On a sandbox VM environment, I have a setup of Ubuntu Linux which is firewalled and cannot be accessed from outside the local system. Therefore, on that VM, I’d like to give the administrative user (which I set up) the ability to run anything with sudo and not need a password.
While I know this is not secure, this VM is not on all the time, and requires my personal passcode to run. So even though this is not “secure”, is there a way to get the desired functionality?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
From man sudoers:
NOPASSWD and PASSWD
By default, sudo requires that a user authenticate him or herself
before running a command. This behavior can be modified via the
NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default for
the commands that follow it in the Cmnd_Spec_List. Conversely, the
PASSWD tag can be used to reverse things. For example:
ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm
would allow the user ray to run /bin/kill, /bin/ls, and /usr/bin/lprm
as root on the machine rushmore without authenticating himself.
One other tag is ALL, to allow the user ray to run any command on any host without password you can use:
ray ALL= NOPASSWD: ALL
Method 2
As you mentioned it is a bad idea to disable the password prompt unless the system runs in a particular secure environment.
One possible solution is this one-liner that I find easier to remember than the NOPASSWD option. Get administrative privileges and run
$ visudo
and add the following line
Defaults: username !authenticate
This will disable the password prompt entirely for a particular user.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0