[Bug 1992025] Re: When sudo does not require a password, it alters stty as though it is reading a password

Utkarsh Gupta 1992025 at bugs.launchpad.net
Thu Aug 10 17:58:10 UTC 2023 

Ubuntu 22.10 (Kinetic Kudu) has reached end of life, so this bug will
not be fixed for that specific release.

** Changed in: sudo (Ubuntu Kinetic)
       Status: Triaged => Won't Fix

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1992025

Title:
  When sudo does not require a password, it alters stty as though it is
  reading a password

Status in sudo package in Ubuntu:
  Triaged
Status in sudo source package in Jammy:
  Confirmed
Status in sudo source package in Kinetic:
  Won't Fix

Bug description:
  Summary:
  Executing a sudo (that does not require a password) in a /bin/bash script leaves the terminal as though it is reading a password (-echo, -icrnl, -ixon, -opost, -isig, -icanon, -iexten)

  To recreate the problem: (See attached log)

  In a fresh install of 22.04.1 (desktop, minimal, do not load updates,
  no update done beyond iso data, running under Virtualbox on a Mac), I
  set up a new user that can run "sudo sleep" without a password.  In a
  Terminal, I demonstrate this, running "stty -a" before and after the
  "sudo sleep". Then I create a bash script with those same commands.
  When that script is run, the stty after the "sudo sleep" shows that
  the state of the terminal has been altered (-echo, etc.)

  The log starts immediately after the reboot after installing 22.04.1.
  I decline to do the update when it is offered. (The bug appears even
  if I do the update on 22.04.1, but I decline the update to make sure
  this is repeatable.)

  Basically, the steps are
    Create user "testuser"
    Add a file to /etc/sudoers.d that gives testuser sudo privs, with no password required for sleep.  (nor for "grep", but I dropped the use of grep in the demo)
    su - testuser
    Interactively, in the terminal, I show that "sudo sleep 30 &"  does not mess with the terminal settings.
    I create a /bin/bash script that includes the same commands (stty -a; sudo sleep 10 &; sleep 3; stty -a)
    I execute the script, which alters the terminal settings.(Quite visible on the Terminal; not as easily visible in the log file.)

  
  I expect the second "stty -a" to be the same as the first.

  I originally saw the bug in 20.04.5 (repeatable but on someone else's
  computer) for "sudo tcpdump" but wasn't able to reproduce it in a
  fresh install.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: sudo 1.9.9-1ubuntu2
  ProcVersionSignature: Ubuntu 5.15.0-48.54-generic 5.15.53
  Uname: Linux 5.15.0-48-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Thu Oct  6 10:40:03 2022
  InstallationDate: Installed on 2022-10-06 (0 days ago)
  InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 (20220809.1)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: sudo
  UpgradeStatus: No upgrade log present (probably fresh install)
  VisudoCheck:
   Error: command ['pkexec', '/usr/sbin/visudo', '-c'] failed with exit code 1: /etc/sudoers.d/testuser: bad permissions, should be mode 0440
   /etc/sudoers: parsed OK
   /etc/sudoers.d/README: parsed OK
  modified.conffile..etc.sudoers: [inaccessible: [Errno 13] Permission denied: '/etc/sudoers']
  modified.conffile..etc.sudoers.d.README: [inaccessible: [Errno 13] Permission denied: '/etc/sudoers.d/README']

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1992025/+subscriptions

More information about the foundations-bugs mailing list