← Back to team overview

touch-packages team mailing list archive

[Bug 1249777] Re: libsss-sudo generated nsswitch.conf leads to error messages upon sudo invocation

 

** Also affects: sudo (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: sudo (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1249777

Title:
  libsss-sudo generated nsswitch.conf leads to error messages upon sudo
  invocation

Status in sssd package in Ubuntu:
  Confirmed
Status in sudo package in Ubuntu:
  Fix Released
Status in sudo package in Fedora:
  Unknown

Bug description:
  Hello,

  the postinst script for libsss-sudo adds the following line to
  /etc/nsswitch.conf:

  sudoers:        files sss

  On my LDAP+krb5 setup, this leads to the following error message when
  either LDAP or local users invoke sudo:

  Nov  9 17:34:41 charon sudo:   oliver : problem with defaults entries
  ; TTY=pts/0 ; PWD=/etc ;

  The sudo invocation succeeds nonetheless, so this is mainly an
  annoying cosmetic issue, since a mail is sent to root everytime
  someone runs sudo.

  Running a debug trace on sudo shows the following:

  Nov  9 17:34:41 sudo[3297] <- update_defaults @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/defaults.c:528 := true
  Nov  9 17:34:41 sudo[3297] <- sudo_file_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/parse.c:146 := 0
  Nov  9 17:34:41 sudo[3297] -> sudo_sss_open @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:243
  Nov  9 17:34:41 sudo[3297] <- sudo_sss_open @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:298 := 0
  Nov  9 17:34:41 sudo[3297] -> sudo_sss_parse @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:319
  Nov  9 17:34:41 sudo[3297] <- sudo_sss_parse @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:320 := 0
  Nov  9 17:34:41 sudo[3297] -> sudo_sss_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:331
  Nov  9 17:34:41 sudo[3297] Looking for cn=defaults
  Nov  9 17:34:41 sudo[3297] handle->fn_send_recv_defaults: != 0, sss_error=32570
  Nov  9 17:34:41 sudo[3297] <- sudo_sss_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:343 := -1
  Nov  9 17:34:41 sudo[3297] -> log_error @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:473
  Nov  9 17:34:41 sudo[3297] -> vlog_error @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:421
  Nov  9 17:34:41 sudo[3297] -> set_perms @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/set_perms.c:116
  Nov  9 17:34:41 sudo[3297] set_perms: PERM_ROOT: uid: [0, 0, 0] -> [0, 0, 0]
  Nov  9 17:34:41 sudo[3297] -> sudo_grlist_addref @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/pwutil.c:770
  Nov  9 17:34:41 sudo[3297] <- sudo_grlist_addref @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/pwutil.c:772
  Nov  9 17:34:41 sudo[3297] <- set_perms @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/set_perms.c:350 := true
  Nov  9 17:34:41 sudo[3297] -> new_logline @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:746
  Nov  9 17:34:41 sudo[3297] <- new_logline @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:867 := problem with defaults entries ; TTY=pts/0 ; PWD=/etc ; 
  Nov  9 17:34:41 sudo[3297] -> send_mail @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:524
  Nov  9 17:34:41 sudo[3297] -> do_syslog @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:138

  I have found a similar report in Redhat's Bugzilla, but I'm not
  entirely sure if it's the same problem. There are slight differences
  in the debug trace: https://bugzilla.redhat.com/show_bug.cgi?id=879633

  Removing the "sss" statement from the sudoers line in nsswitch.conf
  works around the problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1249777/+subscriptions