sudo overwrites sudoers after dist-upgrade

Bug #761689 reported by Ahmed Soliman
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sudo (Ubuntu)
Fix Released
Critical
Michael Vogt
Natty
Fix Released
Critical
Michael Vogt

Bug Description

Binary package hint: sudo

start with ami-46906c2f on amazon ec2, apt-get update; apt-get dist-upgrade; reboot
and sudo asks for a password.

This probably happens because sudoers is overwritten and we lose the 'ubuntu' user entry

Related branches

Scott Moser (smoser)
tags: added: ec2-images uec-images
Revision history for this message
Scott Moser (smoser) wrote :

I can confirm this.
  I'm not really sure how this fails, or why we didn't see it before. It would seem to be a regression (by changelog inspection) 1.7.4p4-5ubuntu5 .
  ec2-images have a custom /etc/sudoers. It takes the default sudoers (well, a default from some point) and adds
|
| # ubuntu user is default user in ec2-images.
| # It needs passwordless sudo functionality.
| ubuntu ALL=(ALL) NOPASSWD:ALL

The images most certainly should use a sudoers.d entry, but I dont think that this existed at some point in the past, or I wasn't aware of it. Either way, this completely breaks instance as there is no other way into root by default.

Changed in sudo (Ubuntu):
importance: Undecided → Critical
milestone: none → ubuntu-11.10
status: New → Confirmed
Revision history for this message
Scott Moser (smoser) wrote : apport information

Architecture: amd64
DistroRelease: Ubuntu 11.04
Ec2AMI: ami-46906c2f
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1b
Ec2InstanceType: t1.micro
Ec2Kernel: aki-427d952b
Ec2Ramdisk: unavailable
Package: sudo 1.7.4p4-5ubuntu5
PackageArchitecture: amd64
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcVersionSignature: User Name 2.6.38-8.42-virtual 2.6.38.2
Tags: natty ec2-images
Uname: Linux 2.6.38-8-virtual x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm admin audio cdrom dialout dip floppy plugdev video
VisudoCheck: /etc/sudoers: parsed OK

tags: added: apport-collected natty
Revision history for this message
Scott Moser (smoser) wrote : Dependencies.txt

apport information

Revision history for this message
Scott Moser (smoser) wrote : Sudoers.txt

apport information

Scott Moser (smoser)
Changed in sudo (Ubuntu):
milestone: ubuntu-11.10 → ubuntu-11.04
description: updated
Michael Vogt (mvo)
Changed in sudo (Ubuntu):
status: Confirmed → In Progress
assignee: nobody → Michael Vogt (mvo)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sudo - 1.7.4p4-5ubuntu7

---------------
sudo (1.7.4p4-5ubuntu7) natty; urgency=low

  * debian/sudo.preinst:
    - do not consider the ec2 vmbuilder default sudoers file
      verbatim as its actually customized (LP: #761689)
 -- Michael Vogt <email address hidden> Fri, 15 Apr 2011 16:40:10 +0200

Changed in sudo (Ubuntu Natty):
status: In Progress → Fix Released
Revision history for this message
Scott Moser (smoser) wrote :

I opened bug 768625 to address ec2/uec images a little better.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.