Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to execute binaries with sudo inside AppImage #64

Open
spvkgn opened this issue May 1, 2024 · 4 comments
Open

Unable to execute binaries with sudo inside AppImage #64

spvkgn opened this issue May 1, 2024 · 4 comments

Comments

@spvkgn
Copy link

spvkgn commented May 1, 2024
edited
Loading

Use this simple AppImageBuilder.yml to build the AppImage with appimage-builder:

version: 1

AppDir:
  path: ./AppDir

  app_info:
    id: org.gnu.bash
    name: bash
    icon: utilities-terminal
    version: 5.0.16
    exec: bin/bash
    exec_args: $@

  apt:
    arch: amd64
    allow_unauthenticated: true
    sources:
      - sourceline: 'deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal main restricted universe multiverse'
        
    include:
      - bash
      - coreutils
    exclude:
      - libpcre3

AppImage:
  arch: x86_64
  comp: gzip

Check the AppImage is working - OK:

$ ./bash-5.0.16-x86_64.AppImage --version | head -n1
GNU bash, версия 5.0.16(1)-release (x86_64-pc-linux-gnu)

Run the AppImage and execute any binary inside AppImage - OK:

$ $APPDIR/usr/bin/head -n1 /etc/os-release
PRETTY_NAME="Ubuntu 22.04.2 LTS"

Execute any binary inside AppImage with sudo, for instance, reading /etc/sudoers contents - it fails with error "command not found":

$ $APPDIR/usr/bin/head -n1 /etc/sudoers
/tmp/.mount_bash-582FuSk/usr/bin/head: cannot open '/etc/sudoers' for reading: Permission denied

$ sudo $APPDIR/usr/bin/head -n1 /etc/sudoers
[sudo] password for pavel: 
sudo: /tmp/.mount_bash-582FuSk/usr/bin/head: command not found
@probonopd
Copy link

I think it is not possible to use sudo inside AppImages due to how FUSE works; but you can launch the AppImage with sudo.

@spvkgn
Copy link
Author

spvkgn commented May 3, 2024

@probonopd I could extract the AppImage via extract-and-run feature to avoid FUSE limitations, but with this unable to use sudo as well:

$ APPIMAGE_EXTRACT_AND_RUN=1 ./bash-5.0.16-x86_64.AppImage
$ sudo $APPDIR/usr/bin/head -n1 /etc/sudoers
sudo: unable to execute /tmp/appimage_extracted_dd6d72343c6dc5f80fba20c2a94f5db5/usr/bin/head: No such file or directory

@spvkgn spvkgn changed the title Unable to execute binaries with sudo inside AppImage - "command not found" Unable to execute binaries with sudo inside AppImage May 3, 2024
@spvkgn
Copy link
Author

spvkgn commented May 3, 2024

Looks like this bug comes from here - any binary which is outside of AppImage can't run another binary inside the AppImage:

> $APPDIR/bin/bash -c '$APPDIR/usr/bin/head -n1 /etc/os-release'
PRETTY_NAME="Ubuntu 22.04.2 LTS"

> /bin/bash -c '$APPDIR/usr/bin/head -n1 /etc/os-release'
/bin/bash: line 1: /tmp/appimage_extracted_dd6d72343c6dc5f80fba20c2a94f5db5/usr/bin/head: No such file or directory

@probonopd
Copy link

I don't think it's a good idea for binaries outside of the AppImage to try to launch binaries inside the mounted AppImage.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@probonopd @spvkgn