![]() ![]() If you try to run anything else as the sudo user, you will be prompted for a password and fail. where: is you username :D (saumun89, i.e.) is the user you want to change to. If you want to be prompted for a password, remove the NOPASSWD bit where you grant a user access to command groups. If you want to use sudo su - user without a password, you should (if you have the privileges) do the following on you sudoers file: ALL NOPASSWD: /bin/su - .Now if you try sudo apt-get update or sudo apt-get dist-upgrade those commands will execute without asking for a password. You can then give a specific user privileges to those commands like so: ALL=(ALL) NOPASSWD: SHUTDOWN_CMDS, UPDATE_COMMANDS You can group the commands that you want to grant access to like below: Cmnd_Alias SHUTDOWN_CMDS = /sbin/poweroff, /sbin/halt, /sbin/rebootĬmnd_Alias UPDATE_COMMANDS = /usr/bin/apt-get ![]() You can edit the sudoers file with an existing sudo user, with the command sudo visudo Traditionally in Debian based distributions, for the sudo command you use the sudo group.Sudo and the /etc/sudoers file aren't just for granting users full root access. ![]() NOTE: In Debian the group wheel is often used to restrict in PAM the use of su to a group, instead of using it for the sudo command as in RedHat/SuSE based distributions. If logged in the system, the intended user has then to logout and login for the change of the user belonging to the sudo group to take effect. To: # Allow members of group sudo to execute any command, no password From then on, it should work like a charm. On Ubuntu 16, there is a simpler way: just add the user to the sudo group, like this: sudo usermod -aG sudo username. You then edit the default line in /etc/sudoers for the sudo group with: $ sudo visudoĪnd change it from: # Allow members of group sudo to execute any command As mentioned by Basilevs you need to add your user to the sudoers file in order to avoid that sudo commands in the script get stuck awaiting the password. Modify /etc/sudoers for adding the NOPASSWD directive When you already have a sudo user, it is advised as good security practice, to set up the other users in the sudo group via that user: $ sudo gpasswd -a sudo Try surrounding the comma with single quotes like, as I have found some documentation that mentions that for commands like this. adduser my-user sudo gpasswd -a my-user sudo Then using visuo i added this line, based on this question. I created a new user on my ubuntu server 16.04 å4. but I need to mount the shares so that they are owned by a specific group. I need that a new user could execute sudo without any request of password, because this user has in crontab a. I already know how to setup for ALL commands. Passwordless sudo of a command containing a comma. This is not a duplicate of the below mentioned as my goal is circumvent the password prompt (use NOPASSWD). ![]() When setting up the first sudo user, you have got to the first as root: # gpasswd -a sudo to allow a specific user or group to execute any/all commands without being prompted for their password. you do not have /etc/sudoers), run as root: # apt install sudoĪdd a user to the sudo group, if it is not already in the sudo group (Ubuntu and derivatives add a user created in installation automatically to the sudo group). If the package sudo is not installed (e.g. In Debian, depending on the installation options, you often end up without sudo installed by default. Question Initially, my only change to the sudoers file ( /etc/sudoers) was one line, a user specification that should have enabled nicholsonjf to run all commands with sudo without having to enter a password (see the line that starts with nicholsonjf): This file MUST be edited with the 'visudo' command as root. So to add passwordless sudo enabled users to a Debian based system, the steps are: Traditionally on Debian based distributions such as Debian/Ubuntu/Mint/Kali/Antix, the default group for sudo is, well, sudo. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |