The sudo
(sudouser do) command is a tool in Linux systems, used to run commands or programs as another user, by default as root user. If you doing administration task then you need to use sudo
frequently. This article show you how to run sudo command without entering password.
To grant the sudo
access to a user you need to add the user to the sudo
group defined in sudoers file. In Debian, Ubuntu other Debian based distributions, members of the group sudo
are granted with sudo privileges while on RedHat based distributions such as CentOS and Fedora, the sudo group is wheel
.
The members of this sudo or wheel group will be asked to enter the password while using sudo command. It’s like an extra layer of security before granting sudo privileges. But sometimes, it’s required to omit this layer and allow to certain user to work with sudo
without being asked for the password.
Adding User to the Sudoers File
The information about user and group privileges are store in sudoers file. You should edit the sudoers file to configure the sudo access or you can add the separate configuration file to the /etc/sudoers.d
directory. After that you must include this directory in sudoer file.
Open the /etc/sudoers
file with the visudo
command:
Always use visudo
while making changes to sudoer file. This command checks the file after editing, and if there is a syntax error it will not save the changes.
By default, the visudo
command opens the /etc/sudoers
file with the vim text editor. If you are not familiar with vim editor you can use another text editor. You can change to nano text editor by typing:
sudo EDITOR=nano visudo
Add the following lines to the end of the file which will allow the user tecnstuff to run any command with sudo
without asking the password:
tecnstuff ALL=(ALL) NOPASSWD:ALL
Note : You must change the tecnstuff
with your username.
You also can allow specific commands without entering password by specifying the commands after NOPASSWD
keyword.
For example, if you want to just allow the mkdir and mv
commands:
tecnstuff ALL=(ALL) NOPASSWD:/bin/mkdir,/bin/mv
Save the files and quit the text editor.
Using /etc/sudoers.d
If you would like to manage the sudo
access in a uniform way, you can make separate file with the authorization rules in the /etc/sudoers.d
directory.
Create a file by opening your text editor:
sudo nano /etc/sudoers.d/tecnstuff
You can set any name for file, but it is best practice to use same name as username.
Add the same rule as you would add to the sudoers file:
tecnstuff ALL=(ALL) NOPASSWD:ALL
At last, save the file and quit the editor.
Conclusion
You have successfully learned how to configure the user to run sudo command without entering password. This is useful when you have scripts which execute administration task automatically.
If you have any questions or suggestion, please leave a comment below.