[SOLVED/Upstream bug] Cannot use rnano as visudo editor

seth · 2021-09-27 19:12:25

nano will inspect the name of the binary to determine the restricted mode (ie. eg. symlinking it to /usr/bin/superrestrictednano would still execute regular nano) - that's a common code pattern.
Can you mount eg. an ext4 usb key and copy /mnt/bin/nano, /mnt/bin/rnano and try that as visudo editor (to the the btrfs partition out of the equation as much as possible)?

https://wiki.archlinux.org/title/Btrfs#btrfs_check - do NOT casually use "--repair", we just want to know whether there're some detectable problems.

Cvlc · 2021-09-27 21:27:16

copied them to /boot (FAT 32); this time even /boot/nano isn't found. it's like the only possible valid value is /usr/bin/nano
running /boot/rnano works as expected (restricted)

seth · 2021-09-28 06:32:15

***grummelbrummelgrummelbrummelgrummelbrummelgrummelbrummel***

echo $SUDO_EDITOR $VISUAL $EDITOR

Cvlc · 2021-09-28 07:53:31

$SUDO_EDITOR is undefined
$VISUAL $EDITOR are set to nano

seth · 2021-09-28 13:21:54

VISUAL=rnano EDITOR=rnano visudo

?

Cvlc · 2021-09-28 14:19:45

$ VISUAL=rnano EDITOR=rnano visudo
visudo: no editor found (editor path = /usr/bin/rnano)

VISUAL and EDITOR are ignored due to !env_editor. if I remove the line, then EDITOR / VISUAL is respected as long as I don't pass it rnano

Last edited by Cvlc (2021-09-28 14:23:59)

seth · 2021-09-28 14:24:16

Supposedly. There must be *some* bug in sudo's editor filtering, so we're using the BGF ;-)

Last edited by seth (2021-09-28 14:24:33)

Cvlc · 2021-09-28 15:43:05

Just reproduced my whole setup in a VM, and visudo with rnano works as expected.
Insults still don't work though, so that confirms that it's unrelated.

This is crazy !

[edit]
well actually, not my whole setup, I didn't install Gnome in the VM. the rest is mostly the same

Last edited by Cvlc (2021-09-28 15:44:25)

Cvlc · 2021-09-28 16:04:15

OK I think it has something to do with the environment variables.
because

# EDITOR=/usr/bin/rnano visudo

works together with

env_reset,editor=/usr/bin/rnano, !env_editor

in sudoers file.

For some reason, rnano has to be set with EDITOR= to the same value it is configured with editor= in the sudoers file, otherwise it conflicts....

[EDIT]
And YES, removing EDITOR=nano / VISUAL = nano from /etc/environment solves it......!!!

so I guess it's a bug ?

(btw I had set them to nano following Nano#Replacing_vi_with_nano )

Last edited by Cvlc (2021-09-28 16:12:58)

seth · 2021-09-29 14:22:31

# EDITOR=/usr/bin/rnano visudo

Here's btw. the difference, I ran "sudo visudo" all the time…

% sudo -i
# echo $EDITOR
vim
# LC_ALL=C visudo
visudo: no editor found (editor path = /usr/bin/rvim)
# EDITOR= visudo # works
# SUDO_EDITOR=rvim visudo # works as well

plugins/sudoers/editor.c starts find_editor(.) by testing $SUDO_EDITOR, $VISUAL and $EDITOR and that seems to skew the resolution.
Setting EDITOR to a bogus value ("gnarf") doesn't work either, so hitting ENOENT doesn't help here.

For more I'd have to compile sudo and debug it, but it certainly seems like a bug in sudo to not resolve a collision between def_editor and env_editor in favor of the former.

Cvlc · 2021-09-29 14:37:42

Alright then, should I file a bug ?

For my use case I'll just set EDITOR to rnano and that should work, but still not satisfactory.

seth · 2021-09-29 14:38:23

https://bugzilla.sudo.ws/show_bug.cgi?id=1000

Cvlc · 2021-09-29 14:55:18

haha just found it was about to post back

thanks for doing it and for taking the time for such a stupid issue

Arch Linux

#26 2021-09-27 19:12:25

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#27 2021-09-27 21:27:16

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#28 2021-09-28 06:32:15

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#29 2021-09-28 07:53:31

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#30 2021-09-28 13:21:54

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#31 2021-09-28 14:19:45

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#32 2021-09-28 14:24:16

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#33 2021-09-28 15:43:05

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#34 2021-09-28 16:04:15

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#35 2021-09-29 14:22:31

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#36 2021-09-29 14:37:42

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#37 2021-09-29 14:38:23

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

#38 2021-09-29 14:55:18

Re: [SOLVED/Upstream bug] Cannot use rnano as visudo editor

Board footer