5.3 Reduce the sudo timeout period

[krispayne]

sudo /usr/bin/grep -q '^Defaults timestamp_timeout\=' /etc/sudoers && /usr/bin/sed -i.bak '' 's/^Defaults timestamp_timeout\=.*/timestamp_timeout\=0' visudo || sed "$ a\Defaults timestamp_timeout=0" -i visudo

I wish this line would work. Can anyone help me with my sed?

[krispayne]

if [[ "$(< /etc/sudoers | grep timestamp)" -eq 0 ]]; then
    echo "No sudo timeout modification present. Default is 5 minutes."
else
    echo "sudo timeout modification present."
fi

[krispayne]

I'm thinking something like this but I'm really afraid of fucking with sudoers.

# 5.3 Reduce the sudo timeout period
    # Level 1 Scored

    if [[ $(/usr/bin/grep -ic "timestamp" /etc/sudoers) -eq 0 ]]; then

        ScriptLogging "  No sudo timeout modification present. Reducing to 1 minute..."

        echo "sed goes in and sets Defaults, but probably just in the top of the file which is ugly as sin."

        # sed -i "/Defaults timestamp_timeout=1/d" /etc/sudoers

    elif [[ $(/usr/bin/grep -ic "timestamp" /etc/sudoers) -ge 1 ]]; then

        ScriptLogging "  sudo timeout modification present."

        # get the timeout line

        local SudoTimeOut

        SudoTimeOut=$(grep -i "timestamp" /etc/sudoers)

        # sed through to find the timeout line and modify it to be 1 minute?

        echo "this seems more complicated than I want it to be. I might be overthinking it again."

    else

        ScriptLogging "  Something unexpected happened. Blame Microsoft."

    fi