Results 1 to 9 of 9

Thread: Curious about constant authentication

  1. #1
    Join Date
    Sep 2007
    Beans
    226

    Curious about constant authentication

    I am curious about authentications. If I want to do anything, that might change something, I must enter my password for authentication. If I want to change two things, one thing after another, then I must enter my password two times. I also realize that I can deal with this problem by doing everything in a terminal and issuing a "sudo -i" (I think), however, that would obviate the use of any of the unity buttons, etc. At the same time I am told that its a really bad idea to log in as root. One would think, however, that if one does log in then that login might have a, say, 10 minute window. Since my ignorance continues, insofar as Ubuntu is concerned, there may actually be a way to do this. Anyway, and I may be completely alone in this one, is it at all possible to do something about this? Are there existing fixes?

    Just wondering - thank you..........

  2. #2
    Join Date
    Apr 2011
    Location
    Mystletainn Kick!
    Beans
    4,453
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Curious about constant authentication

    Are you constantly opening and closing a terminal window or something?
    Because, there is a default timeout of something like 15 minutes for authentication per session.
    When I run sudo anything, I have roughly 15 minutes wherein I can sudo something else without a need for a password prompt.
    This ends when I close a terminal session.

    It can be extended, I forget the line but adding something like timestamp_timeout=<biggernumber> to the sudoers file will change the default timeout to whatever you set.
    This might help
    http://ubuntuforums.org/showthread.php?t=763142
    Splat Double Splat Triple Splat
    Earn Your Keep
    Don't mind me, I'm only passing through.
    Once in a blue moon, I'm actually helpful
    .

  3. #3
    Join Date
    Jun 2011
    Beans
    76

    Re: Curious about constant authentication

    From what he said I think he means GUI based modifications i.e. in the settings windows?

  4. #4
    Join Date
    Sep 2007
    Beans
    226

    Re: Curious about constant authentication

    I am talking about editing a file, installing anything, etc. My example of a terminal was to mention the "sudo -i" which will log you in, as root, and as long as the terminal is open you remain logged in. What I am really talking about is some kiund of time limit on an authentication outside of a terminal.

    Just a thought - thanks for the replies.......

  5. #5
    Join Date
    Jul 2009
    Location
    New York, NY
    Beans
    1,172
    Distro
    Ubuntu Development Release

    Re: Curious about constant authentication

    It's just part of the many great security features that comes standard in linux distros...

  6. #6
    Join Date
    Apr 2011
    Location
    Mystletainn Kick!
    Beans
    4,453
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Curious about constant authentication

    If the app launches as root(super user) without a need to run sudo or gk/kde/su(do)
    then chances are it uses pkexec.
    That, I have no clue on how to extend it's time limit.
    This might give you a clue or something.
    http://askubuntu.com/questions/78352...vs-gksu-gksudo

    But in general, most programs lose their elevated privileges when they close.
    If they didn't, it would leave a gaping security hole.
    Splat Double Splat Triple Splat
    Earn Your Keep
    Don't mind me, I'm only passing through.
    Once in a blue moon, I'm actually helpful
    .

  7. #7
    Join Date
    Nov 2011
    Beans
    1,442
    Distro
    Ubuntu Development Release

    Re: Curious about constant authentication

    Unix/Linux employ a system of permission intended to keep users from mucking about with files they don't own. Since the root user owns most of the files, and all of the important ones, we users can't mess with them unless we are allowed temporary root privileges.

    Today, with one machine per person, we grant ourselves those temporary privileges. If we break something, we're the only losers. But, the OS traces its lineage to a time when one machine supported any number of users logged in at the same time.

    Authentication requests can be annoying while you're setting up a machine. Once that's done, you shouldn't see many at all during routine use.

  8. #8
    Join Date
    Nov 2009
    Beans
    Hidden!
    Distro
    Kubuntu 14.04 Trusty Tahr

    Re: Curious about constant authentication

    i only see those when doing updates.

    it's a security feature and it doesn't po up unless you are changing system files. if oyu are changing system files for example in text editor running as root then not closing the editor should keep the root privilege open.
    Easy to understand Ubuntu manual with lots of pics: http://ubuntu-manual.org/
    Do i need antivirus/firewall in linux?
    User friendly disk backup: Redobackup

  9. #9
    Join Date
    Dec 2005
    Location
    Western Australia
    Beans
    11,479
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Curious about constant authentication

    Policykit has a need for authentication every time, but note that Policykit doesn't actually run the application as root. It only runs one function with extra privileges, which is how it should be.

    Sudo and Gksudo have timeouts and work seperately to Policykit. They run a whole program as root.

    If you put your password into a Policykit-enabled program, it doesn't extend the Gksudo timeout. Unfortunately.

    But once you have your system set up, you should rarely encounter Policykit or Gksudo.
    I try to treat the cause, not the symptom. I avoid the terminal in instructions, unless it's easier or necessary. My instructions will work within the Ubuntu system, instead of breaking or subverting it. Those are the three guarantees to the helpee.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •