Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Disable excessive password requests

  1. #11
    Join Date
    Sep 2006
    Beans
    7,466
    Distro
    Lubuntu Development Release

    Re: Disable excessive password requests

    Quote Originally Posted by Cheifchimp View Post
    Read man sudoers very carefully
    Yes. Sudo is not an all-or-nothing proposition. You can configure /etc/sudoers to allow privileges for a specific program. It would be interesting to see if passwd_timeout or timestamp_timeout can be applied to a specific program.

  2. #12
    Join Date
    Jan 2005
    Location
    South Africa
    Beans
    2,098
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Disable excessive password requests

    Quote Originally Posted by newb85 View Post
    Wim, love the illustration. I do think, though, that Step 2 would have to be
    Code:
    sudo ./malware_installer.sh
    since the shell script probably wouldn't be in one of the bin or sbin directories.
    You're right.
    If you don't make backups of your important data, your data is obviously not important to you.

  3. #13
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: Disable excessive password requests

    If you are taking your first steps in linux world, you really shouldn't do it, as everybody would certainly advise you, but if you really want it, here's how you can:

    Open the terminal window and run the command:

    sudo visudo

    Find the line that says

    %admin ALL=(ALL) ALL

    and change it to

    %admin ALL=(ALL) NOPASSWD: ALL

    Save and exit the file

  4. #14
    Join Date
    Sep 2006
    Beans
    7,466
    Distro
    Lubuntu Development Release

    sudoers

    @slickymaster

    That might not be such nice advice and is almost the same as running as root. That is about the most risky, dangerous way of going about things. A system set up like that will eventually break or get owned and it will make the distro look bad. It is possible to compartmentalize the access. As Cheifchimp wrote, read the manual page for sudoers very carefully.

    For example, it might be possible to set the timeout of specific programs.

    Code:
    Defaults:INSTALLERS     timestamp_timeout=-1
    ...
    Cmnd_Alias INSTALLERS=/usr/bin/python /usr/bin/software-center
    ...
    %admin ALL=(ALL) PASSWD: INSTALLERS
    I haven' tested it thoroughly, but it might allow the password to be used but require it only once per session for just the Software Center.

  5. #15
    Join Date
    Mar 2011
    Location
    19th Hole
    Beans
    1,274
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Disable excessive password requests

    The following comments are not just for the original poster, but for all new users coming from Windows:

    You may think that Windows is more "convenient" because you don't have to type in a password to install, say, a new program, but this is a pernicious fallacy. The false "convenience" of not typing in a password is more than offset by the true inconvenience of having to run anti-virus, anti-spyware, anti-wipe-your-own-nose-software that slow your system down to a crawl and wastes the first fifteen minutes of every boot-up downloading steadily growing antivirus signatures so large that they now run into the tens of megabytes. You have received a lot of warnings from the posters on this forum, along with some techniques for basically screwing the Linux security model. Instead of giving you yet another technique, I thought I would address the larger issue:

    I don't mean this in a snarky way--truly I don't--but if you want to turn Linux into the security joke that is Windows, I would frankly suggest that you just stick with Windows. It's already got the "convenience" of no passwords, so why change? In my opinion, an indispensible part of Linux is its far superior security. It's the reason why we don't have to install anti-virus, anti-everything else, and have the reassurance that we can sneeze without worrying that our computers will catch something nasty. By disabling its password security, you basically turn it into something far less than Linux. So why run Linux at all?

    I admit that part of my motivation for the above recommendation is selfish. I don't want a bunch of misguided self-crippled systems out there owned by webbots undeservedly giving Linux the bad rep that Windows has so deservedly earned for itself.

  6. #16
    Join Date
    Nov 2012
    Location
    Halloween Town
    Beans
    Hidden!
    Distro
    Xubuntu Development Release

    Re: sudoers

    Quote Originally Posted by Lars Noodén View Post
    @slickymaster

    That might not be such nice advice and is almost the same as running as root. That is about the most risky, dangerous way of going about things. A system set up like that will eventually break or get owned and it will make the distro look bad. It is possible to compartmentalize the access. As Cheifchimp wrote, read the manual page for sudoers very carefully.

    For example, it might be possible to set the timeout of specific programs.

    Code:
    Defaults:INSTALLERS     timestamp_timeout=-1
    ...
    Cmnd_Alias INSTALLERS=/usr/bin/python /usr/bin/software-center
    ...
    %admin ALL=(ALL) PASSWD: INSTALLERS
    I haven' tested it thoroughly, but it might allow the password to be used but require it only once per session for just the Software Center.
    Thanks for the clarification, Lars Noodén. Actually I was not aware that it could result in a system break, but nevertheless I did advice, as the previous posters did, for the risks of such a step.

    Once again I thank you for your enlightenment on the subject. We're always learning.

  7. #17
    Join Date
    Jan 2005
    Location
    South Africa
    Beans
    2,098
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Disable excessive password requests

    Quote Originally Posted by Seph29 View Post
    I don't want to prompt my password every time I want to install a new app or things like that.
    Let me first say that I somehow understand where you're coming from. But how often do you really install software and are prompted for a password? How many upgrades are coming along where you have to type your password? And how much system maintenance do you do?

    PS
    In my personal Windows setup, I have to switch user to administrator before I even can install software
    If you don't make backups of your important data, your data is obviously not important to you.

  8. #18
    Join Date
    Sep 2010
    Beans
    25

    Re: Disable excessive password requests

    Quote Originally Posted by Wim Sturkenboom View Post
    To install software, one will often (have to) use sudo; and at that moment the 'executable' can do anything it wants.
    Well, yeah. But the point is, at least the admin has to elect to type the password.

    No password needed=something could install itself without the administrator even being aware of it. That's the security factor that would be missing without a password.

    Nothing can protect from a stupid administrator, however.

  9. #19
    Join Date
    Feb 2012
    Location
    el_GR
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Disable excessive password requests for Ubuntu Software Center

    Quote Originally Posted by Seph29 View Post
    Well I don't want to disable it completely, just for the software center. Even better, I want the system to remember the pass so I would have just to confirm. Is that possible?
    The timestamp_timeout for sudo (according to sudoers man-page) is 15 minutes by default. That means you have 15 minutes until the password (you have given) reset.
    timestamp_timeout
    Number of minutes that can elapse before sudo will ask
    for a passwd again. The timeout may include a
    fractional component if minute granularity is
    insufficient, for example 2.5. The default is 15.
    Now , gksudo is the command to open GUI applications (like software center) with root privileges . Logically gksudo follows the timestamp of sudo ,
    so
    if you open software-center with gksudo , you will have 15 minutes until your password be reset
    Be aware here , I never tested it.

    Open a terminal and test it.
    Code:
    gksudo software-center
    If my thought above is correct , then you can do it permanently by changing the "Exec=" line in ubuntu-software-center.desktop file , inside /usr/share/applications/

    Thanks
    # How to mark the Thread as [SOLVED] when done.
    # Ubuntu Greek Community
    # Gain 20GB of space on copy.com when sign up with my referral link.

  10. #20

    Re: Disable excessive password requests

    @^^

    I am not sure of the exact duration but after entering your password into Software Center there is a period where you can add more software and it won't request your password again...


    404
    404

    Come shoot the breeze with us on the Ubuntu Forums IRC channel - #ubuntuforums

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •