You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2025-03-05 10:09:19
- Zsar
- Member
- Registered: 2023-02-12
- Posts: 10
Can I get the login to count as sudo time?
Currently turning on the computer looks like this when I am not in a hurry:
(log into tty with password)
sudo pacman -Syu (with password)
sudo systemctl start gdm (with password on the login page)
and like this when I am
(log into tty with password)
sudo systemctl start gdm (with password on sudo and with password on the login page)
Can I make the login itself start sudo's "time until the password has to be repeated"? Obviously I just typed in the correct password, or I would not have access to the shell.
(Still trying to get rid of gnome again, but it does some magical things missing in Weston... if later on I decide to just surrender to gnome, I will also investigate whether I can make gdm inherit my tty session instead of starting a new one, but right now I still have hope that this is a temporary arrangement.
sudo on the other hand is very much here to stay and so is booting without auto-starting a window manager. - gdm can and does softlock my other tty terminals, if it hangs on start, e.g. when invoked as 'gdm' instead of 'sudo systemctl start gdm'. Surely other window managers are capable of similar feats, if not quite as "forthcoming" with them as gnome is.)
... This seems to be a very straightforward optimisation but I see no mention of it on the Wiki nor have I found any relevant search results via Google. Odd that no one else asks for this - Arch is hardly the only distribution where "update as often as possible (within your release channel)" is the accepted good practise, but surely that means most people should have the same issue? Are they all just allowing their package manager to run without password? ... I guess there would be worse but the notion still does not feel so good.
Last edited by Zsar (2025-03-05 10:21:09)
Offline
#2 2025-03-05 10:39:38
- Nikolai5
- Member
- From: North West, England, UK
- Registered: 2024-01-27
- Posts: 224
Re: Can I get the login to count as sudo time?
TTY login, GDM and sudo have nothing to do with each other, so they're all going to ask for your password even if you just entered it a moment ago. TTY login doesn't affect Sudo's timer.
As for GDM, you could look into autologin if that's something you would consider, but otherwise you will need to continue starting the display manager with a password and then logging into your user graphically with a password.
Hey, at least it's not encrypted, else you'd be entering one more password as well.
Desktop: Ryzen 7 1800X | AMD 7800XT | KDE Plasma
MacbookPro-2012 | XFCE
Offline
#3 2025-03-05 15:11:42
- seth
- Member
- Registered: 2012-09-03
- Posts: 63,028
Re: Can I get the login to count as sudo time?
Adding sth. like "auth required pam_exec.so expose_authtok /usr/bin/sudo -v" to /etc/pam.d/login might work (maybe sudo -S is required)
Whether unconditionally opening sudo is a great idea is to be seen.
Make sure to keep a root shell open whenever playing around w/ pam configs.
Offline
Pages: 1