From owner-freebsd-questions@freebsd.org Mon Mar 13 17:55:20 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C7DFD0A75D for ; Mon, 13 Mar 2017 17:55:20 +0000 (UTC) (envelope-from markham@ssimicro.com) Received: from barracuda.ssimicro.com (barracuda.ssimicro.com [96.46.39.196]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.ssimicro.com", Issuer "RapidSSL SHA256 CA - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3AA271AF2 for ; Mon, 13 Mar 2017 17:55:19 +0000 (UTC) (envelope-from markham@ssimicro.com) X-ASG-Debug-ID: 1489426637-08e71722261775bd0001-jLrpzn Received: from mail.ssimicro.com (mail.ssimicro.com [64.247.129.10]) by barracuda.ssimicro.com with ESMTP id gTAVDDlugQgSDEcH (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 13 Mar 2017 13:37:18 -0400 (EDT) X-Barracuda-Envelope-From: markham@ssimicro.com X-Barracuda-Effective-Source-IP: mail.ssimicro.com[64.247.129.10] X-Barracuda-Apparent-Source-IP: 64.247.129.10 Received: from yk-office-dhcp-64-247-130-144.ssimicro.com (yk-office-dhcp-64-247-130-144.ssimicro.com [64.247.130.144]) (authenticated bits=0) by mail.ssimicro.com (8.15.2/8.15.2) with ESMTPSA id v2DHbHkM021730 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Mon, 13 Mar 2017 11:37:17 -0600 (MDT) (envelope-from markham@ssimicro.com) Subject: Re: sudo alternatives; for the minimalists To: Harry Schmalzbauer , Phil Eaton X-ASG-Orig-Subj: Re: sudo alternatives; for the minimalists References: <58C6BDC0.7070307@omnilan.de> <58C6D50B.8030803@omnilan.de> Cc: FreeBSD Questions !!!! From: markham breitbach Message-ID: Date: Mon, 13 Mar 2017 11:37:22 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <58C6D50B.8030803@omnilan.de> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 8bit X-Barracuda-Connect: mail.ssimicro.com[64.247.129.10] X-Barracuda-Start-Time: 1489426638 X-Barracuda-Encrypted: ECDHE-RSA-AES256-GCM-SHA384 X-Barracuda-URL: https://barracuda.ssimicro.com:443/cgi-mod/mark.cgi X-Barracuda-Scan-Msg-Size: 933 X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at ssimicro.com X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.0 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.37192 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2017 17:55:20 -0000 You can set a credential cache timer for sudo, so it will only ask for a password every-so-often, or you can permit members of a particular group access to sudo without and password required (particularly useful for limited tasks of daemons/cron-jobs). -Markham On 2017-03-13 11:21 AM, Harry Schmalzbauer wrote: > Bezüglich Phil Eaton's Nachricht vom 13.03.2017 16:48 (localtime): >> How do you feel about the security/doas port from OpenBSD? > Thanks, most likely worth a look. But it has no credentials caching, > does it? > That's my most wanted feature, otherwise I'm still fine with su (no > classic user privileging needed, only for admin tasks) > > -harry > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" >