Bugzilla – Bug 546
env_reset is broken in 1.8.4p2? (freebsd 8.2 i386)
Last modified: 2012-03-12 15:57:36 MDT
I see changed behavior for env_reset in version 1.8.4p2 on freebsd 8.2 i386. With this config: ---sudoers--- Defaults env_reset Cmnd_Alias ALLCMD0 = /home/igor/rc.d/show_set.sh igor ALL=(igor2) NOPASSWD: ALLCMD0 ---end of sudoers --- When i want setup ENV_TEST for /home/igor/rc.d/show_set.sh sudo allow me to do it: igor$ sudo ENV_TEST=1234 -u igor2 /home/igor/rc.d/show_set.sh | grep ENV ENV_TEST=1234 where show_set.sh is just show me "set": #!/bin/sh set In debug log (Debug sudo /var/log/sudo_debug all@debug): Mar 12 18:22:00 sudo exec /home/igor/rc.d/show_set.sh [/home/igor/rc.d/show_set.sh] [SHELL=/bin/sh TERM=xterm SSH_CLIENT=10.0.0.10 15946 22 SSH_TTY=/dev/pts/1 USER=igor2 PAGER=more FTP_PASSIVE_MODE=YES PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/home/igor/bin MAIL=/var/mail/igor BLOCKSIZE=K PWD=/usr/home/igor EDITOR=vi SHLVL=1 HOME=/home/igor LOGNAME=igor2 SSH_CONNECTION=10.0.0.5 15946 10.0.0.10 22 _=/usr/local/bin/sudo USERNAME=igor2 SUDO_COMMAND=/home/igor/rc.d/show_set.sh SUDO_USER=igor SUDO_UID=1001 SUDO_GID=555 ENV_TEST=1234] But with env_reset in Defaults (enabled by default) i should see: sudo: sorry, you are not allowed to set the following environment variables: ENV_TEST Ie, same behaviour of sudo with env_reset and with !env_reset.
Created attachment 334 [details] Fix for bug 546 This was due to a bad conversion of a variable to bool in sudo 1.8.4. The attached fix is in sudo 1.8.4p3.
Fixed in sudo 1.8.4p3 which is out now.