Bug 673157 - sudo fails to report error correctly when execv(3) fails
Summary: sudo fails to report error correctly when execv(3) fails
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sudo
Version: 5.6
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: rc
: ---
Assignee: Daniel Kopeček
QA Contact: Aleš Mareček
URL:
Whiteboard:
Depends On:
Blocks: 828707 828782
TreeView+ depends on / blocked
 
Reported: 2011-01-27 15:14 UTC by Roy Badami
Modified: 2012-06-05 11:20 UTC (History)
4 users (show)

Fixed In Version: sudo-1.7.2p1-11.el5
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 828707 828782 (view as bug list)
Environment:
Last Closed: 2012-02-21 03:21:47 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
CentOS 0004715 0 None None None Never
Red Hat Product Errata RHSA-2012:0309 0 normal SHIPPED_LIVE Low: sudo security and bug fix update 2012-02-21 07:25:01 UTC

Description Roy Badami 2011-01-27 15:14:26 UTC 
Description of problem:

sudo fails to report the error correctly when the execv(3) library call fails. This arises due to the sudo audit patch inserting into sudo.c a call to audit_logger() after the calls to execv() and before the call to warning().

The call to audit_logger() clobbers errno, resulting in warning() reporting an incorrect message (usually 'success').

The result is that you see errors such as

sudo: unable to exec <program>: success

Such errors seem to cause frequent confusion as the underlying failure of the execv(3) library call will not be evident. A google search finds several examples of people encountering this problem, usually without being able to determine the root cause.

http://www.google.com/search?source=ig&hl=en&rlz=&=&q=%22sudo%3A+unable+to+execute%22+success&btnG=Google+Search&aq=f&oq= 

The issue has been verified present in RHEL 5.6


Version-Release number of selected component (if applicable): sudo-1.7.2p1-10.el5


How reproducible: Always


Steps to Reproduce:

Perform the following steps:

cat <<EOF >foo
#!/bin/wibble
wibble wobble
EOF

chmod +x foo

#An attempt to exec foo will give an error due to a missing interpreter
#-bash: ./foo: /bin/wibble: bad interpreter: No such file or directory
./foo

#An attempt by sudo to exec foo will give a bogus error due to the issue described above
#sudo: unable to execute ./foo: Success
sudo ./foo

  
Actual results:

sudo: unable to execute ./foo: Success
    (or other incorrect message)


Expected results:

sudo: unable to execute ./foo: No such file or directory
    (or similar)


Additional info:

I believe this is the chunk of sudo-1.7.2p1-audit.patch that causes the problem

@@ -568,11 +586,17 @@ main(argc, argv, envp)
            NewArgv[1] = safe_cmnd;
            execv(_PATH_BSHELL, NewArgv);
        }
+#ifdef WITH_AUDIT
+ audit_logger(AUDIT_USER_CMD, safe_cmnd, user_args, 0);
+#endif
        warning("unable to execute %s", safe_cmnd);
        exit(127);
     } else if (ISSET(validated, FLAG_NO_USER | FLAG_NO_HOST)) {
        audit_failure(NewArgv, "No user or host");
        log_denial(validated, 1);
+#ifdef WITH_AUDIT
+ audit_logger(AUDIT_USER_CMD, safe_cmnd, user_args, 0);
+#endif
        exit(1);
     } else {
        if (def_path_info) {
Comment 3 errata-xmlrpc 2012-02-21 03:21:47 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0309.html
Note You need to log in before you can comment on or make changes to this bug.