Execute sudo without Password?How do I sudo without having to enter my password?How do I remove Ubuntu's password requirement?Executing root commands without root password within a shell scriptStop prompting for password every time I do something requiring privilegesSudo su setting default password automatiqueHow to be superuser?Sudo doesn't recognize correct passwordHow do I get rid of the password promting in the Terminal?Making sudo not ask for passwordConfiguration needed so that sudo doesn't have to be typed before commandsCan't sudo after removing password from administrator accountBlock a command from sudo userSudo execute command in PythonscriptSudo is not asking for password on Ubuntu 16.04Display a message while prompting for sudo passwordSudo requires password after adding user to sudoers
Is using Observer pattern a good idea while building a Chess Game?
Is it OK for a Buddhist teacher to charge their students an hourly rate for their time?
What should be done when the theory behind a PhD thesis turns out to be wrong?
Is there a BIOS setting that controls cpu load sharing?
How much tech advancement could be made out of modern processor appearing in 1980s?
Is leave-one-out cross validation known to systematically overestimate error?
Site is accessible by domain in all browsers but Chrome
Difference between "* and "+ registers in +clipboard VIM?
Can a Sorcerer use the Silence spell and the Subtle Spell Metamagic to silently cast the Knock spell?
What spells could cure a stroke?
Roll for Initiative!
Is lens flare shot organically, or added in post-production?
Who's next to me in the queue?
Why is Brownian motion useful in finance?
Who owns copyright on works found in a storage unit/attic?
No-cloning theorem and fan-out gate
Why does atmospheric pressure acts on us?
how to change position of label and icon in LWC
Is there a material or method to allow "swimmable" coins?
Am I obligated to pass on domain knowledge after being let go?
Is there a solution of the Yamabe problem using Ricci flow?
How long should a hash be to be absolutely secure?
Do insurance rates depend on credit scores?
New manager unapproved PTO my old manager approved
Execute sudo without Password?
How do I sudo without having to enter my password?How do I remove Ubuntu's password requirement?Executing root commands without root password within a shell scriptStop prompting for password every time I do something requiring privilegesSudo su setting default password automatiqueHow to be superuser?Sudo doesn't recognize correct passwordHow do I get rid of the password promting in the Terminal?Making sudo not ask for passwordConfiguration needed so that sudo doesn't have to be typed before commandsCan't sudo after removing password from administrator accountBlock a command from sudo userSudo execute command in PythonscriptSudo is not asking for password on Ubuntu 16.04Display a message while prompting for sudo passwordSudo requires password after adding user to sudoers
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty
margin-bottom:0;
Inspired by this question....
I am the sole person using my system with 12.04.
Every time I issue a sudo command; the system asks for the user password (which is good in its own way).
However I was thinking; without activating the root account; how can I execute the sudo commands which will not ask for user password to authenticate.
NOTE: I want to execute sudo command without authenticating via password; only when they are executed via terminal.
I don't want to remove this extra layer of security from other functions such a while using 'Ubuntu software center' or executing a bash script by drag-drop something.sh file to the terminal.
command-line password sudo root
edited Apr 13 '17 at 12:23
Community♦
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
add a comment
|
Inspired by this question....
I am the sole person using my system with 12.04.
Every time I issue a sudo command; the system asks for the user password (which is good in its own way).
However I was thinking; without activating the root account; how can I execute the sudo commands which will not ask for user password to authenticate.
NOTE: I want to execute sudo command without authenticating via password; only when they are executed via terminal.
I don't want to remove this extra layer of security from other functions such a while using 'Ubuntu software center' or executing a bash script by drag-drop something.sh file to the terminal.
command-line password sudo root
edited Apr 13 '17 at 12:23
Community♦
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
2
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
1
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12
add a comment
|
Inspired by this question....
I am the sole person using my system with 12.04.
Every time I issue a sudo command; the system asks for the user password (which is good in its own way).
However I was thinking; without activating the root account; how can I execute the sudo commands which will not ask for user password to authenticate.
NOTE: I want to execute sudo command without authenticating via password; only when they are executed via terminal.
I don't want to remove this extra layer of security from other functions such a while using 'Ubuntu software center' or executing a bash script by drag-drop something.sh file to the terminal.
command-line password sudo root
edited Apr 13 '17 at 12:23
Community♦
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
Inspired by this question....
I am the sole person using my system with 12.04.
Every time I issue a sudo command; the system asks for the user password (which is good in its own way).
However I was thinking; without activating the root account; how can I execute the sudo commands which will not ask for user password to authenticate.
NOTE: I want to execute sudo command without authenticating via password; only when they are executed via terminal.
I don't want to remove this extra layer of security from other functions such a while using 'Ubuntu software center' or executing a bash script by drag-drop something.sh file to the terminal.
command-line password sudo root
command-line password sudo root
edited Apr 13 '17 at 12:23
Community♦
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
edited Apr 13 '17 at 12:23
Community♦
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
edited Apr 13 '17 at 12:23
Community♦
1
edited Apr 13 '17 at 12:23
Community♦
1
edited Apr 13 '17 at 12:23
Community♦
1
1
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
asked Jun 6 '12 at 12:30
Bhavesh DiwanBhavesh Diwan
7,96710 gold badges27 silver badges40 bronze badges
7,96710 gold badges27 silver badges40 bronze badges
2
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
1
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12
add a comment
|
2
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
1
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12
2
2
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
1
1
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12
add a comment
|
10 Answers
10
active
oldest
votes
sudo -i is the way to go if you don't want to be typing a password every 10 mins while doing modifications in your system (or other systems), and you don't want to modify any system files.
It will switch you to root using your sudo user password, when you close the console or type exit you are back to your normal user.
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
@Z9iT until you typeexitor until you close the terminal emulator window.
– Bruno Pereira
Jun 8 '12 at 8:33
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
|
show 3 more comments
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press ctl+x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
15
It's recommended to usesudo visudoinstead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing withvim, use:wq!to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.
– Lekensteyn
Jun 6 '12 at 13:49
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
@wil93 you are missing the point: a script that calls forsudo install crapwarewill not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.
– Bruno Pereira
Aug 28 '14 at 12:46
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always dorm -rf ~messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.
– wil93
Aug 29 '14 at 0:54
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
|
show 15 more comments
Root sudo timeouts are the easiest and safest way of doing this. I'll lay out all examples but be warned it is very risky any way you do this although this way is much safer:
sudo visudo
This opens an editor and points it to the sudoers file -- Ubuntu defaults to nano, other systems use Vi. You're now a super user editing one of the most important files on your system. No stress!
(Vi specific instructions noted with (vi!). Ignore these if you're using nano.)
Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type:
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5.
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w Enter to write the file and :q Enter to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! Enter.
Hit Ctrl+X, then Y, then Enter to save your file and exit nano.
You might want to read the sudoers and vi manual pages for additional information.
man sudoers
man vi
Reset timeout value using:
sudo -k
These instructions are to remove the prompt for a password when using the sudo command. The sudo command will still need to be used for root access though.
Edit the sudoers file
Open a Terminal window. Type in sudo visudo. Add the following line to the END of the file (if not at the end it can be nullified by later entries):
<username> ALL=NOPASSWD: ALL
Replace <username> with your username (without the <>). This is assuming that Ubuntu has created a group with the same name as your user name, which is typical. You can alternately use the group users or any other such group you are in. Just make sure you are in that group. This can be checked by going to System -> Administration -> Users and Groups.
Example:
michael ALL=NOPASSWD: ALL
Type in ^X (Ctrl+X) to exit. This should prompt for an option to save the file, type in Y to save.
Log out, and then log back in. This should now allow you to run the sudo command without being prompted for a password.
The root account
Enabling the root account
Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a Root login shell using the following command:
sudo -i
However, if you must enable root logins, you can do it like this:
sudo passwd root
Re-disabling your root account
If for some reason you have enabled your root account and wish to disable it again, use the following command in the terminal:
sudo passwd -dl root
System-wide group sudo
root$ echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
Log out, and then back in.
Reset sudo timeout
You can make sure sudo asks for password next time by running:
sudo -k
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.sudo env EDITOR=/bin/nano visudoto reliably editsudoersin nano. (update-alternatives can be used to set the editor as well)
– Gert van den Berg
Nov 19 '18 at 12:10
add a comment
|
The preferred way to grant individual (or group) permissions would be to add files under /etc/sudoers.d
This separates local changes from the default policy and saves time in case the distribution sudoers file changes.
To make the currently logged in user a a sudoer and make sudo not prompt them for a password, use
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER
this will create a file called /etc/sudoers.d/$USER (where $USER is the username of the user that you were logged in as when you ran that command), making it clear which users are granted permission.
If you want to do that for a different user, just replace both instances of $USER with some other username in the above command.
echo "otheruser ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/otheruser
Similarly, one file can be used to manage multiple directives:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/local
See /etc/sudoers.d/README and man sudoers for more information.
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
The right way is to do it withteecommand.
– woto
Jan 19 '18 at 8:10
1
This is a better way that works:sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed bysudo chmod 440 /etc/sudoers.d/$(logname)
– paradroid
Nov 14 '18 at 16:32
Insudo ... >fileshell redirection is executed in the original shell, so it could work only in root shell.
– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username
– Carson Ip
Nov 27 '18 at 9:42
add a comment
|
Nice one-liner to remove sudo prompts for the current user
sudo bash -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)'
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
2
I think you could just do:echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, onlyvisudoneedssudoafter all (and evenenvwon't be needed in the default configuration, IIRC).
– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".
– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need tosudo chmod 440 /etc/sudoers.d/$(logname)to correct file permissions as stated in the README in that directory.
– paradroid
Nov 14 '18 at 16:33
add a comment
|
Of course what you want to do isn't recommended. After a while, though entering sudo becomes so automatic that its usefulness diminishes.
Another approach is to leave your sudoers file as is and, while doing something complicated to your umpteen hundred servers, enter sudo bash . That will give you a shell that will be authenticated as root until you exit it.
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
12
sudo -sorsudo -iare probably both better ideas thansudo bash, because they ensure the environment is sane and things.
– Darael
Jun 27 '12 at 20:59
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
a number ofsudocommands (thinking especially ofsudo pip ...) requiresudo -H(set HOME) in order for the command to run properly. In other cases,sudo -E(preserve env) may be required. Runningsudo bashprobably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.
– michael
Sep 20 '16 at 6:43
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
add a comment
|
From Super User comes a good answer:
Use the -S switch which reads the password from STDIN:
echo <password> | sudo -S <command>
Replace <password> with your password.
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
@HappyCactus can you place once space in front ofechoso it doesn't appear in history?
– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
|
show 1 more comment
One liner
sudo sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
add a comment
|
This is a one line solution that also changes files permissions as stated in /etc/sudoer.d/README:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)' & sudo chmod 440 /etc/sudoers.d/$(logname)
edited Aug 2 at 1:25
Community♦
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
add a comment
|
Expanding on @upteryx idea.
This is how I've implemented the non-root, passwordless user in an ephemeral Docker Image for use in a CICD pipeline:
RUN
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Customized the sudoers file for passwordless access to the foo user!" &&
echo "foo user:"; su - foo -c id
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
add a comment
|
10 Answers
10
active
oldest
votes
10 Answers
10
active
oldest
votes
active
oldest
votes
active
oldest
votes
sudo -i is the way to go if you don't want to be typing a password every 10 mins while doing modifications in your system (or other systems), and you don't want to modify any system files.
It will switch you to root using your sudo user password, when you close the console or type exit you are back to your normal user.
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
@Z9iT until you typeexitor until you close the terminal emulator window.
– Bruno Pereira
Jun 8 '12 at 8:33
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
|
show 3 more comments
sudo -i is the way to go if you don't want to be typing a password every 10 mins while doing modifications in your system (or other systems), and you don't want to modify any system files.
It will switch you to root using your sudo user password, when you close the console or type exit you are back to your normal user.
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
@Z9iT until you typeexitor until you close the terminal emulator window.
– Bruno Pereira
Jun 8 '12 at 8:33
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
|
show 3 more comments
sudo -i is the way to go if you don't want to be typing a password every 10 mins while doing modifications in your system (or other systems), and you don't want to modify any system files.
It will switch you to root using your sudo user password, when you close the console or type exit you are back to your normal user.
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
sudo -i is the way to go if you don't want to be typing a password every 10 mins while doing modifications in your system (or other systems), and you don't want to modify any system files.
It will switch you to root using your sudo user password, when you close the console or type exit you are back to your normal user.
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
edited Nov 11 '14 at 22:42
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
answered Jun 6 '12 at 13:36
Bruno PereiraBruno Pereira
64.9k27 gold badges184 silver badges209 bronze badges
64.9k27 gold badges184 silver badges209 bronze badges
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
@Z9iT until you typeexitor until you close the terminal emulator window.
– Bruno Pereira
Jun 8 '12 at 8:33
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
|
show 3 more comments
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
@Z9iT until you typeexitor until you close the terminal emulator window.
– Bruno Pereira
Jun 8 '12 at 8:33
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
2
2
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
Will this hold true that I enter password only once... and till the time I don't exit; weather 5 hrs. or 15.... the system wont ask for authentication by password when any sudo command is issued.
– Bhavesh Diwan
Jun 7 '12 at 21:10
2
2
@Z9iT until you type
exit or until you close the terminal emulator window.– Bruno Pereira
Jun 8 '12 at 8:33
@Z9iT until you type
exit or until you close the terminal emulator window.– Bruno Pereira
Jun 8 '12 at 8:33
2
2
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
Thanks.. Accepted this answer because it servers the purpose of issuing sudo commands without password authentication for n-hours till the time we won't exit.. Not modifying system files is a plus.
– Bhavesh Diwan
Jun 8 '12 at 9:58
3
3
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
This doesn't really answer the question, because you still need to enter the password to become root at that point.
– Adam F
Jun 2 '15 at 22:00
2
2
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
Not if you're running a virtual machine in a secured environment and you just want the thing to do something immediately and you do not want to deal with passwords. This answer does not answer the question, while it is arguably helpful information. I agree with Adam F
– Jonathan Komar
Aug 10 '16 at 8:34
|
show 3 more comments
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press ctl+x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
15
It's recommended to usesudo visudoinstead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing withvim, use:wq!to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.
– Lekensteyn
Jun 6 '12 at 13:49
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
@wil93 you are missing the point: a script that calls forsudo install crapwarewill not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.
– Bruno Pereira
Aug 28 '14 at 12:46
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always dorm -rf ~messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.
– wil93
Aug 29 '14 at 0:54
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
|
show 15 more comments
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press ctl+x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
15
It's recommended to usesudo visudoinstead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing withvim, use:wq!to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.
– Lekensteyn
Jun 6 '12 at 13:49
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
@wil93 you are missing the point: a script that calls forsudo install crapwarewill not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.
– Bruno Pereira
Aug 28 '14 at 12:46
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always dorm -rf ~messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.
– wil93
Aug 29 '14 at 0:54
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
|
show 15 more comments
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press ctl+x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
You can configure sudo to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press ctl+x to exit nano and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want> in a Terminal window without being prompted for the password.
This only applies, to using the sudo command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
edited Aug 1 at 21:48
Boris
6718 silver badges19 bronze badges
6718 silver badges19 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
answered Jun 6 '12 at 13:20
Octávio Filipe GonçalvesOctávio Filipe Gonçalves
12.1k4 gold badges15 silver badges23 bronze badges
12.1k4 gold badges15 silver badges23 bronze badges
15
It's recommended to usesudo visudoinstead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing withvim, use:wq!to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.
– Lekensteyn
Jun 6 '12 at 13:49
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
@wil93 you are missing the point: a script that calls forsudo install crapwarewill not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.
– Bruno Pereira
Aug 28 '14 at 12:46
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always dorm -rf ~messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.
– wil93
Aug 29 '14 at 0:54
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
|
show 15 more comments
15
It's recommended to usesudo visudoinstead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing withvim, use:wq!to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.
– Lekensteyn
Jun 6 '12 at 13:49
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
@wil93 you are missing the point: a script that calls forsudo install crapwarewill not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.
– Bruno Pereira
Aug 28 '14 at 12:46
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always dorm -rf ~messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.
– wil93
Aug 29 '14 at 0:54
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
15
15
It's recommended to use
sudo visudo instead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing with vim, use :wq! to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.– Lekensteyn
Jun 6 '12 at 13:49
It's recommended to use
sudo visudo instead of editing it directly. Also changing the permissions of the sudoers may lock yourself out. When editing with vim, use :wq! to write to read-only files and quit the editor. In that way, permissions 644 are not necessary.– Lekensteyn
Jun 6 '12 at 13:49
9
9
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
This is a serious security risk, anyone taking over any account with sudo rights can take control of the complete system and lock any further access to this computer, seriously not recommended.
– Bruno Pereira
Sep 12 '13 at 9:06
6
6
@wil93 you are missing the point: a script that calls for
sudo install crapware will not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.– Bruno Pereira
Aug 28 '14 at 12:46
@wil93 you are missing the point: a script that calls for
sudo install crapware will not ask for a password in this case and might mess up everything you have, and you do not need to be physically next to a machine to distribute scripts last time I checked... This is just an example.– Bruno Pereira
Aug 28 '14 at 12:46
13
13
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always do
rm -rf ~ messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.– wil93
Aug 29 '14 at 0:54
@BrunoPereira If you plan on running untrusted scripts then that is the security risk (even if sudo asks for a password, a malicious script could always do
rm -rf ~ messing quite some things up). Overall, I wouldn't call «serious security risk» the simple removal of password prompt from sudo.– wil93
Aug 29 '14 at 0:54
5
5
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
Agree with @wil93. When running a untrusted script, inputing password is no more than a chance to cancel the process, while I doubt it's useless for most people. The point is you know where the script from and what it does.
– Chad
Sep 4 '16 at 8:49
|
show 15 more comments
Root sudo timeouts are the easiest and safest way of doing this. I'll lay out all examples but be warned it is very risky any way you do this although this way is much safer:
sudo visudo
This opens an editor and points it to the sudoers file -- Ubuntu defaults to nano, other systems use Vi. You're now a super user editing one of the most important files on your system. No stress!
(Vi specific instructions noted with (vi!). Ignore these if you're using nano.)
Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type:
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5.
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w Enter to write the file and :q Enter to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! Enter.
Hit Ctrl+X, then Y, then Enter to save your file and exit nano.
You might want to read the sudoers and vi manual pages for additional information.
man sudoers
man vi
Reset timeout value using:
sudo -k
These instructions are to remove the prompt for a password when using the sudo command. The sudo command will still need to be used for root access though.
Edit the sudoers file
Open a Terminal window. Type in sudo visudo. Add the following line to the END of the file (if not at the end it can be nullified by later entries):
<username> ALL=NOPASSWD: ALL
Replace <username> with your username (without the <>). This is assuming that Ubuntu has created a group with the same name as your user name, which is typical. You can alternately use the group users or any other such group you are in. Just make sure you are in that group. This can be checked by going to System -> Administration -> Users and Groups.
Example:
michael ALL=NOPASSWD: ALL
Type in ^X (Ctrl+X) to exit. This should prompt for an option to save the file, type in Y to save.
Log out, and then log back in. This should now allow you to run the sudo command without being prompted for a password.
The root account
Enabling the root account
Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a Root login shell using the following command:
sudo -i
However, if you must enable root logins, you can do it like this:
sudo passwd root
Re-disabling your root account
If for some reason you have enabled your root account and wish to disable it again, use the following command in the terminal:
sudo passwd -dl root
System-wide group sudo
root$ echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
Log out, and then back in.
Reset sudo timeout
You can make sure sudo asks for password next time by running:
sudo -k
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.sudo env EDITOR=/bin/nano visudoto reliably editsudoersin nano. (update-alternatives can be used to set the editor as well)
– Gert van den Berg
Nov 19 '18 at 12:10
add a comment
|
Root sudo timeouts are the easiest and safest way of doing this. I'll lay out all examples but be warned it is very risky any way you do this although this way is much safer:
sudo visudo
This opens an editor and points it to the sudoers file -- Ubuntu defaults to nano, other systems use Vi. You're now a super user editing one of the most important files on your system. No stress!
(Vi specific instructions noted with (vi!). Ignore these if you're using nano.)
Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type:
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5.
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w Enter to write the file and :q Enter to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! Enter.
Hit Ctrl+X, then Y, then Enter to save your file and exit nano.
You might want to read the sudoers and vi manual pages for additional information.
man sudoers
man vi
Reset timeout value using:
sudo -k
These instructions are to remove the prompt for a password when using the sudo command. The sudo command will still need to be used for root access though.
Edit the sudoers file
Open a Terminal window. Type in sudo visudo. Add the following line to the END of the file (if not at the end it can be nullified by later entries):
<username> ALL=NOPASSWD: ALL
Replace <username> with your username (without the <>). This is assuming that Ubuntu has created a group with the same name as your user name, which is typical. You can alternately use the group users or any other such group you are in. Just make sure you are in that group. This can be checked by going to System -> Administration -> Users and Groups.
Example:
michael ALL=NOPASSWD: ALL
Type in ^X (Ctrl+X) to exit. This should prompt for an option to save the file, type in Y to save.
Log out, and then log back in. This should now allow you to run the sudo command without being prompted for a password.
The root account
Enabling the root account
Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a Root login shell using the following command:
sudo -i
However, if you must enable root logins, you can do it like this:
sudo passwd root
Re-disabling your root account
If for some reason you have enabled your root account and wish to disable it again, use the following command in the terminal:
sudo passwd -dl root
System-wide group sudo
root$ echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
Log out, and then back in.
Reset sudo timeout
You can make sure sudo asks for password next time by running:
sudo -k
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.sudo env EDITOR=/bin/nano visudoto reliably editsudoersin nano. (update-alternatives can be used to set the editor as well)
– Gert van den Berg
Nov 19 '18 at 12:10
add a comment
|
Root sudo timeouts are the easiest and safest way of doing this. I'll lay out all examples but be warned it is very risky any way you do this although this way is much safer:
sudo visudo
This opens an editor and points it to the sudoers file -- Ubuntu defaults to nano, other systems use Vi. You're now a super user editing one of the most important files on your system. No stress!
(Vi specific instructions noted with (vi!). Ignore these if you're using nano.)
Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type:
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5.
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w Enter to write the file and :q Enter to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! Enter.
Hit Ctrl+X, then Y, then Enter to save your file and exit nano.
You might want to read the sudoers and vi manual pages for additional information.
man sudoers
man vi
Reset timeout value using:
sudo -k
These instructions are to remove the prompt for a password when using the sudo command. The sudo command will still need to be used for root access though.
Edit the sudoers file
Open a Terminal window. Type in sudo visudo. Add the following line to the END of the file (if not at the end it can be nullified by later entries):
<username> ALL=NOPASSWD: ALL
Replace <username> with your username (without the <>). This is assuming that Ubuntu has created a group with the same name as your user name, which is typical. You can alternately use the group users or any other such group you are in. Just make sure you are in that group. This can be checked by going to System -> Administration -> Users and Groups.
Example:
michael ALL=NOPASSWD: ALL
Type in ^X (Ctrl+X) to exit. This should prompt for an option to save the file, type in Y to save.
Log out, and then log back in. This should now allow you to run the sudo command without being prompted for a password.
The root account
Enabling the root account
Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a Root login shell using the following command:
sudo -i
However, if you must enable root logins, you can do it like this:
sudo passwd root
Re-disabling your root account
If for some reason you have enabled your root account and wish to disable it again, use the following command in the terminal:
sudo passwd -dl root
System-wide group sudo
root$ echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
Log out, and then back in.
Reset sudo timeout
You can make sure sudo asks for password next time by running:
sudo -k
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
Root sudo timeouts are the easiest and safest way of doing this. I'll lay out all examples but be warned it is very risky any way you do this although this way is much safer:
sudo visudo
This opens an editor and points it to the sudoers file -- Ubuntu defaults to nano, other systems use Vi. You're now a super user editing one of the most important files on your system. No stress!
(Vi specific instructions noted with (vi!). Ignore these if you're using nano.)
Use the arrow keys to move to the end of the Defaults line.
(vi!) press the A (capital "a") key to move at the end of the current line and enter editing mode (append after the last character on the line).
Now type:
,timestamp_timeout=X
where X is the timeout expiration in minutes. If you specify 0 you will always be asked the password. If you specify a negative value, the timeout will never expire. E.g. Defaults env_reset,timestamp_timeout=5.
(vi!) hit Escape to return to command mode. Now, if you're happy with your editing, type in :w Enter to write the file and :q Enter to exit vi. If you made a mistake, perhaps the easiest way is to redo from start, to exit without saving (hit Escape to enter the command mode) and then type :q! Enter.
Hit Ctrl+X, then Y, then Enter to save your file and exit nano.
You might want to read the sudoers and vi manual pages for additional information.
man sudoers
man vi
Reset timeout value using:
sudo -k
These instructions are to remove the prompt for a password when using the sudo command. The sudo command will still need to be used for root access though.
Edit the sudoers file
Open a Terminal window. Type in sudo visudo. Add the following line to the END of the file (if not at the end it can be nullified by later entries):
<username> ALL=NOPASSWD: ALL
Replace <username> with your username (without the <>). This is assuming that Ubuntu has created a group with the same name as your user name, which is typical. You can alternately use the group users or any other such group you are in. Just make sure you are in that group. This can be checked by going to System -> Administration -> Users and Groups.
Example:
michael ALL=NOPASSWD: ALL
Type in ^X (Ctrl+X) to exit. This should prompt for an option to save the file, type in Y to save.
Log out, and then log back in. This should now allow you to run the sudo command without being prompted for a password.
The root account
Enabling the root account
Enabling the root account is rarely necessary. Almost everything you need to do as administrator of an Ubuntu system can be done via sudo or gksudo. If you really need a persistent root login, the best alternative is to simulate a Root login shell using the following command:
sudo -i
However, if you must enable root logins, you can do it like this:
sudo passwd root
Re-disabling your root account
If for some reason you have enabled your root account and wish to disable it again, use the following command in the terminal:
sudo passwd -dl root
System-wide group sudo
root$ echo "%sudo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
Log out, and then back in.
Reset sudo timeout
You can make sure sudo asks for password next time by running:
sudo -k
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
edited Jul 30 '17 at 23:56
Eliah Kagan
96.8k25 gold badges260 silver badges417 bronze badges
96.8k25 gold badges260 silver badges417 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
answered Oct 30 '13 at 1:15
user209328user209328
3713 silver badges3 bronze badges
3713 silver badges3 bronze badges
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.sudo env EDITOR=/bin/nano visudoto reliably editsudoersin nano. (update-alternatives can be used to set the editor as well)
– Gert van den Berg
Nov 19 '18 at 12:10
add a comment
|
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.sudo env EDITOR=/bin/nano visudoto reliably editsudoersin nano. (update-alternatives can be used to set the editor as well)
– Gert van den Berg
Nov 19 '18 at 12:10
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
I posted this before I added, for a system wide way of doing this and others read here:
– user209328
Oct 30 '13 at 1:17
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
This was a late answer, but is the most comprehensive in terms of the options it gives you.
– jenming
Mar 4 '17 at 23:12
1
1
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
Hmm, on Ubuntu 18.04 MATE this works perfectly, while doing the same on Ubuntu 18.04 GNOME caused me wrinkles with the "username is not in the sudoers file..." problem. Now, this is why so many pple just hate linux - cuz it is rarely "causal" :D Just in case U run into the same... This is how you fix the problem: tecmint.com/…
– Peter
Nov 12 '18 at 20:33
The EDITOR environment variable can set the editor used... e.g.
sudo env EDITOR=/bin/nano visudo to reliably edit sudoers in nano. (update-alternatives can be used to set the editor as well)– Gert van den Berg
Nov 19 '18 at 12:10
The EDITOR environment variable can set the editor used... e.g.
sudo env EDITOR=/bin/nano visudo to reliably edit sudoers in nano. (update-alternatives can be used to set the editor as well)– Gert van den Berg
Nov 19 '18 at 12:10
add a comment
|
The preferred way to grant individual (or group) permissions would be to add files under /etc/sudoers.d
This separates local changes from the default policy and saves time in case the distribution sudoers file changes.
To make the currently logged in user a a sudoer and make sudo not prompt them for a password, use
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER
this will create a file called /etc/sudoers.d/$USER (where $USER is the username of the user that you were logged in as when you ran that command), making it clear which users are granted permission.
If you want to do that for a different user, just replace both instances of $USER with some other username in the above command.
echo "otheruser ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/otheruser
Similarly, one file can be used to manage multiple directives:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/local
See /etc/sudoers.d/README and man sudoers for more information.
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
The right way is to do it withteecommand.
– woto
Jan 19 '18 at 8:10
1
This is a better way that works:sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed bysudo chmod 440 /etc/sudoers.d/$(logname)
– paradroid
Nov 14 '18 at 16:32
Insudo ... >fileshell redirection is executed in the original shell, so it could work only in root shell.
– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username
– Carson Ip
Nov 27 '18 at 9:42
add a comment
|
The preferred way to grant individual (or group) permissions would be to add files under /etc/sudoers.d
This separates local changes from the default policy and saves time in case the distribution sudoers file changes.
To make the currently logged in user a a sudoer and make sudo not prompt them for a password, use
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER
this will create a file called /etc/sudoers.d/$USER (where $USER is the username of the user that you were logged in as when you ran that command), making it clear which users are granted permission.
If you want to do that for a different user, just replace both instances of $USER with some other username in the above command.
echo "otheruser ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/otheruser
Similarly, one file can be used to manage multiple directives:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/local
See /etc/sudoers.d/README and man sudoers for more information.
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
The right way is to do it withteecommand.
– woto
Jan 19 '18 at 8:10
1
This is a better way that works:sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed bysudo chmod 440 /etc/sudoers.d/$(logname)
– paradroid
Nov 14 '18 at 16:32
Insudo ... >fileshell redirection is executed in the original shell, so it could work only in root shell.
– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username
– Carson Ip
Nov 27 '18 at 9:42
add a comment
|
The preferred way to grant individual (or group) permissions would be to add files under /etc/sudoers.d
This separates local changes from the default policy and saves time in case the distribution sudoers file changes.
To make the currently logged in user a a sudoer and make sudo not prompt them for a password, use
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER
this will create a file called /etc/sudoers.d/$USER (where $USER is the username of the user that you were logged in as when you ran that command), making it clear which users are granted permission.
If you want to do that for a different user, just replace both instances of $USER with some other username in the above command.
echo "otheruser ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/otheruser
Similarly, one file can be used to manage multiple directives:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/local
See /etc/sudoers.d/README and man sudoers for more information.
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
The preferred way to grant individual (or group) permissions would be to add files under /etc/sudoers.d
This separates local changes from the default policy and saves time in case the distribution sudoers file changes.
To make the currently logged in user a a sudoer and make sudo not prompt them for a password, use
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/$USER
this will create a file called /etc/sudoers.d/$USER (where $USER is the username of the user that you were logged in as when you ran that command), making it clear which users are granted permission.
If you want to do that for a different user, just replace both instances of $USER with some other username in the above command.
echo "otheruser ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/otheruser
Similarly, one file can be used to manage multiple directives:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers.d/local
See /etc/sudoers.d/README and man sudoers for more information.
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
edited Aug 2 at 4:38
Boris
6718 silver badges19 bronze badges
6718 silver badges19 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
answered Feb 1 '17 at 15:54
user1656671user1656671
5106 silver badges7 bronze badges
5106 silver badges7 bronze badges
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
The right way is to do it withteecommand.
– woto
Jan 19 '18 at 8:10
1
This is a better way that works:sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed bysudo chmod 440 /etc/sudoers.d/$(logname)
– paradroid
Nov 14 '18 at 16:32
Insudo ... >fileshell redirection is executed in the original shell, so it could work only in root shell.
– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username
– Carson Ip
Nov 27 '18 at 9:42
add a comment
|
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
The right way is to do it withteecommand.
– woto
Jan 19 '18 at 8:10
1
This is a better way that works:sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed bysudo chmod 440 /etc/sudoers.d/$(logname)
– paradroid
Nov 14 '18 at 16:32
Insudo ... >fileshell redirection is executed in the original shell, so it could work only in root shell.
– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username
– Carson Ip
Nov 27 '18 at 9:42
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
the echo command failed, even though i'm root. but, I added the file and edited it directly and this worked on latest ubuntu (whereas adding the user to the sudoers directly did not!)
– scape
Oct 24 '17 at 13:43
1
1
The right way is to do it with
tee command.– woto
Jan 19 '18 at 8:10
The right way is to do it with
tee command.– woto
Jan 19 '18 at 8:10
1
1
This is a better way that works:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed by sudo chmod 440 /etc/sudoers.d/$(logname)– paradroid
Nov 14 '18 at 16:32
This is a better way that works:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)', followed by sudo chmod 440 /etc/sudoers.d/$(logname)– paradroid
Nov 14 '18 at 16:32
In
sudo ... >file shell redirection is executed in the original shell, so it could work only in root shell.– Konstantin Pelepelin
Nov 26 '18 at 13:23
In
sudo ... >file shell redirection is executed in the original shell, so it could work only in root shell.– Konstantin Pelepelin
Nov 26 '18 at 13:23
the tee method, without permission issues:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username– Carson Ip
Nov 27 '18 at 9:42
the tee method, without permission issues:
echo "username ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/username– Carson Ip
Nov 27 '18 at 9:42
add a comment
|
Nice one-liner to remove sudo prompts for the current user
sudo bash -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)'
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
2
I think you could just do:echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, onlyvisudoneedssudoafter all (and evenenvwon't be needed in the default configuration, IIRC).
– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".
– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need tosudo chmod 440 /etc/sudoers.d/$(logname)to correct file permissions as stated in the README in that directory.
– paradroid
Nov 14 '18 at 16:33
add a comment
|
Nice one-liner to remove sudo prompts for the current user
sudo bash -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)'
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
2
I think you could just do:echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, onlyvisudoneedssudoafter all (and evenenvwon't be needed in the default configuration, IIRC).
– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".
– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need tosudo chmod 440 /etc/sudoers.d/$(logname)to correct file permissions as stated in the README in that directory.
– paradroid
Nov 14 '18 at 16:33
add a comment
|
Nice one-liner to remove sudo prompts for the current user
sudo bash -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)'
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
Nice one-liner to remove sudo prompts for the current user
sudo bash -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" | (EDITOR="tee -a" visudo)'
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
answered Jun 27 '16 at 17:50
Eric LandryEric Landry
1711 silver badge3 bronze badges
1711 silver badge3 bronze badges
2
I think you could just do:echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, onlyvisudoneedssudoafter all (and evenenvwon't be needed in the default configuration, IIRC).
– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".
– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need tosudo chmod 440 /etc/sudoers.d/$(logname)to correct file permissions as stated in the README in that directory.
– paradroid
Nov 14 '18 at 16:33
add a comment
|
2
I think you could just do:echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, onlyvisudoneedssudoafter all (and evenenvwon't be needed in the default configuration, IIRC).
– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".
– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need tosudo chmod 440 /etc/sudoers.d/$(logname)to correct file permissions as stated in the README in that directory.
– paradroid
Nov 14 '18 at 16:33
2
2
I think you could just do:
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, only visudo needs sudo after all (and even env won't be needed in the default configuration, IIRC).– muru
Jun 27 '16 at 20:38
I think you could just do:
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo env EDITOR="tee -a" visudo, only visudo needs sudo after all (and even env won't be needed in the default configuration, IIRC).– muru
Jun 27 '16 at 20:38
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (
sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".– michael
Sep 20 '16 at 6:47
there's so much that could go wrong here (all user-error, of course), that it is preferred, in my very humble opinion, to edit the sudoer file directly (
sudo visudo), while testing the result (with the editor still open), for those new users that might be tempted to try this "one-liner".– michael
Sep 20 '16 at 6:47
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
Thanks for the feedback! I was just quickly trying to script-ify the removal of sudo password prompt in my volatile test VMs. Feel free to suggest improvements :)
– Eric Landry
Sep 21 '16 at 16:35
You still need to
sudo chmod 440 /etc/sudoers.d/$(logname) to correct file permissions as stated in the README in that directory.– paradroid
Nov 14 '18 at 16:33
You still need to
sudo chmod 440 /etc/sudoers.d/$(logname) to correct file permissions as stated in the README in that directory.– paradroid
Nov 14 '18 at 16:33
add a comment
|
Of course what you want to do isn't recommended. After a while, though entering sudo becomes so automatic that its usefulness diminishes.
Another approach is to leave your sudoers file as is and, while doing something complicated to your umpteen hundred servers, enter sudo bash . That will give you a shell that will be authenticated as root until you exit it.
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
12
sudo -sorsudo -iare probably both better ideas thansudo bash, because they ensure the environment is sane and things.
– Darael
Jun 27 '12 at 20:59
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
a number ofsudocommands (thinking especially ofsudo pip ...) requiresudo -H(set HOME) in order for the command to run properly. In other cases,sudo -E(preserve env) may be required. Runningsudo bashprobably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.
– michael
Sep 20 '16 at 6:43
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
add a comment
|
Of course what you want to do isn't recommended. After a while, though entering sudo becomes so automatic that its usefulness diminishes.
Another approach is to leave your sudoers file as is and, while doing something complicated to your umpteen hundred servers, enter sudo bash . That will give you a shell that will be authenticated as root until you exit it.
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
12
sudo -sorsudo -iare probably both better ideas thansudo bash, because they ensure the environment is sane and things.
– Darael
Jun 27 '12 at 20:59
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
a number ofsudocommands (thinking especially ofsudo pip ...) requiresudo -H(set HOME) in order for the command to run properly. In other cases,sudo -E(preserve env) may be required. Runningsudo bashprobably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.
– michael
Sep 20 '16 at 6:43
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
add a comment
|
Of course what you want to do isn't recommended. After a while, though entering sudo becomes so automatic that its usefulness diminishes.
Another approach is to leave your sudoers file as is and, while doing something complicated to your umpteen hundred servers, enter sudo bash . That will give you a shell that will be authenticated as root until you exit it.
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
Of course what you want to do isn't recommended. After a while, though entering sudo becomes so automatic that its usefulness diminishes.
Another approach is to leave your sudoers file as is and, while doing something complicated to your umpteen hundred servers, enter sudo bash . That will give you a shell that will be authenticated as root until you exit it.
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
answered Jun 6 '12 at 13:27
John S GruberJohn S Gruber
12.3k3 gold badges30 silver badges60 bronze badges
12.3k3 gold badges30 silver badges60 bronze badges
12
sudo -sorsudo -iare probably both better ideas thansudo bash, because they ensure the environment is sane and things.
– Darael
Jun 27 '12 at 20:59
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
a number ofsudocommands (thinking especially ofsudo pip ...) requiresudo -H(set HOME) in order for the command to run properly. In other cases,sudo -E(preserve env) may be required. Runningsudo bashprobably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.
– michael
Sep 20 '16 at 6:43
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
add a comment
|
12
sudo -sorsudo -iare probably both better ideas thansudo bash, because they ensure the environment is sane and things.
– Darael
Jun 27 '12 at 20:59
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
a number ofsudocommands (thinking especially ofsudo pip ...) requiresudo -H(set HOME) in order for the command to run properly. In other cases,sudo -E(preserve env) may be required. Runningsudo bashprobably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.
– michael
Sep 20 '16 at 6:43
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
12
12
sudo -s or sudo -i are probably both better ideas than sudo bash, because they ensure the environment is sane and things.– Darael
Jun 27 '12 at 20:59
sudo -s or sudo -i are probably both better ideas than sudo bash, because they ensure the environment is sane and things.– Darael
Jun 27 '12 at 20:59
2
2
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
"sane and things" isn't generally in the realm of "better ideas", could someone give a technical explanation of why sudo -s or sudo -i is better than sudo bash? (Edit: Here is a relevant question askubuntu.com/questions/376199/… )
– Nuzzolilo
Jan 2 '16 at 22:58
2
2
a number of
sudo commands (thinking especially of sudo pip ...) require sudo -H (set HOME) in order for the command to run properly. In other cases, sudo -E (preserve env) may be required. Running sudo bash probably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.– michael
Sep 20 '16 at 6:43
a number of
sudo commands (thinking especially of sudo pip ...) require sudo -H (set HOME) in order for the command to run properly. In other cases, sudo -E (preserve env) may be required. Running sudo bash probably will work in most cases, but not in all, and when it doesn't, it won't be clear as to why.– michael
Sep 20 '16 at 6:43
1
1
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
sudo su is the traditional way to switch roles and start acting a sys admin.
– user1656671
Jan 21 '18 at 12:49
add a comment
|
From Super User comes a good answer:
Use the -S switch which reads the password from STDIN:
echo <password> | sudo -S <command>
Replace <password> with your password.
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
@HappyCactus can you place once space in front ofechoso it doesn't appear in history?
– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
|
show 1 more comment
From Super User comes a good answer:
Use the -S switch which reads the password from STDIN:
echo <password> | sudo -S <command>
Replace <password> with your password.
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
@HappyCactus can you place once space in front ofechoso it doesn't appear in history?
– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
|
show 1 more comment
From Super User comes a good answer:
Use the -S switch which reads the password from STDIN:
echo <password> | sudo -S <command>
Replace <password> with your password.
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
From Super User comes a good answer:
Use the -S switch which reads the password from STDIN:
echo <password> | sudo -S <command>
Replace <password> with your password.
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
answered May 17 '18 at 0:12
WinEunuuchs2UnixWinEunuuchs2Unix
66.4k18 gold badges125 silver badges245 bronze badges
66.4k18 gold badges125 silver badges245 bronze badges
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
@HappyCactus can you place once space in front ofechoso it doesn't appear in history?
– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
|
show 1 more comment
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
@HappyCactus can you place once space in front ofechoso it doesn't appear in history?
– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
3
3
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
This is not suggested, because the password remains in cleartype in the shell history file. Apply any of other solutions instead.
– HappyCactus
Nov 5 '18 at 15:02
1
1
@HappyCactus can you place once space in front of
echo so it doesn't appear in history?– WinEunuuchs2Unix
Nov 5 '18 at 15:09
@HappyCactus can you place once space in front of
echo so it doesn't appear in history?– WinEunuuchs2Unix
Nov 5 '18 at 15:09
1
1
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
Yes this will avoid exposing the cleartext password to the history file. But do you always remember to add it ? :-)
– HappyCactus
Nov 5 '18 at 15:38
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
@HappyCactus I tend to add leading space by accident and then get annoyed when history can't be recalled :) Anyway the Super User has 129 upvotes so I think it's a good answer to leave here. People will read our comments and know of the risks and risk aversion steps.
– WinEunuuchs2Unix
Nov 5 '18 at 15:41
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
I Totally Agree. Have a nice day!
– HappyCactus
Nov 5 '18 at 15:43
|
show 1 more comment
One liner
sudo sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
add a comment
|
One liner
sudo sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
add a comment
|
One liner
sudo sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
One liner
sudo sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g'
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
answered Feb 17 at 4:21
upteryxupteryx
763 bronze badges
763 bronze badges
add a comment
|
add a comment
|
This is a one line solution that also changes files permissions as stated in /etc/sudoer.d/README:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)' & sudo chmod 440 /etc/sudoers.d/$(logname)
edited Aug 2 at 1:25
Community♦
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
add a comment
|
This is a one line solution that also changes files permissions as stated in /etc/sudoer.d/README:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)' & sudo chmod 440 /etc/sudoers.d/$(logname)
edited Aug 2 at 1:25
Community♦
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
add a comment
|
This is a one line solution that also changes files permissions as stated in /etc/sudoer.d/README:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)' & sudo chmod 440 /etc/sudoers.d/$(logname)
edited Aug 2 at 1:25
Community♦
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
This is a one line solution that also changes files permissions as stated in /etc/sudoer.d/README:
sudo sh -c 'echo "$(logname) ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$(logname)' & sudo chmod 440 /etc/sudoers.d/$(logname)
edited Aug 2 at 1:25
Community♦
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
edited Aug 2 at 1:25
Community♦
1
edited Aug 2 at 1:25
Community♦
1
edited Aug 2 at 1:25
Community♦
1
1
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
answered Nov 14 '18 at 16:39
paradroidparadroid
1214 bronze badges
1214 bronze badges
add a comment
|
add a comment
|
Expanding on @upteryx idea.
This is how I've implemented the non-root, passwordless user in an ephemeral Docker Image for use in a CICD pipeline:
RUN
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Customized the sudoers file for passwordless access to the foo user!" &&
echo "foo user:"; su - foo -c id
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
add a comment
|
Expanding on @upteryx idea.
This is how I've implemented the non-root, passwordless user in an ephemeral Docker Image for use in a CICD pipeline:
RUN
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Customized the sudoers file for passwordless access to the foo user!" &&
echo "foo user:"; su - foo -c id
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
add a comment
|
Expanding on @upteryx idea.
This is how I've implemented the non-root, passwordless user in an ephemeral Docker Image for use in a CICD pipeline:
RUN
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Customized the sudoers file for passwordless access to the foo user!" &&
echo "foo user:"; su - foo -c id
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
Expanding on @upteryx idea.
This is how I've implemented the non-root, passwordless user in an ephemeral Docker Image for use in a CICD pipeline:
RUN
groupadd -g 999 foo && useradd -u 999 -g foo -G sudo -m -s /bin/bash foo &&
sed -i /etc/sudoers -re 's/^%sudo.*/%sudo ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^root.*/root ALL=(ALL:ALL) NOPASSWD: ALL/g' &&
sed -i /etc/sudoers -re 's/^#includedir.*/## **Removed the include directive** ##"/g' &&
echo "foo ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers &&
echo "Customized the sudoers file for passwordless access to the foo user!" &&
echo "foo user:"; su - foo -c id
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
answered Sep 28 at 20:45
Seth BergmanSeth Bergman
987 bronze badges
987 bronze badges
add a comment
|
add a comment
|
Highly active question. Earn 10 reputation in order to answer this question. The reputation requirement helps protect this question from spam and non-answer activity.
Highly active question. Earn 10 reputation in order to answer this question. The reputation requirement helps protect this question from spam and non-answer activity.
Highly active question. Earn 10 reputation in order to answer this question. The reputation requirement helps protect this question from spam and non-answer activity.
Highly active question. Earn 10 reputation in order to answer this question. The reputation requirement helps protect this question from spam and non-answer activity.
2
so you only want to be asked for the password in the terminal and for other things not, or the other way arround?! in both ways, I think its a high security breach
– Dr_Bunsen
Jun 6 '12 at 12:33
I want that system may not ask password only when in the terminal... for any other purpose the system must ask a password. This requirement is only temporary, and to be used while configuring n installing new servers.. during fresh server installations, it really take hours of configuring with sudo commands.. issuing password every 15 min. is headache. I don't want to use root account.
– Bhavesh Diwan
Jun 6 '12 at 12:44
You need to read the discussion in: askubuntu.com/questions/135428/…
– david6
Jun 9 '12 at 1:18
1
For sure you can prolong the timeout. Also, if you're frequently doing fresh server setups you should think about automating the process. You are not paid to type, you are paid to solve problems and to get sh*t done.
– MauganRa
Oct 12 '16 at 18:43
Related: How to run sudo command with no password?
– Eliah Kagan
Jul 26 '17 at 7:12