Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

sudo warning

1,918 views
Skip to first unread message

T o n g

unread,
Jul 11, 2009, 5:50:05 PM7/11/09
to
Hi,

I used to get the following sudo warning on the first time I sudo, but
for one box, I kept getting it:

$ sudo su -

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

How can I disable the sudo warning?

thanks

--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/


--
To UNSUBSCRIBE, email to debian-us...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Matthew Moore

unread,
Jul 11, 2009, 9:30:13 PM7/11/09
to
On Saturday 11 July 2009 3:40:40 pm T o n g wrote:
> How can I disable the sudo warning?

From the sudoers manpage,

lecture This option controls when a short lecture will be printed along
with the password prompt. It has the following possible values:

always Always lecture the user.

never Never lecture the user.

once Only lecture the user the first time they run sudo.

If no value is specified, a value of once is implied. Negating the option
results in a value of never being used.

Looks like you have set the lecture option in your sudoers file.

MM

Matthew Moore

unread,
Jul 11, 2009, 9:50:09 PM7/11/09
to
On Saturday 11 July 2009 3:40:40 pm T o n g wrote:
> How can I disable the sudo warning?

From the sudoers manpage,

lecture This option controls when a short lecture will be printed along
with the password prompt. It has the following possible values:

always Always lecture the user.

never Never lecture the user.

once Only lecture the user the first time they run sudo.

If no value is specified, a value of once is implied. Negating the option
results in a value of never being used.

Looks like you have set the lecture option in your sudoers file.

MM


T o n g

unread,
Jul 11, 2009, 11:10:08 PM7/11/09
to
On Sat, 11 Jul 2009 19:24:39 -0600, Matthew Moore wrote:

>> How can I disable the sudo warning?
>
> From the sudoers manpage,
>
> lecture This option controls when a short lecture will be printed

> along with the password prompt. . .


>
> Looks like you have set the lecture option in your sudoers file.

No I don't.

% grep lecture /etc/sudoers || echo no found
no found

But thanks to your points, I think I've found the reason.

> once Only lecture the user the first time they run
> sudo.
>
> If no value is specified, a value of once is implied.

Sudo must have stored the weather-first-time value under one of the
following places:

$ grep ram /etc/fstab
/dev/ram1 /var/run ramfs defaults,rw,auto,dev 0

0
/dev/ram2 /var/state ramfs defaults,rw,auto,dev 0

0
/dev/ram3 /var/lock ramfs defaults,rw,auto,dev 0

0
/dev/ram4 /var/account ramfs defaults,rw,auto,dev 0

0
/dev/ram5 /var/log ramfs defaults,rw,auto,dev 0

0
/dev/ram6 /var/lib/gdm ramfs defaults,rw,auto,dev 0

0
#/dev/ram7 /var/tmp ramfs defaults,rw,auto,dev 0

0
/dev/ram /tmp ramfs defaults,rw,auto,dev 0

0

That might explain why I kept getting the sudo warning (after each
reboot).

Or does it?

--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/

Scott Gifford

unread,
Jul 11, 2009, 11:50:06 PM7/11/09
to
T o n g <mlist4...@yahoo.com> writes:

>>> How can I disable the sudo warning?

[...]

> Sudo must have stored the weather-first-time value under one of the
> following places:
>
> $ grep ram /etc/fstab
> /dev/ram1 /var/run ramfs defaults,rw,auto,dev 0 0

The manpage mentions that timestamp files are stored in /var/run/sudo,
so that seems pretty likely.

----Scott.

T o n g

unread,
Jul 12, 2009, 4:40:13 PM7/12/09
to
On Sat, 11 Jul 2009 23:43:18 -0400, Scott Gifford wrote:

> The manpage mentions that timestamp files are stored in /var/run/sudo,

Hmm... I didn't find it...

$ man sudoers | grep /var/run

$ man sudo | grep /var/run

Where did you find it?

--
Tong (remove underscore(s) to reply)
http://xpt.sourceforge.net/techdocs/
http://xpt.sourceforge.net/tools/

Sven Joachim

unread,
Jul 12, 2009, 5:00:12 PM7/12/09
to
On 2009-07-12 22:34 +0200, T o n g wrote:

> On Sat, 11 Jul 2009 23:43:18 -0400, Scott Gifford wrote:
>
>> The manpage mentions that timestamp files are stored in /var/run/sudo,
>
> Hmm... I didn't find it...
>
> $ man sudoers | grep /var/run
>
> $ man sudo | grep /var/run

It seems that the manpage in sudo 1.7.0-1 is broken, it contains
@timedir@ strings that should have been replaced by /var/run/sudo during
the build process.

> Where did you find it?

Maybe in the manpage of an older version. Look here:

http://manpages.debian.net/cgi-bin/man.cgi?query=sudo&apropos=0&sektion=0&manpath=Debian+5.0+lenny&format=html&locale=en

Sven

Matthew Moore

unread,
Jul 12, 2009, 8:00:15 PM7/12/09
to
On Sunday July 12 2009 2:34:24 pm T o n g wrote:
> Hmm... I didn't find it...
>
> $ man sudoers | grep /var/run
>
> $ man sudo | grep /var/run
>
> Where did you find it?

There should be a "sudo" directory in /var/run. In any case, it seems like
adding "lecture never" to /etc/sudoers would fix the symptoms of your problem.

MM

Scott Gifford

unread,
Jul 13, 2009, 10:50:11 AM7/13/09
to
T o n g <mlist4...@yahoo.com> writes:

> On Sat, 11 Jul 2009 23:43:18 -0400, Scott Gifford wrote:
>
>> The manpage mentions that timestamp files are stored in /var/run/sudo,
>
> Hmm... I didn't find it...
>
> $ man sudoers | grep /var/run
>
> $ man sudo | grep /var/run
>
> Where did you find it?

On my Debian Etch system, I see this:

SUDO(8) MAINTENANCE COMMANDS SUDO(8)

NAME
sudo, sudoedit - execute a command as another user
...
FILES
/etc/sudoers List of who can run what
/var/run/sudo Directory containing timestamps

----Scott.

0 new messages