Oh it was not meant to be a workaround. I misunderstood your initial note. I thought you were saying that you never wanted it to ask for a password. The credential caching is a different issue. I'll fire up a CentOS 7.2 lx container later today and see how it acts for me.
On Tue, Apr 5, 2016 at 10:44 AM, Alessio Ciregia <[email protected]> wrote: > On 05/04/2016 16:23, Jon Dison wrote: > > If you're saying that you want users in the wheel group to be able to > > execute commands via sudo without having to provide a password then the > > line should be: > > %wheel ALL=(ALL) NOPASSWD:ALL > > > Thank you for your answer, this can be a workaround. > But the problem is another. > As you know, the behaviour of a working box is that there is a "window > time" after the first time a user issues the sudo command, where the > password is required. In this window time, if the user issues another > sudo command, there is no need to enter the password again. > There is a timestampdir (man sudoers) that is /var/db/sudo/ by default, > where some sort of caching is written. > > From the man page: > "sudoers uses time stamp files for credential caching. Once a user has > been authenticated, the time stamp is updated and the user may then use > sudo without a password for a short period of time (5 minutes unless > overridden by the timeout option). By default, sudoers uses a tty-based > time stamp which means that there is a separate time stamp for each of a > user's login sessions. The tty_tickets option can be disabled to force > the use of a single time stamp for all of a user's sessions." > > I repeat: the same configuration works in a non LX box. > > Thank you. > > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
