sudo sometimes fails for me

Tim Seufert yellowdog-general@lists.terrasoftsolutions.com
Sun Mar 28 02:13:01 2004 

On Mar 27, 2004, at 12:10 PM, Clinton MacDonald wrote:

> I still argue that the shell/sudo combination should be smarter. 
> Anytime it asks for a password, it should *NEVER* reveal it in plain 
> text.

There isn't a shell/sudo combination, though.  There are just two 
programs -- the shell and the sudo -- which are both waiting for input. 
  Due to the semantics of the & operator, at that point either program 
can produce output on your terminal (as you've seen), but the shell has 
dibs on the input stream.  The shell has no idea sudo is trying to ask 
for a password, and sudo has no idea it has been disconnected from user 
input.

>  Otherwise, in this age of keyboard recording spyware and such, it 
> shouldn't even pretend to be secure. It could fail gracefully (or not 
> gracefully), but *NEVER* reveal that password.

This can't affect whether keyboard recording works or not.  Keyboard 
recording should be able to record keystrokes no matter whether the 
password is being echoed to the screen or not.

> Hmmphf. Who's in charge of these things? ;-)
>
>> If you really want to do this, try instead
>>     sudo sh -c 'synaptic&'
>
> Alright, that looks interesting. I have no idea what it means, but I 
> will certainly give it a try. Like many of my mistakes, it will give 
> me an opportunity to learn something new.

It tells sudo to run sh, i.e. your system's default shell (/bin/sh).  
In turn, sh is told (via the -c parameter) to execute a mini-script 
supplied on its command line.  In this case the script is just 
'synaptic&' which will run synaptic in the background.  After doing so 
the sudo'ed shell has no commands left to process and will simply exit.

Unlike the simple

   sudo synaptic &

your original shell is not being told to background anything.  So the 
sudo will start off with complete control over the terminal's input and 
output.  Only once the shell run by sudo gets going is any program 
backgrounded, and the program backgrounded is the one you actually 
wanted to be backgrounded.