|
Bugzilla – Full Text Bug Listing |
| Summary: | Comments at the end of a Runas_Alias fail syntax checker. | ||
|---|---|---|---|
| Product: | Sudo | Reporter: | Bren Mills <mmills> |
| Component: | Sudo | Assignee: | Todd C. Miller <Todd.Miller> |
| Status: | RESOLVED FIXED | ||
| Severity: | low | ||
| Priority: | low | ||
| Version: | 1.6.8 | ||
| Hardware: | PC | ||
| OS: | All | ||
Fixed in cvs, the fix will appear in the next sudo release. The comment parsing code was not enabled for RunasAliases since it would also match #uid. I added a separate rule to match comments that don't also match the uid rule. The man page bug has already been fixed. |
Sorry for mentioning such a minor bug, but it appears that comments at the end of a Runas_Alias fail the syntax checker. I didn't see anything in the changelog nor when I searched the bugzilla site. Because of consistancy accross sudo and visudo this shouldn't be much of a problem, unless the user is editing their sudoers file w/something other than visudo. This was tested with Sudo version 1.6.8p12 on x86 RHEL release 4 (Nahant Update 1). I have access to a wide array of arch/os systems at my work and will be happy to test this on any systems you want. Note that this was a binary built from source using the following configuration command: ./configure --prefix=/usr --with-pam --with-fqdn --with-ignore_dot --with-password_timeout=0 --with-loglen=1024 --with-mailto=sudo --with-tty_tickets --with-logging=both --with-logpath=/var/log/sudo.log Also note that the man page for sudoers is inconsistant on the issue of #uid entries: "A User_List is made up of one or more usernames, uids (prefixed with '#')," "A Runas_List is similar to a User_List except that it can also contain uids (prefixed with '#')" ######################################################################## # Case #1 (works) ######################################################################## mmills froggy=(ALL) ALL User_Alias SUDOTEST=sudotest # comments here are fine. Runas_Alias DAEMON=daemon SUDOTEST froggy=(DAEMON) /usr/bin/whoami -bash-3.00$ whoami sudotest -bash-3.00$ sudo -u daemon whoami daemon ######################################################################## # Case #2 (doesn't work) ######################################################################## mmills froggy=(ALL) ALL User_Alias SUDOTEST=sudotest # comments here are fine. Runas_Alias DAEMON=daemon # comments here break stuff. SUDOTEST froggy=(DAEMON) /usr/bin/whoami bash-3.00# /usr/sbin/visudo >>> sudoers file: syntax error, line 2 <<< Warning: undeclared Runas_Alias `DAEMON' referenced near line 4 What now? Again, sorry for mentioning such a minor bug. I'll be happy to help resolve this in any way that I can (though my lex/yacc skills are kinda rusty). I'll also be happy to try out any patch on a variety of arch's. Happy Holidays.