To give a specific user access to sudo without having to enter a password you have to edit the /etc/sudoers configuration file. For security reasons you should only edit the file using the visudo command.

$ sudo visudo

In Ubuntu the following lines are placed at the bottom of /etc/sudoers by default. This gives your default user access to sudo as well as any other user in the admin group.

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

If you want to allow sudo access without passwords for all users in the admin group you can simply add the NOPASSWD option to this line and be done.

%admin ALL=(ALL) NOPASSWD: ALL

If you want to give a specific user sudo access without passwords, you will have to add an additional line for each user. These lines will conflict with the default admin line above so they must be placed at the end of the sudoers file. The reason for this is that sudo will handle contradicting configuration lines by giving priority to the line closest to the bottom of the file.

Add the following line to the end of the file, replace ‘ryan’ with your username.

ryan    ALL=(ALL) NOPASSWD: ALL

Add a line for each user that you wish to have access.

For more ways to use and configure sudo have a look here.

Related posts

1. Submit commands as root with sudo
2. How to SSH into Ubuntu LiveCD
3. Share a remote filesystem over SSH

Among the most valuable tools at a Linux administrators disposal is sudo. It lets ordinary users temporarily submit commands as root or another user.

To use use this command simply put sudo before any command you want to run with root permissions.

sudo command

To submit commands as another user use the ‘-u‘ option and the username. This will submit a command as the user ryan.

sudo -u ryan command

The sudo configuration file is located at /etc/sudoers.

Although /etc/sudoers file is a regular text which root can edit manually, it is recommended that you only edit it using visudo. The visudo editor locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for errors.

The /etc/sudoers file has the general format:

user hostlist = (userlist) commandlist

This is a basic configuration and will allow the user ryan to run any command, on any host, as any user.

# User privilege specification
root    ALL=(ALL) ALL
ryan    ALL=(ALL) ALL

Here is a more complex example.

ryan     tuxbox=(bob, bill)   /bin/kill

This will give ryan access to run “kill” as the users bob and bill using “sudo -u” on the host “tuxbox”.

When using the above configurations you will be prompted for ryan’s password before sudo will execute your command. After the pasword is accepted, you will have a 5 minute window to submit other commands without further password requests.

Submitting a password has its security benefits, but if you are ok without it, there is a way around this inconvenience. If you don’t want to enter a password add the NOPASSWD tag to the configuration file like this.

# User privilege specification
root    ALL=(ALL) ALL
ryan    ALL=(ALL) NOPASSWD: ALL

If there are configuration lines that contradict one another sudo will give priority to the line closest to the bottom of the file. So if you make changes and they don’t seem to take effect, check that this is not the case.

All calls to sudo are logged in /var/log/messages so you have the ability to keep track of who did what on the system.

Related posts

1. Allow sudo access without passwords in Ubuntu
2. List all open files with lsof
3. Essential Linux Commands