]> granicus.if.org Git - sudo/commitdiff
projects / sudo / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d129f30)
Don't set passprompt_override when SUDO_PROMPT is present.
authorTodd C. Miller <Todd.Miller@courtesan.com>
Fri, 21 Jul 2017 15:07:00 +0000 (09:07 -0600)
committerTodd C. Miller <Todd.Miller@courtesan.com>
Fri, 21 Jul 2017 15:07:00 +0000 (09:07 -0600)
This effectively reverts ed77d255f383.

We treat the SUDO_PROMPT environment variable similar to passprompt
in sudoers: it will only override a PAM prompt if the PAM prompt
is either "Password:" or "username's Password:".

plugins/sudoers/sudoers.c patch | blob | history

diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index dd187398a1dc17ae0b9bb509fa3b4b19b79d8717..1321136729c89c9a38eb416e38adff6e833c265b 100644 (file)
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -695,12 +695,14 @@ init_vars(char * const envp[])
                    user_path = *ep + sizeof("PATH=") - 1;
                break;
            case 'S':
-               if (!user_prompt && MATCHES(*ep, "SUDO_PROMPT=")) {
-                   user_prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
-                   def_passprompt_override = true;
-               } else if (MATCHES(*ep, "SUDO_USER=")) {
-                   prev_user = *ep + sizeof("SUDO_USER=") - 1;
+               if (MATCHES(*ep, "SUDO_PROMPT=")) {
+                   /* Don't override "sudo -p prompt" */
+                   if (user_prompt == NULL)
+                       user_prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
+                   break;
                }
+               if (MATCHES(*ep, "SUDO_USER="))
+                   prev_user = *ep + sizeof("SUDO_USER=") - 1;
                break;
            }
     }
Unnamed repository; edit this file 'description' to name the repository.