Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use_pty option causes terminal to stop working correctly after running simple script #237

Closed
holme-r opened this issue Feb 2, 2023 · 3 comments
Closed

use_pty option causes terminal to stop working correctly after running simple script #237

holme-r opened this issue Feb 2, 2023 · 3 comments

Comments

@holme-r
Copy link

holme-r commented Feb 2, 2023

After running the following innocuous looking shell script, the terminal stops working correctly and I have to type 'reset' to recover it:

#!/bin/bash
sudo sleep 1 &
python3 -c 'print("hi")'

I ran the script as a non-root user without sudo (i.e. just ./my-script, not sudo ./my-script)
On a fresh install of Ubuntu 22.10, after running the script, the terminal stops echoing characters that you type.
On Ubuntu 22.04, carriage returns don't result in correct placement of characters (you see zig zag lines of text instead of columns).

I managed to fix the issue by turning off the use-pty option in /etc/sudoers

On Ubuntu 22.10:
Sudo version 1.9.11p3
Sudoers policy plugin version 1.9.11p3
Sudoers file grammar version 48
Sudoers I/O plugin version 1.9.11p3
Sudoers audit plugin version 1.9.11p3
@millert
Copy link
Collaborator

millert commented Feb 3, 2023

The problem is that sudo cannot easily tell that the command is being run in the background when it is run from a shell script where there is no job control. A workaround is to add set -m to the script which will result in sudo being run in its own (background) process group. I'm testing a new heuristic to handle this case that will hopefully make it into sudo 1.9.13.

millert added a commit that referenced this issue Feb 3, 2023
@millert
Better background job detection when running a command in a pty.
7cb23c8 
If sudo is not the process group leader and stdin is not a tty, we
may be running as a background job via a shell script.  Start the
command in the background to avoid changing the terminal mode from
a background process.  GitHub issue #237
millert added a commit that referenced this issue Feb 5, 2023
@millert
Mention the fix for GitHub #237.
cfa1fee
@millert
Copy link
Collaborator

millert commented Feb 14, 2023

This should be fixed in sudo 1.9.13.

@millert millert closed this as completed Feb 14, 2023
@hartwork
Copy link

I managed to fix the issue by turning off the use_pty option in /etc/sudoers

For anyone coming here later, please note that turning off use_pty could expose you to privilege escalation via TIOCSTI or TIOCLINUX based command injection, depending e.g. on how your kernel is configured. ttyjack can be used to see that in action.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@millert @hartwork @holme-r