Bugzilla – Bug 922
The `sudo -e` command will empty files if the temp disk is out of space
Last modified: 2020-09-21 08:29:51 MDT
I went to edit a system configuration using `sudo -e /etc/nixos/configuration.nix`, but editing the configuration file failed because the disk was full. It seems that `sudo` program went ahead and emptied the original file, and now my system is broken. I assume that this is not expected behavior, but maybe I am mistaken. Either way, I thought that I'd log the bug in the case that it needed fixed.
What editor did you use and do you have SELinux enabled? I haven't been able to reproduce the problem locally. Sudo itself checks for write errors when creating its temporary files. However, if the disk filled up *after* the temp files were written successfully and your editor truncated the files sudo doesn't have a way to tell that something went wrong unless the editor exits with an error.
Wow! Thanks for the quick followup. My editor is neovim, no SE Linux. No fancy plugins that would change any dangerous buffer writing settings or anything. There was a daemon writing that was writing files and I didn't realize it had filled the disk, so maybe it was the second issue that you mentioned. In the end, the temp file seemed to have been written to but became empty - so it seems sudo went ahead and moved the empty file over? I wonder if sudo could have a safety check for the case of an empty file, but maybe that's more of a nuisance than a useful thing?
Sudo could do an extra check when the edited file is zero length but the original was not and prompt the user for what to do. Editing a file to be zero length might not always be wrong but it is suspicious.
Added a prompt when the resulting file will become zero bytes: https://www.sudo.ws/repos/sudo/rev/8bfaa57d5bd4
In sudo 1.9.3, sudoedit will now prompt the user before overwriting an existing file with one that is zero-length after editing.