Let's talk about 'Sudo'
The sudo command provides a means for trusted users to execute programs as another user, typically the root user. If you frequently work on the command line, you'll find sudo to be a command you use regularly.
Typically, to grant a user sudo access, you must include them in the sudo group as specified in the sudoers file. On Debian, Ubuntu, and related distributions, individuals in the sudo group are endowed with sudo privileges. In contrast, on RedHat-based distributions such as CentOS and Fedora, the sudo group is often named wheel.
Every member of this group is required to input their password before executing a sudo command. This extra layer of security is the recommended approach for conferring sudo privileges upon users.
However, in certain scenarios, such as when running automated scripts, there may be a need to configure the sudoers file to permit specific users to execute sudo commands without requiring a password input.
let's see how to configure it.
Adding User to the 'Sudoers' File
The sudoers file contains information that determines a user’s and group’s sudo privileges. You can configure the user sudo access by modifying the sudoers file or by adding a configuration file to the /etc/sudoers.d directory. The files created inside this directory will be included in the sudoers file
Open the /etc/sudoers file with the visudo command:
sudo visudoWhen making changes to the sudoers file always use visudo. This command checks the file after editing, and if there is a syntax error it will not save the changes. If you open the file with a text editor, a syntax error will result in losing the sudo access.
If you wish to open the file in nano use below command:
sudo EDITOR=nano visudoScroll down to the end of the file and add the following line that will allow the user johnwick to run any command with sudo without being asked for a password:
johnwick ALL=(ALL) NOPASSWD:ALL/etc/sudoers
Do not forget to change “johnwick” with the username you want to grant access to.
Without Modify "sudoers" file
Now let's see another way without touching the sudoers file. in Order to do the same you need to create an Overrides file in sudoers.d directory.
sudo visudo -f /etc/sudoers.d/myOverridesAdd below line in the file.
johnwick ALL=(ALL) NOPASSWD: ALLDo not forget to change “johnwick” with the username you want to grant access to.
You need to makesure below line in uncommented in sudoers file
sudo nano /etc/sudoers
#includedir /etc/sudoers.d //comment out this lineThere you go, now johnwick can run the commands without sudo password.