By default, Bugzilla does not search the list of RESOLVED bugs.
You can force it to do so by putting the upper-case word ALL in front of your search query, e.g.: ALL tdelibs
We recommend searching for bugs this way, as you may discover that your bug has already been resolved and fixed in a later release.

Bug 1255

Summary: tdesu/tdesudo both behave like "sudo"
Product: TDE Reporter: Kris <krisgamrat>
Component: tdebaseAssignee: Timothy Pearson <kb9vqf>
Status: NEW ---    
Severity: normal CC: bugwatch, slavek.banko
Priority: P5    
Version: R14.0.x [Trinity]   
Hardware: All   
OS: Debian Squeeze   
Compiler Version: TDE Version String:
Application Version: Application Name:
Bug Depends on:    
Bug Blocks: 2968    

Description Kris 2012-10-03 12:03:30 CDT 
I was quite surprised to not find this in the bug tracker. It has been mentioned many times elsewhere.

Both tdesu and tdesudo ask for the user password (not root), and are both included in the same package. tdesu appears to be symlinked to tdesudo.

It is fine to have tdesudo ask for the user's password, that is how sudo is supposed to behave.

However, on non-Ubuntu distros, tdesu should not symlink to tdesudo but should be it's own package entirely. Since the "su" command asks for the root password, tdesu should also ask for root password.

For the Debian packages, since users can select choose in the Debian installer whether they want standard behavior (use su by default) or Ubuntu behavior (use sudo by default), I would suggest putting a script in the tdesu and tdesudo packages to detect the correct behavior.

For source tarballs (and in git), however, the behavior for tdesu and tdesudo should be entirely separate like with su and sudo.
Comment 1 Slávek Banko 2012-10-03 12:24:53 CDT 
tdesu is linked to tdesudo only if the is installed package tdesudo-trinity. When you uninstall package tdesudo-trinity will be used classical tdesu.
Comment 2 Kris 2012-10-03 13:03:56 CDT 
(In reply to comment #1)
> tdesu is linked to tdesudo only if the is installed package tdesudo-trinity.
> When you uninstall package tdesudo-trinity will be used classical tdesu.

I don't think there should be any symlinking done at all except if the Ubuntu-style behavior was selected in the Debian installer.

I personally would prefer to have tdesudo-trinity installed without the symlink. It is possible for tdesu and tdesudo to have separate uses when they are configured to act separate, e.g. use tdesudo to run stuff without a password that can be configured to counteract the security risk (such as wpa_gui, since wpa_supplicant is run separately and is configured with update_config=0 to keep the gui from changing it), and use tdesu for everything else that can't be configured as such. Most people try to avoid logging in as root, and run as root, as much as possible, and as far a I'm concerned, sudo should only be used for stuff that can be configured and/or used in such a way as to counteract the security risks.
Comment 3 Darrell 2012-10-04 13:49:21 CDT 
This report should be changed to distro-specific? There is no sym linking in Slackware.
Comment 4 Kris 2012-10-07 22:57:43 CDT 
(In reply to comment #3)
> This report should be changed to distro-specific? There is no sym linking in
> Slackware.

I have changed it to Debian Squeeze (not sure if it applies to Wheezy), and lowered the priority from "Major" to "Normal" since it appears distro-specific.

Once again, I do not think tdesu should behave like tdesudo unless the distro is set to use sudo by default (e.g. Ubuntu and those with Ubuntu-style setups).