Web lists-archives.com

Re: apache2: Could not open configuration file /etc/apache2/apache2.conf: Permission denied




On Tue 16 Oct 2018 at 12:24:49 (-0400), Gene Heskett wrote:
> On Tuesday 16 October 2018 11:37:44 Greg Wooledge wrote:
> 
> > On Tue, Oct 16, 2018 at 11:28:44AM -0400, Gene Heskett wrote:
> > > Since leaving a sudo -i laying about is considered a security
> > > breach, I'm amazed that the -i option doesn't accept a timeout. Say
> > > in seconds, as if you think it will take 5 minutes to do the job as
> > > root, sudo -i300, at the ends of which it expires.
> >
> > You could set the TMOUT variable in the resulting shell, either
> > manually or by a setting in some rc file (e.g. /root/.bashrc if that's
> > what the shell reads).
> 
> Okayyy, TMOUT=30, and 30 seconds later it does time out, returning me to 
> my user prompt.
> 
> And I ran synaptic and it didn't time out till 30 secs after I had quit 
> synaptic which leaves an exploitable hole. Synaptic took way more, than 
> the 30 I set TMOUT to.  Ideally it should have returned to the users 
> prompt at the synaptic exit, or would that leave trash behind?
> 
> Anyway, many thanks for the schooling, Greg. Even after 20 years, I 
> hadn't heard of that before.

Hm, to be honest, TMOUT seems like a historical relic of a bygone era
when using an idle login shell implied that you were hogging a slot
that others were waiting to access. (And when the shell exited, we
neighbouring users would have to endure the motor noise of their
A/KSR 33 until *its* timeout expired.)

If you want a suicidal command that logs you out as soon as you quit,
you could wrap it up as a bash function and put it into root's .bashrc;
something like for example

function aptitude-pop {
    aptitude
    exit
}

Cheers,
David.