From fc8e823b8a858d7357f70b0d89f336e0ddc2dfa7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Antoine=20Beaupr=C3=A9?= <anarcat@debian.org>
Date: Tue, 26 May 2020 10:56:36 -0400
Subject: [PATCH] document how to set the sudo password (#34314)

This is partly based on the announcement I sent in:

https://lists.torproject.org/pipermail/tor-project/2019-September/002509.html
---
 tsa/doc/accounts.creole | 32 ++++++++++++++++++++++++--------
 1 file changed, 24 insertions(+), 8 deletions(-)

diff --git a/tsa/doc/accounts.creole b/tsa/doc/accounts.creole
index f45518a1..92b9e854 100644
--- a/tsa/doc/accounts.creole
+++ b/tsa/doc/accounts.creole
@@ -223,14 +223,30 @@ password.
 
 === Host specific passwords / sudo passwords ===
 
-Please note that, after [[logging in|https://db.torproject.org/login.html]], that
-the {{{"sudo passwords"}}} fields at the very bottom of the {{{"Update my
-info"}}} form DO NOT WORK.
-
-Your sudo password is the same for all machines on which you have sudo
-privileges; it is your LDAP password. The mail responder at
-{{{changes@db.torproject.org}}} will take you through a plausible, and perhaps
-enjoyable, series of puzzles, but BEWARE: THE CAKE IS A LIE.
+Your LDAP password can *not* be used to authenticate to `sudo` on
+servers. It can only allow to log you in through SSH, but you need a
+*different* password to get `sudo` access, which we call the "sudo
+password".
+
+To set the sudo password:
+
+ 1. go to the [[user management website|https://db.torproject.org/login.html]]
+ 2. pick "Update my info"
+ 3. set a new (strong) sudo password
+
+If you want, you can set a password that works for all the hosts that
+are managed by torproject-admin, by using the "wildcard ("*").
+Alternatively, or additionally, you can have per-host sudo passwords
+-- just select the appropriate host in the pull-down box.
+
+Once set on the web interface, you will have to confirm the new
+settings by sending a signed challenge to the mail interface.  Please
+ensure you don't introduce any additional line breaks.
+
+Note that setting a sudo password will only enable you to use sudo to
+configured accounts on configured hosts. Consult the output of "sudo
+-l" if you don't know what you may do. (If you don't know, chances are
+you don't need to nor can use sudo.)
 
 == <a id="key-rollover">Changing/Updating your OpenPGP key</a> ==
 
-- 
GitLab