sudo does not require password authentication for subsequent executions

Solution Verified - Updated -

Issue

sudo does not require password authentication for subsequent executions

  • A sudo rule explicitly requires an user to supply a password to run any command:

    bob ALL=(ALL)       PASSWD:ALL

  • sudo asks for password the first time. It does not request the user to authenticate for subsequent access:

    [bob@server1 ~]$ sudo su - root
[sudo] password for bob: 
[root@server1 ~]# exit
logout

[bob@server1 ~]$ sudo su - jane
[jane@server1 ~]$ exit
logout

[bob@server1 ~]$ sudo su - root
[root@server1 ~]# exit
logout

[bob@server1 ~]$

  • It is a security requirement that the system must require re-authentication when using the "sudo" command.

Environment

  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9
    • sudo

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content