Permission granted in etc/sudoers only lasts for 10 minutes

StackOverflow https://stackoverflow.com/questions/8465774

  •  13-03-2021
  •  | 
  •  

Pergunta

I have a PHP script which contains a shell_execute() and the command it executes normally requires sudo. I've edited the sudoers with visudo to contain the following:

www-data ALL = NOPASSWD: /var/root/node/npm/node_modules/less/
%users ALL = NOPASSWD: /var/root/node/npm/node_modules/less/

I suspect either should work, but I went with the belt-and-suspenders approach to be sure.

I'm editing etc/sudoers with vim, so after adding these lines, I do :x and everything works. My PHP script does what it's supposed to... for about 10-15 minutes. Then the script stops working. Specifically, the shell_exec() stops working.

If I do sudo visudo again, my new lines are still there. But only when I save it again does the script start working again.

Can anyone tell me why this might be happening? I have two guesses that aren't very good:

  1. There is some sort of grace period that starts when I sudo visudo and this is what's allowing my script to work (but only until it expires).
  2. The new data in etc/sudoers is staying in sudoers.tmp (the "Lock file")... Neither of these add up to me.
Foi útil?

Solução

According to a comment in the PHP docs, this will work.

system('echo "PASS" | sudo -u root -S COMMAND');

I have not tested it.

Outras dicas

I think this might help you:

Increase sudo time before you need to type password again

Happy sudoing :D

Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top