Timeline for passwordless check to see if a user can use 'sudo'
Current License: CC BY-SA 4.0
7 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 20, 2024 at 15:27 | comment | added | mattmess1221 |
There is a third option. If the user has configured their sudoers file with NOPASSWD, the sudo will succeed and "root" will be printed.
|
|
| Feb 24, 2023 at 10:23 | comment | added | Nicolas Formichella |
If you want to check for passwordless users, after can_sudo=0, add an if to check if $(SUDO_ASKPASS=/bin/false sudo -A whoami 2>&1) equals to root, this will also make it work in the sudo timeout
|
|
| Feb 26, 2022 at 10:01 | history | edited | terdon♦ | CC BY-SA 4.0 |
deleted 1 character in body
|
| Feb 25, 2022 at 15:45 | comment | added | terdon♦ |
@ManuelJordan if you want to exit if the user cannot run sudo, then you just need one password prompt, no need to check without prompting. You have two cases: 1) the user cannot run sudo commands, so the script exits at the first sudo or 2) the user can run sudo commands which means they will have to be prompted for a password. So I don't understand why you would want something this complicated and unsafe. If you want to avoid prompting multiple times, that is a different question and is possible: usually this is done by running sudo script.sh instead of having sudo in the script.
|
|
| Feb 25, 2022 at 15:42 | history | edited | terdon♦ | CC BY-SA 4.0 |
added 118 characters in body
|
| Feb 25, 2022 at 15:39 | comment | added | Manuel Jordan |
Your first sentence has sense and was evaluated from the beginning - but be asking the password each 5 minutes (default sudo's timeout) or many times throughout the day is annoying for some users. And of course, I created this post assuming that is possible do this without asking the password, something like sudo -k is able to do.
|
|
| Feb 25, 2022 at 14:51 | history | answered | terdon♦ | CC BY-SA 4.0 |