[Bug 1339518] Re: sudo config file specifies group "admin" that doesn't exist in system
Older releases of Ubuntu used a group called "admin" instead of "sudo" which is the name Debian chose later on. We need to maintain the "admin" group rights in our sudoers file for people upgrading from earlier Ubuntu releases. If we remove it, they will no longer have sudo rights after upgrading. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1339518 Title: sudo config file specifies group "admin" that doesn't exist in system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1339518/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1339518] Re: sudo config file specifies group "admin" that doesn't exist in system
Subscribing Marc as he seems to be largely maintaining this and made the original changes and has been keeping the delta. Hopefully he can provide some insight. Seems this is a delta to Debian that is being kept intentionally for a long time, it's frequently in the changelog even in the most recent Debian merge. I'd have thought if we kept this in here by default we probably should have kept a default 'admin' group with no members but it's a bit late for that at this point. - debian/sudoers: + also grant admin group sudo access Also seems this change was originally made in 2014: sudo (1.8.9p5-1ubuntu3) vivid; urgency=medium * debian/patches/also_check_sudo_group.diff: also check the sudo group in plugins/sudoers/sudoers.c to create the admin flag file. Leave the admin group check for backwards compatibility. (LP: #1387347) -- Marc Deslauriers Wed, 29 Oct 2014 15:55:34 -0400 sudo (1.8.9p5-1ubuntu2) utopic; urgency=medium * debian/sudo_root.8: mention sudo group instead of deprecated group admin (LP: #1130643) -- Andrey Bondarenko Sat, 23 Aug 2014 01:18:05 +0600 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1339518 Title: sudo config file specifies group "admin" that doesn't exist in system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1339518/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1339518] Re: sudo config file specifies group "admin" that doesn't exist in system
Just noticed this today, it's still the same on Ubuntu 20.04. The default sudoers file ships the admin group having sudo privileges but the group doesn't exist by default. While it doesn't have out of the box security implications, I think this is a security concern as someone could potentially add an 'admin' user and not expect them to get sudo access with the default matching group name created for them. For example downstream products like web hosting or control panel style tools that creates users with a user-provided name. Since neither the user or group 'admin' exists by default they could be fooled into creating escalatable privileges. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1339518 Title: sudo config file specifies group "admin" that doesn't exist in system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1339518/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1339518] Re: sudo config file specifies group "admin" that doesn't exist in system
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: sudo (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1339518 Title: sudo config file specifies group "admin" that doesn't exist in system To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1339518/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs