[Bug 1686803] Re: sudo returns exit code 0 if child is killed with SIGTERM

Mon Jun 10 19:08:57 UTC 2019

Hey, I'm not sure this was ever fixed in Xenial. Seems to still be bad.

`pwoodman at iad4c-ra16-40b:~$ sudo sleep 300; echo $?
0
pwoodman at iad4c-ra16-40b:~$ sleep 300; echo $?
Terminated
143
pwoodman at iad4c-ra16-40b:~$ apt-cache policy sudo
sudo:
  Installed: 1.8.16-0ubuntu1.6
  Candidate: 1.8.16-0ubuntu1.6
  Version table:
 *** 1.8.16-0ubuntu1.6 500
        500 http://apt-u16-iad.vip.dbxnw.net/annex-apt-xenial/apt/xenial xenial-security/main amd64 Packages
        500 http://apt-u16-iad.vip.dbxnw.net/annex-apt-xenial/apt/xenial xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     1.8.16-0ubuntu1.3dbx11 500
        500 http://apt-u16-iad.vip.dbxnw.net/annex-apt-dbx-xenial/apt/dbx-xenial dbx-xenial/main amd64 Packages
     1.8.16-0ubuntu1 500
        500 http://apt-u16-iad.vip.dbxnw.net/annex-apt-xenial/apt/xenial xenial/main amd64 Packages
pwoodman at iad4c-ra16-40b:~$ sudo apt install sudo=1.8.16-0ubuntu1.3dbx11
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libwireshark6 libwiretap5 libwsutil6 linux-headers-4.4.0-133 linux-headers-4.4.0-133-generic
Use 'sudo apt autoremove' to remove them.
The following packages will be DOWNGRADED:
  sudo
0 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 193 not upgraded.
Need to get 1,003 kB of archives.
After this operation, 1,268 kB of additional disk space will be used.
Get:1 http://apt-u16-iad.vip.dbxnw.net/annex-apt-dbx-xenial/apt/dbx-xenial dbx-xenial/main amd64 sudo amd64 1.8.16-0ubuntu1.3dbx11 [1,003 kB]
Fetched 1,003 kB in 0s (14.7 MB/s)
dpkg: warning: downgrading sudo from 1.8.16-0ubuntu1.6 to 1.8.16-0ubuntu1.3dbx11
(Reading database ... 327971 files and directories currently installed.)
Preparing to unpack .../sudo_1.8.16-0ubuntu1.3dbx11_amd64.deb ...
Unpacking sudo (1.8.16-0ubuntu1.3dbx11) over (1.8.16-0ubuntu1.6) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up sudo (1.8.16-0ubuntu1.3dbx11) ...
pwoodman at iad4c-ra16-40b:~$ sleep 300; echo $?
Terminated
143
pwoodman at iad4c-ra16-40b:~$ sudo sleep 300; echo $?
Terminated
143```

that other package is our own local fix.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sudo in Ubuntu.
https://bugs.launchpad.net/bugs/1686803

Title:
  sudo returns exit code 0 if child is killed with SIGTERM

Status in sudo:
  Unknown
Status in sudo package in Ubuntu:
  Fix Released
Status in sudo source package in Xenial:
  Fix Released
Status in sudo source package in Yakkety:
  Won't Fix
Status in sudo source package in Zesty:
  Fix Released
Status in sudo source package in Artful:
  Fix Released

Bug description:
  [Impact]

   * sudo returns exit code 0 if child is killed with signals other than SIGINT
   * This can break scripts assuming successful execution of the command ran by
     sudo

  [Test Case]

   * Open two separate shells
     1. In shell 1. run:
       ubuntu at tough-calf:~$ sudo sleep 300; echo $?
     2. In shell 2. run:
       root at tough-calf:~# killall -TERM sleep
     3. In broken versions shell 1. shows this:
       ubuntu at tough-calf:~$ sudo sleep 300; echo $?
       0

     4. Install fixed version
     5. Execute steps 1. and 2.
     6. In fixed version shell 1. shows this:
       ubuntu at tough-calf:~$ sudo sleep 300; echo $?
       Terminated
       143

  [Regression Potential]

   *  sudo may exit with a different status than expected

  [Other Info]

  original bug description:

  Please backport upstream sudo changeset 10917:50b988d0c97f "The fix
  for Bug #722 contained a typo/thinko that resulted in the" to xenial,
  yakkety, and zesty versions of sudo.

  This will fix a regression documented by this upstream bug report:
  https://bugzilla.sudo.ws/show_bug.cgi?id=784

  sudo 1.8.15 changeset 10229:153f016db8f1 "When the command sudo is
  running is killed by a signal, sudo will" introduced a regression
  where the exit status is always 0 when a command is killed by a signal
  other than SIGINT. https://www.sudo.ws/repos/sudo/rev/153f016db8f1

  This will be fixed in sudo 1.8.20 with changeset 10917:50b988d0c97f
  "The fix for Bug #722 contained a typo/thinko that resulted in the".
  https://www.sudo.ws/repos/sudo/rev/50b988d0c97f

  trusty sudo is based off sudo 1.8.9 and is not affected. xenial sudo
  based off sudo 1.8.16, yaketty sudo based off sudo 1.8.16, and zesty
  sudo based off 1.8.19 need the fix.

To manage notifications about this bug go to:
https://bugs.launchpad.net/sudo/+bug/1686803/+subscriptions