Terminal hangs running sudo when "use_pty" is set in /etc/sudoers
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sudo (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
High
|
Heitor Alves de Siqueira |
Bug Description
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d
SUDO_1_8_23
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
=> sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d01599
#1 0x00007f751d8b146a in poll (__timeout=
#2 sudo_ev_scan_impl (base=base@
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@
#4 0x000055d01570597a in del_io_events (nonblocking=
#5 0x000055d015707b97 in pty_close (cstat=
#6 exec_pty (details=
#7 0x000055d015701178 in sudo_execute (details=
#8 0x000055d01570e15b in run_command (details=
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/
A similar (most likely the same) bug has been reported here https:/
Related branches
- Eric Desrochers: Pending requested
- git-ubuntu developers: Pending requested
-
Diff: 108 lines (+86/-0)3 files modifieddebian/changelog (+7/-0)
debian/patches/0001-In-pty_close-close-the-slave-and-remove-any-events-a.patch (+78/-0)
debian/patches/series (+1/-0)
description: | updated |
description: | updated |
description: | updated |
Changed in sudo (Ubuntu): | |
status: | New → Fix Released |
Changed in sudo (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Heitor Alves de Siqueira (halves) |
tags: | added: sts |
tags: | added: sts-sponsor |
description: | updated |
description: | updated |
description: | updated |
Builds for this patchset have been uploaded to: /launchpad. net/~halves/ +archive/ ubuntu/ lp1895757
https:/