Pergunte aqui

All operations using sudo are not asking for a password, how to solve this? I do not want an automatic password. I use Fedora 27 KDE

editar alterar tag fechar mesclar Excluir

## 7 Respostas

I assume that your problem is that sometimes sudo asks for a password and sometimes not and you can't figure out why this happens.

From www.sudo.ws:

• Sudo uses timestamp files to implement a "ticketing" system. When a user invokes sudo and enters their password, they are granted a ticket for 5 minutes (this timeout is configurable at compile-time). Each subsequent sudo command updates the ticket for another 5 minutes. This avoids the problem of leaving a root shell where others can physically get to your keyboard. There is also an easy way for a user to remove their ticket file, useful for placing in a .logout file.

This behaviour can be changed in the sudoers file by changing the value of the parameter timestamp_timeout

First edit the /etc/sudoers file using the command visudo

In the section where the Defaults specifications are located, insert the following line

Defaults timestamp_timeout = 0

Now the timeout for the user tickets is zero which means that sudo will always ask the password.

mais

I found the solution

System Settings

 All configurations

Account details

Users Manager

I entered the password, because I believe it was blank and since my user is an administrator, he did not ask for a password


Now it's fixed!

mais

thanks for the answer, but the line is already commented, as below:

## Same thing without a password
# %wheel    ALL=(ALL)   NOPASSWD: ALL


More ideas or suggestions?

mais

## Comentários

It needs to look exactly like this:

#%wheel ALL=(ALL)   NOPASSWD: ALL


The line that you quote isn't a comment and that's why you're not being asked for a password.

( 2018-01-19 17:12:39 -0500 )editar

? I'm not sure I follow you here, sideburns; the space following the # character is inconsequential; the line he quotes is, indeed, commented and will not take effect in his /etc/sudoers file.

( 2018-01-20 06:19:37 -0500 )editar

Is correct?

## Allow root to run any commands anywhere
root    ALL=(ALL)   ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)   ALL

## Same thing without a password
# %wheel    ALL=(ALL)   NOPASSWD: ALL

( 2018-01-20 07:55:07 -0500 )editar

Before the latest edit, that line didn't have a # at the front, and wasn't a comment. The edit changed everything.

( 2018-01-20 13:26:22 -0500 )editar

please use the formatting preformatted text (symbol: 101010) when pasting text here. the# is otherwise interpreted as character to format text and it ends up looking the way it did.

( 2018-01-20 22:10:57 -0500 )editar

It is important to always edit /etc/sudoers with the command visudo. That's a vim-based, sudoers-specific editing interface which performs sanity checks before it lets you commit changes to /etc/sudoers. This is particularly important when you're administering remote systems or any other system where you cannot directly log in as root, but must use sudo privileges; if you break /etc/sudoers, you'll lock yourself out of those essential privileges. So always use visudo.

That said, you likely have some sort of non-commented configuration directive in your /etc/sudoers file with "NOPASSWD" in it.

To figure out what your resulting set of privileges are for sudo, execute sudo -l as yourself; that should give you additional information about what commands you are able to run and which default entries apply to your user account.

Feel free to post your /etc/sudoers file, changing any group or user names (in a consistent way, of course) which you don't want to divulge, and we can likely isolate the issue for you if you cannot find it.

mais

I did this... but it did not work

mais

# %wheel ALL=(ALL) NOPASSWD: ALL

I left one, two # and it did not work ...

I erased both lines and it did not work (then put them back)

mais

Welcome to ask.fedora. That's an odd issue you have, and a potential security hole. My guess is that you have something wrong in its configuration file, /etc/sudoers. Edit it with whatever text editor you prefer (You'll need to use sudo to edit it.) and look for a line that looks like this:

%wheel  ALL=(ALL)   NOPASSWD: ALL


Edit the line by adding # to the beginning, making it into a comment, then save and exit. I don't know if you'll have to reboot, but if you're not getting asked for a password after the edit, do so. This should clear the issue up, but do come back and let us know in either case.

mais