Comment # 11 on bug 1205094 from 
Hi there,

> "William, the change that you made affected TW users. Now all those who didn't touch the default settings have a broken sudo."

I did not make the change. I opened the original issue here:
https://bugzilla.opensuse.org/show_bug.cgi?id=1203978 with internal references
inside of SUSE, which states:

"""
The suggestion I would like to make to improve this is:

* Yast2 should request if the first-user account is an administrative role
rather than requesting that the first-user account password is duplicated for
root.
* If the first-user account is an administrative role, setting the root
password is optional and locked by default.
* If the first-user account is not created as an administrative role, then the
root password is a requirement.
* Sudo should be installed by default on JeOS/minimal installs.
* sshd_config should set "PermitRootLogin no" by default.
* sudoers by default should NOT contain the "defaults targetpw" line
"""

Additionally I involved both the sudo and yast maintainers for the feature
development, as well as product management so they could coordinate and work
with qe/qa, so that they could make the needed changes in coordination as well
as testing it. 

I did not make the change. I highlighted that the default targetpw mode in SUSE
and OpenSUSE in insecure and involved the needed parties.

Please be careful when you make accusations like this, especially when they are
incorrect.

Mistakes happen. AutoQA is meant to catch and prevent this. This is clearly
highlighting a failure in our tumbleweed testing.


As a result, my input to Jason would be that:

* We revert the change.
* We attempt to understand why this error was missed in AutoQA and how that
impacted the a new install.
* That the Yast2 team is involved in the next time we attempt this update.

You are receiving this mail because: