Allow users to run sudo command without entering the password

In this post, I’m gonna show you how to allow users to run sudo command without password in Linux

Prerequisites

In order to do this, you will need the following:

1. root/sudo privileges on the machine
2. A non-admin user. Check this post for the steps to create a user in Linux.

We can do this with two methods.

Method 1:- Adding the user to a group and give permission to the group

Create a group using the groupadd command. I’m gonna create a group with name avengers
sudo groupadd avengers

I’m gonna add the user jarvis into the group avengers
sudo usermod -a -G avengers jarvis

Now, add the following entry in /etc/sudoers file

%avengers ALL=(ALL:ALL) NOPASSWD: ALL

The file will look like the following image

Save and exit from the editor. The user will be able to run sudo command without password

If you want to limit the group access to a specific command, add the command with full path

%avengers ALL=(ALL:ALL) NOPASSWD: /usr/bin/docker

You can get the absolute path to the command binary file using which command

$ which docker
/usr/bin/docker

If you want to give access to multiple commands, you can add them as command separated values.

%avengers ALL=(ALL:ALL) NOPASSWD: /usr/bin/docker, /usr/sbin/visudo

Method 2: Add permission to the user directly in sudoers file

Run the following command in the terminal

visudo

This will open the file /etc/sudoers with the default editor. In most cases, it will be in nano editor

You can also open it manually using vim or nano. I’m gonna use vim here
vim /etc/sudoers

Now you will see something like this.

Just add that line like this

jarvis ALL=(ALL:ALL) NOPASSWD: /usr/bin/docker, /usr/sbin/visudo

Save and exit the editor. The user will be able to run visudo and docker without entering the password.

You can check the privileges of the user by running the following command.

sudo -l

Post navigation

Alvin Jaison

Myself Alvin Jaison. I'm a DevOps Engineer by Profession; A Mountaineer by Passion. I started this website to share DevOps related posts. Post your suggestions as a comment. You can reach me @ alvinjaison@outlook.com

Leave a Reply

Your email address will not be published. Required fields are marked *