sudo overwrites sudoers after dist-upgrade

Bug #761689 reported by Ahmed Soliman on 2011-04-15
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Critical
Michael Vogt
Natty
Critical
Michael Vogt

Bug Description

Binary package hint: sudo

start with ami-46906c2f on amazon ec2, apt-get update; apt-get dist-upgrade; reboot
and sudo asks for a password.

This probably happens because sudoers is overwritten and we lose the 'ubuntu' user entry

Related branches

Scott Moser (smoser) on 2011-04-15
tags: added: ec2-images uec-images
Scott Moser (smoser) wrote :

I can confirm this.
  I'm not really sure how this fails, or why we didn't see it before. It would seem to be a regression (by changelog inspection) 1.7.4p4-5ubuntu5 .
  ec2-images have a custom /etc/sudoers. It takes the default sudoers (well, a default from some point) and adds
|
| # ubuntu user is default user in ec2-images.
| # It needs passwordless sudo functionality.
| ubuntu ALL=(ALL) NOPASSWD:ALL

The images most certainly should use a sudoers.d entry, but I dont think that this existed at some point in the past, or I wasn't aware of it. Either way, this completely breaks instance as there is no other way into root by default.

Changed in sudo (Ubuntu):
importance: Undecided → Critical
milestone: none → ubuntu-11.10
status: New → Confirmed

Architecture: amd64
DistroRelease: Ubuntu 11.04
Ec2AMI: ami-46906c2f
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: t1.micro
Ec2Kernel: aki-427d952b
Ec2Ramdisk: unavailable
Package: sudo 1.7.4p4-5ubuntu5
PackageArchitecture: amd64
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: User Name 2.6.38-8.42-virtual 2.6.38.2
Tags: natty ec2-images
Uname: Linux 2.6.38-8-virtual x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm admin audio cdrom dialout dip floppy plugdev video
VisudoCheck: /etc/sudoers: parsed OK

tags: added: apport-collected natty

apport information

apport information

Scott Moser (smoser) on 2011-04-15
Changed in sudo (Ubuntu):
milestone: ubuntu-11.10 → ubuntu-11.04
description: updated
Michael Vogt (mvo) on 2011-04-15
Changed in sudo (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Michael Vogt (mvo)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sudo - 1.7.4p4-5ubuntu7

---------------
sudo (1.7.4p4-5ubuntu7) natty; urgency=low

  * debian/sudo.preinst:
    - do not consider the ec2 vmbuilder default sudoers file
      verbatim as its actually customized (LP: #761689)
 -- Michael Vogt <email address hidden> Fri, 15 Apr 2011 16:40:10 +0200

Changed in sudo (Ubuntu Natty):
status: In Progress → Fix Released
Scott Moser (smoser) wrote :

I opened bug 768625 to address ec2/uec images a little better.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers