How to make super-user permissions last longer than using sudo?

Is there a way through which I can make the sudo command give me permissions for a longer period than its default time?

It can be a pain having to keep entering the sudo password, when requiring the installation of many packages, so it would be nice if there exists a command or configuration that can be done to affect it usage period.


Solution 1:

Behavior of sudo is configured in /etc/sudoers file. There is timestamp_timeout option responsible for reprompting the user for password after specific amount of time.

From man sudoers

timestamp_timeout
                       Number of minutes that can elapse before sudo will ask
                       for a passwd again.  The timeout may include a frac‐
                       tional component if minute granularity is insufficient,
                       for example 2.5.  The default is 15.  Set this to 0 to
                       always prompt for a password.  If set to a value less
                       than 0 the user's time stamp will never expire.

To alter that setting do the following:

  1. In terminal run sudo visudo. visudo is used specifically to edit /etc/sudoers file and by default uses nano text editor.
  2. Find the lines starting with Defaults. Add the following line

    Defaults        timestamp_timeout=x
    

    where x is the amount of minutes you want between reprompts

  3. Save the file with Ctrl + O

Solution 2:

From man sudoers:

timestamp_timeout
                       Number of minutes that can elapse before sudo will ask
                       for a passwd again.  The timeout may include a frac‐
                       tional component if minute granularity is insufficient,
                       for example 2.5.  The default is 15.  Set this to 0 to
                       always prompt for a password.  If set to a value less
                       than 0 the user's time stamp will never expire.  This
                       can be used to allow users to create or delete their
                       own time stamps via “sudo -v” and “sudo -k” respec‐
                       tively.

As you can see, the default timeout of sudo is 15 minutes. You can change this value in /etc/sudoers.

You don't directly edit /etc/sudoers, instead use visudo to do it.

From man visudo:

     visudo edits the sudoers file in a safe fashion, analogous to vipw(8).
     visudo locks the sudoers file against multiple simultaneous edits, pro‐
     vides basic sanity checks, and checks for parse errors.  If the sudoers
     file is currently being edited you will receive a message to try again
     later.

So, type sudo visudo in a terminal, which will open the /etc/sudoers file in nano text-editor.

Look for this line:

Defaults    env_reset

And add timestamp_timeout=X where X is the time you want to set in minutes.

So as an example:

Defaults    env_reset,timestamp_timeout=5

If you specify 0, you will always be asked the password. If you specify a negative value, the timeout will never expire.

Once done, save and exit.

See RootSudoTimeout

Solution 3:

Try this .

  1. Run the following command in a Terminal:

    sudo visudo
    
  2. Scroll down to the line that looks like this:

    Defaults        env_reset
    
  3. Change it to for example:

    Defaults        env_reset,timestamp_timeout=30
    

Change 30 to the time, in minutes, that you want it to wait before it times out. You can also change it to 0 if you want a password prompt every time you run sudo, or -1 if you never want a password prompt Press Ctrl+X to finish editing, Y to save changes, and Enter to exit.

Here is source: http://lifehacker.com/make-sudo-sessions-last-longer-in-linux-1221545774

Solution 4:

You can edit the /etc/sudoers file (with sudo visudo: be careful) and add a line like

Defaults:myname timestamp_timeout=15 

where myname is your user id. The timeout value is in minutes. You can use a value of -1 to never expire, and then type sudo -k to kill the authentication, so you need a password again.

Or you can add an entry to say a specific command does not need a password at all.