Terminal hangs running sudo when "use_pty" is set in /etc/sudoers

Bug #1895757 reported by Alejandro Santoyo Gonzalez on 2020-09-15
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Undecided
Unassigned
Bionic
High
Heitor Alves de Siqueira

Bug Description

[Impact]
sudo commands can hang when IO logging is enabled

[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.

The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)

$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23

$ rmadison sudo
 sudo | 1.8.16-0ubuntu1 | xenial | source, ...
 sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
 sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
 sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
 sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
 => sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
 sudo | 1.8.31-1ubuntu1 | focal | source, ...
 sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
 sudo | 1.9.1-1ubuntu1 | groovy | source, ...

Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).

[Test Case]

1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done

The terminal will hang during syslog output.

[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.

A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.

--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.

Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):

1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done

The terminal hangs and the following backtrace is obtained:

(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294

A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401.

Related branches

description: updated
description: updated
description: updated
Changed in sudo (Ubuntu):
status: New → Fix Released
Changed in sudo (Ubuntu Bionic):
status: New → In Progress
importance: Undecided → High
assignee: nobody → Heitor Alves de Siqueira (halves)
tags: added: sts
tags: added: sts-sponsor

Builds for this patchset have been uploaded to:
https://launchpad.net/~halves/+archive/ubuntu/lp1895757

Eric Desrochers (slashd) on 2020-09-30
description: updated
description: updated
description: updated
Eric Desrochers (slashd) wrote :

[sts-sponsors]

I have sponsored it in bionic.

Thanks for your contribution Heitor

- Eric

Hello Alejandro, or anyone else affected,

Accepted sudo into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/sudo/1.8.21p2-3ubuntu1.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in sudo (Ubuntu Bionic):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-bionic

All autopkgtests for the newly accepted sudo (1.8.21p2-3ubuntu1.3) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

openssh/1:7.6p1-4ubuntu0.3 (armhf, arm64, i386, ppc64el, amd64, s390x)
gvfs/1.36.1-0ubuntu1.3.3 (amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#sudo

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Looked at the autopkgtest regressions:

gvfs2 passed on retry.

openssh fails with -updates and -release too.
openssh is missing the test-case fix currently in -proposed (openssh/1:7.6p1-4ubuntu0.4)

to confirm, i ran openssh autopkgtests w/ openssh from -proposed; it passes.
however, when trying w/ openssh from -proposed + sudo -proposed, it failed again (differently.)

so apparently there's more in there.

i triggered tests w/ openssh from -proposed + sudo from -updates and -release,
to confirm if it's really a regression from this patch, after fixing openssh.

currently running / see details in:
https://autopkgtest.ubuntu.com/packages/o/openssh/bionic/amd64

Hi SRU team,

All autopkgtest failures in #4 are now passing on all architectures.
- gvfs/amd64 was flaky, passed on retry.
- openssh/* needs the test-case fix staged in bionic-proposed;
  passed by adding openssh/1:7.6p1-4ubuntu0.4 to the triggers.

(Thanks @halves for spotting a flaky/false-negative result in #5.)

Results:
-------

Version Triggers Date Duration Requester Result

gvfs/amd64 [1]
1.36.1-0ubuntu1.3.3 sudo/1.8.21p2-3ubuntu1.3 2020-10-08 13:45:28 UTC 0h 04m 00s mfo pass

openssh/amd64 [2]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 19:27:35 UTC 0h 19m 30s mfo pass

openssh/arm64 [3]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 20:29:37 UTC 0h 32m 55s mfo pass

openssh/armhf [4]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 20:43:55 UTC 0h 42m 08s mfo pass

openssh/i386 [5]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 20:19:33 UTC 0h 21m 36s mfo pass

openssh/ppc64el [6]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 20:22:09 UTC 0h 20m 32s mfo pass

openssh/s390x [7]
1:7.6p1-4ubuntu0.4 sudo/1.8.21p2-3ubuntu1.3 openssh/1:7.6p1-4ubuntu0.4 2020-10-20 20:13:52 UTC 0h 16m 22s mfo pass

[1] https://autopkgtest.ubuntu.com/packages/gvfs/bionic/amd64
[2] https://autopkgtest.ubuntu.com/packages/openssh/bionic/amd64
[3] https://autopkgtest.ubuntu.com/packages/openssh/bionic/arm64
[4] https://autopkgtest.ubuntu.com/packages/openssh/bionic/armhf
[5] https://autopkgtest.ubuntu.com/packages/openssh/bionic/i386
[6] https://autopkgtest.ubuntu.com/packages/openssh/bionic/ppc64el
[7] https://autopkgtest.ubuntu.com/packages/openssh/bionic/s390x

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers