Is there a way to require a user to wait a certain time instead of asking for a password every time he wants to execute a command as root or access the root / or another user account?
Is there a way to require a user to wait a certain time instead of asking for a password every time he wants to execute a command as root or access the root / or another user account?
Sure, though I advice against it. The following C program can do that:
#include <stdio.h> #include <stdlib.h> #include <unistd.h> int main(int argc, char **argv) { if (argc < 2) { fprintf(stderr, "usage: %s <command> <args>...", argv[0]); return EXIT_FAILURE; } printf("Executing"); for (int i = 1; i < argc; ++i) { printf(" %s", argv[i]); } puts("\nPress ^C to abort."); sleep(5); if (setuid(0)) { perror("setuid"); return EXIT_FAILURE; } execvp(argv[1], argv + 1); perror(argv[1]); return EXIT_FAILURE; }As seen in:
$ gcc -O2 -o delay-su delay-su.c $ sudo chown root:sudo delay-su $ sudo chmod 4750 delay-su $ ./delay-su id $ id -u 1000 $ ./delay-su id -u Executing id -u ^C to abort 0This will allow anyone in group
sudoto execute any command as root. You may change the group to something else to control who exactly can run the program (you cannot change the user of the program).If there’s some specific command you want to run, it’s better to hard-code it or configure
sudoto allow execution of that command without password.