sudo asks for wrong password

Thanks for the report! This bug came from sudo upstream changes, and we'll need to get them involved to fix it.

Hi,

what do you mean by upstream in this case? Debian? Or the sudo developers? I think the problem with sudo is the same as in Debian Sid, there referred to as #454409 [1]. The problem has a simple and a less trivial solution:

1) The easy one first: Change debian/rules to not set default-prompt to "[sudo] password for %u", because %u is always replaced by the invoking user. Soo simply removing "for %u" helps. See Debian BTS for the patch. According to the Debian maintainer of sudo this will be done in the next upload.

Unfortunately there is no alternative to %u that respects def_rootpw (or def_targetpw (?) in this case), so
the alternative is to

2) .. patch sudo to have a placeholder that is proper for this case. I created a patch for Debian (where the problem was with the def_rootpw option, but now I see that this patch is incomplete, because I've forgotten that def_targetpw exists. So my patch needs to be updated.

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454409

Hi again,

I've written a patch to handle every possible *pw flag (rootpw, targetpw and runaspw) for Debian. Maybe this might be of interest for you too. See the Debian BTS for further information.

Best Regards,
Patrick

Patrick's patch has been acceptted by Debian and included in version 1.6.9p10-1. We may want to consider merging the new version from Debian.

Thanks, Patrick! Will merge.

This bug was fixed in the package sudo - 1.6.9p10-1ubuntu1

---------------
sudo (1.6.9p10-1ubuntu1) hardy; urgency=low

  * Merge with Debian unstable. Remaining Ubuntu changes:
    - debian/rules: Disable lecture, enable tty_tickets by default. (Ubuntu
      specific)
    - Add debian/sudo_root.8: Explanation of root handling through sudo.
      Install it in debian/rules. (Ubuntu specific)
    - sudo.c: If the user successfully authenticated and he is in the 'admin'
      group, then create a stamp ~/.sudo_as_admin_successful. Our default bash
      profile checks for this and displays a short intro about sudo if the
      flag is not present. (Ubuntu specific)
  * The password prompt asks for the target user's password now, not the
    invoking one's. (LP: #148498)

sudo (1.6.9p10-1) unstable; urgency=low

  * new upstream version
  * tweak default password prompt as %u doesn't make sense. Accept patch from
    Patrick Schoenfeld (recommend upstream accept it too) that adds a %p and
    uses it by default, closes: #454409
  * accept patch from Martin Pitt that adds a prerm making it difficult to
    "accidentally" remove sudo when there is no root password set on the
    system, closes: #451241

 -- Martin Pitt <email address hidden> Wed, 02 Jan 2008 08:56:12 +0100