Tuesday, February 27, 2018

How to run Sudo command without entering password in the Linux

Sudo command without Password: - We have to perform day to day activities in our IT infrastructure, Sometime we need to run some command in any application or inside some script that may require sudo with the command. 

 Therefore, in this guide, I am going to explain how to configure password less sudo. As per our requirement we can setup sudo for all the command or we can only specify some command to run as sudo without password.

 Prerequisites- 

  • One user with sudo access (amar)
  • One normal user (sudotest)

Step 1- setup sudo access for all the commands.

  • Login to Linux Machine user with sudo access.
  • modify /etc/sudoers file and grant permission to sudotest user.
  • Open sudoers file

amar@U16:~$ sudo vi /etc/sudoers
  • Add following line 
sudotest ALL=(ALL) NOPASSWD:ALL


  • Save and exit From the file.
Step 2- Verify sudo access without password for user sudotest

  • Login to linux machine using sudotest user.
  • To verify sudotest user's sudo access without entering password, let's try to stop Apache2 service using command below

 sudo /etc/init.d/apache2 stop


  • Apache2 Service has been stopped successfully using sudo without entering password.
Please Note:- If you are working with an organization, where you have to assign permission to multiple user, in such case you can create a group and allow group to execute sudo command without entering password, later add all those user in this group.

 Step 3- Allow a user to run specify command  only.

  • Some system administrator may required to grant permission to some user to execute few commands  with sudo as per the project requirement.  In such case we can grant sudo access to only specific commands.
  • Let's take an example- A user need to reload apache2 service to apply modified changes but User is not member of Sudo group.
Try to reload apache2 service without granting access:

sudo /etc/init.d/apache2 reload
here is output of the command:

  • Grant user raj permission to reload apache2 service.
  • Open /etc/sudoers file - I am editing this file with user amar (have sudo access)

amar@U16:~$ sudo vi /etc/sudoers
Append follow line-
raj             ALL=(ALL) NOPASSWD:/bin/systemctl
Save and exit from the file.
Save and exit from the file.

  • Let's verify by reloading apache2 service.

sudo /etc/init.d/apache2 reload

 Systemctl command working successfully without entering password.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)