bash with log_subcmds on AIX
Closed this issue · 4 comments
Calling sudo bash on AIX with enabled log_subcmds breaks STDOUT of certain commands like df. STDOUT is not displayed at all. For other commands like ps it seems to have no affect.
Tested with:
AIX 7300-01-02-2320
sudo 1.9.14-2 RPM (from sudo.ws Prebuilt Packages)
bash 5.1.4.0 LPP (AIX 7.3)
bash 5.1.16-1 RPM (from IBM AIX Toolbox for Open Source Software)
sudo ksh works as expected.
This is almost certainly because bash is a 64-bit executable but ksh and sudo are 32-bit. For example:
$ file /bin/ksh /bin/bash
/bin/ksh: executable (RISC System/6000) or object module
/bin/bash: 64-bit XCOFF executable or object module
I see the same behavior when using log_subcmds with a 64-bit bash and a 32-bit sudo. It works as expected with a 32-bit bash executable.
The way log_subcmds works is that it interposes itself via LDR_PRELOAD so it can catch calls to execute a new program. Unfortunately, that only works for binaries of the same word size. Since your bash is 64-bit but sudo is 32-bit log_subcmds will not work properly. The way to fix this is for sudo to build both 32-bit and 64-bit versions of the sudo_intercept dynamic shared object but the build system uses by sudo (autoconf and libtool) doesn't really support that. It may be possible for me to build both a 32-bit and 64-bit sudo on AIX and combine the shared objects since the build system doesn't support this natively.
@millert Thanks a lot for looking into it. I can confirm that we have no issue with the /opt/freeware/bin/bash_32 binary. Will be happy to test the new 1.9.15 release with 32 and 64 bit bash. 😎
Closing now that sudo 1.9.15 is out.