usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-02-03 14:03:24 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

Checks adding to /etc/sudoers.d directory fail on fresh 13.3 installs #183

New Issue
Closed
opened 2026-01-19 18:29:32 +00:00 by michael · 1 comment
michael commented 2026-01-19 18:29:32 +00:00
Owner
Copy Link

Originally created by @jmahlman on GitHub.

Originally assigned to: @robertgendler on GitHub.

Summary

/etc/sudoers.d directory is not present on a fresh 13.3 install. This causes failures with os_sudo_timeout_configure.yaml and os_sudoers_timestamp_type_configure.yaml

Steps to reproduce

  1. Deploy a fresh 13.3 install on a mac
  2. Run the checks listed above and note the failures

Operating System version

13.3 (22E252)

Intel or Apple Silicon

Both

What is the current bug behavior?

Running the scripts results in an error about the folder not being found:

Running the command to configure the settings for: os_sudo_timeout_configure ...
run_fix:1352: no such file or directory: /etc/sudoers.d/mscp

What is the expected correct behavior?

Running the command to configure the settings for: os_sudo_timeout_configure ...
Settings for: os_sudoers_timestamp_type_configure already configured, continuing...

Output of checks

Running the command to configure the settings for: os_sudo_timeout_configure ...
run_fix:1352: no such file or directory: /etc/sudoers.d/mscp

Possible fixes

Add a mkdir-p /etc/sudoers.d to the fixes for the rules that use /etc/sudoers.d or another directory check.

Originally created by @jmahlman on GitHub. Originally assigned to: @robertgendler on GitHub. <!--- Please read this! Before opening a new issue, make sure to search for keywords in the issues filtered by the "regression" or "bug" label and verify the issue you're about to submit isn't a duplicate. ---> ### Summary /etc/sudoers.d directory is not present on a fresh 13.3 install. This causes failures with [os_sudo_timeout_configure.yaml](https://github.com/usnistgov/macos_security/blob/ventura/rules/os/os_sudo_timeout_configure.yaml) and [os_sudoers_timestamp_type_configure.yaml](https://github.com/usnistgov/macos_security/blob/ventura/rules/os/os_sudoers_timestamp_type_configure.yaml) ### Steps to reproduce 1. Deploy a fresh 13.3 install on a mac 2. Run the checks listed above and note the failures ### Operating System version 13.3 (22E252) ### Intel or Apple Silicon Both ### What is the current *bug* behavior? Running the scripts results in an error about the folder not being found: > Running the command to configure the settings for: os_sudo_timeout_configure ... > run_fix:1352: no such file or directory: /etc/sudoers.d/mscp ### What is the expected *correct* behavior? > Running the command to configure the settings for: os_sudo_timeout_configure ... > Settings for: os_sudoers_timestamp_type_configure already configured, continuing... ### Output of checks > Running the command to configure the settings for: os_sudo_timeout_configure ... > run_fix:1352: no such file or directory: /etc/sudoers.d/mscp ### Possible fixes Add a `mkdir-p /etc/sudoers.d` to the fixes for the rules that use `/etc/sudoers.d` or another directory check.
michael commented 2026-01-19 18:29:32 +00:00
Author
Owner
Copy Link

@robertgendler commented on GitHub:

Closing since this appears to be changed in 13.3.1 by Apple.

@robertgendler commented on GitHub: Closing since this appears to be changed in 13.3.1 by Apple.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
michael
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: usnistgov/macos_security#183
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?