RubyForge: hitsquad: Detail: 28592 Better handling of incorrect passwords in sudo

Feature Requests: Browse | Submit New | Admin

[#28592] Better handling of incorrect passwords in sudo

Date:
2010-09-22 12:24 Priority:
3

Submitted By:
Brian Candler (bcandler) Assigned To:
Ryan Davis (zenspider)

Category:
vlad State:
Open

Summary:
Better handling of incorrect passwords in sudo

Detailed description

When sudo runs, if you enter a bad password it is cached, and the same bad password is then given to sudo for each subsequent
attempt, so it all falls over.

[sudo] password for candlerb: 
Sorry, try again.
[sudo] password for candlerb: 
... etc

Possible solutions:

1. Have a sudo_error pattern which wipes the stored sudo_password when seen

2. Only send the stored sudo_password once on each stream; if you see the prompt again, then ask the user for the password
again. (This relies on sudo caching that the password has been seen; timestamp_timeout defaults to 15 minutes)

However it gets messy if the wrong password has been sent to multiple hosts before you realise that it's bad :-(

Add A Comment:

Please login

Followup

No Followups Have Been Posted

Attached Files:

Name	Description	Download

No Files Currently Attached

[#28592] Better handling of incorrect passwords in sudo

Please login

Followup

No Followups Have Been Posted

Attached Files:

Changes:

No Changes Have Been Made to This Item