Skip password prompt when running ksu as root

A change introduced in 5fd5a67 resulted in root always being prompted for
the target user password when running ksu.  Restore the previous behavior
which is to only prompt if the principal is provided with -n.

ticket: 8396 (new)
target_version: 1.14-next
target_version: 1.13-next

diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c
index 2f8d8e1122f307451255836a53b50598f128c781..28342c2d773616aa38fe342aff726b126074d4a9 100644 (file)
--- a/src/clients/ksu/main.c
+++ b/src/clients/ksu/main.c
@@ -116,7 +116,7 @@ main (argc, argv)
     extern char * getpass(), *crypt();
     int pargc;
     char ** pargv;
-    krb5_boolean stored = FALSE, cc_reused = FALSE;
+    krb5_boolean stored = FALSE, cc_reused = FALSE, given_princ = FALSE;
     krb5_boolean zero_password;
     krb5_boolean restrict_creds;
     krb5_deltat lifetime, rlife;
@@ -238,6 +238,7 @@ main (argc, argv)
                 com_err(prog_name, retval, _("when parsing name %s"), optarg);
                 errflg++;
             }
+            given_princ = TRUE;
             break;
 #ifdef DEBUG
         case 'D':
@@ -462,7 +463,7 @@ main (argc, argv)
 
     if ((source_uid == 0) || (target_uid == source_uid)){
 #ifdef GET_TGT_VIA_PASSWD
-        if ((!all_rest_copy) && client != NULL && (stored == FALSE)){
+        if (!all_rest_copy && given_princ && client != NULL && !stored) {
             fprintf(stderr, _("WARNING: Your password may be exposed if you "
                               "enter it here and are logged\n"));
             fprintf(stderr, _("         in remotely using an unsecure "