sudo keeps asking me for my password in fish shell
Solution 1
@endolith: Yes, it only seems to affect fish. I had the same problem, the issue is caused by the sudo option "tty_tickets". Disabling this on your /etc/sudoers file will solve the problem.
The following will disable tty_tickets:
Defaults env_reset,!tty_tickets
Solution 2
If nothing else works, try sudo -i
(by itself). That'll give you a root shell after one password.
Solution 3
I only had to enter the password once, and then it would be remembered for a period of time.
If I where to guess, I would bet that something about your /var/run/sudo
directory is screwed up. This directory is where the timestamp files are stored. Maybe /var/run is full, maybe the permissions got screwed up. Anyway, look at that directory, I suspect your problem may be there.
The permissions on my folder look like this.
# find /var/run/sudo/ -ls
1164242 4 drwx------ 6 root root 4096 Jan 1 1985 /var/run/sudo/
1179694 4 drwx------ 2 root www-data 4096 Jan 1 1985 /var/run/sudo/www-data
1164286 4 drwx------ 2 root myuser 4096 Jul 21 23:03 /var/run/sudo/myuser
1163399 0 -rw------- 1 root myuser 0 Jul 13 22:42 /var/run/sudo/myuser/0
1163453 0 -rw------- 1 root myuser 0 Jul 21 22:59 /var/run/sudo/myuser/2
1164309 0 -rw------- 1 root myuser 0 Jul 21 23:03 /var/run/sudo/myuser/6
1163303 0 -rw------- 1 root myuser 0 Jul 13 22:31 /var/run/sudo/myuser/5
For good measure you might also want to try running sudo -K
to kill your current timestamp files.
Related videos on Youtube
endolith
I used to run Ubuntu, but then I upgraded to Windows 7.
Updated on September 18, 2022Comments
-
endolith almost 2 years
sudo in Ubuntu keeps asking me for my password for every command. Previously, I only had to enter the password once, and then it would be remembered for a period of time. This recently changed, probably after "upgrading" to Natty.
I've done
sudo visudo
and setDefaults env_reset, timestamp_timeout = 60
, tried rebooting, but it's still not working. How do I fix this?After suggestions below, my
/etc/sudoers
looks like this:# # This file MUST be edited with the 'visudo' command as root. # # Please consider adding local content in /etc/sudoers.d/ instead of # directly modifying this file. # # See the man page for details on how to write a sudoers file. # Defaults env_reset Defaults:endolith timestamp_timeout=60 # Host alias specification # User alias specification # Cmnd alias specification # User privilege specification root ALL=(ALL:ALL) ALL # Members of the admin group may gain root privileges %admin ALL=(ALL) ALL # Allow members of group sudo to execute any command %sudo ALL=(ALL:ALL) ALL #includedir /etc/sudoers.d
Update:
I upgraded my VirtualBox and it started to suffer from the same problem. At a guess, I ran bash, and tried to sudo in that, and the password is remembered correctly. It's only when I use my default shell fish that it doesn't remember. It did in the previous Ubuntu release, but no longer.
Update:
I upgraded to 13.05 and this magically started working again. Now it asks for my password once, stops asking for a while, and then asks again after a period of time.
-
David Yates almost 13 yearspossible duplicate: superuser.com/questions/148665/…
-
endolith almost 13 years@warren: That's not a duplicate. I should be required to enter the password, but after I have entered it once, I don't have to for a given amount of time. I have changed this amount of time with visudo in the past but it's not working anymore.
-
Stephanie almost 13 yearsI think that you have to use multiple Defaults statements, rather than one common separated one.
-
Zoredache almost 13 years@Stephanie, I am certain that having a single Defaults statement with comma separated values works fine.
-
wim almost 13 yearsi see you have added a line like
Defaults:endolith timestamp_timeout=60
, but you are not in any group called endolith, accordidng to another comment here. so what username are you using? Check withwhoami
, and add that username in place ofendolith
inDefaults:endolith timestamp_timeout=60
orendolith ALL=(ALL) NOPASSWD: ALL
-
endolith almost 13 years@wim: yes, I'm in the right group, which I wrote as "username"
-
frabjous almost 13 yearsGroup "username" is not mentioned in the file. Try adding
endolith ALL=(ALL) ALL
right underroot ALL=(ALL:ALL) ALL
-
-
mbb about 13 yearsgreat point but slightly riskier than the request.
-
Broam about 13 yearsConsidering this is the "Ubuntu way" for getting a rootshell, I figured it was a neat work around the problem. Every command is still logged.
-
Zoredache almost 13 yearsIt doesn't really fix the problem though, it is basically just a way to ignore it.
-
endolith almost 13 years
find: '/var/run/sudo': No such file or directory
-
Zoredache almost 13 yearsWell that is a bad sign, why not try creating it, and set the ownership/permissions like above.
-
Zoredache almost 13 yearsOr you could just reinstall the package.
-
endolith almost 13 yearsreinstalled sudo with synaptic and it still says that
-
endolith almost 13 yearsThis is a workaround rather than a solution, but it's good and I don't mind if it automatically gives you half the bounty. :)
-
endolith almost 13 yearsI get the same thing on a VirtualBox running Ubuntu 10.10. there is no
sudo
folder in/var/run
. In this virtual machine, it remembers my password as expected, so this doesn't seem relevant. The only thing in visudo on this virtual machine isDefaults env_reset
. It also says%sudo ALL=(ALL) ALL
instead of%sudo ALL=(ALL:ALL) ALL
. -
endolith almost 13 yearsDoes this have any negative ramifications?
-
endolith almost 13 years"Be careful if you offer SSH access to remote users, as you could unintentionally allow them to share elevated privileges with you if you disable tty_tickets." from ask.debian.net/questions/…
-
endolith almost 13 yearsI offer SSH access to a remote user, but it is only to myself, so I assume this does not cause any vulnerability?