Bug 599255

Summary: Interface change in sudo without note in changelog for RHEL 5.5
Product: Red Hat Enterprise Linux 5 Reporter: Steven Roberts <strobert>
Component: sudoAssignee: Daniel Kopeček <dkopecek>
Status: CLOSED NEXTRELEASE QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact:
Priority: low    
Version: 5.5CC: dkopecek, pvrabec
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-22 15:24:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Steven Roberts 2010-06-02 23:44:19 UTC 
Description of problem:
Recently updated from the 5.2 package of sudo to 5.5 (along with the rest of the updateS).  the spec file for sudo was changed to specify:
--with-passprompt="[sudo] password for %p: "
in the %configure line

Version-Release number of selected component (if applicable):
previous: sudo-1.6.8p12-12.el5 (this is the 5.2 package, but 5.4 has the same behavior of 5.2)
new in 5.5: sudo-1.7.2p1-6.el5_5

How reproducible:
always

Steps to Reproduce:
1. run a command via sudo
2. notice the password prompt is now like: "[sudo] password for <login>:" instead
of the old "Password:"
  
Actual results:
Expected results:

Additional info:
We hit this as we have a sudo wrapper script that handles running sudo on a bunch of remote machines.  it prompts for the password once and feeds to sshd/sudo as needed.  It is really nice to run the same command or series of commands of a bunch of servers.

We have now added an additional regex to our perl script to handle the new format.

This behavior change was done inside of a major RHEL version (just in the update from 5.4 to 5.5) and was not noted in the change log or release notes.

I also checked errata notes for the package and could not find a mention of the change.

I also checked the bugs that I could as listed in the spec file but most of the recent ones are locked out (CVHE related so tagged as security confidential).

The change itself isn't necessarily bad for long term but this is something that should have been listed in an Errata for the package or in the release notes.
Comment 1 Peter Vrabec 2011-08-22 15:24:15 UTC 
Steven, I'd like to apologize this inconvenience. We will do our best and put all the important information into the Errata or release notes next time.