Default value for users_manage_admin_sudoers

[bjoernlohrmann]

Hi,

the current master branch automatically sets up a sudo configuration in such a way that may lock you out of a system.

Consider the following system setup:

• all users are password-less (incl. root)
• no SSH login for root allowed
• to become root, one has to login as an unprivileged user and then do (passwordless) sudo

This type of setup is fairly common, e.g. in EC2 cloud images.

The current master branch will by default change the sudo config in such a way that makes sudo request a password. However since all users are passwordless, nobody can become root anymore.

I almost locked myself out of a system this way, luckily a still had a root-shell open.

In my opinion, changing the sudo configuration by default is rather dangerous. I suggest changing the default value of users_manage_admin_sudoers to false.