Ubuntu
shadow package

killing su does not kill subprocess (SIGTERM not propagated)

Bug #1690820 reported by Radu Duta
264
This bug affects 3 people
Affects Status Importance Assigned to Milestone
shadow (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Problem first appeared in login_4.1.5.1-1ubuntu9.4 and version login_4.1.5.1-1ubuntu9.2 was not affected.

Example where the subprocess 115576 has not been terminated:
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# pkill sleep; ./su test -c 'sleep 9999'&
[1] 115575
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# kill $!
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# ...waiting for child to terminate.
pgrep sleep
115576
[1]+ Exit 255 ./su test -c 'sleep 9999'
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# pgrep sleep
115576

Expected behavior:
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# pkill sleep; ./su test -c 'sleep 9999' &
[1] 115503
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# kill $!
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src#
Session terminated, terminating shell... ...terminated.
 ...terminated.

[1]+ Exit 143 ./su test -c 'sleep 9999'
root@ubuntu:~/sudebug/src/shadow-4.1.5.1/src# pgrep sleep

See original description
Radu Duta (rduta)
description: updated
Marc Deslauriers (mdeslaur)
information type: Public → Public Security
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Thanks for filing, Radu.

The commit which fixed it is in this PR:

https://github.com/shadow-maint/shadow/pull/72

(wget https://github.com/shadow-maint/shadow/pull/72.patch)

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in shadow (Ubuntu):
status: New → Confirmed
Revision history for this message
Seth Arnold (seth-arnold) wrote :

Radu, thanks for the top-notch bug report.

Serge, Tobias, thanks for the rapid fix.

https://www.ubuntu.com/usn/usn-3276-2/

Changed in shadow (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.