Bug 757

Summary: Short hostnames no longer work in sudoers file with fqdn true
Product: Sudo Reporter: waoki
Component: SudoersAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.8.17   
Hardware: PC   
OS: Linux   

Description waoki 2016-09-09 15:32:36 MDT 
Sometime between 1.8.10 and 1.8.15, short hostnames stopped working in the sudoers file when the 'fqdn' option is true (as it is by default). The documentation indicates that the short form should still work with the fqdn option set.

Someone else reported this to Ubuntu as bug #1591137, https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1591137

Steps to reproduce:

On a system called 'foobar.example.com', put the following into sudoers:

test foobar=(root) /bin/true
test foobar.umnh.utah.edu=(root) /bin/false

Expected outcome:

sudo -l shows user 'test' is allowed to run:

    (root) /bin/true
    (root) /bin/false

Actual outcome:

sudo -l shows user 'test' is allowed to run:

    (root) /bin/false

sudo -l -U test -h foobar shows user 'test' is allowed to run:

    (root) /bin/false

sudo -l -U test -h foobar.example.com shows user 'test' is allowed to run:

    (root) /bin/true
    (root) /bin/false
Comment 1 waoki 2016-09-09 15:33:22 MDT 
Correction to test case: sudoers should be

test foobar=(root) /bin/true
test foobar.example.com=(root) /bin/true
Comment 2 Todd C. Miller 2016-09-09 16:28:21 MDT 
Fixed by https://www.sudo.ws/repos/sudo/rev/605c03afc80f
Comment 3 Todd C. Miller 2016-09-20 15:16:10 MDT 
Fixed in sudo 1.8.18