Ubuntu
policykit-1 package

  1. Bug #1784964
  2. Comment #11

Comment 11 for bug 1784964

Revision history for this message
Alex Murray (alexmurray) wrote : Re: Regression due to CVE-2018-1116 (processes not inheriting user ID or groups )

I've tried replicating your setup in a fresh bionic VM (ie. using tmux as default shell which then launches bash) and I can't replicate this:

amurray@sec-bionic-amd64:~$ grep amurray /etc/passwd
amurray:x:1000:1000:Ubuntu,,,:/home/amurray:/usr/bin/tmux
amurray@sec-bionic-amd64:~$ echo $SHELL
/bin/bash
amurray@sec-bionic-amd64:~$ cat /etc/tmux.conf
set -g default-shell /bin/bash
amurray@sec-bionic-amd64:~$ groups
amurray adm cdrom sudo dip plugdev lpadmin sambashare

This is all from within a graphic gnome-terminal launched after logging into the desktop (see picture which I will attach separately).

Can you perhaps try and provide more details on how I could try and replicate this?

A couple things to try

1. I've rebuilt polkit-1 with some extra debugging to try and flag when UIDs mismatch - this should end up in the following PPA https://launchpad.net/~alexmurray/+archive/ubuntu/lp1784964 which you could try installing from and seeing if journalctl shows anything?

2. Can you try downgrading polkit-1 and see if that resolves the issue?