Bugzilla – Bug 713
Sudo fails to run command as any user but root.
Last modified: 2015-09-09 12:26:24 MDT
Mac OS X version 10.10.5 Sudo compiled from source. mike@snafu-mac:~/ > sudo -V Sudo version 1.8.14p3 Sudoers policy plugin version 1.8.14p3 Sudoers file grammar version 44 Sudoers I/O plugin version 1.8.14p3 mike@snafu-mac:~/ > When trying to run a command as any other user than root it fails with the following error: mike@snafu-mac:~/ > sudo -u mike echo sudo sudo: unable to change to runas uid (501, 501): Operation not permitted mike@snafu-mac:~/ > Works fine if target user is root: mike@snafu-mac:~/ > sudo -u root echo sudo sudo mike@snafu-mac:~/ >
I'm not seeing that on my 10.10.5 machine. $ sudo -V Sudo version 1.8.14p3 Sudoers policy plugin version 1.8.14p3 Sudoers file grammar version 44 Sudoers I/O plugin version 1.8.14p3 $ sudo -u millert id uid=501(millert) gid=20(staff) groups=20(staff),12(everyone),61(localaccounts),79(_appserverusr),80(admin),81(_appserveradm),98(_lpadmin),33(_appstore),100(_lpoperator),204(_developer),395(com.apple.access_ftp),398(com.apple.access_screensharing),399(com.apple.access_ssh) $ sudo -u daemon id uid=1(daemon) gid=1(daemon) groups=1(daemon),12(everyone),61(localaccounts),100(_lpoperator) Can you try the Mac OS X 10.10 sudo package?http://www.sudo.ws/dist/packages/MacOSX/10.10/sudo-1.8.14p3.pkg
Sorry for the delayed response. The .pkg version works as designed, any hints on where I should look to further debug this issue? Thanks, Mike
I was able to reproduce this using the --disable-setreuid configure option.
I've fixed the problem you saw when neither setreuid() nor setresuid() are available. See: http://www.sudo.ws/repos/sudo/rev/34754ad586c7
Fantastic, thank you.