Re: [pacman-dev] [PATCH 10/11] makepkg: do not ask sudo password twice

Thu, 17 Jun 2010 07:27:31 -0700 

On 18/06/10 00:13, Dan McGee wrote:

On Thu, Jun 17, 2010 at 8:49 AM, Andres P<[email protected]>  wrote:

On Thu, Jun 17, 2010 at 9:17 AM, Allan McRae<[email protected]>  wrote:

On 17/06/10 23:35, Andres P wrote:


On Thu, Jun 17, 2010 at 9:04 AM, Allan McRae<[email protected]>    wrote:


Um...  no it does not...   sudo -l does not ask for a password even with
timestamp_timeout=0.

Allan


Yes it does... man sudoers

Defaults  timestamp_timeout=0, passwd_timeout=0

sudo -l /bin/true&&    sudo /bin/true

will ask you twice...  come on now :/



al...@mugen ~

sudo -l

Matching Defaults entries for allan on this host:
    timestamp_timeout=0, passwd_timeout=0

User allan may run the following commands on this host:
    (ALL) ALL

al...@mugen ~

sudo -l /bin/true&&  sudo /bin/true

/bin/true
Password:

al...@mugen ~




I count one password request...



I advice that you create a new user with a fresh leash.

I'm using sudo 1.7.2p7-1 and could go through the trouble of naggging
folks to post their sudo output just to get this fixed ;)

My sudoers verbatim:
# Defaults specification
Defaults  rootpw, timestamp_timeout=0, passwd_timeout=0

# User privilege specification
root    ALL=(ALL) ALL

# Uncomment to allow people in group wheel to run all commands
%wheel  ALL=(ALL) ALL

Nothing exotic... the only relevant setting is timestamp


Dude, the ball is in your court to prove this, I can't get it to do
anything resembling asking for my password twice. I added the two
options to my sudoers file and look at hte following sequence. Note
that the only time it asks for my password is on the actual execution
of the command, not on the '-l' usage.

dmc...@galway ~/projects/pacman (master)
$ sudo -l /bin/true
/bin/true

dmc...@galway ~/projects/pacman (master)
$ sudo /bin/true
Password:

dmc...@galway ~/projects/pacman (master)
$ sudo /bin/true
Password:

dmc...@galway ~/projects/pacman (master)
$ sudo -l /bin/true
/bin/true




I think I have found the issue here.   We obviously have a NOPASSWD 
entry in our sudoers file so "sudo -l" does not require a password.



So the bug is confirmed.  However the fix is not fully functional as if 
I have sudo installed but can not use it for pacman, then I can no 
longer fall back to using "su -c".  I'd choose excess password typing 
over functionality loss.


Allan

























					Reply via email to