From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sun, 2 Dec 2007 17:13:48 +0000 (+0000)
Subject: Add passprompt_override flag to sudoers that will cause the prompt
X-Git-Tag: SUDO_1_7_0~319
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=74c5dc4fadaa81189e6129ab40a179c14e6e966e;p=sudo

Add passprompt_override flag to sudoers that will cause the prompt
to be overridden in all cases.  This flag is also set when the
user specifies the -p flag.
---

diff --git a/auth/pam.c b/auth/pam.c
index c28477061..b539b1ff2 100644
--- a/auth/pam.c
+++ b/auth/pam.c
@@ -271,14 +271,14 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
 		prompt = def_prompt;
 		/* Only override PAM prompt if it matches /^Password: ?/ */
 #if defined(PAM_TEXT_DOMAIN) && defined(HAVE_DGETTEXT)
-		if (std_prompt ||
+		if (!def_passprompt_override && (std_prompt ||
 		    (strcmp(pm->msg, dgettext(PAM_TEXT_DOMAIN, "Password: ")) &&
-		    strcmp(pm->msg, dgettext(PAM_TEXT_DOMAIN, "Password:"))))
+		    strcmp(pm->msg, dgettext(PAM_TEXT_DOMAIN, "Password:")))))
 		    prompt = pm->msg;
 #else
-		if (std_prompt ||
+		if (!def_passprompt_override && (std_prompt ||
 		    strncmp(pm->msg, "Password:", 9) || (pm->msg[9] != '\0'
-		    && (pm->msg[9] != ' ' || pm->msg[10] != '\0')))
+		    && (pm->msg[9] != ' ' || pm->msg[10] != '\0'))))
 		    prompt = pm->msg;
 #endif
 		/* Read the password. */
diff --git a/def_data.c b/def_data.c
index ce7c424fb..a491266e1 100644
--- a/def_data.c
+++ b/def_data.c
@@ -210,11 +210,14 @@ struct sudo_defs_types sudo_defs_table[] = {
 	"passprompt", T_STR,
 	"Default password prompt: %s",
 	NULL,
+    }, {
+	"passprompt_override", T_FLAG,
+	"If set, passprompt will override system prompt in all cases.",
+	NULL,
     }, {
 	"runas_default", T_STR,
 	"Default user to run commands as: %s",
 	NULL,
-	set_runaspw,
     }, {
 	"secure_path", T_STR|T_BOOL,
 	"Value to override user's $PATH with: %s",
diff --git a/def_data.h b/def_data.h
index 9848437cb..6d636360e 100644
--- a/def_data.h
+++ b/def_data.h
@@ -92,36 +92,38 @@
 #define I_EXEMPT_GROUP          45
 #define def_passprompt          (sudo_defs_table[46].sd_un.str)
 #define I_PASSPROMPT            46
-#define def_runas_default       (sudo_defs_table[47].sd_un.str)
-#define I_RUNAS_DEFAULT         47
-#define def_secure_path         (sudo_defs_table[48].sd_un.str)
-#define I_SECURE_PATH           48
-#define def_editor              (sudo_defs_table[49].sd_un.str)
-#define I_EDITOR                49
-#define def_listpw              (sudo_defs_table[50].sd_un.tuple)
-#define I_LISTPW                50
-#define def_verifypw            (sudo_defs_table[51].sd_un.tuple)
-#define I_VERIFYPW              51
-#define def_noexec              (sudo_defs_table[52].sd_un.flag)
-#define I_NOEXEC                52
-#define def_noexec_file         (sudo_defs_table[53].sd_un.str)
-#define I_NOEXEC_FILE           53
-#define def_ignore_local_sudoers (sudo_defs_table[54].sd_un.flag)
-#define I_IGNORE_LOCAL_SUDOERS  54
-#define def_closefrom           (sudo_defs_table[55].sd_un.ival)
-#define I_CLOSEFROM             55
-#define def_closefrom_override  (sudo_defs_table[56].sd_un.flag)
-#define I_CLOSEFROM_OVERRIDE    56
-#define def_setenv              (sudo_defs_table[57].sd_un.flag)
-#define I_SETENV                57
-#define def_env_reset           (sudo_defs_table[58].sd_un.flag)
-#define I_ENV_RESET             58
-#define def_env_check           (sudo_defs_table[59].sd_un.list)
-#define I_ENV_CHECK             59
-#define def_env_delete          (sudo_defs_table[60].sd_un.list)
-#define I_ENV_DELETE            60
-#define def_env_keep            (sudo_defs_table[61].sd_un.list)
-#define I_ENV_KEEP              61
+#define def_passprompt_override (sudo_defs_table[47].sd_un.flag)
+#define I_PASSPROMPT_OVERRIDE   47
+#define def_runas_default       (sudo_defs_table[48].sd_un.str)
+#define I_RUNAS_DEFAULT         48
+#define def_secure_path         (sudo_defs_table[49].sd_un.str)
+#define I_SECURE_PATH           49
+#define def_editor              (sudo_defs_table[50].sd_un.str)
+#define I_EDITOR                50
+#define def_listpw              (sudo_defs_table[51].sd_un.tuple)
+#define I_LISTPW                51
+#define def_verifypw            (sudo_defs_table[52].sd_un.tuple)
+#define I_VERIFYPW              52
+#define def_noexec              (sudo_defs_table[53].sd_un.flag)
+#define I_NOEXEC                53
+#define def_noexec_file         (sudo_defs_table[54].sd_un.str)
+#define I_NOEXEC_FILE           54
+#define def_ignore_local_sudoers (sudo_defs_table[55].sd_un.flag)
+#define I_IGNORE_LOCAL_SUDOERS  55
+#define def_closefrom           (sudo_defs_table[56].sd_un.ival)
+#define I_CLOSEFROM             56
+#define def_closefrom_override  (sudo_defs_table[57].sd_un.flag)
+#define I_CLOSEFROM_OVERRIDE    57
+#define def_setenv              (sudo_defs_table[58].sd_un.flag)
+#define I_SETENV                58
+#define def_env_reset           (sudo_defs_table[59].sd_un.flag)
+#define I_ENV_RESET             59
+#define def_env_check           (sudo_defs_table[60].sd_un.list)
+#define I_ENV_CHECK             60
+#define def_env_delete          (sudo_defs_table[61].sd_un.list)
+#define I_ENV_DELETE            61
+#define def_env_keep            (sudo_defs_table[62].sd_un.list)
+#define I_ENV_KEEP              62
 
 enum def_tupple {
 	never,
diff --git a/def_data.in b/def_data.in
index c03a0f034..83b643371 100644
--- a/def_data.in
+++ b/def_data.in
@@ -152,6 +152,9 @@ exempt_group
 passprompt
 	T_STR
 	"Default password prompt: %s"
+passprompt_override
+	T_FLAG
+	"If set, passprompt will override system prompt in all cases."
 runas_default
 	T_STR
 	"Default user to run commands as: %s"
diff --git a/sudo.c b/sudo.c
index 8a89ca8c3..e174ff8d3 100644
--- a/sudo.c
+++ b/sudo.c
@@ -789,6 +789,7 @@ parse_args(argc, argv)
 			usage(1);
 
 		    user_prompt = NewArgv[1];
+		    def_passprompt_override = TRUE;
 
 		    NewArgc--;
 		    NewArgv++;
diff --git a/sudo.pod b/sudo.pod
index e8636b09c..b6e060266 100644
--- a/sudo.pod
+++ b/sudo.pod
@@ -280,6 +280,10 @@ two consecutive C<%> characters are collapsed into a single C<%> character
 
 =back
 
+The prompt specified by the B<-p> option will override the system
+password prompt on systems that support PAM unless the
+I<passprompt_override> flag is disabled in I<sudoers>.
+
 =item -S
 
 The B<-S> (I<stdin>) option causes B<sudo> to read the password from
diff --git a/sudoers.pod b/sudoers.pod
index 918fde1b5..09f51c6ba 100644
--- a/sudoers.pod
+++ b/sudoers.pod
@@ -632,6 +632,13 @@ the user's C<PATH>, B<sudo> will tell the user that they are not
 allowed to run it, which can be confusing.  This flag is I<@path_info@>
 by default.
 
+=item passprompt_override
+
+The password prompt specified by I<passprompt> will normally only
+be used if the passwod prompt provided by systems such as PAM matches
+the string "Password:".  If I<passprompt_override> is set, I<passprompt>
+will always be used.  This flag is I<off> by default.
+
 =item preserve_groups
 
 By default B<sudo> will initialize the group vector to the list of