How to cancel the currently-applied remaining sudo time-out?
When I’ve just run
sudo, and don’t want it to remain active for the normal duration of its time-out, how can I cancel that remaining active time-out?
sudo -k kills it for the current terminal session, but if a process is currently running in that session and so can’t run
sudo -k, is there a way to cancel it from another terminal session?
And is there a way to cancel all currently applied
sudo times (for all terminal sessions, and all gksudo running apps, etc?
Although, come to think of it, a running GUI may simply need to be shut down, but I just checked that Alt+F2 keeps gksu active for subsequent invocations.
Not sure if you mean to kill a sudo timeout so it doesn’t timeout or so it times out immediate, but if you want to remove the remaining timestamp you can use
Otherwise,if you’re trying to cancel a timeout so sudo doesn’t timeout, I don’t think that is possible to do in a current session. The only way I know of would be to change the
timestamp_timeout in the
sudoers file and restart the session.
Just on one of your points:
but if a process is currently running
in that session and so can’t run sudo
This is specific to the command line, if you want to do anything while some other process is running, you can press Ctrl+Z to pause the process; you then get access to the current terminal again, do anything you like. When you’re done, you can type
jobs to get a list of processes, with a number beside them. Type
fg 1 (for example – and simply
fg if there’s only one job) to restart a process, raising it to the foreground. Similarly,
bg to do the same thing but leaving the process running in the background.
$ sudo apt-get install hello <CTRL+Z> + Stopped sudo apt-get install hello $ sudo -k $ jobs + Stopped sudo apt-get install hello $ fg 1 Loading database... ....
I found a solution. since my search didn’t show anything alike and this is a frequent question: sudo stores somewhere on the filesystem (for example in /var/run/sudo), one directory per user-name, several files that work as the time-stamp, one file for each terminal. delete those files and your system is secure again. just keep in mind that those files are only visible to root (otherwise an intruder might read the time-stamp and set clock-time back to a point where they still were valid — granting root-ls to anyone is dangerous). therefore in my /etc/pm/sleep/ and maybe also for the screensaver I run:
rm -f /var/db/sudo/*/*
as root of course…
This can’t be done. The parent sudo process will terminate when its child does, and terminating the parent will terminate the children.
Also terminating it externally doesn’t make any sense, as you can’t really know at which point the program will be terminated. The program flow would be unpredictable.