centos sudoers visudo youruser ALL=(ALL) ALL or group wheel
Open the sudoers file with the visudo command:
$sudo visudo
Select the line for user or group you want to allow password-less sudo access.
Add NOPASSWD after closing the bracket:
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
Press Ctrl + O and then confirm with the Enter key to save the changes.
Press Ctrl + X to exit visudo.
Now, the users of the group sudo should be able to use the sudo command without providing a password
Sudo on CentOS
Q Why does CentOS say that my account 'is not on the sudoers list'? I've tried looking in the account settings, but to no avail.
A CentOS doesn't use sudo by default. Unlike Ubuntu, where the first user set up in the installer has rights to run anything with sudo, CentOS gives no such rights to anybody. By default, the only way to run programs with root privileges is to log in as root, by running su in a terminal. If you want to enable sudo for you or others, you'll need to edit the sudoers list, using the command visudo. This uses the editor defined in $EDITOR or, if that's not set, Vi. This method checks the syntax before committing it to the real file, which avoids you locking yourself out with a typing error. Run it with
su - visudo
or
EDITOR="emacs" visudo
and add this line to the end of the file
youruser ALL=(ALL) ALL
to enable a user to run any commands. You can also specify a list of commands like this:
otheruser ALL= /sbin/mount, /sbin/umount
Permission can be granted to all members of a group, and you can restrict the arguments given to commands as well, as in this, disabled, example from the default CentOS sudoers file
%users ALL=/sbin/mount /cdrom,/sbin/ umount /cdrom
which lets any user mount or unmount the CD. You can remove password protection like so
%users ALL=NOPASSWD: /sbin/mount /cdrom,/sbin/umount /cdrom
but be careful what you allow with this. Sudo is generally considered a better way of controlling access to system commands, because you have fine control over what each user can do, and because no one else needs to know the root password.
Comments
Post a Comment