Terminal hangs running sudo when "use_pty" is set in /etc/sudoers

Bug #1895757 reported by Alejandro Santoyo Gonzalez on 2020-09-15
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Undecided
Unassigned
Bionic
High
Heitor Alves de Siqueira

Bug Description

[Impact]
sudo commands can hang when IO logging is enabled

[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.

The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)

$ rmadison sudo
 sudo | 1.8.16-0ubuntu1 | xenial | source, ...
 sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
 sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
 sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
 sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
 sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
 sudo | 1.8.31-1ubuntu1 | focal | source, ...
 sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
 sudo | 1.9.1-1ubuntu1 | groovy | source, ...

Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).

[Test Case]

1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done

The terminal will hang during syslog output.

[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.

A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.

--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.

Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):

1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done

The terminal hangs and the following backtrace is obtained:

(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294

A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401.

Related branches

description: updated
description: updated
description: updated
Changed in sudo (Ubuntu):
status: New → Fix Released
Changed in sudo (Ubuntu Bionic):
status: New → In Progress
importance: Undecided → High
assignee: nobody → Heitor Alves de Siqueira (halves)
tags: added: sts
tags: added: sts-sponsor

Builds for this patchset have been uploaded to:
https://launchpad.net/~halves/+archive/ubuntu/lp1895757

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers