* On AIX, when the user's password has expired and PAM is not in use,
sudo will now allow the user to change their password.
- Bug #883
+ Bug #883.
* Sudo has a new -B command line option that will ring the terminal
bell when prompting for a password.
nroff utility. There are now multiple Open Source nroff replacements
so this should no longer be an issue.
+ * Fixed a bad interaction with configure's --prefix and
+ --disable-shared options. Bug #886.
+
+ * More verbose error message when a password is required and no terminal
+ is present. Bug #828.
+
What's new in Sudo 1.8.27
* On HP-UX, sudo will now update the utmps file when running a command
would achieve the desired result for the preceding sudoers fragment.
Q) When I try to run sudo via ssh, I get the error:
- sudo: no tty present and no askpass program specified
-A) If sudo needs to authenticate a user, it needs access to the
- user's terminal to disable echo and to perform per-terminal
- access control (for cached credentials). The above message
- indicates that sudo was unable to determine the user's terminal.
+ sudo: a terminal is required to read the password; either use the -S
+ option to read from standard input or configure an askpass helper
+A) If sudo needs to authenticate a user, it requires access to the user's
+ terminal to disable echo so the password is not displayed to the screen.
+ The above message indicates that no terminal was present.
When running a command via ssh, a terminal is not allocated by default
which can cause this message. The "-t" option to ssh will force it to
allocate a tty. Alternately, you may be able to use the ssh-askpass
utility to prompt for the password if X11 forwarding is enabled and an
- askpass program is configured in the sudo.conf file. If you do not
- mind your password being echoed to the screen, the "visiblepw" sudoers
- option will allow the password to be entered even when echo cannot be
- disabled, though this is not recommended.
+ askpass helper is configured in the sudo.conf file. If you do not mind
+ your password being echoed to the screen, you may use sudo's -S option
+ to read the password from the standard input. Alternately, you may set
+ the "visiblepw" sudoers option which will allow the password to be entered
+ even when echo cannot be disabled, though this is not recommended.
Q) When I try to use SSL-enabled LDAP with sudo I get an error:
unable to initialize SSL cert and key db: security library: bad database.
msgstr ""
"Project-Id-Version: sudo 1.8.28\n"
"Report-Msgid-Bugs-To: https://bugzilla.sudo.ws\n"
-"POT-Creation-Date: 2019-07-19 10:39-0600\n"
+"POT-Creation-Date: 2019-07-19 11:51-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
msgstr ""
#: src/tgetpass.c:147
-msgid "no tty present and no askpass program specified"
+msgid ""
+"a terminal is required to read the password; either use the -S option to "
+"read from standard input or configure an askpass helper"
msgstr ""
#: src/tgetpass.c:157
/* If no tty present and we need to disable echo, try askpass. */
if (ttyfd == -1 && !ISSET(flags, TGP_ECHO|TGP_NOECHO_TRY)) {
if (askpass == NULL || getenv_unhooked("DISPLAY") == NULL) {
- sudo_warnx(U_("no tty present and no askpass program specified"));
+ sudo_warnx(U_("a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper"));
debug_return_str(NULL);
}
SET(flags, TGP_ASKPASS);
projects / sudo / commitdiff