[sudo-users] Doubt regarding NOPASSWD

Todd C. Miller Todd.Miller at courtesan.com
Fri Sep 9 09:54:34 EDT 2011


On Fri, 09 Sep 2011 09:46:15 EDT, "Todd C. Miller" wrote:

> That's a known problem with sudo 1.7 and higher.  I'm not aware or
> a workaround at this time.

The fix is fairly simple.  If you apply this to the sudo 1.8.2
sources with "patch -p1" it should fix the problem.

 - todd

diff -r 0422b19dced3 plugins/sudoers/parse.c
--- a/plugins/sudoers/parse.c	Wed Aug 31 11:23:26 2011 -0400
+++ b/plugins/sudoers/parse.c	Fri Sep 09 09:53:23 2011 -0400
@@ -250,6 +250,8 @@
     } else if (match == DENY) {
 	SET(validated, VALIDATE_NOT_OK);
 	CLR(validated, VALIDATE_OK);
+	if (tags != NULL && tags->nopasswd != UNSPEC)
+	    def_authenticate = !tags->nopasswd;
     }
     restore_perms();
     return validated;



More information about the sudo-users mailing list