Bug 673157 - sudo fails to report error correctly when execv(3) fails
sudo fails to report error correctly when execv(3) fails
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sudo (Show other bugs)
5.6
All Linux
unspecified Severity medium
: rc
: ---
Assigned To: Daniel Kopeček
Aleš Mareček
:
Depends On:
Blocks: 828707 828782
  Show dependency treegraph
 
Reported: 2011-01-27 10:14 EST by Roy Badami
Modified: 2012-06-05 07:20 EDT (History)
4 users (show)

See Also:
Fixed In Version: sudo-1.7.2p1-11.el5
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 828707 828782 (view as bug list)
Environment:
Last Closed: 2012-02-20 22:21:47 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
CentOS 0004715 None None None Never

  None (edit)
Description Roy Badami 2011-01-27 10:14:26 EST
Description of problem:

sudo fails to report the error correctly when the execv(3) library call fails. This arises due to the sudo audit patch inserting into sudo.c a call to audit_logger() after the calls to execv() and before the call to warning().

The call to audit_logger() clobbers errno, resulting in warning() reporting an incorrect message (usually 'success').

The result is that you see errors such as

sudo: unable to exec <program>: success

Such errors seem to cause frequent confusion as the underlying failure of the execv(3) library call will not be evident. A google search finds several examples of people encountering this problem, usually without being able to determine the root cause.

http://www.google.com/search?source=ig&hl=en&rlz=&=&q=%22sudo%3A+unable+to+execute%22+success&btnG=Google+Search&aq=f&oq= 

The issue has been verified present in RHEL 5.6


Version-Release number of selected component (if applicable): sudo-1.7.2p1-10.el5


How reproducible: Always


Steps to Reproduce:

Perform the following steps:

cat <<EOF >foo
#!/bin/wibble
wibble wobble
EOF

chmod +x foo

#An attempt to exec foo will give an error due to a missing interpreter
#-bash: ./foo: /bin/wibble: bad interpreter: No such file or directory
./foo

#An attempt by sudo to exec foo will give a bogus error due to the issue described above
#sudo: unable to execute ./foo: Success
sudo ./foo

  
Actual results:

sudo: unable to execute ./foo: Success
    (or other incorrect message)


Expected results:

sudo: unable to execute ./foo: No such file or directory
    (or similar)


Additional info:

I believe this is the chunk of sudo-1.7.2p1-audit.patch that causes the problem

@@ -568,11 +586,17 @@ main(argc, argv, envp)
            NewArgv[1] = safe_cmnd;
            execv(_PATH_BSHELL, NewArgv);
        }
+#ifdef WITH_AUDIT
+ audit_logger(AUDIT_USER_CMD, safe_cmnd, user_args, 0);
+#endif
        warning("unable to execute %s", safe_cmnd);
        exit(127);
     } else if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
        audit_failure(NewArgv, "No user or host");
        log_denial(validated, 1);
+#ifdef WITH_AUDIT
+ audit_logger(AUDIT_USER_CMD, safe_cmnd, user_args, 0);
+#endif
        exit(1);
     } else {
        if (def_path_info) {
Comment 3 errata-xmlrpc 2012-02-20 22:21:47 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0309.html

Note You need to log in before you can comment on or make changes to this bug.