[Bug 1829609] [NEW] files in sudoers.d no longer being read or honored

oshunluvr stuartksmith at gmail.com
Sat May 18 13:43:34 UTC 2019 

Public bug reported:

Previously reported bug not ever assigned:
https://bugs.launchpad.net/ubuntu/+s...e/+bug/1584549

Currently using KDEneon User Edition LTS 18.04 fully updated.

No known entry format in /etc/sudoers.d/ appear to be read by sudoers
any longer. All files under /etc/sudoers.d/ are permissions 0440 and
root owned. visudo -c confirms the syntax passes the checks. Prior to
last month, files in suoders.d were read and worked IF you used the FQDM
and not the hostname (as should be allowed thus the prior bug report).
Some update must have broken the usage.

I have attempted the following formats in /etc/sudoers.d/apt;

stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-
get,/usr/bin/apt,/usr/bin/add-apt-repository,/usr/bin/apt-add-repository

stuart office = (root) NOPASSWD: /usr/bin/apt-get,/usr/bin/apt,/usr/bin
/add-apt-repository,/usr/bin/apt-add-repository

stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-get
stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt
stuart office.smith.lan = (root) NOPASSWD: /usr/bin/add-apt-repository
stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-add-repository

stuart ALL = (root) NOPASSWD: /usr/bin/apt-get,/usr/bin/apt,/usr/bin
/add-apt-repository,/usr/bin/apt-add-repository

ALL ALL= (root) NOPASSWD: /usr/bin/apt-get,/usr/bin/apt,/usr/bin/add-
apt-repository,/usr/bin/apt-add-repository

The first one above worked in 16.04. Prior to that (15.04) the second
one worked. I have tried all of these and none are honored.

apt-cache policy sudo
sudo:
  Installed: 1.8.21p2-3ubuntu1
  Candidate: 1.8.21p2-3ubuntu1
  Version table:
 *** 1.8.21p2-3ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
        100 /var/lib/dpkg/status

** Affects: hostname (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: sudo sudoers

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to hostname in Ubuntu.
https://bugs.launchpad.net/bugs/1829609

Title:
  files in sudoers.d no longer being read or honored

Status in hostname package in Ubuntu:
  New

Bug description:
  Previously reported bug not ever assigned:
  https://bugs.launchpad.net/ubuntu/+s...e/+bug/1584549

  Currently using KDEneon User Edition LTS 18.04 fully updated.

  No known entry format in /etc/sudoers.d/ appear to be read by sudoers
  any longer. All files under /etc/sudoers.d/ are permissions 0440 and
  root owned. visudo -c confirms the syntax passes the checks. Prior to
  last month, files in suoders.d were read and worked IF you used the
  FQDM and not the hostname (as should be allowed thus the prior bug
  report). Some update must have broken the usage.

  I have attempted the following formats in /etc/sudoers.d/apt;

  stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-
  get,/usr/bin/apt,/usr/bin/add-apt-repository,/usr/bin/apt-add-
  repository

  stuart office = (root) NOPASSWD: /usr/bin/apt-
  get,/usr/bin/apt,/usr/bin/add-apt-repository,/usr/bin/apt-add-
  repository

  stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-get
  stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt
  stuart office.smith.lan = (root) NOPASSWD: /usr/bin/add-apt-repository
  stuart office.smith.lan = (root) NOPASSWD: /usr/bin/apt-add-repository

  stuart ALL = (root) NOPASSWD: /usr/bin/apt-get,/usr/bin/apt,/usr/bin
  /add-apt-repository,/usr/bin/apt-add-repository

  ALL ALL= (root) NOPASSWD: /usr/bin/apt-get,/usr/bin/apt,/usr/bin/add-
  apt-repository,/usr/bin/apt-add-repository

  The first one above worked in 16.04. Prior to that (15.04) the second
  one worked. I have tried all of these and none are honored.

  apt-cache policy sudo
  sudo:
    Installed: 1.8.21p2-3ubuntu1
    Candidate: 1.8.21p2-3ubuntu1
    Version table:
   *** 1.8.21p2-3ubuntu1 500
          500 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
          100 /var/lib/dpkg/status

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/hostname/+bug/1829609/+subscriptions

More information about the foundations-bugs mailing list