Is there a way through which I can make the sudo command give me permissions for a longer period than its default time?
It can be a pain having to keep entering the sudo password, when requiring the installation of many packages, so it would be nice if there exists a command or configuration that can be done to affect it usage period.
Behavior of sudo is configured in /etc/sudoers file. There is timestamp_timeout option responsible for reprompting the user for password after specific amount of time.
From man sudoers
timestamp_timeout
Number of minutes that can elapse before sudo will ask
for a passwd again. The timeout may include a frac‐
tional component if minute granularity is insufficient,
for example 2.5. The default is 15. Set this to 0 to
always prompt for a password. If set to a value less
than 0 the user's time stamp will never expire.
To alter that setting do the following:
sudo visudo. visudo is used specifically to edit /etc/sudoers file and by default uses nano text editor.Find the lines starting with Defaults. Add the following line
Defaults timestamp_timeout=x
where x is the amount of minutes you want between reprompts
Save the file with Ctrl + O
From man sudoers:
timestamp_timeout
Number of minutes that can elapse before sudo will ask
for a passwd again. The timeout may include a frac‐
tional component if minute granularity is insufficient,
for example 2.5. The default is 15. Set this to 0 to
always prompt for a password. If set to a value less
than 0 the user's time stamp will never expire. This
can be used to allow users to create or delete their
own time stamps via “sudo -v” and “sudo -k” respec‐
tively.
As you can see, the default timeout of sudo is 15 minutes. You can change this value in /etc/sudoers.
You don't directly edit /etc/sudoers, instead use visudo to do it.
From man visudo:
visudo edits the sudoers file in a safe fashion, analogous to vipw(8).
visudo locks the sudoers file against multiple simultaneous edits, pro‐
vides basic sanity checks, and checks for parse errors. If the sudoers
file is currently being edited you will receive a message to try again
later.
So, type sudo visudo in a terminal, which will open the /etc/sudoers file in nano text-editor.
Look for this line:
Defaults env_reset
And add timestamp_timeout=X where X is the time you want to set in minutes.
So as an example:
Defaults env_reset,timestamp_timeout=5
If you specify 0, you will always be asked the password. If you specify a negative value, the timeout will never expire.
Once done, save and exit.
See RootSudoTimeout
Try this .
Run the following command in a Terminal:
sudo visudo
Scroll down to the line that looks like this:
Defaults env_reset
Change it to for example:
Defaults env_reset,timestamp_timeout=30
Change 30 to the time, in minutes, that you want it to wait before it times out. You can also change it to 0 if you want a password prompt every time you run sudo, or -1 if you never want a password prompt Press Ctrl+X to finish editing, Y to save changes, and Enter to exit.
Here is source: http://lifehacker.com/make-sudo-sessions-last-longer-in-linux-1221545774
After seeing one too many questions from users who modified config files and were confused about why their changes were overwritten after a package upgrade, I'll note that if you want to modify timestamp_timeout, it is better to do it by creating a file in /etc/sudoers.d rather than modify /etc/sudoers directly.
So you should do
sudo visudo -f /etc/sudoers.d/timeout
(the name of the file can be whatever you want as long as it does not contain a period (.) nor end with a tilde (~)). Instead of opening /etc/sudoers in your editor of choice, it will open /etc/sudoers.d/timeout, normally as an empty file since it does not exist. Put your
Defaults timestamp_timeout=X
in it, and save as usual. Then if a new version of /etc/sudoers comes out, you don't have to choose between installing the newer version or keeping your changes--you will automatically have both.
You can edit the /etc/sudoers file (with sudo visudo: be careful) and add a line like
Defaults:myname timestamp_timeout=15
where myname is your user id. The timeout value is in minutes. You can use a value
of -1 to never expire, and then type sudo -k to kill the authentication, so you need
a password again.
Or you can add an entry to say a specific command does not need a password at all.
I can't believe that the simplest command:
sudo -s
is not mentioned here. The "-s" switch gives you a console with root permissions, that last until you exit it. No need to hazle around with the default settings.
If you are looking for a solution that doesn't change the configuration file, for example when you want the token to last longer for a specific session, or that it applies only after an explicit action, you might try the following:
# Work as is with Bash 4.1.2(1)-release and later, this might require some adaptation for other shells
(while [ true ]; do sudo -v; sleep $((60*4)); done)&
Basically the previous code refresh the sudo token every 4 minutes, through a process launched in background.
Indeed, according to the sudo manual: "the default password prompt timeout for the sudoers security policy is 5 minutes." So depending on the system specific policy, you might tweak the amount of time the loop pass sleeping between two cycles.
All of the other answers so far seem to center around changing the default timeout for how long before you have to type your password again with sudo. However, if you want to just be able to run commands as root without prepending every command with sudo, you can get a root shell with:
sudo -i
or
sudo bash
or
sudo <your preferred shell here>
While all of these do just start a single process as root, the single process in question just so happens to be a shell that will allow you to start as many other processes as you like as root without any further need to type sudo or a password. :)
Of course, with great power comes great responsibility, don't do stupid stuff, etc.
