Incorrect sudo -V output

[blemouzy]

Hello,

I working on an ARM based embedded system with Yocto.

I noticed a strange sudo -V output (floating values are not correctly displayed) since sudo update from 1.9.13p3 to 1.9.15p2.

# sudo -V | grep timeout
Authentication timestamp timeout: f minutes
Password prompt timeout: f minutes

I also tried the 1.9.15p5 version with same result.

[millert]

This happens when using sudo's snprintf() replacement since it does not support floating point. That should only be necessary on older systems without a C99-compatible snprintf() (or systems without asprintf()).

In your case, this is probably because sudo was built with a cross-compiler and that configure test was unable to run. These days, it is probably safe to assume that snprintf() is C99-compliant when cross-compiling. If you are building your own sudo, you can set ac_cv_have_working_snprintf=yes in the environment to avoid the issue.

[blemouzy]

This happens when using sudo's snprintf() replacement since it does not support floating point. That should only be necessary on older systems without a C99-compatible snprintf() (or systems without asprintf()).

What explains the regression between 1.9.13p3 and 1.9.15p2?

In your case, this is probably because sudo was built with a cross-compiler and that configure test was unable to run. These days, it is probably safe to assume that snprintf() is C99-compliant when cross-compiling. If you are building your own sudo, you can set ac_cv_have_working_snprintf=yes in the environment to avoid the issue.

I made the test:

• add EXTRA_OECONF += "ac_cv_have_working_snprintf=yes" to the sudo_%.bbappend file
• check config.log:

# Before
12157:ac_cv_have_working_snprintf=cross   

# After
12157:ac_cv_have_working_snprintf=yes

• check sudo -V output:

Authentication timestamp timeout: f minutes
Password prompt timeout: f minutes

⮕ same result

[millert]

Sorry, you also need to set ac_cv_have_working_vsnprintf=yes.

In sudo 1.9.13 vfprintf() was used to display those strings so the problem did not occur. The switch to using vsnprintf() in 1.9.14 is what triggered the issue. Sudo 1.9.16 will avoid the problem by treating ac_cv_have_working_snprintf=cross and ac_cv_have_working_vsnprintf=cross the same as "yes".

[blemouzy]

Sorry, you also need to set ac_cv_have_working_vsnprintf=yes.

That effectively work now!

In sudo 1.9.13 vfprintf() was used to display those strings so the problem did not occur. The switch to using vsnprintf() in 1.9.14 is what triggered the issue.

Thanks for the explanation and thanks for support.

Sudo 1.9.16 will avoid the problem by treating ac_cv_have_working_snprintf=cross and ac_cv_have_working_vsnprintf=cross the same as "yes".

Nice!
Link to the associated commit: 920710b

[egtvedt]

After this change I'm not able to link sudo release 1.9.16, I did a comment on the configure script change in 920710b#r146098350

I'm no good with autoconf, so if somebody could point failure on my side or the change here needs further improvements?

Update: By adding ac_cv_have_working_snprintf=yes and ac_cv_have_working_vsnprintf=yes when configuring, sudo 1.9.16 compiles and link for me.

Update2: And I have the following in config.h

/* Enable replacement (v)snprintf if system (v)snprintf is broken. */
/* #undef PREFER_PORTABLE_SNPRINTF */

Which looks correct.

[millert]

@egtvedt Can you test whether 3e12cac this this for you?

[egtvedt]

@egtvedt Can you test whether 3e12cac this this for you?

This commit solves my configure problem, and I get the expected defines in config.h

#define HAVE_SNPRINTF 1
#define HAVE_VSNPRINTF 1
/* #undef PREFER_PORTABLE_SNPRINTF */

Thank you for solving so quickly.