search

sudo-project / sudo

Utility to execute a command as another user
https://www.sudo.ws
Other
1.15k stars 208 forks source link

Defaults log_subcmds - sh: intercept port not set #300

Closed markuman closed 11 months ago

markuman commented 11 months ago

When I set Defaults log_subcmds, sudo apt update results in errors.

~$ sudo apt update
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: 1: id: Permission denied
sh: 1: [: -ne: unexpected operator
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: 1: systemctl: Permission denied
Hit:1 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu jammy-updates InRelease       
Hit:3 http://eu-central-1.ec2.archive.ubuntu.com/ubuntu jammy-backports InRelease     
Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease                                     
Hit:5 https://repo.zabbix.com/zabbix-agent2-plugins/1/ubuntu jammy InRelease                         
Hit:6 https://repo.zabbix.com/zabbix/6.0/ubuntu jammy InRelease
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: intercept port not set
sh: 1: apt-show-versions: Permission denied
Reading package lists... Done
E: Problem executing scripts APT::Update::Post-Invoke-Success 'test -x /usr/bin/apt-show-versions || exit 0 ; apt-show-versions -i'
E: Sub-process returned an error code

setup with ansible

- name: package facts
  ansible.builtin.package_facts:

 - name: sudoers - log subcmds
   when: "ansible_facts.packages['sudo'] | map(attribute='version') | first is version('1.9.8', '>=')"
   ansible.builtin.copy:
     dest: /etc/sudoers.d/00-log-subcmds
     content: |
       Defaults log_subcmds

os details

~$ cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

~$ sudo --version
Sudo version 1.9.9
Sudoers policy plugin version 1.9.9
Sudoers file grammar version 48
Sudoers I/O plugin version 1.9.9
Sudoers audit plugin version 1.9.9

~$ uname -a
Linux uws 6.2.0-1009-aws #9~22.04.3-Ubuntu SMP Tue Aug  1 21:11:51 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
markuman commented 11 months ago

It seems that 1.9.14 has fixed the issue...

millert commented 11 months ago

Closing since this was fixed in later versions of sudo.