Bugzilla – Bug 1221204
sudo update breaks ALL=NOPASSWD: lines
Last modified: 2024-04-18 09:17:46 UTC
Hello, I have recently updated the sudo package on Leap 15.5. I am finding that commands that used to work without prompting for a password such as: sudo /usr/sbin/iptables -L -n have now started prompting: [sudo] password for root: A sample line in /etc/sudoers is: stanley ALL=NOPASSWD: /usr/sbin/iptables I have merged the sudoers.rpmnew created when I did the update into the sudoers file, so I have made all of the changes like s/root ALL=(ALL) ALL/root ALL=(ALL:ALL) ALL/ that have come with the sudo update but I am still being prompted for every command with an ALL=NOPASSWD: line whereas I wasn't before the update. Do I need to do anything similar to the ALL=NOPASSWD: lines? Original sudo: 2023-07-12 13:55:30|install|sudo|1.9.12p1-150500.5.1 Updated sudo: 2024-03-08 09:43:58|install|sudo|1.9.12p1-150500.7.7.1 Any help welcome. Please let me know if you need more information. Thank you, Stanley
How did you edit /etc/sudoeres? With visudo? Because the syntax seems wrong. It should look like smt like this: stanley ALL=(ALL) NOPASSWD: /usr/sbin/iptables
The buggy sudo update has already been retracted, a followup update will be publishjed Monday.
The good news is that the change to ALL=(ALL) fixes it (as root with su - and vi) stanley ALL=(ALL) NOPASSWD: /usr/sbin/iptables so thank you. The old format has worked since 2018 and probably even earlier. I generally make edits as root using vi as I am the only person using the machine so there are no conflicts over access. Would visudo have alerted me to this or does it do something else in the background? I ask as I have edited the sudoers file on another box using visudo (as suggested) keeping the old line format and on exit sudo is working again still with the old format. It is as if the use of visudo has kick started something. Regardless, I am happy, thank you, sudo is working again.
should be fixed hopefully