[sudo-users] Fc9 sudo 1.6.9p13 - env_reset and PATH env var

Steve T stevetucknott at yahoo.co.uk
Sat Nov 22 04:46:28 EST 2008 

Apologies for chasing this, but I have tried various forums and got no
reply and I need to get sudo working as it was.
I can see that I can build sudo from source, but I need to know whether
the problem I'm getting is simply fixable via the sudoers settings or if
it is a bug in the FC9 version (I say that because if what I'm
experiencing is a bug, then compiling from source will have no effect).

Does anyone have any ideas how I can keep PATH and stop it from being
reset?

On Thu, 2008-11-20 at 12:50 +0000, Steve T wrote:

> I have been using sudo on FC from fc4 onwards.
> In FC9 the behaviour seems slightly different in as much that it now
> appears that env_reset is the default. That is fine in itself (it took a
> while to realise that you had to use !env_reset to turn this flag off) -
> but even with !env_reset in the sudoers file, the PATH is still being
> reset to ''presumably' a secure path. I've tried adding PATH to env_keep
> as well, but that had no effect, and trying to unset !secure_path causes
> an error in visudo. How can I keep the users PATH intact?     
> 
> I searched for env_reset in the archives and couldn't see anything
> relevant, but looking through the November threads I did see:
> sudo can't find an executable in my $PATH!
> 
> That entry seemed to be caused by a compile time setting of secure_path
> - but I looked at the sudo -V output for me and cant see that that is
> the case here.
> The sudo -V output is:
> Sudo version 1.6.9p13
> 
> Sudoers path: /etc/sudoers
> Authentication methods: 'pam'
> Syslog facility if syslog is being used for logging: authpriv
> Syslog priority to use when user authenticates successfully: notice
> Syslog priority to use when user authenticates unsuccessfully: alert
> Ignore '.' in $PATH
> Send mail if the user is not in sudoers
> Use a separate timestamp for each user/tty combo
> Lecture user the first time they run sudo
> Require users to authenticate by default
> Root may run sudo
> Allow some information gathering to give useful error messages
> Visudo will honor the EDITOR environment variable
> Set the LOGNAME and USER environment variables
> Length at which to wrap log file lines (0 for no wrap): 80
> Authentication timestamp timeout: 5 minutes
> Password prompt timeout: 5 minutes
> Number of tries to enter a password: 3
> Umask to use or 0777 to use user's: 022
> Address to send mail to: root
> Subject line for mail messages: *** SECURITY information for %h ***
> Incorrect password message: Sorry, try again.
> Path to authentication timestamp dir: /var/run/sudo
> Default password prompt: [sudo] password for %p: 
> Default user to run commands as: root
> Path to the editor for use by visudo: /bin/vi
> When to require a password for 'list' pseudocommand: any
> When to require a password for 'verify' pseudocommand: all
> File containing dummy exec functions: /usr/libexec/sudo_noexec.so
> Reset the environment to a default set of variables
> Environment variables to check for sanity:
>         TERM
>         LINGUAS
>         LC_*
>         LANGUAGE
>         LANG
>         COLORTERM
> Environment variables to remove:
>         RUBYOPT
>         RUBYLIB
>         PYTHONINSPECT
>         PYTHONPATH
>         PYTHONHOME
>         TMPPREFIX
>         ZDOTDIR
>         READNULLCMD
>         NULLCMD
>         FPATH
>         PERL5DB
>         PERL5OPT
>         PERL5LIB
>         PERLLIB
>         PERLIO_DEBUG 
>         JAVA_TOOL_OPTIONS
>         SHELLOPTS
>         GLOBIGNORE
>         PS4
>         BASH_ENV
>         ENV
>         TERMCAP
>         TERMPATH
>         TERMINFO_DIRS
>         TERMINFO
>         _RLD*
>         LD_*
>         PATH_LOCALE
>         NLSPATH
>         HOSTALIASES
>         RES_OPTIONS
>         LOCALDOMAIN
>         CDPATH
>         IFS
> Environment variables to preserve:
>         XAUTHORIZATION
>         XAUTHORITY
>         TZ
>         PS2
>         PS1
>         PATH
>         MAIL
>         LS_COLORS
>         KRB5CCNAME
>         HOSTNAME
>         DISPLAY
>         COLORS
> 
> ....so PATH appears to be in the list to be preserved, but gets reset.
> 
> The sudoers file is:
> ## Sudoers allows particular users to run various commands as
> ## the root user, without needing the root password.
> ##
> ## Examples are provided at the bottom of the file for collections
> ## of related commands, which can then be delegated out to particular
> ## users or groups.
> ## 
> ## This file must be edited with the 'visudo' command.
> 
> ## Host Aliases
> ## Groups of machines. You may prefer to use hostnames (perhaps using 
> ## wildcards for entire domains) or IP addresses instead.
> # Host_Alias     FILESERVERS = fs1, fs2
> # Host_Alias     MAILSERVERS = smtp, smtp2
> 
> ## User Aliases
> ## These aren't often necessary, as you can use regular groups
> ## (ie, from files, LDAP, NIS, etc) in this file - just use %groupname 
> ## rather than USERALIAS
> # User_Alias ADMINS = jsmith, mikem
> 
> 
> ## Command Aliases
> ## These are groups of related commands...
> 
> ## Networking
> Cmnd_Alias
> NETWORKING= /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
> 
> ## Installation and management of software
> Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
> 
> ## Services
> Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
> 
> ## Updating the locate database
> Cmnd_Alias LOCATE = /usr/sbin/updatedb
> 
> ## Storage
> Cmnd_Alias STORAGE
> = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
> 
> ## Delegating permissions
> Cmnd_Alias DELEGATING
> = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp 
> 
> ## Processes
> Cmnd_Alias PROCESSES
> = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
> 
> ## Drivers
> Cmnd_Alias DRIVERS = /sbin/modprobe
> 
> # Defaults specification
> 
> #
> # Disable "ssh hostname sudo <cmd>", because it will show the password
> in clear. 
> #         You have to run "ssh -t hostname sudo <cmd>".
> #
> Defaults    requiretty
> 
> #Defaults    env_reset
> Defaults     !env_reset
> #Defaults    env_keep =  "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC
> KDEDIR LS_COLORS"
> #Defaults    env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS
> LC_CTYPE"
> #Defaults    env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT
> LC_MESSAGES"
> #Defaults    env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER
> LC_TELEPHONE"
> #Defaults    env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET
> XAUTHORITY"
> Defaults    env_keep += "PATH"
> 
> ## Next comes the main part: which users can run what software on 
> ## which machines (the sudoers file can be shared between multiple
> ## systems).
> ## Syntax:
> ##
> ##      user    MACHINE=COMMANDS
> ##
> ## The COMMANDS section may have other options added to it.
> ##
> ## Allow root to run any commands anywhere 
> root    ALL=(ALL)       ALL
> 
> ## Allows members of the 'sys' group to run networking, software, 
> ## service management apps and more.
> # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING,
> PROCESSES, LOCATE, DRIVERS
> 
> ## Allows people in group wheel to run all commands
> # %wheel        ALL=(ALL)       ALL
> 
> ## Same thing without a password
> # %wheel        ALL=(ALL)       NOPASSWD: ALL
> 
> ## Allows members of the users group to mount and unmount the 
> ## cdrom as root
> # %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
> 
> ## Allows members of the users group to shutdown this system
> # %users  localhost=/sbin/shutdown -h now
> 
> stevet  ALL=(ALL)       ALL
> 
> 
> 
> ____________________________________________________________ 
> sudo-users mailing list <sudo-users at sudo.ws>
> For list information, options, or to unsubscribe, visit:
> http://www.sudo.ws/mailman/listinfo/sudo-users

More information about the sudo-users mailing list