Is is possible to keep the sudo session for sometimes? I mean when you open synaptic, each time you have to authenticate. In a single terminal, sudo session exits for a specific amount of time. You don't need to authenticate each time you run something with sudo. Also user account (system settings) has this feature(unlock). Can we do it system wide?
I don't recommend to disable password or login as root. Thanks in advance.
From the sudoers man page:
If set, users must authenticate on a per-tty basis. With this flag enabled, sudo will use a separate record in the time stamp file for each tty. If disabled, a single record is used for all login sessions. This flag is on by default.
In other words, disabling tty_tickets creates a single ticket that is shared across every tty for that user. Authenticating on any tty creates a new ticket which becomes valid on every other tty belonging to that user, voila - no redundant password prompt just because you opened a new tab.
I recommend setting defaults on a per-user basis, along the lines of:
echo Defaults:$USER '!tty_tickets' | sudo tee -a /etc/sudoers.d/mycustomconf
If you really want to, I suppose, you could make a change to the global defaults in /etc/sudoers with visudo. Something like this placed with the other defaults near the top should do:
Defaults !tty_tickets
Since the next question is usually "how can I change the session timeout value?", I figured I'd include it here for the sake of convenience:
## disable per-tty auth, timeout after 15 minutes
echo Defaults:$USER '!tty_tickets', timestamp_timeout=15 | sudo tee -a /etc/sudoers.d/mycustomconf
Extending time: From the sudo man page :
-v When given the -v (validate) option, sudo will
update the user's cached credentials, authenā
ticating the user's password if necessary.
For the sudoers plugin, this extends the sudo
timeout for another 15 minutes (or whatever
the timeout is set to by the security policy)
but does not run a command. Not all security
policies support cached credentials.
So according to this , running sudo -v should extend the time
Login in as root: Yes, you said you don't recommend logging in as root, but that's cheapest way to keep root privileges for extended time.You can always exit or log out from root, so it's not like you have to kill the terminal completely or log out of tty completely
sudo su
$ sign should change to # when you done it
