Bug 603819

Summary: sudo - fix printing of entries with multiple host entries on a single line.
Product: Red Hat Enterprise Linux 5 Reporter: ritz <rkhadgar>
Component: sudoAssignee: Daniel Kopeček <dkopecek>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: high Docs Contact:
Priority: high    
Version: 5.5CC: amarecek, dkopecek, hklein, sgrubb
Target Milestone: rcKeywords: Patch, Regression
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: sudo-1.7.2p1-10.el5 Doc Type: Bug Fix
Doc Text:
When the /etc/sudoers file contained entries with multiple hosts, running the "sudo -l" command incorrectly reported that a certain user does not have permissions to use sudo on the system. With this update, the underlying source code has been modified to target this issue, and running the "sudo -l" command now produces the correct output.
 Story Points: ---
Clone Of:
: 603823 (view as bug list) Environment:
Last Closed: 2011-01-13 23:08:35 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
patch based on upstream none

Description ritz 2010-06-14 16:10:50 UTC 
Created attachment 423888 [details]
sudoers file

Description of problem:
sudo -l ignores configured commands an mixes up configurations for other hosts.

Version-Release number of selected component (if applicable):
- sudo-1.7.2p1-5.el5.x86_64

How reproducible:
always

Steps to Reproduce:
1. place the attached file in "/etc/sudoers"
2. Update "myhostname" in attached file to reflect your system's hostname
3. login as oracle
4. sudo -l
  
Actual results:
$ sudo -l
Sorry, user oracle may not run sudo on localhost.


Expected results:
$ sudo -l
User oracle may run the following commands on this host:
    (ALL) NOPASSWD: /net/nimserv/appldata/oracle/920_64/Disk1/rootpre.sh,
    /net/nimserv/appldata/oracle/10/dvd1/database/rootpre/rootpre.sh,
    /net/nimserv/appldata/oracle/10/oem/cd1/rootpre/rootpre.sh,
    /net/nimserv/appldata/oracle/10/dvd1/database/rootpre/rootpre.sh.aix61,
    /net/nimserv/appldata/oracle/10/Client/Disk/rootpre/rootpre.sh,
    /net/nimserv/appldata/oracle/10/oem/gc/rootpre/rootpre.sh,
    /db/main/oraInventory/orainstRoot.sh, /db/main/ora920/root.sh,
    /db/main/ora102/root.sh, /db/main/ora10204/root.sh,
    /db/main/admin/oms10g/root.sh, /db/main/ora10204/orainstRoot.sh,
    /db/main/agent10g/root.sh, /db/main/agent/root.sh,
    /db/main/oms10g/oms10g/allroot.sh, /db/main/oms10g/allroot.sh,
    /db/main/agent10gR5/agent10g/root.sh, /usr/sbin/slibclean,
    /oracle/*/920_64/root.sh, /tmp/orainstRoot.sh, /sbin/vgdisplay,
    /sbin/lvdisplay, /sbin/lslv, /sbin/lsvg, /tmp/rootpre/rootpre.sh



Additional info:
http://sudo.ws/repos/sudo/rev/226ceaf91d8d
Comment 1 ritz 2010-06-14 16:13:22 UTC 
Created attachment 423889 [details]
patch based on upstream
Comment 8 Jaromir Hradilek 2010-11-29 12:58:37 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
When the /etc/sudoers file contained entries with multiple hosts, running the "sudo -l" command incorrectly reported that a certain user does not have permissions to use sudo on the system. With this update, the underlying source code has been modified to target this issue, and running the "sudo -l" command now produces the correct output.
Comment 10 errata-xmlrpc 2011-01-13 23:08:35 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0079.html