Thank you for purchasing through links and ads on this site.
OWC / MacSales.com...
diglloyd Deal Finder...
Buy other stuff at Amazon.com...
In Motion There is Great Potential
SSD Wishlist…
NuGard KX Case for iPhones and iPads
Outstanding protection against drops and impact!
Excellent grip for wet hands, cycling, etc!

Extending the 'sudo' Timeout

Last updated 2013-07-12 - Send Feedback
Related: optimization, System Setup, Optimization

This is a technical article. It deliberately does not explain too much.

In Terminal, the 'sudo' command can be a hard requirement for getting things done in some cases. But timeout can be an issue; it’s inconvenient to enter a password frequently.

On my daily machine at home, I am not concerned about a stranger walking up and having access to the computer. Since the timeout for 'sudo' is too short, so I like to increase it to 30 minutes.

env_reset,timestamp_timeout=2

See also

sudo -k // requires password every time; does not create timestamp file
sudo -K // forces password re-entry (deletes timestamp file)

Example sudoers file (/private/etc/sudoers)

Shown below is the sudoers file with a timeout of 30 minutes.

Use 'sudo visudoers' to edit, or with care, plain text editor such as TextWrangler.

# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
# Failure to use 'visudo' may result in syntax or file permission errors
# that prevent sudo from running.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
# Cmnd alias specification
# Defaults specification
Defaults	env_reset,timestamp_timeout=30
Defaults	env_keep += "BLOCKSIZE"
Defaults	env_keep += "COLORFGBG COLORTERM"
Defaults	env_keep += "__CF_USER_TEXT_ENCODING"
Defaults	env_keep += "CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE"
Defaults	env_keep += "LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME"
Defaults	env_keep += "LINES COLUMNS"
Defaults	env_keep += "LSCOLORS"
Defaults	env_keep += "SSH_AUTH_SOCK"
Defaults	env_keep += "TZ"
Defaults	env_keep += "DISPLAY XAUTHORIZATION XAUTHORITY"
Defaults	env_keep += "EDITOR VISUAL"
# Runas alias specification
# User privilege specification
root	ALL=(ALL) ALL
%admin	ALL=(ALL) ALL
# Uncomment to allow people in group wheel to run all commands
# %wheel	ALL=(ALL) ALL
# Same thing without a password
# %wheel	ALL=(ALL) NOPASSWD: ALL
# Samples
# %users  ALL=/sbin/mount /cdrom,/sbin/umount /cdrom
# %users  localhost=/sbin/shutdown -h now
%admin ALL= NOPASSWD: /sbin/kextload, /sbin/kextunload
%users ALL= NOPASSWD: /sbin/kextload, /sbin/kextunload
ALL ALL= NOPASSWD: /sbin/kextload, /sbin/kextunload
Deals Updated Daily at B&H Photo
View BEST Deals Right Now

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2008-2017 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__