Solved sudo segmentation fault

tolbrino

New Member


Messages: 4

I'm running into an issue with sudo where any invocation leads to a segmentation fault. I'm not sure yet whether this has to do with my setup, thus my question whether anybody else is running into a similar issue.

Setup

Host: macOS 10.12.6
VirtualBox: 5.1.26 via Vagrant 1.9.8
Vagrant Box: freebsd/FreeBSD-11.1-STABLE 2017.08.29
sudo: 1.8.21
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,409
Messages: 29,985

You must have something weird in the sudoers(5) file. I've never managed to get sudo(8) to crash.
 

bsdmonkey

New Member

Reaction score: 1
Messages: 4

Seems like sudo will segfault on official FreeBSD STABLE (but not RELEASE) Vagrant boxes if a hostname isn't set. Problem is Vagrant uses sudo to set any hostname specified in the Vagrantfile or run any shell commands.

Setting it manually worked for me:
Code:
vagrant up (fails when sudo crashes)
vagrant ssh
su (password vagrant)
sysrc hostname=myhost.local (modifies rc.conf)
halt -p
vagrant up --provision
Here's a sudo stacktrace from the current FreeBSD-10.3-STABLE box:
Code:
#0  0x0000000800fb238b in strlen () from /lib/libc.so.7
#1  0x0000000800efe942 in strdup () from /lib/libc.so.7
#2  0x0000000801c18de8 in ?? () from /usr/local/libexec/sudo/sudoers.so
#3  0x0000000801c1d395 in ?? () from /usr/local/libexec/sudo/sudoers.so
#4  0x0000000801c1a1dc in ?? () from /usr/local/libexec/sudo/sudoers.so
#5  0x0000000000411c5c in unsetenv ()
#6  0x0000000000404bdf in ?? ()
#7  0x000000080063c000 in ?? ()
#8  0x0000000000000000 in ?? ()
Perhaps the default hostname is being passed to strlen here, and it isn't really null even though `hostname` prints an empty string.

My /usr/local/etc/sudoers just contains:
Code:
vagrant ALL=(ALL) NOPASSWD: ALL
I wonder if there is a quick way to turn a RELEASE install into a STABLE install as I only need some STABLE packages and would rather have the provisioning fully automated.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,409
Messages: 29,985

I wonder if there is a quick way to turn a RELEASE install into a STABLE install as I only need some STABLE packages and would rather have the provisioning fully automated.
All versions (10.x, 11.x, 12.x, X-RELEASE, X-STABLE, etc) use the same ports tree. There is no difference in ports/packages.
 

bsdmonkey

New Member

Reaction score: 1
Messages: 4

SirDice, don't different packages get built for different ABIs and releases from the same ports tree?

The default pkg repo is configured here:

/etc/pkg/FreeBSD.conf

Relevant line on FreeBSD-10.3-STABLE:
Code:
url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",
On FreeBSD-10.3-RELEASE:
Code:
url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly",
I'd like to install gitlab on RELEASE, but that only exists in the STABLE repo.. maybe I should just change 'quarterly' to 'latest' as the ABI is the same.
 

bsdmonkey

New Member

Reaction score: 1
Messages: 4

I tried to edit my last comment to remove superfluous blank lines but my revision wasn't accepted as it 'may be spam-like or contain inappropriate elements'?

Edit: Fine now.
 

bsdmonkey

New Member

Reaction score: 1
Messages: 4

I think this is because of a change to security/sudo on line 85 of plugins/sudoers/policy.c

sudo-1.8.20 works:
Code:
#define MATCHES(s, v)    \
      (strncmp((s), (v), sizeof(v) - 1) == 0))
But sudo-1.8.21 crashes, as further down it calls strdup with a null user_host because no user_info field successfully MATCHES "host=" if the hostname is an empty string.
Code:
#define MATCHES(s, v)    \
      (strncmp((s), (v), sizeof(v) - 1) == 0) && (s)[sizeof(v) - 1] != '\0')
I don't think sudo should crash if the hostname is empty, but maybe FreeBSD should have a default hostname=localhost in the official Vagrant rc.conf?
 

scottro

Daemon

Reaction score: 486
Messages: 1,389

I just ran into this myself. I don't use vagrant. I have a test machine, where I never gave it a hostname, and after an update sudo segfaulted without any obvious reason. So this is a change in sudo, regardless of use. If the machine doesn't have a hostname, it will segfault.

I dislike the choice, seems very Linux-y. Let's break something and make no mention of it, because of COURSE they should have a host name and we know best.

There should at least be a mention in /usr/ports/UPDATING, but I guess it's an edge case. (Actually I hadn't even realized that the test box hadn't defaulted to something like localhost till I ran into this and found this thread.).
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,409
Messages: 29,985

I don't think sudo should crash if the hostname is empty,
This is the cause and it should be fixed there. So it's a bug in sudo. At the very least it should ignore it and at most produce an error but it should never crash.

(I'm wondering if this bug could potentially be exploited by feeding it a bogus hostname)
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 7,409
Messages: 29,985

SirDice, don't different packages get built for different ABIs and releases from the same ports tree?
Packages are built for specific versions of FreeBSD, yes. Which means there's no version differences of packages between -STABLE or -RELEASE.

It was a response to this:
wonder if there is a quick way to turn a RELEASE install into a STABLE install as I only need some STABLE packages and would rather have the provisioning fully automated.
Switching to -STABLE just for the packages doesn't make sense because the version of those packages will be exactly the same. That's what I meant with "they are the same".

Switching between latest and quarterly doesn't depend on -STABLE or -RELEASE. Only the default setting is different (-STABLE has latest by default, -RELEASE quarterly) but you can just as easily switch a -RELEASE version to latest. You don't need to switch to -STABLE just for that.
 
Top