[sudo-workers] sudo ignores child return code
Radovan Sroka
rsroka at redhat.com
Wed Aug 31 01:32:47 MDT 2016
There is a typo in script
$ cat test.sh
#/bin/asdsadsa --> should be #!/bin/asdsadsa
#useless script
I'm not talking about unrecognized interpreter line, I'm talking about use case where
interpreter doesn't exist.
Sorry for misunderstanding.
So if interpreter doesn't exist "bash -c ./test.sh" this will fail.
What do you think about that?
Should sudo fail as well?
---------------------------------------------------------
Radovan Sroka
Security Technologies | Red hat, Inc.
----- Original Message -----
From: "Todd C. Miller" <Todd.Miller at courtesan.com>
To: "Radovan Sroka" <rsroka at redhat.com>
Cc: sudo-workers at sudo.ws
Sent: Tuesday, August 30, 2016 7:08:19 PM
Subject: Re: [sudo-workers] sudo ignores child return code
On Tue, 30 Aug 2016 11:20:23 -0400, Radovan Sroka wrote:
> What shell are you using?
I've tried bash, dash, ksh and zsh on a fedora 23 VM. They all
behave the same for me.
> When I run this command via bash/sh result will be:
>
> $ sh|bash ./test.sh
> $ echo $?
> 0
>
> But in this use case bash|sh will not exec our script just interpret it.
Correct.
> "bash -c ./test.sh" exec it and will fail.
>
> So I still think that if sudo exec this script it should fail too.
Sorry, I don't agree. This would break scripts that don't include
the interpreter line. Lots of people rely on this. Furthermore,
the sudo behavior is consistent with how the exec(3) family of
functions behave. From the exec(3) manual on fedora 23:
If the header of a file isn't recognized (the attempted
execve(2) failed with the error ENOEXEC), these functions will
execute the shell (/bin/sh) with the path of the file as its
first argument. (If this attempt fails, no further searching
is done.)
- todd
More information about the sudo-workers
mailing list