Unable to chmod & close file /var/log/sudosh/ Bad file descriptor

[evdeva]

I installed sudosh2 on RHEL 6.6 OS and whenever I logout from sudo session, I get below message. When I check the log files showing the error, I observe the permission is set to 600 instead of 440.

Unable to chmod file /var/log/sudosh/aduxacm-sys1-time-1444075745-AiTiXTtJvJsKenFa: Bad file descriptor
Unable to close file /var/log/sudosh/aduxacm-sys1-time-1444075745-AiTiXTtJvJsKenFa: Bad file descriptor

Please let me know if you need more details to identify the issue

[squash]

Can you post your sudosh.conf and verify that you are on the current HEAD?

[evdeva]

Hi Thanks for considering my request. I have uploaded my sudosh.conf file. Thanks

sudosh.txt

[squash]

Thanks. I don't see anything odd there, but I am not able to reproduce in my testing on centos 6.6 + current HEAD of sudosh2 inside a container.

Are you using selinux in enforcing mode? if so I will need to set up an actual VM to test properly. Any other details you think might be pertinent?

[evdeva]

sestatus | grep -i mode

Current mode: permissive
Mode from config file: permissive

My default umask is 0077. I'm using RHEL 6.7 integrated with Active Directory using SSSD and I am not seeing this issue for AD accounts but only for the local accounts I am facing this issue. Do you need any specific information?

[evdeva]

Hi.. Any luck on this request?

[squash]

I'm working to get a SSSD system set up to test with this. I don't currently have such an environment, and it appears the issue is related.

[evdeva]

Thanks a lot for your help. I’ll be happy to hear from you.

Best Regards

E V Devarajulu
Sr Engineer, Data Center Engineering
Franklin Templeton Investments

tel +91 44 24407480
mobile +91 8754422131
[email protected]:[email protected]
www.franklintempleton.comhttp://www.franklintempleton.com/
[FTI_pos_0114_300EPS_SaveAs96]

From: squash [mailto:[email protected]]
Sent: Tuesday, February 02, 2016 9:42 PM
To: squash/sudosh2
Cc: Veeraraghavulu, Devarajulu
Subject: Re: [sudosh2] Unable to chmod & close file /var/log/sudosh/ Bad file descriptor (#12)

I'm working to get a SSSD system set up to test with this. I don't currently have such an environment, and it appears the issue is related.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/12#issuecomment-178659787.
Notice: All email and instant messages (including attachments) sent to
or from Franklin Templeton Investments (FTI) personnel may be retained,
monitored and/or reviewed by FTI and its agents, or authorized
law enforcement personnel, without further notice or consent.
.

[evdeva]

Hi

Any luck on this?

Best Regards

E V Devarajulu
Sr Engineer, Data Center Engineering
Franklin Templeton Investments

tel +91 44 24407480
mobile +91 8754422131
[email protected]:[email protected]
www.franklintempleton.comhttp://www.franklintempleton.com/
[cid:[email protected]]

From: squash [mailto:[email protected]]
Sent: Tuesday, February 2, 2016 9:42 PM
To: squash/sudosh2 [email protected]
Cc: Veeraraghavulu, Devarajulu [email protected]
Subject: Re: [sudosh2] Unable to chmod & close file /var/log/sudosh/ Bad file descriptor (#12)

I'm working to get a SSSD system set up to test with this. I don't currently have such an environment, and it appears the issue is related.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/12#issuecomment-178659787.
Notice: All email and instant messages (including attachments) sent to
or from Franklin Templeton Investments (FTI) personnel may be retained,
monitored and/or reviewed by FTI and its agents, or authorized
law enforcement personnel, without further notice or consent.
.

[rfifarek]

Bump.

Seems to only happen with long lived sessions.

[evdeva]

Cool

Is there any plans to fix this issue?

Thanks

Best Regards

E V Devarajulu
Sr Engineer, Data Center Engineering
Franklin Templeton Investments

tel +91 44 24407480tel:+91%2044%2024407480
mobile +91 8754422131tel:+91%208754422131
[email protected]:[email protected]
www.franklintempleton.comhttp://www.franklintempleton.com/
[FTI_pos_0114_300EPS_SaveAs96]

On 25-Aug-2016, at 12:00 AM, rfifarek <[email protected]mailto:[email protected]> wrote:

Bump.

Seems to only happen with long lived sessions.

�
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHubhttps://github.com//issues/12#issuecomment-242164185, or mute the threadhttps://github.com/notifications/unsubscribe-auth/APqrygf1ylkTmemHcTtyLwKU-WaaXGDzks5qjI2mgaJpZM4G7F1r.
Notice: All email and instant messages (including attachments) sent to
or from Franklin Templeton Investments (FTI) personnel may be retained,
monitored and/or reviewed by FTI and its agents, or authorized
law enforcement personnel, without further notice or consent.
.

[Chewbakka-Wakka]

Were their updates to this?

[squash]

I was not able to get an SSSD system to test on or reproduce the problem outside of that environment. I see that since then they have created a basic containerized sssd setup which might be useful for diagnosing in a smaller environment. https://github.com/SSSD/sssd-ci-containers

My guess is that we're running into an expired token or credential and SSSD is dropping our rights to new operations on these files, but that is pure speculation.