Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

visudo creates file even if editor is closed without saving #294

Closed
ReillyBrogan opened this issue Jul 20, 2023 · 1 comment
Closed

visudo creates file even if editor is closed without saving #294

ReillyBrogan opened this issue Jul 20, 2023 · 1 comment

Comments

@ReillyBrogan
Copy link

I noticed this when in the process of updating the Solus sudo package to 1.9.14p2.

If you run visudo /non-existant-file and then exit without saving the file (for instance, in Nano using ctrl+x) the end result will be that visudo will create an empty /non-existant-file.

This seems undesirable to me, perhaps the user simply misspelled a file name and exited to use a different file name. In that case they would not expect the misspelled file to be created.
millert added a commit that referenced this issue Jul 27, 2023
@millert
visudo: do not create a new file if the user made no changes
4f3786f 
This prevents visudo from creating a new zero-length sudoers file
if the user exited the editor without making any changes.  Files
created via a @include directive are preserved, even if empty, to
avoid a parse error.  GitHub issue #294.
millert added a commit that referenced this issue Jul 27, 2023
@millert
visudo: document that a new file is only created if the editor writes…
bdde6df 
… it.

If visudo is used to create a new file, the file will only be created
if the user writes to the file via the editor.  Simply running
visudo and exiting the editor will no longer cause the file to be
created.  There is an exception for file created due to the addition
of a @include directive, which need to be present for the sudoers
file to parse properly.  GitHub issue #294.
@millert
Copy link
Collaborator

millert commented Jul 27, 2023

Things can get a little complicated. For example, if you add a #include line to sudoers, visudo must create the file, even if it is empty. Otherwise the file will not parse properly. The change I committed will prevent a new top-level sudoers file from being created via visudo if the editor is exited without writing any changes.

@millert millert closed this as completed Jul 27, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@millert @ReillyBrogan