sudo-1.7.2p1-14.el5_8.3 under CentOS 5.8 PAE doesn't complete fork/exec<br />
<br />
(perhaps not the best summary, open to suggestions)<br />
<br />
Historically (for many years/releases) sudo when executing the child, would exec():<br />
<br />
# sudo -u ldap /usr/bin/openssl s_server -accept 15000 &<br />
# env LC_ALL=C pstree -a $$<br />
bash<br />
|-openssl s_server -accept 15000<br />
`-pstree -a 3136<br />
<br />
The parent process (in this case, bash) would have the new process as a direct descendant, and that process owns the resources (in this case, a TCP port.)<br />
<br />
Under CentOS 5.8 PAE, sudo never exits:<br />
<br />
# sudo -u ldap /usr/bin/openssl s_server -accept 15000 &<br />
# env LC_ALL=C pstree -a $$<br />
bash<br />
|-pstree -a 3301<br />
`-sudo -u ldap /usr/bin/openssl s_server -accept 15000<br />
`-openssl s_server -accept 15000<br />
<br />
The impact is any monitoring framework that says 'if my child owns this named resource', the monitor fails, in that the 'sudo' process remains, but it's the grandchild that has the resources. See 'Steps to Reproduce' for specifics.
↧