Bugzilla – Bug 749
sudo 1.8.17: new files are created with the primary group of the caller and not as root
Last modified: 2016-06-22 14:26:51 MDT
Until version 1.8.17 a new file created with sudo has the owner/group root:root, whereas with 1.8.17 it's root:users if users is the primary group of the caller: Linux system with shadow passwd and without PAM, sudo build from sources, configured with ./configure --prefix=/usr --without-pam # cat /etc/sudoers juergen ALL = NOPASSWD: /bin/touch with sudo 1.8.17: $:~> whoami juergen $:~> umask 0022 $:~> sudo touch /tmp/sudo.test1 $:~> ls -al /tmp/sudo.* -rw-r--r-- 1 root users 0 Jun 22 14:39 /tmp/sudo.test1 $:~> with sudo 1.8.16: $:~> sudo touch /tmp/sudo.test2 $:~> ls -al /tmp/sudo.* -rw-r--r-- 1 root users 0 Jun 22 14:39 /tmp/sudo.test1 -rw-r--r-- 1 root root 0 Jun 22 14:40 /tmp/sudo.test2 $:~> Thanks
There was a bug introduced in 1.8.17 where the groups are not set when there is no session initialization required and the command is no being run in a pty.
Created attachment 476 [details] Do group setup when the plugin has no session initialization function
This is fixed by https://www.sudo.ws/repos/sudo/rev/3bf16489800c
Confirmed, 1.8.17p1 works again for me. Many thanks for the quick fix and for sudo as a whole!