Quick sudoers question.

michaelsanford

michaelsanford

Translator, Web Developer
Checking some of the very powerful options in man sudoers I came acorss the ability to stop promopting me for a password every time I type $ sudo something.sh

However, I've noticed none of these work:
username ALL = NOPASSWD: ALL
username localhost = NOPASSWD:ALL
%group ALL=NOPASSWD:ALL
...or any senseful combination of these things.

But this does:
Defaults:username !authenticate

Any reason for that ? Is there some other default that over-rode that ?
 
I've done that on my Linux desktop just for ease of use. It does become annoying to type in the password for almost everything that requires it under the command line. For obvious reasons, it's not recommended on critical machines like servers and such.
 
Hmm, odd that it doesn't work for me. Maybe I'm missing a parameter somewhere (hears an eerie voice - "That's what visudo's foooor").

Is it possible to specify nopasswd only if I'm at the con ?
 
The thing I do is "sudo bash"

This puts me in a shell with a prompt and then I can run around as root and do whatever i want to do.

I guess "sudo $SHELL" would be more generic.
 
Well, visudo is the recommended way to edit the file. It'll let you know if you made an error in the syntax.

That said, I edited the file with SubEthaEdit. :D

I think you have to have the spaces just as I put them in my example. I just tried it again with a regular user by putting in their group and the same line, and that user was able to use sudo without a password.
 
I think visudo does some basic syntax checking for you, to minimize the chance that you'll mess things up. And it locks the file, to prevent two people mucking things up on a multi user system
 
pedz said:
The thing I do is "sudo bash"

This puts me in a shell with a prompt and then I can run around as root and do whatever i want to do.

I guess "sudo $SHELL" would be more generic.
Click to expand...


Try "sudo -s".

Wade
 
You must log in or register to reply here.
Back
Top