Bug 579939 - Update to sudo-1.7.2p1 requires TTY even when that flag is off
Summary: Update to sudo-1.7.2p1 requires TTY even when that flag is off
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sudo
Version: 5.4
Hardware: x86_64
OS: Linux
low
high
Target Milestone: rc
: ---
Assignee: Daniel Kopeček
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-04-07 01:43 UTC by Peter Burkholder
Modified: 2011-08-22 13:13 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-08-22 13:13:04 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)

Description Peter Burkholder 2010-04-07 01:43:35 UTC
Description of problem:

Upgrading from sudo-1.6.9p17-6.el5_4 to sudo-1.7.2p1-5.el5 broke shell scripts that called sudo scripts over ssh


Version-Release number of selected component (if applicable):


How reproducible:

1. start with a 1.6.9 system
2. confirm that requiretty is not in the sudoers file:

$ sudo grep requiretty /etc/sudoers
# Defaults    requiretty


3. run script from remote machine

remote$ /usr/bin/ssh -n -l day cms2.aarp.net \
    'exec /some/path/to/script/with/sudo/in/it'

4. upgrade

$ sudo rpm -Uvh sudo-1.7.2p1-5.el5.x86_64.rpm

5. Run same script from remote machine

remote$ /usr/bin/ssh -n -l day cms2.aarp.net \
    'exec /some/path/to/script/with/sudo/in/it'
sudo: no tty present and no askpass program specified

6. Unhappy fail. 

Additional info:

Comment 1 Daniel Kopeček 2010-04-19 13:00:29 UTC
Please, try:
 Defaults visiblepw

If it works, then sudo was unable to disable echo on the allocated tty or no tty is allocated (exec?).

Comment 2 Kal McFate 2010-04-23 16:36:54 UTC
This option would be fine to enable old behavior, however if you add this option to systems still running sudo 1.6.9 it breakes sudo entirely with the following:

sudo: unknown defaults entry `visiblepw' referenced near line 6
sudo: parse error in /etc/sudoers near line 5

Comment 3 Daniel Kopeček 2011-08-22 13:13:04 UTC
Try to use the `-t' option when executing the command on the remote machine using ssh. This is mentioned in the comment above the 'Defaults requiretty' line in the sudoers file (in 1.7.x).

Feel free to reopen this bug if the above mentioned solution isn't appropriate for your problem.


Note You need to log in before you can comment on or make changes to this bug.