On 18/06/10 00:45, Dan McGee wrote:
On Thu, Jun 17, 2010 at 9:37 AM, Andres P<[email protected]> wrote:
On Thu, Jun 17, 2010 at 10:00 AM, Allan McRae<[email protected]> wrote:
I think I have found the issue here. We obviously have a NOPASSWD entry in
our sudoers file so "sudo -l" does not require a password.
So the bug is confirmed. However the fix is not fully functional as if I
have sudo installed but can not use it for pacman, then I can no longer fall
back to using "su -c". I'd choose excess password typing over functionality
loss.
Eureka! I was just about to mail the sudo maintainer.
I'm terribly confused still.
$ sudo cat /etc/sudoers
Password:
Defaults editor = /usr/bin/vim:/usr/bin/vi
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
dmcgee ALL= NOPASSWD: /usr/sbin/vpnc, /usr/sbin/vpnc-disconnect
dmcgee ALL= NOPASSWD: /usr/bin/openconnect
I don't see any exemption for `sudo -l` in there, but it never prompts
me for a passwd (even if adding those timeout defaults). Or is it just
the presence of any NOPASSWD entry at all? If that is the case, that
seems downright silly...
It is the presence of ANY entry... see the "listpw" section of "man
sudoers"
Allan
