[GRLUG] Figure this one out...
Adam Tauno Williams
awilliam at whitemice.org
Thu Jul 30 13:34:29 EDT 2009
On Thu, 2009-07-30 at 13:29 -0400, Michael Mol wrote:
> On Thu, Jul 30, 2009 at 1:26 PM, Michael Mol<mikemol at gmail.com> wrote:
> > On Thu, Jul 30, 2009 at 1:22 PM, Adam Tauno
> > Williams<awilliam at whitemice.org> wrote:
> >>> > Sudo didn't already authenticate you in the last 15 minutes?
> >>> That was probably it. I'd thought that sudo uses a separate auth
> >>> cache and timeout for each login session, as that was the kind of
> >>> behavior I'd thought I'd seen before. However, I just tested, and the
> >>> auth cache/timeout appears to apply to all sessions for the same user.
> >>
> >> Hmm, are you sure it isn't merely the fact that the pts gets recycled?
> >
> > No. Let me try forcing a separate set of PTYs.
>
> Forcing usage of different PTYs does not prevent the remote sudo cache
> from another logon session from being used. In fact, I find that once
> one logon for a user authenticates to sudo, another concurrent login
> session for that user suddenly has cached authentication for using
> sudo.
Huh, that must be a sudo configuration thing because sudo-ing in one
session on my openSUSE workstation does not give any of my other
sessions passwordless-sudo-joy.
awilliam at linux-m3mt:~> sudo /bin/ls
1001.jpeg DownloadDirector ...
Open new gnome-terminal...
awilliam at linux-m3mt:~> sudo /bin/ls
root's password:
Maybe this is documented? I've never looked at sudo docs.
More information about the grlug
mailing list