Bug 583911
| Summary: | Add comment about the visiblepw option into sudoers | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Daniel Kopeček <dkopecek> | ||||||
| Component: | sudo | Assignee: | Daniel Kopeček <dkopecek> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | BaseOS QE Security Team <qe-baseos-security> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | low | ||||||||
| Version: | 5.5 | CC: | amarecek, dkopecek, sgrubb | ||||||
| Target Milestone: | rc | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | sudo-1.7.2p1-10.el5 | Doc Type: | Bug Fix | ||||||
| Doc Text: |
A comment regarding the "visiblepw" option of the "Defaults" directive has been added to the default /etc/sudoers file to clarify its usage.
|
Story Points: | --- | ||||||
| Clone Of: | |||||||||
| : | 688640 (view as bug list) | Environment: | |||||||
| Last Closed: | 2011-01-13 23:08:22 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 688640 | ||||||||
| Attachments: |
|
||||||||
Created attachment 413721 [details]
Patch for sudoers
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
A comment regarding the "visiblepw" option of the "Defaults" directive has been added to the default /etc/sudoers file to clarify its usage.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-0079.html |
Created attachment 407750 [details] Patch for sudoers Description of problem: The 1.7.0 release of sudo introduced a new option, visiblepw, which is now needed to be enabled in order to allow remote command execution using sudo, e.g.: ssh foo@bar sudo baz Although this can be found in upstream documentation or worked around using ssh's -t option, the sudoers that is shipped with sudo in RHEL 5 mentions only the requiretty option. The visiblepw option should be added to sudoers either commented out (default is off) or not commented out but set to off using negation, i.e.: Defaults !visiblepw I'm proposing the later option as that will ensure that this flag is off even when the default value changes. Version-Release number of selected component (if applicable): 1.7.2p1-6 Patch for sudoers attached.