Bug 632

Summary: 'Defaults umask=' directive not working anymore
Product: Sudo Reporter: Maxime ROSSINI <madmox>
Component: SudoAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.8.9   
Hardware: PC   
OS: Linux   
Attachments: Fix for sudoers umask parsing

Description Maxime ROSSINI 2014-01-30 12:32:06 MST 
After installing the recent 1.8.9p4 update (from 1.8.8), I get the following warning message each time I run the sudo command, and before the password prompt:

sudo: value `0007' is invalid for option `umask'
sudo: value `0022' is invalid for option `umask'

The warnings are generated by the folowing lines in my sudoers file '/etc/sudoers.d/umasks':

#UMASK is not unioned with the one set in the PAM module
Defaults        umask_override
#Default UMASK is 007 for non-root users
Defaults        umask=0007
#Root UMASK is 022, to overcome permission problems when installing packages
Defaults>root   umask=0022

It appears the files created under sudo are indeed no longer using the specified umask, the umask directive in the config file is ignored.
Comment 1 Todd C. Miller 2014-01-30 13:08:31 MST 
Created attachment 394 [details]
Fix for sudoers umask parsing

Please try the attached patch.
Comment 2 Todd C. Miller 2014-02-04 10:23:33 MST 
Fixed in sudo 1.8.9p5, available now.