On 2022-11-05 10:49, Ben Greiner wrote:
Am 05.11.22 um 10:25 schrieb Carlos E. R.:
On 2022-11-05 10:17, Mathias Homann wrote:
Am 05.11.2022 um 10:06 schrieb Carlos E. R.:
On 2022-11-05 08:00, Mathias Homann wrote:
Am Samstag, 5. November 2022, 01:21:58 CET schrieb Fritz Hudnut:
the new behaviour is actually the whole POINT of sudo: enabling certain users to run commands as root (or other users) WITHOUT having to tell them the password for the target account - which would also enable them to just do "su -" and do ANYTHING as the other account.
in short: "TargetPW" is actually contrary to the intent and purpose of sudo - and on all my machines one of the first to go.
In that case the update should have come with a notice somewhere to tell people how they should configure sudoers _before_ the update.
It did. See the announcement here on this list for the snapshot 20221103, and what it says about changes to sudo.
Oh. I'm impressed. See how many people saw and read that.
What it said was:
+++————————————————————————— ̣̣==== sudo ==== Subpackages: sudo-plugin-python
- Modified sudo-sudoers.patch * [bsc#1203978 jsc#PED-260] * Remove uncommented "Defaults targetpw" portion of /etc/sudo-sudoers file. * Sudo now asks for the password of the user calling sudo instead of the target (i.e. root) user. —————————————————————————++-
I don't see there a recommendation and explanation of what is the intended usage and configuration of sudo.
Also, it is incomplete. There is no notion about the necessity to add the user to the wheel group.
Also, as there have been no instructions and publicity, what people are doing and telling others to do, is restoring the old configuration. -- Cheers / Saludos, Carlos E. R. (from 15.3 x86_64 at Telcontar)