Sudo on Ubuntu 20.04 focal

Hello

Trying out the almost ready Ubuntu focal from the images: repo brings immediately a new and shiny problem:
sudo: setrlimit(RLIMIT_CORE): Operation not permitted

with an Ubuntu host (16.04 or 18.04)

while sudo actually works, it’s a scary message. it’s a known problem and there is a new version of sudo to fix it.

My 0.000002 €: if the first official Ubuntu 20.04 don’t include sudo 1.8.31-p1-1 it would be better to wait for this feature to be fixed before promoting 20.04 to the ubuntu repo. Sudo is a basic feature really.

I hope it gets updated, also has workaround for now.

I think the following issue is something that needs fixing within LXD,

$ lxc launch images:ubuntu/focal mycontainer
Creating mycontainer
Starting mycontainer
$ lxc ubuntu mycontainer
ubuntu@mycontainer:~$ sudo -i
[sudo] password for ubuntu: ^C
ubuntu@mycontainer:~$ groups
ubuntu

That is, the ubuntu account does not get added to the sudo group. Hence, cannot sudo to root.

I don’t use the ubuntu account. I always create my user and adds it to the sudo group.
See
https://bugs.archlinux.org/task/65713
I dont’ think they have ubuntu user on arch :slight_smile:

Ok, so the issues are:

  1. Ubuntu 20.04 should get the updated sudo package. This is an issue to report on launchpad.net for the sudo package. Have a look at https://bugs.launchpad.net/ubuntu/+source/sudo and post here the URL (if there is an existing report, or of the new report that you have created).
  2. The images:ubuntu/focal container images should add the non-root ubuntu user to the sudo Unix group. Since the user account gets created, then the template instructions are working as intended. But somehow the ubuntu user is not added to the sudo group. This should be a bug report on distrobuilder, https://github.com/lxc/distrobuilder/issues And here is the fresh report, https://github.com/lxc/distrobuilder/issues/326

yes there are 2, this report seems the more complete one, I have added a comment stating that the package needs updating.
There is a workaround that works, adding to /etc/sudo.conf the following incantation
Set disable_coredump false

well given that you are at Ubuntu that’s your call obviously. As a person not working for Ubuntu I think that this kind of feature could feed paranoid reports in the forums and the media.