Bug 1510002
| Summary: | Ensure that the command input (stdin) eating behaviour of Default log_input is documented | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Dalibor Pospíšil <dapospis> |
| Component: | sudo | Assignee: | Radovan Sroka <rsroka> |
| Status: | CLOSED ERRATA | QA Contact: | Dalibor Pospíšil <dapospis> |
| Severity: | high | Docs Contact: | |
| Priority: | medium | ||
| Version: | 7.4 | CC: | cww, daniele, dkopecek, jvymazal, rsroka |
| Target Milestone: | rc | Keywords: | Documentation, Triaged |
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | sudo-1.8.23-1.el7 | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2018-10-30 11:09:01 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1547974 | ||
| Bug Blocks: | 1477664 | ||
|
Description
Dalibor Pospíšil
2017-11-06 14:32:56 UTC
Hi guys, after some investigation we can say that this is not a bug. The problem is that "sudo" and "read" stdin is inherited from while. "read" reads 1st line from stdin and then sudo is called and io-logging plugin consumes the rest of the stdin. stdin content is not supposed to be for "sudo" but sudo has no idea whether stdin is shared or not. It is much better to use some of the following work arounds to avoid confusion. printf "a\nb\nc\n" | sudo bash -c 'while read a; do echo $a; done' printf "a\nb\nc\n" | while read a; do sudo echo $a 0<&- ; done printf "a\nb\nc\n" | while read a; do : | sudo echo $a ; done It is also documented in manual (man sudoers). "Anything sent to the standard input will be consumed, regardless of whether or not the command run via sudo is actually reading the standard input. This may have unexpected results when using sudo in a shell script that expects to process the standard input." ---> log_input documentation https://www.sudo.ws/man/1.8.22/sudoers.man.html So do I understand correctly, that sudo eats all the input up, except for the first line, before the read gets in line? (In reply to Dalibor Pospíšil from comment #3) > So do I understand correctly, that sudo eats all the input up, except for > the first line, before the read gets in line? It should be like that: printf "usqpsinfra1\nusqpsinfra2\n" | while read node; do sudo echo $node; done $ bash -x test + read node <--- read was forked from while + printf 'usqpsinfra1\nusqpsinfra2\n' <--- send data to while's stdin + <--- read eats the first line + sudo echo usqpsinfra1 <--- sudo was forked from while with first line as argument and it eats the rest of stdin usqpsinfra1 <--- stdout of sudo + read node <--- read has no input so loop is over $ Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2018:3199 |