[sudo-users] Owner sudo process

Todd C. Miller Todd.Miller at courtesan.com
Tue Sep 3 06:07:00 MDT 2013


To properly support PAM sessions sudo needs to keep a privileged
process around to close the session.  Older versions of sudo did
not do this which causes problems with some PAM session modules.
The actual command is still run as the target user.  Most versions
of su behave similarly.

Sudo 1.8.8 (out in about a week) will allow you to disable PAM
session and setcred support in sudoers, in which case sudo will
exec the command directly without the extra process.

 - todd


More information about the sudo-users mailing list