Bug 221264

Summary: security/sudo: add passprompt example to ask for "root's password:" when using targetpw
Product: Ports & Packages Reporter: Rebecca Cran <bcran>
Component: Individual Port(s)Assignee: Renato Botelho <garga>
Status: Closed FIXED    
Severity: Affects Only Me Keywords: easy, needs-patch
Priority: --- Flags: bugzilla: maintainer-feedback? (garga)
Version: Latest   
Hardware: Any   
OS: Any   

Description Rebecca Cran freebsd_committer freebsd_triage 2017-08-06 02:08:35 UTC 
There's an example in the default sudoers file for having sudo ask for the target user's password instead of the current user's:

Defaults targetpw  # Ask for the password of the target user

I like the way OpenSUSE handles this, in that it changes the password prompt to make it clear that you should enter root's password and not your own.

I think it would be nice if the example had the following additional line:

Defaults passprompt="%U's password:"
Comment 1 Renato Botelho freebsd_committer freebsd_triage 2018-04-19 11:15:00 UTC 
(In reply to Rebecca Cran from comment #0)
%U always expands to target user, %u to invoking's user and I found %p is the desired macro to be used here since it expands always to the user password is being required. Respecting targetpw, rootpw or runaspw. I'll add it to sudoers template
Comment 2 commit-hook freebsd_committer freebsd_triage 2018-04-19 13:10:06 UTC 
A commit references this bug:

Author: garga
Date: Thu Apr 19 13:09:58 UTC 2018
New revision: 467767
URL: https://svnweb.freebsd.org/changeset/ports/467767

Log:
  Add an example of prompt that shows which user password is being expected.
  It's useful when targetpw option is set to avoid confusion. PORTREVISION was
  not bumped because a new commit is going to happen soon with one more change
  and it will bump it.

  PR:		221264
  Submitted by:	Rebecca Cran <rebecca@bluestop.org>
  Sponsored by:	Rubicon Communications, LLC (Netgate)

Changes:
  head/security/sudo/files/patch-plugins__sudoers__sudoers.in