sudoers

Sudo With No Password

July 7, 2019

If you’re the only user on your system, you don’t need to be prompted every time you run the sudo command.

Add yourself to the sudoers file.

# create a new file
sudo visudo -f /etc/sudoers.d/users

Add this line.

# add your username
username ALL=(ALL) NOPASSWD:ALL

Exit and try again.

# exit out and login again
exit
# try to sudo again
sudo -i
# there's no password prompt for sudo this time

What’s in the /etc/sudoers.d/ directory? It’s a group of files with the following format as displayed in the code below. In the example, the file allows a Linux group or an AD group to assume the role of root, via the sudo command. As long as the group uses the correct format, and is located inside the /etc/sudoers.d/ directory, that group will have access to root.

%groupname  ALL=(ALL)   NOPASSWD: ALL

Sudoers

December 21, 2017

The /etc/sudoers file gives users the ability to run commands that are typically reserved for administrators. The commands require a password or no password, depending on how you set them up in the sudoers file. The sudoers file can’t be edited using any text editor. You have to use visudo.

$ visudo

Add groups to access sudo.

# Allow users in techgroup to run all commands
%techgroup   ALL=(ALL)   NOPASSWD: ALL
# Allow users in techgroup without a password
%techgroup   ALL=(ALL)   NOPASSWD: ALL
# Allow users in techgroup to shutdown the system
%techgroup   localhost=/sbin/shutdown -h now
#includedir /etc/sudoers.d

Typically you have to add your groups in the sudoers file. Notice the last line. Sudoers will include config files found under the /etc/sudoers.d directory. In certain circumstances, there are others pieces of software such as compliance software CFEngine that writes over changes in the sudoers file. If this is the case, then you have to add your groups in a file inside the /etc/sudoers.d directory.