May 26, 2008

Edit Sudoers for No Pass Prompt



If you have some script need to run on daily basis such as 'apt-get' maybe you will be thinking on getting rid of password prompt every time you run an 'apt-get' command. And sometime, we wanted to have a script which will autorun on startup and you keep being prompt to enter password. Would you like it to be run fully background? If yes, then you need to edit the 'sudoers' file located in '/etc/' folder.

Before we begin, we may need to really know the power of 'sudo'. If you didnt know what 'sudo' command could be, then do a google search on 'sudo' as a keyword. This could effect your system if you allow users to run such a risky command without password prompt. So, here is steps on how to edit sudoers:
  • Open up terminal (Applications > Accessories > Terminal)
  • Open up the text editor(i'll be using nano for this tutorial) and edit the /etc/sudoers file.
sudo nano /etc/sudoers
  • You will be prompt for password for this one. Enter your user password and the editor will appear. Find line with:
# User privilege specification
root ALL=(ALL) ALL
  • And add to the next line your user and what command you would like to allow. For example, my user is "gunblade" and I would like to allow 'apt-get' to run without any password prompt. Then I need to add this line:
# User privilege specification
root ALL=(ALL) ALL
gunblade ALL=NOPASSWD:/usr/bin/apt-get
  • But first you need to make sure where is the binary file located. To locate it, use 'which' command. For instance, if you would like to know the exact location of 'apt-get' then you need to run 'which apt-get' and it will return the exact location.
$which apt-get
/usr/bin/apt-get
So here is the tips and trick to do a simple thing on sudoers file. But you need to carefully allow some commands because it could bring damage to your system if you wrongly allow it to users. Some command might be best to have password prompt. Edit it on your own risk~!


Thank you for your unbelievable support on Negative Zero - Permission to read and write blog for nearly 4 years. Don't forget to like Negative Zero on Facebook.
Blogirific.com Blog Directory





Post(s) you might like to read :

3 comments:

  1. wow, useful teeps for those who are running scripts that requires root privilege

    ReplyDelete
  2. how about having multiples command to be execute ? is it need to create multiple lines or just put the coma after the command

    ReplyDelete
  3. I would prefer put it on a new line for easier reference later on. But I dont know if comma could do the trick.

    I have multiple lines to allow me do this one.

    ReplyDelete