On Thu, 27 Oct 2022 at 04:52, Chris Rapier <rapier@xxxxxxx> wrote: [...] > Again, it looks there was a change in the wording and exit codes. > Possibly related to sudo? On 20.04 sudo is version 1.8.31. Under 22.04 > it's version 1.9.9. Seems like it might also be causing problems in > agent-restrict. I just ran into this on a new Ubuntu install. I'd previously worked with Val Baranov off-list debugging a similar problem and wrote some additional logging for the test, however I never got around to committing it until now. It does indeed seem to be a problem with sudo-1.9.9: it prompts for a password for a command with a full path even though the (stock, in this case) configuration says not to. It seems to be fixed in sudo 1.9.11. I'm not sure what can be done other than updating sudo or skipping these tests with known affected versions. %sudo ALL=(ALL:ALL) NOPASSWD: ALL $ sudo --version | head -1 # Ubuntu 22.04 Sudo version 1.9.9 $ </dev/null sudo -S -u nobody id uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) $ cp `which id` . && </dev/null sudo -S -u nobody `pwd`/id [sudo] password for builder: sudo: no password was provided sudo: a password is required $ sudo --version | head -1 # Debian sid Sudo version 1.9.11p3 $ </dev/null sudo -u nobody id uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) $ cp `which id` .; </dev/null sudo -u nobody `pwd`/id uid=65534(nobody) gid=65534(nogroup) groups=65534(nogroup) -- Darren Tucker (dtucker at dtucker.net) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev