【FAQ】How to run sudo command without typing passwd?

转载 2015年11月18日 16:36:36

From : http://www.ducea.com/2006/06/18/linux-tips-password-usage-in-sudo-passwd-nopasswd/

If you are using sudo you most certainly know that the default setup will require the user running sudo to enter a password (by default the password of the user running sudo). I will show you in this post what options sudo offers related to passwords and how they can be used.


If you have an entry in your sudoers file that contains something like this:

admin    ALL=(ALL) ALL

then sudo will require you to enter a password when running a command with sudo. This is theuser password (and not the root password), in this case the password of the user “admin”.


If for some reason you want to change this behavior, then you can use the sudo global flagtargetpw. This is by default OFF, and if you set it like show bellow then the password you will be asked while running sudo will be the password of the target user (in our case the root password).

Defaults    targetpw

Personally, I don’t see the use of this parameter and never used it myself… But maybe someone else will find it useful.


If you don’t want to be prompted for any password while running sudo then we can use theNOPASSWD parameter on a particular entry:

admin    ALL = NOPASSWD: ALL

this parameter is the opposite of the default PASSWD and will no longer require any password for the user “admin” while running sudo. This can be of useful while running scripts that will launch sudo (in this case I would recommend to enable NOPASSWD only for the needed commands), or just if you don’t want to keep typing the password. Obviously with this commodity, you will reduce the security of sudo: if someone hacks the “admin” account then this can be easily used to gain root privileges.


Another sudo option that can be used to control the prompt for a password is the global flag:authenticate. This is by default ON and this means that it will ask the user to authenticate with a password. This can be overwritten as seen above with the NOPASSWD on a particular entry. If we want to disable it globally, this can be done with:

Defaults    !authenticate

Once set, this will disable authentication for all users that use the defaults like our “admin” sample from above. It can be overwritten on particular definition by setting the PASSWDparameter:

admin    ALL=(ALL) PASSWD: ALL

Note: this post doesn’t recommend you to disable the passwords usage in sudo (this is not a good idea, by the way), but just to show you what options are available and how you can use them. Knowing the security implications of disabling password usage in sudo, use them wisely based on your particular needs.


Master Note: How to diagnose Database Performance - FAQ [ID 402983.1]



  • 2016-06-17 16:03
  • 657KB
  • 下载

How to Clear the Application Server Cache Without Shutting it Down

How to Clear the Application Server Cache Without Shutting it Down Updated 4.9.2008: It is ofte...

How to Simulate CSS3 box-shadow in IE6-8 Without JavaScript.


How to install codeblocks in RedHat without root authority

How to install codeblocks in your user directory without root and system file authorityinstall wxWid...