From Fedora Project Wiki
No edit summary
No edit summary
Line 1: Line 1:
<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->
<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->


= Enable pwfeedback in sudo by default<!-- The name of your change proposal -->=
= Enable pwfeedback in sudo by default <!-- The name of your change proposal -->=


{{Change_Proposal_Banner}}
{{Change_Proposal_Banner}}
Line 100: Line 100:


== Scope ==
== Scope ==
* Proposal owners:
* Proposal owner: Skye Chappelle
<!-- What work do the feature owners have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
<!-- What work do the feature owners have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->


Line 132: Line 132:


== How To Test ==
== How To Test ==
<!-- This does not need to be a full-fledged document. Describe the dimensions of tests that this change implementation is expected to pass when it is done.  This can be based off of the above section if early testing has been completed. If it needs to be tested with different hardware or software configurations, indicate them.  The more specific you can be, the better the community testing can be.
Edit /etc/sudoers, replacing "Defaults !visiblepw" with "Defaults pwfeedback". Run a command with sudo. Your password should be displayed as asterisks in the prompt.
 
Remember that you are writing this how to for interested testers to use to check out your change implementation - documenting what you do for testing is OK, but it's much better to document what *I* can do to test your change.
 
A good "how to test" should answer these four questions:
 
0. What special hardware / data / etc. is needed (if any)?
1. How do I prepare my system to test this change? What packages
need to be installed, config files edited, etc.?
2. What specific actions do I perform to check that the change is
working like it's supposed to?
3. What are the expected results of those actions?
-->
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->


== User Experience ==
== User Experience ==
This will make sudo password prompts more friendly and consistent with other password prompts a normal user is likely to encounter. This will make it easier for novices and advanced users to use the system. <!-- If this change proposal is noticeable by users, how will their experiences change as a result?
This will make sudo password prompts more friendly and consistent with other password prompts a normal user is likely to encounter. This will make it easier for novices and advanced users to use the system.  
 
This section partially overlaps with the Benefit to Fedora section above. This section should be primarily about the User Experience, written in a way that does not assume deep technical knowledge. More detailed technical description should be left for the Benefit to Fedora section.
 
Describe what Users will see or notice, for example:
  - Packages are compressed more efficiently, making downloads and upgrades faster by 10%.
  - Kerberos tickets can be renewed automatically. Users will now have to authenticate less and become more productive. Credential management improvements mean a user can start their work day with a single sign on and not have to pause for reauthentication during their entire day.
- Libreoffice is one of the most commonly installed applications on Fedora and it is now available by default to help users "hit the ground running".
- Green has been scientifically proven to be the most relaxing color. The move to a default background color of green with green text will result in Fedora users being the most relaxed users of any operating system.
-->
-->


== Dependencies ==
== Dependencies ==
<!-- What other packages (RPMs) depend on this package?  Are there changes outside the developers' control on which completion of this change depends?  In other words, completion of another change owned by someone else and might cause you to not be able to finish on time or that you would need to coordinate?  Other upstream projects like the kernel (if this is not a kernel change)? -->
N/A
 
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
 


== Contingency Plan ==
== Contingency Plan ==
<!-- If you cannot complete your feature by the final development freeze, what is the backup plan?  This might be as simple as "Revert the shipped configuration".  Or it might not (e.g. rebuilding a number of dependent packages).  If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy.  -->
* Contingency mechanism: (What to do?  Who will do it?) N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Contingency mechanism: (What to do?  Who will do it?) N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
* Contingency deadline: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Contingency deadline: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? -->
<!-- Does finishing this feature block the release, or can we ship with the feature in incomplete state? -->
* Blocks release? N/A (not a System Wide Change), Yes/No <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Blocks release? N/A (not a System Wide Change) <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->




Line 183: Line 156:


== Release Notes ==
== Release Notes ==
sudo now shows visual feedback for passwords by default on Desktop releases.
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are at https://docs.fedoraproject.org/en-US/fedora/latest/release-notes/ -->
<!-- The Fedora Release Notes inform end-users about what is new in the release.  Examples of past release notes are at https://docs.fedoraproject.org/en-US/fedora/latest/release-notes/ -->
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this change, indicate them here.  A link to upstream documentation will often satisfy this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release.  
<!-- The release notes also help users know how to deal with platform changes such as ABIs/APIs, configuration or data file formats, or upgrade concerns.  If there are any such changes involved in this change, indicate them here.  A link to upstream documentation will often satisfy this need.  This information forms the basis of the release notes edited by the documentation team and shipped with the release.  
Line 188: Line 162:
Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze.  
Release Notes are not required for initial draft of the Change Proposal but has to be completed by the Change Freeze.  
-->
-->
{{admon/important | Comments and Explanations | The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "view source" link.<br/> '''Copy the source to a ''new page'' before making changes!  DO NOT EDIT THIS TEMPLATE FOR YOUR CHANGE PROPOSAL.'''}}
{{admon/tip | Guidance | For details on how to fill out this form, see the [https://docs.fedoraproject.org/en-US/program_management/changes_guide/ documentation].}}
{{admon/tip | Report issues | To report an issue with this template, file an issue in the [https://pagure.io/fedora-pgm/pgm_docs pgm_docs repo].}}


<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->
<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->

Revision as of 12:50, 11 October 2024


Enable pwfeedback in sudo by default

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Owner


Current status

  • Targeted release: Fedora Linux 42
  • Last updated: 2024-10-11
  • [Announced]
  • [<will be assigned by the Wrangler> Discussion thread]
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

Feedback

Several (most) of the users in the Fedora Discussion thread I made for this agree that this change makes sense, for several reasons:

- "Hmmm, I haven’t thought about this in years — thanks for bringing it up. I think it’s a reasonable suggestion, especially since other password prompts on the desktop act that way." (mattdm)

- "Even as an experienced Linux user there are times when I’m not sure I’m actually typing the password or not." (bcotton)

- "I think this is a reasonable distro-wide (that is, for all variants) change to consider, since it’s a strange default to not show feedback when typing. There are also implications for remote connectivity: if you don’t see feedback, you cannot tell if your typing actually made it over to the other side and that can result in you inadvertently mistyping." (ngompa)

Espionage724 had some differing opinions:

- "No since nobody else does it." (this is not true; several other distributions, notably Linux Mint, do this by default as well)

- "It can be an option for people that want it, but I don’t agree with it being a default. I believe it to be reducing a good security practice as a minor user “convenience”, and don’t like the idea of encouraging others to reduce good security practices/exposing others to reduced good security practices." (mattdm had earlier said "Also, in 2024, if you are worried enough about someone snooping over your shoulder to gain information about your password length… why are you still using passwords?", which I believe is valid. (Matthew said this before Espionage724 chimed in, but it works as a good response to Espionage724's statement here.))

Espionage724 suggested an alternative to enabling this by default:

"They could tie it behind a gsettings prop; I already have to mess with my mouse stuff through it with libinput. I’m not too sure how other DEs handle that, but iirc gsettings didn’t throw an error on Plasma 6, and was usable on Xfce also for mouse accel.". catanzaro replied to this with "GNOME is not going to expose a preference for whether sudo should display asterisks when you type your password or not. That’s way too niche.", which is unfortunately probably true.

vgaetera says, "I think we should more carefully consider this change. The silent prompt behavior is consistent for most CLI tools.", which I think is worth considering; however, I still think the usability benefit outweighs this.

Benefit to Fedora

This change will benefit Fedora by making sudo easier to use for both novice and advanced users. It will make Fedora Linux more friendly and approachable for everyone.

Scope

  • Proposal owner: Skye Chappelle
  • Other developers:
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with the Fedora Strategy:

I think this aligns with the Fedora Strategy because it makes Fedora Linux slightly more usable for everyone, new and old users alike.

Upgrade/compatibility impact

According to ngompa, RPM should handle this in exactly the way I wanted without much effort. The change will only take effect if someone hasn't modified their sudoers file(s) manually.


Early Testing (Optional)

Do you require 'QA Blueprint' support? N (not system wide change)

How To Test

Edit /etc/sudoers, replacing "Defaults !visiblepw" with "Defaults pwfeedback". Run a command with sudo. Your password should be displayed as asterisks in the prompt.

User Experience

This will make sudo password prompts more friendly and consistent with other password prompts a normal user is likely to encounter. This will make it easier for novices and advanced users to use the system. -->

Dependencies

N/A

Contingency Plan

  • Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change)


Documentation

N/A (not a System Wide Change)

Release Notes

sudo now shows visual feedback for passwords by default on Desktop releases.