Bug 918 – Having read only file system will effectively disable sudo

Bug 918 - Having read only file system will effectively disable sudo


Summary:	Having read only file system will effectively disable sudo

Status:	RESOLVED FIXED

Product:	Sudo
Classification:	Unclassified
Component:	Sudoreplay
Version:	1.8.21
Hardware:	PC Linux

Importance:	low low
Assigned To:	Todd C. Miller

URL:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2020-03-01 04:06 MST by sudo
Modified:	2020-03-01 08:59 MST (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description sudo 2020-03-01 04:06:06 MST

Hi.

I had a server turn the root file system into read only after a file system corruption and when I tried to investigate it using sudo, it no longer allows me to run any sudo commands as sudo quits saying that /var/log/sudo-io/ is read only and cannot be written with sudoreplay in effect.

Somehow I still could run 'sudo reboot' but is there a way to run sudo in these situations?

I do not really want non root users to be able to disable sudo logging as enforcing it was part of the reason I use it for security auditing.

I cannot think of a good way to circumvent but possibly write the log to memory (or a predefined tmpfs) until the file system becomes writeable again?

Thanks.

Comment 1 Todd C. Miller 2020-03-01 08:38:31 MST

If you set the ignore_iolog_errors flag in sudo, you will be able to run commands even when I/O logging cannot be performed.  E.g.

Defaults ignore_iolog_errors

The reason you could run reboot is  due to a line in sudoers that disables log_output for the reboot command.  Something like:

Cmnd_Alias    REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
Defaults!REBOOT !log_output

Comment 2 sudo 2020-03-01 08:59:12 MST

Thank you for the config tip!