On Wed, Nov 1, 2023 at 7:59 AM Nicolas FORMICHELLA <stigpro@outlook.fr> wrote:
Nov 1, 2023 05:16:22 Andrei Borzenkov <arvidjaar@gmail.com>:
On 01.11.2023 00:19, Nicolas FORMICHELLA wrote:
Oct 31, 2023 22:07:55 Alexandre Almeida via openSUSE Factory <factory@lists.opensuse.org>: There is no change for users who are not in those special groups. sudo will continue to prompt for the target password for those users.
This is not the same behavior as other distros or common configuration guides for sudo. If I'm not mistaken, they setup sudo in a way that it doesn't ask for the root password.
As it seems, these packages won't do anything else but add this "if user in group X, ask for user password instead of root password" functionality. It would be nice to have the exact same behavior from the other distros, where you can only use sudo if you are a member of the group and it automatically rejects running sudo as root. and it automatically rejects running sudo as root.
No distro has that as default AFAIK...
Ubuntu does not have
ALL ALL=(ALL) ALL
by default and only allows sudo for %admin and %sudo groups.
and for some applications, especially in containers, that would be widely counterproductive (logging in to socket-auth based apps like Postgres for ex.) The original poster was talking about running sudo when logged in as root, not about the targetpw config
The original poster was talking about restricting sudo to the specific group(s) which Ubuntu does and this change in SUSE does not. Whether OP also wanted to prohibit running sudo when logged in as root is probably better clarified by OP.
Which Ubuntu 22.04, as all distros allows by default