[tor-bugs] #6367 [Internal Services/Tor Sysadmin Team]: make dedicated sudo passwords
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 24 22:10:22 UTC 2019
#6367: make dedicated sudo passwords
-------------------------------------------------+-------------------------
Reporter: weasel | Owner: weasel
Type: defect | Status:
| assigned
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by anarcat):
what does this actually involve, at the technical level? it looks like
it's simply a matter of removing this line in `/etc/pam.d/sudo`:
{{{
auth [success=1 default=ignore] pam_unix.so nullok_secure
try_first_pass
}}}
... on all servers but the crm* servers? seems like we could just call a
flag day and do it alraedy. i'd be happy to do that if you have your hands
full...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6367#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list