Ubuntu
smb4k package

using the super user tab breaks /etc/sudoers

Bug #238011 reported by Lee Garrett
2
Affects Status Importance Assigned to Milestone
smb4k (Ubuntu)
Fix Released
High
Unassigned

Bug Description

Binary package hint: smb4k

Before, my /etc/sudoers file looks like this:
root@batou:/etc# cat sudoers.before
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
# Defaults

Defaults !lecture,tty_tickets,!fqdn

# Uncomment to allow members of group sudo to not need a password
# %sudo ALL=NOPASSWD: ALL

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

If I configure smb4k to use sudo and it edits the file, it looks like this:
root@batou:/etc# cat sudoers.after
passprompt
# /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the man page for details on how to write a sudoers file.
# Defaults

Defaults !lecture,tty_tickets,!fqdn

# Uncomment to allow members of group sudo to not need a password
# %sudo ALL=NOPASSWD: ALL

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root ALL=(ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Entries for Smb4K users.
# Generated by Smb4K. Please do not modify!
User_Alias SMB4KUSERS = randall
Defaults:SMB4KUSERS env_keep += "PASSWD USER"
SMB4KUSERS batou = NOPASSWD: /usr/bin/smb4k_kill
SMB4KUSERS batou = NOPASSWD: /usr/bin/smb4k_umount
SMB4KUSERS batou = NOPASSWD: /usr/bin/smb4k_mount
# End of Smb4K user entries.

Note the first line being "passprompt" which is not a valid /etc/sudoers line, and will break various other apps on an Ubuntu system. But even commenting out that line will make smb4k still unusable, as it won't mount smb shares.

I just noticed that if you type in the wrong password, following lines will show up at the top of /etc/sudoers ...

passprompt

Sorry, try again.
passprompt

Sorry, try again.
passprompt

# /etc/sudoers
#

Obviously this one is a no-go as this will render the system unusable. People won't be able to start a package manager or even use sudo to edit the /etc/sudoers file back!

If you need any help with reproducing this bug on your system, just send me a mail and we'll work it out.

Kind regards,
Lee

Related branches

lp:ubuntu/karmic/smb4k
Revision history for this message
William Grant (wgrant) wrote :

Which version of Ubuntu and smb4k are you using? Please also give us reproduction instructions in this bug.

Changed in smb4k:
importance: Undecided → High
status: New → Incomplete
Revision history for this message
Lee Garrett (leegarrett) wrote :

I'm using Kubuntu 8.04. Version string of smb4k is "0.9.3-0ubuntu1".

I installed smb4k and went to Settings --> Configure Smb4K, then I click on Super User and select sudo, and klick ok. After that a window pops up, asking for the password. I type in my user password and after that /etc/sudoers is broken. Luckily I had my root password set so I could use su.

Kind regards,
Lee

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package smb4k - 0.10.1-0ubuntu1

---------------
smb4k (0.10.1-0ubuntu1) jaunty; urgency=low

  * New upstream release for KDE 4
  * Closes
    - (LP: #238011)
    - (LP: #248510)
    - (LP: #261803)
    - (LP: #262225)
    - (LP: #275539)
  * Updated debian/
    - control: updated for new deps and removed old deps, bumped versions,
      modified Maintainer
    - rules: removed all but the kde4.mk for cdbs

 -- <email address hidden> (Richard A. Johnson) Sun, 23 Nov 2008 12:14:34 -0600

Changed in smb4k:
status: Incomplete → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.