The sudo command allows trusted users to run programs as another user, by default the root user. If you spend a lot of time on the command line, sudo one of the commands you will use all the time.

Usually, to grant sudo access you add the user to the sudo group defined in the sudoers file. On Debian, Ubuntu and their derivatives, members of the group sudo are granted with sudo privileges while on RedHat based distributions like CentOS and Fedora, the name of the sudo group is wheel.

Each member of this group will be prompted to enter the password before running a sudo command. This adds an extra layer of security and it is the preferred way to grant sudo privileges to the users.

However, in some situations, like running automated scripts, you may need to configure the sudoers file and allow certain users to run sudo commands without being asked for the password.

The sudoers file contains information that determines a user’s and group’s sudo privileges.

You can configure the user sudo access by modifying the sudoers file or by adding a configuration file to the /etc/sudoers.d directory. All files inside this directory are included in the sudoers file.

Before making any changes, it is a good idea to back up the current file:

sudo cp /etc/sudoers{,.backup_$(date +%Y%m%d)}


Open the /etc/sudoers file with the visudo command:

sudo visudo

Copy

When making changes to the sudoers file always use visudo This command checks the after editing and if there is a syntax error it will not save the changes. If you open the file with text editor a syntax error will result in losing the sudo access.

On most systems, the visudo command opens the /etc/sudoers file with the vim text editor. If you don’t have experience with vim you can use another text editor. For example, to change the editor to GNU nano you would run:

sudo EDITOR=nano visudo

Copy

Scroll down to the end of the file and add the following line that will allow the user “linuxize” to run any command with sudo without begin asked for a password:

/etc/sudoers
linuxize  ALL=(ALL) NOPASSWD:ALL


If you want to allow the user to run only specific commands without entering password specify the commands after the NOPASSWD keyword.

For example, to allow only the mkdir and mv commands you would use:

/etc/sudoers
linuxize ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/mv

Copy

Once done, save the file and exit the editor.

Instead of editing the sudoers file you can add a new file with the authorization rules to the /etc/sudoers.d directory. This approach will make the management of the sudo privileges more maintainable.

Open your text editor and create the file:

sudo nano /etc/sudoers.d/linuxize

Copy

You can name the file as you want, but usually it ia a good idea to use the user name as the name of the file.

/etc/sudoers.d/linuxize

Add the same rule as you would add to the sudoers file:

linuxize  ALL=(ALL) NOPASSWD:ALL

Copy

Finally, save the file and close the editor.

Running sudo without a password is useful when you have scripts where a non-root user needs to execute administrative tasks.

Source: https://linuxize.com/post/how-to-run-sudo-command-without-password/

Leave a Reply

Your email address will not be published. Required fields are marked *