touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #57924
[Bug 1249777] Re: libsss-sudo generated nsswitch.conf leads to error messages upon sudo invocation
** Also affects: sudo (Ubuntu)
Importance: Undecided
Status: New
** Changed in: sudo (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1249777
Title:
libsss-sudo generated nsswitch.conf leads to error messages upon sudo
invocation
Status in sssd package in Ubuntu:
Confirmed
Status in sudo package in Ubuntu:
Fix Released
Status in sudo package in Fedora:
Unknown
Bug description:
Hello,
the postinst script for libsss-sudo adds the following line to
/etc/nsswitch.conf:
sudoers: files sss
On my LDAP+krb5 setup, this leads to the following error message when
either LDAP or local users invoke sudo:
Nov 9 17:34:41 charon sudo: oliver : problem with defaults entries
; TTY=pts/0 ; PWD=/etc ;
The sudo invocation succeeds nonetheless, so this is mainly an
annoying cosmetic issue, since a mail is sent to root everytime
someone runs sudo.
Running a debug trace on sudo shows the following:
Nov 9 17:34:41 sudo[3297] <- update_defaults @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/defaults.c:528 := true
Nov 9 17:34:41 sudo[3297] <- sudo_file_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/parse.c:146 := 0
Nov 9 17:34:41 sudo[3297] -> sudo_sss_open @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:243
Nov 9 17:34:41 sudo[3297] <- sudo_sss_open @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:298 := 0
Nov 9 17:34:41 sudo[3297] -> sudo_sss_parse @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:319
Nov 9 17:34:41 sudo[3297] <- sudo_sss_parse @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:320 := 0
Nov 9 17:34:41 sudo[3297] -> sudo_sss_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:331
Nov 9 17:34:41 sudo[3297] Looking for cn=defaults
Nov 9 17:34:41 sudo[3297] handle->fn_send_recv_defaults: != 0, sss_error=32570
Nov 9 17:34:41 sudo[3297] <- sudo_sss_setdefs @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/sssd.c:343 := -1
Nov 9 17:34:41 sudo[3297] -> log_error @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:473
Nov 9 17:34:41 sudo[3297] -> vlog_error @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:421
Nov 9 17:34:41 sudo[3297] -> set_perms @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/set_perms.c:116
Nov 9 17:34:41 sudo[3297] set_perms: PERM_ROOT: uid: [0, 0, 0] -> [0, 0, 0]
Nov 9 17:34:41 sudo[3297] -> sudo_grlist_addref @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/pwutil.c:770
Nov 9 17:34:41 sudo[3297] <- sudo_grlist_addref @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/pwutil.c:772
Nov 9 17:34:41 sudo[3297] <- set_perms @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/set_perms.c:350 := true
Nov 9 17:34:41 sudo[3297] -> new_logline @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:746
Nov 9 17:34:41 sudo[3297] <- new_logline @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:867 := problem with defaults entries ; TTY=pts/0 ; PWD=/etc ;
Nov 9 17:34:41 sudo[3297] -> send_mail @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:524
Nov 9 17:34:41 sudo[3297] -> do_syslog @ /build/buildd/sudo-1.8.6p3/plugins/sudoers/logging.c:138
I have found a similar report in Redhat's Bugzilla, but I'm not
entirely sure if it's the same problem. There are slight differences
in the debug trace: https://bugzilla.redhat.com/show_bug.cgi?id=879633
Removing the "sss" statement from the sudoers line in nsswitch.conf
works around the problem.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1249777/+subscriptions
