Bug 599255 - Interface change in sudo without note in changelog for RHEL 5.5
Interface change in sudo without note in changelog for RHEL 5.5
Status: CLOSED NEXTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sudo (Show other bugs)
5.5
All Linux
low Severity medium
: rc
: ---
Assigned To: Daniel Kopeček
BaseOS QE Security Team
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-06-02 19:44 EDT by Steven Roberts
Modified: 2011-08-22 11:24 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-08-22 11:24:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Steven Roberts 2010-06-02 19:44:19 EDT
Description of problem:
Recently updated from the 5.2 package of sudo to 5.5 (along with the rest of the updateS).  the spec file for sudo was changed to specify:
--with-passprompt="[sudo] password for %p: "
in the %configure line

Version-Release number of selected component (if applicable):
previous: sudo-1.6.8p12-12.el5 (this is the 5.2 package, but 5.4 has the same behavior of 5.2)
new in 5.5: sudo-1.7.2p1-6.el5_5

How reproducible:
always

Steps to Reproduce:
1. run a command via sudo
2. notice the password prompt is now like: "[sudo] password for <login>:" instead
of the old "Password:"
  
Actual results:
Expected results:

Additional info:
We hit this as we have a sudo wrapper script that handles running sudo on a bunch of remote machines.  it prompts for the password once and feeds to sshd/sudo as needed.  It is really nice to run the same command or series of commands of a bunch of servers.

We have now added an additional regex to our perl script to handle the new format.

This behavior change was done inside of a major RHEL version (just in the update from 5.4 to 5.5) and was not noted in the change log or release notes.

I also checked errata notes for the package and could not find a mention of the change.

I also checked the bugs that I could as listed in the spec file but most of the recent ones are locked out (CVHE related so tagged as security confidential).

The change itself isn't necessarily bad for long term but this is something that should have been listed in an Errata for the package or in the release notes.
Comment 1 Peter Vrabec 2011-08-22 11:24:15 EDT
Steven, I'd like to apologize this inconvenience. We will do our best and put all the important information into the Errata or release notes next time.

Note You need to log in before you can comment on or make changes to this bug.