Bugzilla – Bug 728
Sudo truncates the final environment variable to 8 characters
Last modified: 2018-01-16 14:02:57 MST
For this bug to work, all of the following must be true: - The affected variable is the final one in the original user's environment, as printed by the env(1) utility; - The last variable in the original user's environment must be in keep_env sudo configuration; - The environment must be appended with account related variables, such as USERNAME as is done in ; - For the bug to be noticed, the variablename, equals sign and the variable's value must exceed 8 characters. First noticed this bug, when sudoedit on a vty reported unknown terminal. The terminal was set to xterm, which should be (and is) available on a system level and on a vty happens to be the last variable printed. The one before that was/is PATH. After more careful reading noticed that the reported unknown terminal was "xte". So a couple of tests: sudo env: TERM=xte env TERM=xterm sudo env: env: not found env TERM=xterm env|tail -1: PATH=.... env TERM=xterm env|head -1: TERM=xterm env TERM=xterm sudo /usr/bin/env |grep PATH: PATH=/sb env -i NONEXISTENT=true sudo env |grep NONEXISTENT: empty env -i NONEXISTENT=true sudo -E env | grep NONEXISTENT: NONEXISTENT=true # Note, CPP is in env_keep env -i CPP=56789 sudo env|grep CPP: CPP=5678 Repeated this with -A1 on greps, and each time USERNAME or USER was the next.
That's an odd one. I haven't been able to reproduce the problem, what version of FreeBSD are you running? Please add the following to /etc/sudo.conf: Debug sudoers.so Debug sudoers.so /var/log/sudoers_debug env@debug and attach the log file to this bug.
Are you able to reproduce this problem with the latest version of sudo, 1.8.20?
Ive been unable to reproduce this problem. If it still occurs with sudo 1.8.22 please re-open the bug and attach debug log output.