First Last Prev Next    This bug is not in your last search results.
Bug 412 - default timedir should be /var/lib/sudo
default timedir should be /var/lib/sudo
Status: RESOLVED FIXED
Product: Sudo
Classification: Unclassified
Component: Configure
1.7.2
PC Linux
: low normal
Assigned To: Todd C. Miller
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-05-12 23:33 MDT by Bdale Garbee
Modified: 2010-08-02 15:01 MDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Bdale Garbee 2010-05-12 23:33:24 MDT 
One of the users of my Debian packaging of sudo points out that if RAMRUN is enabled, causing /var/run to be implemented in a ramdisk, that sudo will present users with the lecture after each reboot, which is really annoying.

Obviously, short-term relief is available by adding 'lecture never' to the sudoers file.  Alternatively, I suppose I could build sudo with the lectures disabled by default.

However, upon reviewing the FHS, it's pretty clear that /var/run is intended to be used only for storing state information since the system was booted.  In fact, the FHS specifies that files in /var/run must be cleared or truncated at boot time.  So using /var/run/sudo seems inappropriate.

Instead, I'd like to suggest that the default for timedir be set to /var/lib/sudo.  The FHS definition of what should go in /var/lib seems to match sudo's needs perfectly.  See http://www.pathname.com/fhs/2.2/fhs-5.8.html for details.

What are your thoughts on this?  I'm inclined to make this change in my Debian packages, but since the behavior is not at all distribution specific, I thought I'd suggest you change the upstream default too...
Comment 1 Todd C. Miller 2010-06-08 16:07:32 MDT 
Historically. the time stamp files were stored in /tmp, which gets wiped during reboot on many (most?) systems.  I moved it to /var/run a long time ago which has similar semantics wrt clearing at boot.

It probably makes more sense to use a persistent directory. but the downside of this is that there is nothing to remove old time stamp files, so once they are created they will remain indefinitely.  This is easily handled with a simple cron job but probably needs to be mentioned in the documentation.

Also, while /var/lib is standard on Linux, it may not be present on other Unix systems so configure will have to try to determine an appropriate default depending on the system.
Comment 2 Todd C. Miller 2010-07-14 15:03:05 MDT 
The default timestamp directory in sudo 1.7.4 will be /var/db/sudo, /var/lib/sudo or /var/adm/sudo depending on which directories are present on the system.
Comment 3 Todd C. Miller 2010-08-02 15:01:26 MDT 
Closing, sudo 1.7.4 is out now.
First Last Prev Next    This bug is not in your last search results.