| 2020-09-15 22:52:28 |
Alejandro Santoyo Gonzalez |
bug |
|
|
added bug |
| 2020-09-15 22:57:51 |
Alejandro Santoyo Gonzalez |
description |
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce:
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following:
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following:
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-16 07:38:56 |
Alejandro Santoyo Gonzalez |
description |
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following:
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-16 10:02:01 |
Alejandro Santoyo Gonzalez |
nominated for series |
|
Ubuntu Bionic |
|
| 2020-09-16 10:02:01 |
Alejandro Santoyo Gonzalez |
bug task added |
|
sudo (Ubuntu Bionic) |
|
| 2020-09-23 20:55:24 |
Heitor Alves de Siqueira |
description |
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-23 20:55:48 |
Heitor Alves de Siqueira |
sudo (Ubuntu): status |
New |
Fix Released |
|
| 2020-09-23 20:55:52 |
Heitor Alves de Siqueira |
sudo (Ubuntu Bionic): status |
New |
In Progress |
|
| 2020-09-23 20:55:58 |
Heitor Alves de Siqueira |
sudo (Ubuntu Bionic): importance |
Undecided |
High |
|
| 2020-09-23 20:56:00 |
Heitor Alves de Siqueira |
sudo (Ubuntu Bionic): assignee |
|
Heitor Alves de Siqueira (halves) |
|
| 2020-09-23 20:56:06 |
Heitor Alves de Siqueira |
tags |
|
sts |
|
| 2020-09-23 21:05:35 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~halves/ubuntu/+source/sudo/+git/sudo/+merge/391237 |
|
| 2020-09-23 21:06:37 |
Heitor Alves de Siqueira |
tags |
sts |
sts sts-sponsor |
|
| 2020-09-23 21:06:44 |
Heitor Alves de Siqueira |
bug |
|
|
added subscriber STS Sponsors |
| 2020-09-30 15:18:53 |
Eric Desrochers |
description |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23^2~60
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-30 15:19:06 |
Eric Desrochers |
description |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23^2~60
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-30 15:19:21 |
Eric Desrochers |
description |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
[Impact]
sudo commands can hang when IO logging is enabled
[Description]
When doing cleanup in pty_close(), sudo can leave file descriptors and events
behind that would later cause poll() to wait on a "dead" pty. This can cause
sudo to hang when IO logging is enabled, due to the poll() timeouts.
The issue has been fixed upstream by the commit below:
- In pty_close() close the slave and remove any events associated (4df454310dae)
$ git describe --contains 4df454310dae96d01d09a05be89dc8c57fd4cef7
SUDO_1_8_23
$ rmadison sudo
sudo | 1.8.16-0ubuntu1 | xenial | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-security | source, ...
sudo | 1.8.16-0ubuntu1.9 | xenial-updates | source, ...
sudo | 1.8.21p2-3ubuntu1 | bionic | source, ...
sudo | 1.8.21p2-3ubuntu1.2 | bionic-security | source, ...
=> sudo | 1.8.21p2-3ubuntu1.2 | bionic-updates | source, ... <----
sudo | 1.8.31-1ubuntu1 | focal | source, ...
sudo | 1.8.31-1ubuntu1.1 | focal-updates | source, ...
sudo | 1.9.1-1ubuntu1 | groovy | source, ...
Xenial doesn't exhibit this behaviour, so fixes are only needed for Bionic
(Focal onwards already have the fix by default due to sudo version).
[Test Case]
1. Ensure /etc/sudoers contains 'Defaults use_pty'
2. Execute the following test command:
$ for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal will hang during syslog output.
[Regression Potential]
The fix introduces additional cleaning when closing/flushing pty devices, so the
regression potential should be low. It has been present upstream since
sudo-1.8.23, so it has seen thorough testing in most Linux distributions
including Ubuntu.
A regression could possibly cause issues when switching back out from sudo
sessions, as the changes only touch the pty_close path, but seems unlikely
considering the patch has been present in other Ubuntu releases as well.
--
An SSH terminal into an Ubuntu server (tested on 18.04.5) hangs running a command using 'sudo' when 'use_pty' is set in /etc/sudoers.
Steps to reproduce ('sudo' version --> 1.8.21p2-3ubuntu1.2):
1) Log in into an Ubuntu server (tested on 18.04.5 using SSH)
2) Ensure that /etc/sudoers has the following line (add this line if not present)
Defaults use_pty
3) Execute the following (test 'sudo' command):
for i in {1..10}; do sudo -- cat /var/log/syslog; done
The terminal hangs and the following backtrace is obtained:
(gdb) bt
#0 0x00007f751d5c8cc4 in __GI___poll (fds=0x55d0159917b0, nfds=1, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
#1 0x00007f751d8b146a in poll (__timeout=<optimized out>, __nfds=<optimized out>, __fds=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/poll2.h:46
#2 sudo_ev_scan_impl (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event_poll.c:155
#3 0x00007f751d8aa74d in sudo_ev_loop_v1 (base=base@entry=0x55d015990dc0, flags=flags@entry=0) at ../../../lib/util/event.c:617
#4 0x000055d01570597a in del_io_events (nonblocking=nonblocking@entry=false) at ../../src/exec_pty.c:1537
#5 0x000055d015707b97 in pty_close (cstat=0x7ffd074d6110) at ../../src/exec_pty.c:697
#6 exec_pty (details=details@entry=0x55d01591e0e0 <command_details>, cstat=cstat@entry=0x7ffd074d6110) at ../../src/exec_pty.c:1412
#7 0x000055d015701178 in sudo_execute (details=0x55d01591e0e0 <command_details>, cstat=0x7ffd074d6110) at ../../src/exec.c:391
#8 0x000055d01570e15b in run_command (details=0x55d01591e0e0 <command_details>) at ../../src/sudo.c:968
#9 0x000055d0156ff9a0 in main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at ../../src/sudo.c:294
A similar (most likely the same) bug has been reported here https://access.redhat.com/solutions/3404401. |
|
| 2020-09-30 15:50:11 |
Eric Desrochers |
bug |
|
|
added subscriber Eric Desrochers |
| 2020-09-30 15:50:13 |
Eric Desrochers |
removed subscriber STS Sponsors |
|
|
|
| 2020-10-01 17:39:19 |
Łukasz Zemczak |
sudo (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2020-10-01 17:39:20 |
Łukasz Zemczak |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2020-10-01 17:39:22 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2020-10-01 17:39:26 |
Łukasz Zemczak |
tags |
sts sts-sponsor |
sts sts-sponsor verification-needed verification-needed-bionic |
|
| 2020-10-23 15:55:24 |
Heitor Alves de Siqueira |
tags |
sts sts-sponsor verification-needed verification-needed-bionic |
sts sts-sponsor verification-done verification-done-bionic |
|
| 2020-10-26 11:32:25 |
Launchpad Janitor |
sudo (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2020-10-26 11:32:28 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
