Bug 951

Summary: 1.9.4.p1-2: sudo breaks if env_keep += HOME is configured
Product: Sudo Reporter: noctux <bugs-sudo>
Component: SudoersAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal CC: mehmetgelisin
Priority: low    
Version: 1.9.4   
Hardware: PC   
OS: Linux   

Description noctux 2020-12-20 06:29:07 MST
Hello,

when upgrading from 1.9.4 to 1.9.4.p1, sudo started to throw SIGSEGFAULTS (for the archlinux package, which does not apply any patches to the release).

The SEGFAULT happens for various invokations, including "sudo" or "sudo -s".

When rebuilding with -O0 and debug-symbols, gdb tells me the following about the location of the segfault:

>  0x00006b2ecb7501e7 in runaslist_matches (parse_tree=parse_tree@entry=0x4d6ea4c4f98, user_list=<optimized out>, group_list=group_list@entry=0x0, 
>     matching_user=matching_user@entry=0x0, matching_group=matching_group@entry=0x0) at ./match.c:199
> 199				if (userpw_matches(m->name, runas_pw->pw_name, runas_pw))

As it seems, runas_pw can be a NULL-pointer at that point:

> (gdb) p sudo_user._runas_pw
> $2 = (struct passwd *) 0x0

My /etc/sudoers config is quite minimal:

> cat /etc/sudoers | grep -vP '(^#|^$)'
> Defaults	env_reset, !set_logname
> Defaults>root	env_keep += HOME
> root ALL=(ALL) ALL
> %wheel ALL=(ALL) ALL
> @includedir /etc/sudoers.d

(/etc/sudoers.d is an empty folder)

When commenting the line
> Defaults>root	env_keep += HOME
sudo works as expected, so I guess one of the last commits might make sudo sensitive to the value of HOME?

Thank you for reading that far, please let me know if you need any further information, such as specific library versions, etc. (Though I can confirm that downgrading the sudo-package to 1.9.4 while keeping all libraries untouched fixes/masks the issue, so it is probably not related to the library versions anyway).

Regards,
Simon

P.S. Two more things:
 1. Thanks for all the work you put into sudo. I guess one should say that more often in FOSS :)
 2. Maybe a bit of context, as env_keep += HOME might be a bit strange: This is used on a trusted host for our organisation where multiple admins occasionally act as root, each one with his own preferred dotfiles, so env_keep allows everyone to use the dotfiles of his personal useraccount, as opposed to a least common denominator for /root itself.
Comment 1 Todd C. Miller 2020-12-20 08:18:47 MST
I suspect this is a consequence of https://www.sudo.ws/repos/sudo/rev/f738f5ac5350

The runas user may not be initialized when the runas-specific defaults settings are applied.
Comment 2 Todd C. Miller 2020-12-20 08:47:53 MST
I've backed out the problematic commit: https://www.sudo.ws/repos/sudo/rev/8a415f555cf9
Comment 3 Todd C. Miller 2020-12-20 10:38:35 MST
Fixed in sudo 1.9.4p2
Comment 4 noctux 2020-12-21 00:52:29 MST
Uh, that was fast, even complete with a small release-package for christmas, thanks!

For what it's worth, 1.9.4p2 works for me.

Thanks again and stay healthy,
Simon