Bug 902

Summary: Parse error in plugins/sudoers/sudoers.in near line 96
Product: Sudo Reporter: Michal Nowak <mnowak>
Component: SudoersAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.8.28   
Hardware: PC   
OS: Other   
Attachments: Avoid checking sudoers when install into a DESTDIR

Description Michal Nowak 2019-10-16 11:53:36 MDT 
I get a following error when building sudo 1.8.28p1 on OpenIndiana 2019.05:

make[4]: Entering directory '/jenkins/jobs/oi-userland/workspace/components/sysutils/sudo/build/amd64/plugins/sudoers'
Checking existing sudoers file for syntax errors.
visudo: /etc/sudoers.d: Permission denied
parse error in /jenkins/jobs/oi-userland/workspace/components/sysutils/sudo/build/prototype/i386/etc/sudoers near line 96
make[4]: *** [Makefile:387: pre-install] Error 1

It seems that the check here

sudo_1.8.28p1_visudo  sudo-1.8.28p1/plugins/sudoers/Makefile.in:

 386 pre-install:
 387         @if test X"$(cross_compiling)" != X"yes" -a -r $(DESTDIR)$(sudoersdir)/sudoers; then \
 388             echo "Checking existing sudoers file for syntax errors."; \
 389             ./visudo -c -f $(DESTDIR)$(sudoersdir)/sudoers; \
 390         fi

... wants space between '#' and 'includedir':

sudo-1.8.28p1/plugins/sudoers/sudoers.in:
 95 ## Read drop-in files from @sysconfdir@/sudoers.d
 96 ## (the '#' here does not indicate a comment)
 97 #includedir @sysconfdir@/sudoers.d

With space it validates.

The check is for me triggered only in some environments.
Comment 1 Todd C. Miller 2019-10-16 12:04:49 MDT 
I don't think that's the problem.  The syntax error you are talking about will not happen with the expanded sudoers file.  The actual problem appears to be this:

visudo: /etc/sudoers.d: Permission denied

Presumably this is due to the user running "make install" cannot access /etc/sudoers.d.  There is a check in plugins/sudoers/Makefile.in to only run the visudo check when the user doing in the install can read /etc/sudoers.  However, it is possible that the user is unable to access files or directories included by that sudoers file.
Comment 2 Todd C. Miller 2019-10-16 12:55:44 MDT 
Created attachment 530 [details]
Avoid checking sudoers when install into a DESTDIR

I think just skipping the sudoers check for DESTDIR installs will fix your issue.
Comment 3 Michal Nowak 2019-10-16 23:30:19 MDT 
(In reply to Todd C. Miller from comment #2)
> Created attachment 530 [details]
> Avoid checking sudoers when install into a DESTDIR
> 
> I think just skipping the sudoers check for DESTDIR installs will
> fix your issue.

The fix worked for me. Thanks!
Comment 4 Todd C. Miller 2019-12-31 15:09:07 MST 
Fixed in sudo 1.8.29