How to allow a command to be executed for a particular user without password with sudoers file?
Can anyone please explain the exact work of these in /etc/sudoers ? (I've done some research, so please don't share any links)
I want to add myself (member of sudo) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
add a comment |
Can anyone please explain the exact work of these in /etc/sudoers ? (I've done some research, so please don't share any links)
I want to add myself (member of sudo) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
add a comment |
Can anyone please explain the exact work of these in /etc/sudoers ? (I've done some research, so please don't share any links)
I want to add myself (member of sudo) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
Can anyone please explain the exact work of these in /etc/sudoers ? (I've done some research, so please don't share any links)
I want to add myself (member of sudo) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
permissions sudo visudo
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
asked yesterday
Purnendu NathPurnendu Nath
1381213
asked yesterday
Purnendu NathPurnendu Nath
1381213
1381213
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
It can be made a one-liner with a command aliasCmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username in /etc/sudoers.d/ with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALLis aimed at making all commands run without passwords. SoALLshould be replaced by/bin/apt update. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself is a member of the sudo group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL line. As it has no NOPASSWD: flag, password will be asked.
The fix is to arrange the /etc/sudoers configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself runs sudo apt update, it will match the last line with the NOPASSWD: flag.
answered yesterday
telcoMtelcoM
1544
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1108782%2fhow-to-allow-a-command-to-be-executed-for-a-particular-user-without-password-wit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
It can be made a one-liner with a command aliasCmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
It can be made a one-liner with a command aliasCmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Patient32BitPatient32Bit
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered yesterday
Patient32BitPatient32Bit
615
answered yesterday
Patient32BitPatient32Bit
615
615
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Patient32Bit is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
It can be made a one-liner with a command aliasCmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
It can be made a one-liner with a command aliasCmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
It can be made a one-liner with a command alias
Cmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.– PerlDuck
yesterday
It can be made a one-liner with a command alias
Cmnd_Alias, see the sudoers snippet in this loosely related answer, section Another approach.– PerlDuck
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username in /etc/sudoers.d/ with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALLis aimed at making all commands run without passwords. SoALLshould be replaced by/bin/apt update. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username in /etc/sudoers.d/ with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALLis aimed at making all commands run without passwords. SoALLshould be replaced by/bin/apt update. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username in /etc/sudoers.d/ with:
username ALL = NOPASSWD: ALL
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username in /etc/sudoers.d/ with:
username ALL = NOPASSWD: ALL
answered yesterday
user912780
NOPASSWD: ALLis aimed at making all commands run without passwords. SoALLshould be replaced by/bin/apt update. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
NOPASSWD: ALLis aimed at making all commands run without passwords. SoALLshould be replaced by/bin/apt update. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
NOPASSWD: ALL is aimed at making all commands run without passwords. So ALL should be replaced by /bin/apt update. But overall you're right, I think. This syntax should be sufficient.– Sergiy Kolodyazhnyy
yesterday
NOPASSWD: ALL is aimed at making all commands run without passwords. So ALL should be replaced by /bin/apt update. But overall you're right, I think. This syntax should be sufficient.– Sergiy Kolodyazhnyy
yesterday
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself is a member of the sudo group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL line. As it has no NOPASSWD: flag, password will be asked.
The fix is to arrange the /etc/sudoers configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself runs sudo apt update, it will match the last line with the NOPASSWD: flag.
answered yesterday
telcoMtelcoM
1544
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself is a member of the sudo group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL line. As it has no NOPASSWD: flag, password will be asked.
The fix is to arrange the /etc/sudoers configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself runs sudo apt update, it will match the last line with the NOPASSWD: flag.
answered yesterday
telcoMtelcoM
1544
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself is a member of the sudo group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL line. As it has no NOPASSWD: flag, password will be asked.
The fix is to arrange the /etc/sudoers configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself runs sudo apt update, it will match the last line with the NOPASSWD: flag.
answered yesterday
telcoMtelcoM
1544
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself is a member of the sudo group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL line. As it has no NOPASSWD: flag, password will be asked.
The fix is to arrange the /etc/sudoers configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself runs sudo apt update, it will match the last line with the NOPASSWD: flag.
answered yesterday
telcoMtelcoM
1544
answered yesterday
telcoMtelcoM
1544
answered yesterday
telcoMtelcoM
1544
answered yesterday
telcoMtelcoM
1544
1544
add a comment |
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
answered yesterday
WilliWonkaWilliWonka
435
answered yesterday
WilliWonkaWilliWonka
435
answered yesterday
WilliWonkaWilliWonka
435
435
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1108782%2fhow-to-allow-a-command-to-be-executed-for-a-particular-user-without-password-wit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
