realtek Generic, Green Line Out, Rear] Pulseaudio fails to detect card UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/29/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 6.01 dmi.board.name: 2A6C dmi.board.vendor: PEGATRON CORPORATION dmi.board.version: 5.00 dmi.chassis.asset.tag: 3CR0510YC1 dmi.chassis.type: 3 dmi.chassis.vendor: Hewlett-Packard dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr6.01:bd09/29/2010:svnHewlett-Packard:pnp6714y:pvr:rvnPEGATRONCORPORATION:rn2A6C:rvr5.00:cvnHewlett-Packard:ct3:cvrChassisVersion: dmi.product.name: p6714y dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1672562/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1756238] Re: gdebi-gtk broken in 18.04 error: unable to read filedescriptor flags
I *might* have a possible clue for the gdebi gui crash in Bionic. If I right click on a .deb file and tell it to install with gdebi the gui will crash. If I open a terminal in the same directory as the file and launch gdebi-gtk *.deb the gui will install and uninstall the .deb file without crashing. I hope this offers a potential clue for a fix, I love the gdebi installer and I thank ALL of you programmers for your diligence and hard work!! Mark -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gdebi in Ubuntu. https://bugs.launchpad.net/bugs/1756238 Title: gdebi-gtk broken in 18.04 error: unable to read filedescriptor flags Status in gdebi package in Ubuntu: Triaged Status in vte2.91 package in Ubuntu: Fix Released Status in vte2.91 source package in Bionic: Fix Released Bug description: When using gdebi-gtk to install a .deb the install fails with the message:- dpkg: error: unable to read filedescriptor flags for : Bad file descriptor This only occurs via the gdebi-gtk GUI front end, packages install perfectly if done via the CLI with: sudo gdebi /path/to/packagename.deb To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdebi/+bug/1756238/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1870748] [NEW] Authentication Window Stays Open
Public bug reported: I left the Beta of Focal Fossa running overnight and when I logged in this morning, I found an open Authentication window with the message "To change software repository settings, you need to authenticate" (see attached screenshot). I enter my password and the password field grey out. The window stays persistent but is "invisible" to the mouse - i.e. if I click anywhere in it, it actually clicks the thing behind it. The Cancel button does nothing. I had this same issue yesterday when actually running Software & Updates. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: software-properties-gtk 0.98.7 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu22 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Apr 4 09:55:33 2020 InstallationDate: Installed on 2020-01-24 (70 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) PackageArchitecture: all ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: software-properties UpgradeStatus: Upgraded to focal on 2020-04-03 (0 days ago) ** Affects: software-properties (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal ** Attachment added: "Screenshot of persistent Software & Updates authentication window" https://bugs.launchpad.net/bugs/1870748/+attachment/5346150/+files/Screenshot%20from%202020-04-04%2009-58-06.png -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1870748 Title: Authentication Window Stays Open Status in software-properties package in Ubuntu: New Bug description: I left the Beta of Focal Fossa running overnight and when I logged in this morning, I found an open Authentication window with the message "To change software repository settings, you need to authenticate" (see attached screenshot). I enter my password and the password field grey out. The window stays persistent but is "invisible" to the mouse - i.e. if I click anywhere in it, it actually clicks the thing behind it. The Cancel button does nothing. I had this same issue yesterday when actually running Software & Updates. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: software-properties-gtk 0.98.7 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu22 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Apr 4 09:55:33 2020 InstallationDate: Installed on 2020-01-24 (70 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) PackageArchitecture: all ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: software-properties UpgradeStatus: Upgraded to focal on 2020-04-03 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1870748/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1870748] Re: Authentication Window Stays Open
I attempted to make a change to a repository by launching Software & Updates and editing an unselected package from eoan to fossa - the authentication window persisted at the top left of my screen throughout - even after entering my credentials in the central authentication window that popped up (and went as normal) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1870748 Title: Authentication Window Stays Open Status in software-properties package in Ubuntu: New Bug description: I left the Beta of Focal Fossa running overnight and when I logged in this morning, I found an open Authentication window with the message "To change software repository settings, you need to authenticate" (see attached screenshot). I enter my password and the password field grey out. The window stays persistent but is "invisible" to the mouse - i.e. if I click anywhere in it, it actually clicks the thing behind it. The Cancel button does nothing. I had this same issue yesterday when actually running Software & Updates. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: software-properties-gtk 0.98.7 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu22 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Sat Apr 4 09:55:33 2020 InstallationDate: Installed on 2020-01-24 (70 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) PackageArchitecture: all ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: software-properties UpgradeStatus: Upgraded to focal on 2020-04-03 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1870748/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2011313] [NEW] Ubuntu-Settings crashes after launch
Public bug reported: I had successfully opened settings and used it to change some of the desktop options (size of the docker icons, etc.). Then I clicked on "Users" and ubuntu-settings crashed. Since then, I am unable to open ubuntu-settings - it will open and flash up on the screen before crashing. This has continued even after restarting the machine a few times. ubuntu-settings version: 23.04.2 500 ProblemType: Bug DistroRelease: Ubuntu 23.04 Package: ubuntu-settings 23.04.2 ProcVersionSignature: Ubuntu 6.1.0-16.16-generic 6.1.6 Uname: Linux 6.1.0-16-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.26.0-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Sat Mar 11 18:33:16 2023 InstallationDate: Installed on 2023-03-11 (0 days ago) InstallationMedia: Ubuntu 23.04 "Lunar Lobster" - Alpha amd64 (20230310) PackageArchitecture: all ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: ubuntu-settings UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: ubuntu-settings (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug lunar -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-settings in Ubuntu. https://bugs.launchpad.net/bugs/2011313 Title: Ubuntu-Settings crashes after launch Status in ubuntu-settings package in Ubuntu: New Bug description: I had successfully opened settings and used it to change some of the desktop options (size of the docker icons, etc.). Then I clicked on "Users" and ubuntu-settings crashed. Since then, I am unable to open ubuntu-settings - it will open and flash up on the screen before crashing. This has continued even after restarting the machine a few times. ubuntu-settings version: 23.04.2 500 ProblemType: Bug DistroRelease: Ubuntu 23.04 Package: ubuntu-settings 23.04.2 ProcVersionSignature: Ubuntu 6.1.0-16.16-generic 6.1.6 Uname: Linux 6.1.0-16-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.26.0-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Sat Mar 11 18:33:16 2023 InstallationDate: Installed on 2023-03-11 (0 days ago) InstallationMedia: Ubuntu 23.04 "Lunar Lobster" - Alpha amd64 (20230310) PackageArchitecture: all ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: ubuntu-settings UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/2011313/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2063961] [NEW] Microsoft 365 account keeps disconnecting
Public bug reported: When I use the new (24.04) settings and 'Online Accounts' to connect to Microsoft 365, it authenticates, works well for about 5 minutes and then disconnects. I have to remove that account and redo it every time I want to use it. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: ubuntu-settings 24.04.3 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Sat Apr 27 19:04:06 2024 InstallationDate: Installed on 2024-04-27 (0 days ago) InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Release amd64 (20240424) PackageArchitecture: all SourcePackage: ubuntu-settings UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: ubuntu-settings (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug noble -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-settings in Ubuntu. https://bugs.launchpad.net/bugs/2063961 Title: Microsoft 365 account keeps disconnecting Status in ubuntu-settings package in Ubuntu: New Bug description: When I use the new (24.04) settings and 'Online Accounts' to connect to Microsoft 365, it authenticates, works well for about 5 minutes and then disconnects. I have to remove that account and redo it every time I want to use it. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: ubuntu-settings 24.04.3 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME Date: Sat Apr 27 19:04:06 2024 InstallationDate: Installed on 2024-04-27 (0 days ago) InstallationMedia: Ubuntu 24.04 LTS "Noble Numbat" - Release amd64 (20240424) PackageArchitecture: all SourcePackage: ubuntu-settings UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/2063961/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp