[sudo-workers] Where is the sudo timestamp directory on OS X?

Todd C. Miller Todd.Miller at courtesan.com
Wed Aug 12 08:54:07 MDT 2015

On Tue, 11 Aug 2015 22:44:39 -0700, Ron Garret wrote:

> I am authenticated to sudo, it is granting me access without a password,
> but /var/db/sudo/ron is empty.

This is normal when the tty_tickets sudoers option is not enabled,
which is how Apple ships sudo.  When there is global timestamp for
the user only the modification time on the directory is used.  When
tty_tickets is enabled (which is normally the default, except for
Apple), there will be per-tty timestamp files within that directory
with the structure I described previously.  This makes it possible
to have tty_tickets enabled for some users/commands and disabled
for others.

For sudo 1.8.10 things are a bit different as there is always only
one file that can contain multiple records.

 - todd

More information about the sudo-workers mailing list