[sudo-workers] Where is the sudo timestamp directory on OS X?
Todd C. Miller
Todd.Miller at courtesan.com
Wed Aug 12 08:54:07 MDT 2015
On Tue, 11 Aug 2015 22:44:39 -0700, Ron Garret wrote:
> I am authenticated to sudo, it is granting me access without a password,
> but /var/db/sudo/ron is empty.
This is normal when the tty_tickets sudoers option is not enabled,
which is how Apple ships sudo. When there is global timestamp for
the user only the modification time on the directory is used. When
tty_tickets is enabled (which is normally the default, except for
Apple), there will be per-tty timestamp files within that directory
with the structure I described previously. This makes it possible
to have tty_tickets enabled for some users/commands and disabled
For sudo 1.8.10 things are a bit different as there is always only
one file that can contain multiple records.
More information about the sudo-workers