Re: sudoers tty defaults (Re: Changing Users in a script)

To: debian-user@lists.debian.org
Subject: Re: sudoers tty defaults (Re: Changing Users in a script)
From: Walter Hurry <walterhurry@lavabit.com>
Date: Mon, 15 Aug 2011 19:51:58 +0000 (UTC)
Message-id: <[🔎] j2btcu$mt$1@dough.gmane.org>
References: <[🔎] 6F014E0D-554D-449C-8A28-0E989A86D3F1@halblog.com> <[🔎] 20110815180505.GB26681@hysteria.proulx.com> <[🔎] 20110815181533.GD26681@hysteria.proulx.com> <[🔎] CAOdo=Sxsgb29BX1rV-5qVHH2Snm4M12JO8g3e0UPZNgEAzFrMg@mail.gmail.com> <[🔎] 20110815183911.GA9991@hysteria.proulx.com> <[🔎] CAOdo=Sw2mXxgqmo0gymDxB65rLVXDo1cv+4uG-Uu2md+nbm6dQ@mail.gmail.com> <[🔎] 20110815191204.GA16614@hysteria.proulx.com>

On Mon, 15 Aug 2011 13:12:04 -0600, Bob Proulx wrote:

> Tom H wrote:
>> Both are set by default.
> 
> Just tty_tickets is set by default.  requiretty is off by default.
> 
>   $ man 5 sudoers
> 
>        tty_tickets     If set, users must authenticate on a per-tty
>        basis.
>                        With this flag enabled, sudo will use a file
>                        named for the tty the user is logged in on in the
>                        user's time stamp directory.  If disabled, the
>                        time stamp of the directory is used instead. 
>                        This flag is on by default.
> 
>        requiretty      If set, sudo will only run when the user is
>        logged in
>                        to a real tty.  When this flag is set, sudo can
>                        only be run from a login session and not via
>                        other means such as cron(8) or cgi-bin scripts. 
>                        This flag is off by default.
> 
> Best would be to run 'sudo -l' and see what flags are actually set at
> the time.  And remember that /etc/sudoers.d/* is a directory of
> additional snippets that are also included into the configuration.

For what it is worth, I'm not sure that that man page is up to date. 
Squeeze here (up to date), and I have done nothing directly with the 
supplied /etc/sudoers; only used visudo to add myself.

It has neither tty-tickets nor requiretty. I note by the way, that this 
differs from RHEL and derivatives, which include requiretty by default.

Reply to:

Follow-Ups:
- Re: sudoers tty defaults (Re: Changing Users in a script)
  - From: Bob Proulx <bob@proulx.com>
- Re: sudoers tty defaults (Re: Changing Users in a script)
  - From: Tom H <tomh0665@gmail.com>

References:
- Changing Users in a script
  - From: Hal Vaughan <hal@halblog.com>
- Re: Changing Users in a script
  - From: Bob Proulx <bob@proulx.com>
- Re: Changing Users in a script
  - From: Bob Proulx <bob@proulx.com>
- Re: Changing Users in a script
  - From: Tom H <tomh0665@gmail.com>
- Re: Changing Users in a script
  - From: Bob Proulx <bob@proulx.com>
- Re: Changing Users in a script
  - From: Tom H <tomh0665@gmail.com>
- sudoers tty defaults (Re: Changing Users in a script)
  - From: Bob Proulx <bob@proulx.com>

Prev by Date: Re: Fwd: Billion 7800N
Next by Date: Remote X renders transparency as black
Previous by thread: sudoers tty defaults (Re: Changing Users in a script)
Next by thread: Re: sudoers tty defaults (Re: Changing Users in a script)
Index(es):
- Date
- Thread