上QQ阅读APP看书,第一时间看更新
Hands-on lab for disabling the sudo timer
For this lab, you'll disable the sudo timer on your CentOS VM:
- Log in to the same CentOS virtual machine that you used for the previous lab. We'll be using the user accounts that you've already created.
- At your own user account command prompt, enter the following commands:
sudo fdisk -l
sudo systemctl status sshd
sudo iptables -L
You'll see that you only needed to enter the password once to do all three commands.
- At your own user account command prompt, run the following:
sudo fdisk -l
sudo -k
sudo fdisk -l
Note how the sudo -k command resets your timer, so you'll have to enter your password again. Open visudo with the following command:
sudo visudo
In the Defaults specification section of the file, add the following line:
Defaults timestamp_timeout = 0
Save the file and exit visudo.
- Perform the commands that you performed in Step 2. This time, you should see that you have to enter a password every time.
- Open visudo and modify the line that you added so that it looks like this:
Defaults:lionel timestamp_timeout = 0
Save the file and exit visudo.
- From your own account shell, repeat the commands that you performed in Step 2. Then, log in as Lionel and perform the commands again.
- View your own sudo privileges by running the following:
sudo -l
Note that this procedure also works for Ubuntu.