[SOLVED] sudo displays lecture message again

essence-of-foo · 2023-11-19 08:54:42

This post is mostly to better understand what has happened and if other people experience the same phenomenon.

I've been using sudo for a long time. And today I used sudo and it showed me the lecture that you typically only see when you use sudo the very first time on a system:

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

According to this Stack Overflow post, the state of who has accepted this lecture is stored in the directory

/var/db/sudo/lectured

on Arch and indeed, now I find an old and a new file in that directory. The old file is named after my user ID and the new file (from today) is named "essence-of-foo".

I read through the recent changelogs and commit messages of the sudo project, but there is nothing that explains this observation. This is security-critical software and therefore I would like to hear what others have experienced. Thanks!

Last edited by essence-of-foo (2023-11-19 09:15:35)

nl6720 · 2023-11-19 09:06:58

essence-of-foo wrote:

I read through the recent changelogs and commit messages of the sudo project, but there is nothing that explains this observation.

https://www.sudo.ws/releases/stable/#1.9.15

https://www.sudo.ws/releases/stable/#1.9.15 wrote:

The sudoers plugin now constructs the user time stamp file path name using the user-ID instead of the user name. This avoids a potential problem with user names that contain a path separator (’/’) being interpreted as part of the path name. A similar issue in sudo-rs has been assigned CVE-2023-42456.

https://www.sudo.ws/docs/upgrade/

https://www.sudo.ws/docs/upgrade/ wrote:

The sudoers plugin now uses a time stamp path name that is based on the user-ID instead of the user name. For example, a time stamp file that was /var/run/sudo/ts/root in sudo 1.9.14 will now be /var/run/sudo/ts/0. The lecture flag file name is now also based on the user-ID, which will result in users receiving the sudo lecture again on upgrade to sudo 1.9.15.

essence-of-foo · 2023-11-19 09:15:18

Thank you! I missed that part! [SOLVED]

Arch Linux

#1 2023-11-19 08:54:42

[SOLVED] sudo displays lecture message again

#2 2023-11-19 09:06:58

Re: [SOLVED] sudo displays lecture message again

#3 2023-11-19 09:15:18

Re: [SOLVED] sudo displays lecture message again

Board footer