On Thu, 07 Feb 2019 23:31:53 +0000, A. Dumas wrote:

> Martin Gregorie wrote:
>> On Thu, 07 Feb 2019 20:35:35 +0000, A. Dumas wrote:
>>> You changed it, because Raspbian didn't change.
>>
>> Not that I remember, but I DO remember being moderately surprised when
>> it started asking for a password. Almost as much when I discovered that
>> Raspbian, alone of all the various Unices I've used, didn't require a
>> password for sudo.
>
> That's the same as it ever was in the newest download. What's in your
> sudoers file/directory? See sudo visudo.

ITYM man sudoers

To answer your points, 'authenticate' is not specified in /etc/sudoers on
my RPi

I don't use the pi login and never have done: when I first got my RPi
(back when the 512MB B was the latest thing, I set up another user with
the same name as my main user on my other Linux systems so that "ssh
hostname" works as a convenient shortcut. At the time I set this user to

ALL=(ALL)ALL NOPASSWD: ALL

in /etc/sudoers by copying the 'pi' line and also made sure the default
path included /usr/local/sbin and /usr/local/bin. Then I saved a copy of /
etc/sudoers in a safe place and committed that to my CVS repository.

The copy in the repository is dated 1 Oct 2015 so that is the last time I
touched /etc/sudoers. However, the active version is dated 4 Aug 2017, so
evidently it got updated then during one of my weekly system updates.
Diffing my copy against the current active copy shows that in 2017
NOPASSWD: was removed from both the pi and my login entry.

Since I never use the 'pi' login, its vanishingly unlikely I'd have
edited it too and, since I'm a version control addict its equally
unlikely that I'd have changed /etc/sudoers without (a) making a safety
copy and (b) committing the change in CVS because that is my SOP.

Ergo, this change to the sudo configuration was made on 4 Aug 2017 and
was the result of an APT upgrade.


--
Martin    | martin at
Gregorie  | gregorie dot org

--- SoupGate-Win32 v1.05