From fd5d2b06d2befbe32573b468e6fc4696cbb0d42c Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Fri, 16 Sep 2011 20:03:45 -0400
Subject: [PATCH] Honor NOPASSWD tag for denied commands too.

--HG--
branch : 1.7
---
 parse.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/parse.c b/parse.c
index be719d4d1..30eb7f4d3 100644
--- a/parse.c
+++ b/parse.c
@@ -257,6 +257,8 @@ sudo_file_lookup(nss, validated, pwflag)
     } else if (match == DENY) {
 	SET(validated, VALIDATE_NOT_OK);
 	CLR(validated, VALIDATE_OK);
+	if (tags != NULL && tags->nopasswd != UNSPEC)
+	    def_authenticate = !tags->nopasswd;
     }
     set_perms(PERM_ROOT);
     return validated;
-- 
2.50.1