First Last Prev Next    This bug is not in your last search results.
Bug 722 - Are there behavior changes for sudo-1.8.6p3-15.x86_64 (RHEL6.6) as compared to sudo-1.6.9p17-6?
Are there behavior changes for sudo-1.8.6p3-15.x86_64 (RHEL6.6) as compared t...
Status: RESOLVED FIXED
Product: Sudo
Classification: Unclassified
Component: Sudo
1.8.6
All Linux
: low high
Assigned To: Todd C. Miller
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-26 06:04 MDT by yogesh
Modified: 2015-11-01 15:24 MST (History)
0 users

See Also:

Attachments
Patch to make sudo kill itself with the same signal the command it runs dies from (2.86 KB, patch)
2015-09-26 10:55 MDT, Todd C. Miller 		Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description yogesh 2015-09-26 06:04:14 MDT 
We found that there is a behavioural changes in sudo-1.8.6p3-15.x86_64 (RHEL6.6) as compared to sudo-1.6.9p17-6 (RHEL 5.8).

It has been observed if a script called through sudo, and if CtrlC (SIGINT) is sent to the foreground process, then the control returns to the parent process instead of terminal.

Steps to Reproduce:

We have executed below 2 scripts on RHEL5 and RHEL6.6 machine.

parent.sh (Parent)

#!/bin/bash
sudo /root/child.sh
echo "Parent Process"        
child.sh (Child)

#!/bin/bash
echo "hello"
sleep 90
Expected results:

Behaviour of this in RHEL5 (with sudo 1.6.9) Whenever we send SIGINT to the parent, the child as well as parent got killed and control returns to the terminal.

    # sh parent.sh 
    hello
    ------> Ctrl+C pressed here
                                    ---> Both parent and child got killed.
parent.sh(14867) -> child.sh(14869) -> sleep(14870)
Actual results:

In RHEL 6.6 (with sudo-1.8.6p3), if SIGINT is sent to efg.sh, only child process is getting killed and afterwards parent continues execution until it's graceful exit or again sending SIGINT by user.

 # sh parent.sh 
    hello
    --------> Ctrl+C pressed here
    Parent Process  --> Parent still exist, but child killed
    -------> Ctrl+C pressed here
parent.sh(14867) -> sudo(14868) -> child.sh(14869) -> sleep(14870)
Here, extra sudo process is generated in new sudo package but older package it is not created.
Comment 1 yogesh 2015-09-26 06:06:49 MDT 
Could you please reply on urgently.

1. Is there any behavior changes done in upper package of sudo.1.6.9p17?
2. Is there any patch available for this issue, So that we can reverted older behavior?
3. What are changes done in later package of sudo? Is there any issue or bug fixed?
Please share details of this changes.
Comment 2 yogesh 2015-09-26 06:07:19 MDT 
Could you please reply on urgently.

1. Is there any behavior changes done in upper package of sudo.1.6.9p17?
2. Is there any patch available for this issue, So that we can reverted older behavior?
3. What are changes done in later package of sudo? Is there any issue or bug fixed?
Please share details of this changes.
Comment 3 Todd C. Miller 2015-09-26 08:34:15 MDT 
The extra sudo process is there to clean up the PAM session when the command finishes and is needed for correct PAM session support.

In sudo 1.8.8 and higher you can work around this with a line like the following in sudoers:

Defaults !pam_session,!pam_setcred

This will disable the PAM session support and there will not be an extra sudo process.

If you are using the RedHat you can get the same effect with:

Defaults cmnd_no_wait

in sudoers.
Comment 4 yogesh 2015-09-26 09:37:04 MDT 
Thanks Miller sir.
Yes, it is working fine.
Comment 5 Todd C. Miller 2015-09-26 10:55:50 MDT 
Created attachment 462 [details]
Patch to make sudo kill itself with the same signal the command it runs dies from

The attached patch, relative to sudo 1.8.15b4 should make sudo have the behavior that bash expects.
Comment 6 Todd C. Miller 2015-11-01 15:24:57 MST 
Fixed in sudo 1.8.15
First Last Prev Next    This bug is not in your last search results.