How to allow a command to be executed for a particular user without password with sudoers file?
Can anyone please explain the exact work of these in /etc/sudoers
? (I've done some research, so please don't share any links)
I want to add myself (member of sudo
) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
add a comment |
Can anyone please explain the exact work of these in /etc/sudoers
? (I've done some research, so please don't share any links)
I want to add myself (member of sudo
) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
add a comment |
Can anyone please explain the exact work of these in /etc/sudoers
? (I've done some research, so please don't share any links)
I want to add myself (member of sudo
) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
Can anyone please explain the exact work of these in /etc/sudoers
? (I've done some research, so please don't share any links)
I want to add myself (member of sudo
) to execute a command without password.But it's again asking for password.
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
# Groups
%sudo ALL=(ALL:ALL) ALL
permissions sudo visudo
permissions sudo visudo
edited yesterday
Sergiy Kolodyazhnyy
70.5k9146309
70.5k9146309
asked yesterday
Purnendu NathPurnendu Nath
1381213
1381213
add a comment |
add a comment |
4 Answers
4
active
oldest
votes
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
New contributor
It can be made a one-liner with a command aliasCmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username
in /etc/sudoers.d/
with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALL
is aimed at making all commands run without passwords. SoALL
should be replaced by/bin/apt update
. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself
is a member of the sudo
group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL
line. As it has no NOPASSWD:
flag, password will be asked.
The fix is to arrange the /etc/sudoers
configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself
runs sudo apt update
, it will match the last line with the NOPASSWD:
flag.
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1108782%2fhow-to-allow-a-command-to-be-executed-for-a-particular-user-without-password-wit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
New contributor
It can be made a one-liner with a command aliasCmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
New contributor
It can be made a one-liner with a command aliasCmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
New contributor
I pretty much stole it from here: Is it possible to give sudo access to only a particular command?
sudo visudo -f /etc/sudoers.d/Username
And add that to the file:
Username ALL = NOPASSWD: /usr/bin/apt* update
Username ALL = NOPASSWD: /usr/bin/apt* install
Don't know how to make this a one-liner, though. Hope that helps.
New contributor
New contributor
answered yesterday
Patient32BitPatient32Bit
615
615
New contributor
New contributor
It can be made a one-liner with a command aliasCmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
add a comment |
It can be made a one-liner with a command aliasCmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.
– PerlDuck
yesterday
It can be made a one-liner with a command alias
Cmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.– PerlDuck
yesterday
It can be made a one-liner with a command alias
Cmnd_Alias
, see the sudoers snippet in this loosely related answer, section Another approach.– PerlDuck
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username
in /etc/sudoers.d/
with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALL
is aimed at making all commands run without passwords. SoALL
should be replaced by/bin/apt update
. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username
in /etc/sudoers.d/
with:
username ALL = NOPASSWD: ALL
NOPASSWD: ALL
is aimed at making all commands run without passwords. SoALL
should be replaced by/bin/apt update
. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username
in /etc/sudoers.d/
with:
username ALL = NOPASSWD: ALL
This is my first post on askubuntu but i am pretty sure you could do it like that create a file with your username
in /etc/sudoers.d/
with:
username ALL = NOPASSWD: ALL
answered yesterday
user912780
NOPASSWD: ALL
is aimed at making all commands run without passwords. SoALL
should be replaced by/bin/apt update
. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
add a comment |
NOPASSWD: ALL
is aimed at making all commands run without passwords. SoALL
should be replaced by/bin/apt update
. But overall you're right, I think. This syntax should be sufficient.
– Sergiy Kolodyazhnyy
yesterday
NOPASSWD: ALL
is aimed at making all commands run without passwords. So ALL
should be replaced by /bin/apt update
. But overall you're right, I think. This syntax should be sufficient.– Sergiy Kolodyazhnyy
yesterday
NOPASSWD: ALL
is aimed at making all commands run without passwords. So ALL
should be replaced by /bin/apt update
. But overall you're right, I think. This syntax should be sufficient.– Sergiy Kolodyazhnyy
yesterday
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself
is a member of the sudo
group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL
line. As it has no NOPASSWD:
flag, password will be asked.
The fix is to arrange the /etc/sudoers
configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself
runs sudo apt update
, it will match the last line with the NOPASSWD:
flag.
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself
is a member of the sudo
group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL
line. As it has no NOPASSWD:
flag, password will be asked.
The fix is to arrange the /etc/sudoers
configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself
runs sudo apt update
, it will match the last line with the NOPASSWD:
flag.
add a comment |
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself
is a member of the sudo
group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL
line. As it has no NOPASSWD:
flag, password will be asked.
The fix is to arrange the /etc/sudoers
configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself
runs sudo apt update
, it will match the last line with the NOPASSWD:
flag.
The order of configuration lines has significance in the sudoers file: the last applicable line wins.
If user myself
is a member of the sudo
group, all commands issued by that user will always match the %sudo ALL=(ALL:ALL) ALL
line. As it has no NOPASSWD:
flag, password will be asked.
The fix is to arrange the /etc/sudoers
configuration lines in the order of increasing specificity:
# Groups
%sudo ALL=(ALL:ALL) ALL
# User
root ALL=(ALL:ALL) ALL
myself ALL=(ALL:ALL) NOPASSWD:/bin/apt update, PASSWD:/bin/apt install*
When this order is used, if user myself
runs sudo apt update
, it will match the last line with the NOPASSWD:
flag.
answered yesterday
telcoMtelcoM
1544
1544
add a comment |
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
add a comment |
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
You can simple add the next line to your sudoers file:
username ALL=NOPASSWD: command1, command2, command3 [...]
Remember to separated with commas all commands you want to be executed by user with out password promp.
answered yesterday
WilliWonkaWilliWonka
435
435
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1108782%2fhow-to-allow-a-command-to-be-executed-for-a-particular-user-without-password-wit%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown