For some reason, I suddenly do not need to enter the password when issuing sudo some_cmd
.
Entered command just runs without ever prompting password, even if I am not logged in as user root. Commands that need root privileges still need to be invoked with sudo
though. I am on Ubuntu 10.04.
Any idea what might have caused this?
Best Answer
Say
sudo -K
, then retry your test. If it starts asking again, all that was happening is that you hadsudo
configured to remember your password for some time.On top of this, Ubuntu's default
sudo
configuration makes it remember your credentials acrosstty
s. This affectsssh
sessions, as you've discovered, since each newssh
connection looks like a new terminal to the low-level OS code.This also affects things like the graphical Terminal app. If you authenticate with
sudo
, then create a new tab with Ctrl-Shift-T, you'll find that you don't need to give a password tosudo
again in that tab, despite the fact that it also creates a newtty
. You can even close the Terminal app entirely, and as long as you restart it within the normal password timeout,sudo
will run without requiring you to re-enter your password. This behavior may be enough to make you decide you want to keep this feature enabled.Mac OS X works this way these days, too.
Not all *ixes do. Red Hat Enterprise Linux (and derivatives like CentOS) insist on getting the password on each new
tty
.You can disable both behaviors by changing the
Defaults
line in/etc/sudoers
to something like this:The
env_reset
bit should be there already, and isn't relevant hereThe
timestamp_timeout
directive tells it to immediately time out eachsudo
session. It's like sayingsudo -K
after every normalsudo
command.The
tty_tickets
directive ensures that it associates credentials with thetty
they were used on, not just the user name. This is supposed to be the default already, and is documented as such on Ubuntu, but they must have built their distribution ofsudo
to disable this option, for the convenience reasons given above.