From john.b.little at gmail.com Wed Jan 2 19:20:53 2019 From: john.b.little at gmail.com (John Little) Date: Thu, 3 Jan 2019 15:20:53 +1300 Subject: [sudo-users] pwfeedback option causes "Conversation with su failed" for the KDE partition manager Message-ID: Starting with Kubuntu 18.04, the pwfeedback option in /etc/sudoers causes the "Run as root -- KDE su" dialogue to fail. (This may have come about as a consequence of the deprecation of kdesudo, and those systems that have been upgraded from versions that still have kdesudo might not encounter this.) I'm not sure this is a sudo issue, but it's good if searches find it, as those who are affected by it may have no clue that /etc/sudoers has anything to do with it, if it had not been changed recently. The dialogue box shows the command as: KDE_FULL_SESSION=true XDG_RUNTIME_DIR=/run/user/1000 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus /usr/bin/partitionmanager --dontsu visudo does not highlight pwfeedback as an option, perhaps it is deprecated. The password feedback does work for terminal sudo. Regards, John Little From 1johnathan.smith at gmail.com Thu Jan 31 19:28:12 2019 From: 1johnathan.smith at gmail.com (Johnathan Smith) Date: Thu, 31 Jan 2019 20:28:12 -0600 Subject: [sudo-users] Wildcards in sudoers commands Message-ID: Are there plans to have enhanced wildcard support in the future? I am thinking about something closer to regex for commands (I realize this is explicitly not supported). If this is not in the plans, is there any advice on how I could implement this in the sudoers plugin? Or is this not advisable as it could create vulnerabilities in sudo? Regards, John From ed-sudo at s5h.net Thu Jan 31 13:09:52 2019 From: ed-sudo at s5h.net (Ed) Date: Thu, 31 Jan 2019 20:09:52 +0000 Subject: [sudo-users] regex command arguments Message-ID: <20190131200952.GA30723@s5h.net> Hello, Lurker here. At the end of 2012 there was a request for feedback on implementation of regex matching for commands. Looking at the archive, I don't see anything to suggest that this shouldn't go ahead. Did this get stuck or was there a major reason to prevent it? For reference, here's a link to the mail archive: I'm always looking for reasons to contribute back, if this is a feature waiting for someone to write, I'd be willing to have a go, maybe it wont be fit for immediate merge though! -- Best regards, Ed http://www.s5h.net/