On Thu, Jun 17, 2010 at 9:37 AM, Andres P <[email protected]> wrote: > On Thu, Jun 17, 2010 at 10:00 AM, Allan McRae <[email protected]> wrote: >> I think I have found the issue here. We obviously have a NOPASSWD entry in >> our sudoers file so "sudo -l" does not require a password. >> >> So the bug is confirmed. However the fix is not fully functional as if I >> have sudo installed but can not use it for pacman, then I can no longer fall >> back to using "su -c". I'd choose excess password typing over functionality >> loss. >> > Eureka! I was just about to mail the sudo maintainer.
I'm terribly confused still. $ sudo cat /etc/sudoers Password: Defaults editor = /usr/bin/vim:/usr/bin/vi root ALL=(ALL) ALL %wheel ALL=(ALL) ALL dmcgee ALL= NOPASSWD: /usr/sbin/vpnc, /usr/sbin/vpnc-disconnect dmcgee ALL= NOPASSWD: /usr/bin/openconnect I don't see any exemption for `sudo -l` in there, but it never prompts me for a passwd (even if adding those timeout defaults). Or is it just the presence of any NOPASSWD entry at all? If that is the case, that seems downright silly... > > Anyhow, > > What if there's a check for sudo's retval like I posted in the comments? There is no way to tell the difference between the retval of sudo and the retval of the called program as far as I can tell, so this wouldn't quite work. -Dan
