76.6 SUDO No Password

20210823 Cloud installations of Ubuntu generally provide for the user that is created during installation to have sudo access without a password, by default. In fact this user generally does not have a password either. This is convenient for the system administrator and is considered a safe practice when access to the server is limited to using ssh public keys. The user with these privileges (i.e., the username created at installation time) will be named in the file /etc/sudoers.d/90-cloud-init-users:

# Created by cloud-init v. 20.1-10-g71782edf-0ubuntu5 on Mon, 17 Aug 2020 04:58:35 +0000

# User rules for kayon
kayon ALL=(ALL) NOPASSWD:ALL

To grant another user, fred this password-less access to sudo, use visudo to add this rule to the end of the sudoers file, and not us the User alias specification (the NOPASSWD directive does not hold if specified there)

$ sudo visudo

fred ALL=(ALL) NOPASSWD:ALL

To allow everyone who has been given sudo access NOPASSWD privileges, then:

$ sudo adduser fred sudo
$ sudo visudo

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) NOPASSWD:ALL

Troubleshooting

20210823 Note that placing a user into the sudo group will override any permissions granted earlier on in the /etc/sudoers file. Thus placing the NOPASSWD directive for a single user in the User alias specification section of /etc/sudoers (which appears before the %sudo entry in that file) and adding them to the sudo group without having the %sudo entry with the NOPASSWD directive, will override the NOPASSWD directive for the user!



Your donation will support ongoing availability and give you access to the PDF version of the book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2021 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0.