【FAQ】How to run sudo command without typing passwd?

转载 2015年11月18日 16:36:36

From : http://www.ducea.com/2006/06/18/linux-tips-password-usage-in-sudo-passwd-nopasswd/

If you are using sudo you most certainly know that the default setup will require the user running sudo to enter a password (by default the password of the user running sudo). I will show you in this post what options sudo offers related to passwords and how they can be used.

Defaults

If you have an entry in your sudoers file that contains something like this:

admin    ALL=(ALL) ALL

then sudo will require you to enter a password when running a command with sudo. This is theuser password (and not the root password), in this case the password of the user “admin”.

targetpw

If for some reason you want to change this behavior, then you can use the sudo global flagtargetpw. This is by default OFF, and if you set it like show bellow then the password you will be asked while running sudo will be the password of the target user (in our case the root password).

Defaults    targetpw

Personally, I don’t see the use of this parameter and never used it myself… But maybe someone else will find it useful.

NOPASSWD

If you don’t want to be prompted for any password while running sudo then we can use theNOPASSWD parameter on a particular entry:

admin    ALL = NOPASSWD: ALL

this parameter is the opposite of the default PASSWD and will no longer require any password for the user “admin” while running sudo. This can be of useful while running scripts that will launch sudo (in this case I would recommend to enable NOPASSWD only for the needed commands), or just if you don’t want to keep typing the password. Obviously with this commodity, you will reduce the security of sudo: if someone hacks the “admin” account then this can be easily used to gain root privileges.

authenticate

Another sudo option that can be used to control the prompt for a password is the global flag:authenticate. This is by default ON and this means that it will ask the user to authenticate with a password. This can be overwritten as seen above with the NOPASSWD on a particular entry. If we want to disable it globally, this can be done with:

Defaults    !authenticate

Once set, this will disable authentication for all users that use the defaults like our “admin” sample from above. It can be overwritten on particular definition by setting the PASSWDparameter:

admin    ALL=(ALL) PASSWD: ALL

Note: this post doesn’t recommend you to disable the passwords usage in sudo (this is not a good idea, by the way), but just to show you what options are available and how you can use them. Knowing the security implications of disabling password usage in sudo, use them wisely based on your particular needs.


相关文章推荐

Master Note: How to diagnose Database Performance - FAQ [ID 402983.1]

如何利用oracle工具诊断性能问题,这篇问题起到提纲的作用,可以根据文中提到的方法,顺藤摸瓜,确定并解决问题

how-to-run-ubuntu-on-windows-10

  • 2016-06-17 16:03
  • 657KB
  • 下载

How to Clear the Application Server Cache Without Shutting it Down

How to Clear the Application Server Cache Without Shutting it Down Updated 4.9.2008: It is ofte...

How to Simulate CSS3 box-shadow in IE6-8 Without JavaScript.

转载至:http://www.useragentman.com/blog/2011/08/24/how-to-simulate-css3-box-shadow-in-ie7-8-without-jav...

How to install codeblocks in RedHat without root authority

How to install codeblocks in your user directory without root and system file authorityinstall wxWid...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:深度学习:神经网络中的前向传播和反向传播算法推导
举报原因:
原因补充:

(最多只允许输入30个字)