[Bug 2127766] Re: snap run --strace doesn't work with sudo-rs [sudo -E not supported]
Maciej Borzecki
2127766 at bugs.launchpad.net
Wed Dec 3 12:42:27 UTC 2025
2.72 on 26.04:
root at u1:~# snap version
snap 2.72+ubuntu26.04.1
snapd 2.72+ubuntu26.04.1
series 16
ubuntu 26.04
kernel 6.17.0-6-generic
architecture amd64
root at u1:~# snap install hello
2025-12-03T12:36:04Z INFO Waiting for automatic snapd restart...
hello 2.10 from Canonical✓ installed
root at u1:~# su - ubuntu
ubuntu at u1:~$ snap run hello
Hello, world!
ubuntu at u1:~$ snap run --strace hello
warning: preserving the entire environment is not supported, `-E` is ignored
error: exit status 1
2.73 on 26.04:
ubuntu at u1:~$ snap version
snap 2.73+ubuntu26.04.1
snapd 2.73+ubuntu26.04.1
series 16
ubuntu 26.04
kernel 6.17.0-6-generic
architecture amd64
ubuntu at u1:~$ dpkg -l sudo-rs
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-===============-============-======================================
ii sudo-rs 0.2.10-1ubuntu1 amd64 Rust-based sudo and su implementations
ubuntu at u1:~$ snap run --strace hello
/usr/bin/strace: Process 3032 attached
--- stopped by SIGSTOP ---
--- SIGCONT {si_signo=SIGCONT, si_code=SI_USER, si_pid=3023, si_uid=1000} ---
[pid 3032] execve("/snap/hello/42/snap/command-chain/snapcraft-runner", ["/snap/hello/42/snap/command-chai"..., "/snap/hello/42/bin/hello"], 0xc000158780 /* 37 vars */ <unfinished ...>
[pid 3042] <... futex resumed>) = ?
[pid 3042] +++ exited with 0 +++
[pid 3041] +++ exited with 0 +++
<... execve resumed>) = 0
brk(NULL) = 0x63b0d576a000
arch_prctl(0x3001 /* ARCH_??? */, 0x7fffff1f07f0) = -1 EINVAL (Invalid argument)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
....
fstat(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
write(1, "Hello, world!\n", 14Hello, world!
) = 14
close(1) = 0
close(2) = 0
exit_group(0) = ?
+++ exited with 0 +++
Can confirm the workaround is applied with snapd 2.73.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rust-sudo-rs in Ubuntu.
https://bugs.launchpad.net/bugs/2127766
Title:
snap run --strace doesn't work with sudo-rs [sudo -E not supported]
Status in snapd:
Fix Committed
Status in rust-sudo-rs package in Ubuntu:
Won't Fix
Status in snapd package in Ubuntu:
New
Bug description:
[SRU] 2.73:
https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/2132084
[ Impact ]
Only impacts Ubuntu 25.10+
With sudo-rs, -E` is ignored, which breaks snapd run --strace.
[ Test Plan ]
1. Reproduce with snapd snap < 2.73
- Ensure sudo-rs installed
- Run: snap run --strace <snap>.<app>
- Expect: warning: preserving the entire environment is not supported, `-E` is ignored
2. Prove fixed with snapd snap 2.73
- Ensure sudo-rs installed
- Run: snap run --strace <snap>.<app>
- Expect: No warning
---original---
sudo-rs became the default sudo in 25.10, which broke this snap run
--strace,
$ snap run --strace <snap>.<app>
warning: preserving the entire environment is not supported, `-E` is ignored
[sudo: authenticate] Password:
error: exit status 1
It does work if I switch back to GNU Coreutils' sudo. The reason being
many required environment variables are no longer passed through, and
the strace fails due to SNAP_INSTANCE_NAME not being set, before we
get to execve'ing the snap application itself.
I commented on this use case in the sudo-rs issue tracker:
https://github.com/trifectatechfoundation/sudo-rs/issues/1299
Maybe snapd needs to have a whitelist of environment variables?
To manage notifications about this bug go to:
https://bugs.launchpad.net/snapd/+bug/2127766/+subscriptions
More information about the foundations-bugs
mailing list