[Bug 720181] New: sudo -i unsets $DISPLAY - but manpage says it doesn't
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c0 Summary: sudo -i unsets $DISPLAY - but manpage says it doesn't Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: vcizek@suse.com ReportedBy: suse-beta@cboltz.de QAContact: qa@suse.de CC: puzel@suse.com Found By: Beta-Customer Blocker: ---
From man sudo(8):
-i [command] [...] It also initializes the environment, leaving DISPLAY and TERM unchanged, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ setting HOME, MAIL, SHELL, USER, LOGNAME, and PATH, as well as the contents of /etc/environment on Linux and AIX systems. All other environment variables are removed. That's the theory. Now see what happens in practise: # env |grep DISPLAY DISPLAY=:0 # sudo -i env | grep DISPLAY root's password: # (nothing) This might be an openSUSE only problem - John Johansen told me that Sudo 1.7.4p6 on Ubuntu keeps the DISPLAY env variable. Yes, the version he uses is newer than what 11.4 has, but the upstream sudo changelog doesn't include anything that would match this bug. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c1 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@suse.com --- Comment #1 from Ludwig Nussel <lnussel@suse.com> 2011-09-26 16:11:15 CEST --- bug in man page. Keeping DISPLAY alone won't work anyways. You also need to handle display cookies etc. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c2 --- Comment #2 from Christian Boltz <suse-beta@cboltz.de> 2011-09-26 20:04:54 CEST --- (In reply to comment #1)
bug in man page. Keeping DISPLAY alone won't work anyways. You also need to handle display cookies etc.
I'm not sure about that ;-) I stumbled over this because aa-notify didn't display any notifications when started with sudo, and calling it with sudo DISPLAY="$DISPLAY" HOME="$HOME" aa-notify -p (which hands over the user's $DISPLAY and $HOME) works... For the records: - aa-notify uses /usr/bin/notify-send which uses DBUS. - you'll need the latest packages from security:apparmor:factory (or chmod 750 /var/log/audit/) if you want to test it - aa-notify was buggy in 11.4 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c3 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED CC| |vcizek@suse.com --- Comment #3 from Vitezslav Cizek <vcizek@suse.com> 2011-10-04 14:16:37 CEST --- Even the upstream sudo doesn't keep DISPLAY variable. The TERM variable is left unchanged. So this is a bug in the manual. It works on Ubuntu because of a Debian patch. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c4 Martin Konold <external.martin.konold@de.bosch.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |external.martin.konold@de.b | |osch.com --- Comment #4 from Martin Konold <external.martin.konold@de.bosch.com> 2011-10-10 11:17:13 CEST --- There is a regression between sudo-1.7.2p7-2.1.1.i586.rpm and sudo-1.7.6p2-0.3.1.i586.rpm on at least OpenSuSE 11.3. Both rpms have been distributed via the regular update channel. sudo-1.7.2p7-2.1.1.i586.rpm works with respect to X11 display handling sudo-1.7.6p2-0.3.1.i586.rpm does not work anymore Yours, -- martin -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c5 --- Comment #5 from Vitezslav Cizek <vcizek@suse.com> 2011-11-04 18:38:35 CET --- You can easily achieve the old behaviour by adding DISPLAY to env_keep in sudoers, thus sudo will preserve the DISPLAY in the user's environment. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c9 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |NEEDINFO InfoProvider| |maintenance@opensuse.org --- Comment #9 from Vitezslav Cizek <vcizek@suse.com> 2011-12-06 19:07:40 CET --- Ok, let's go Ludwig's way for manpage update. Maintenance. you can start one. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c10 --- Comment #10 from Vitezslav Cizek <vcizek@suse.com> 2011-12-06 19:08:39 CET --- Otherwise WONTFIX. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c11 Benjamin Brunner <bbrunner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |ASSIGNED InfoProvider|maintenance@opensuse.org | --- Comment #11 from Benjamin Brunner <bbrunner@suse.com> 2011-12-12 19:07:32 CET --- Vitezslav, please commit the manpage fix to openSUSE:12.1:Update:Test. I'll start an update. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c12 --- Comment #12 from Benjamin Brunner <bbrunner@suse.com> 2011-12-12 19:11:49 CET --- Oh, sorry. It's for 11.3 and 11.4. I will provide a SWAMPID. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c13 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard| |maint:running:44545:low --- Comment #13 from Swamp Workflow Management <swamp@suse.de> 2011-12-12 18:14:13 UTC --- The SWAMPID for this issue is 44545. This issue was rated as low. Please submit fixed packages until 2012-01-09. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/44545 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c14 Vitezslav Cizek <vcizek@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #14 from Vitezslav Cizek <vcizek@suse.com> 2011-12-13 09:54:07 CET --- Packages and patchinfo submitted. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c15 --- Comment #15 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-12-13 10:00:09 CET --- This is an autogenerated message for OBS integration: This bug (720181) was mentioned in https://build.opensuse.org/request/show/96414 11.3 / sudo https://build.opensuse.org/request/show/96416 11.4 / sudo -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:44545:low |maint:running:44545:low | |maint:planned:update -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:44545:low |maint:running:44545:low | |maint:planned:update -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c17 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:44545:low |maint:running:44545:low |maint:planned:update |maint:released:11.3:44558 | |maint:released:11.4:44558 --- Comment #17 from Swamp Workflow Management <swamp@suse.de> 2011-12-19 11:04:40 UTC --- Update released for: sudo, sudo-debuginfo, sudo-debugsource Products: openSUSE 11.3 (debug, i586, x86_64) openSUSE 11.4 (debug, i586, x86_64) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c18 Benjamin Brunner <bbrunner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REOPENED |RESOLVED Resolution| |FIXED --- Comment #18 from Benjamin Brunner <bbrunner@suse.com> 2011-12-19 12:05:45 CET --- Resolved fixed -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:running:44545:low |maint:released:11.3:44558 |maint:released:11.3:44558 |maint:released:11.4:44558 |maint:released:11.4:44558 | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c19 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |swamp@suse.de Status Whiteboard|maint:released:11.3:44558 |maint:released:11.3:44558 |maint:released:11.4:44558 |maint:released:11.4:44558 | |maint:running:44733:low --- Comment #19 from Swamp Workflow Management <swamp@suse.de> 2011-12-28 17:06:53 UTC --- The SWAMPID for this issue is 44733. This issue was rated as low. Please submit fixed packages until 2012-01-25. Also create a patchinfo file using this link: https://swamp.suse.de/webswamp/wf/44733 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=720181 https://bugzilla.novell.com/show_bug.cgi?id=720181#c Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status Whiteboard|maint:released:11.3:44558 |maint:released:11.3:44558 |maint:released:11.4:44558 |maint:released:11.4:44558 |maint:running:44733:low | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com