Saturday, April 2, 2022

Ubuntu/Linux: Disable sudo Password Prompt

When running scripts as sudo, it is convenient not to be prompted for a user's password. Password prompts defeat automation so this post will demonstrate how to disable the password prompt associated with the sudo command.

The command sudo date is often used to determine if invoking sudo will prompt the user to enter their password (as follows):

Above, it can clearly be seen how the sudo before the date command causes a password prompt for the password of user devops. 

The sudo command allows commands to be elevated and run as root. In order to use the sudo command, a user must be part of the sudo group. The following post demonstrates how to add a user to the sudo group: Ubuntu: Adding a user to the sudo group.

To disable the sudo caused password prompt invoke the command

sudo visudo

Running the above command does require a user to enter their password in response to sudo (hopefully for the last time):

The visudo command is an editor for the /etc/sudoers file. visudo validates the sudoers file's format on save. The man page for the sodoers file can be found at Sudoers Manual.

visudo brings the sudoers file up in an editor:

To suppress the password for a specif member of the sudo group, add the following text under the line %sudo  ALL=(ALL:ALL) ALL:

<user name here> ALL=(ALL) NOPASSWD: ALL

For the case of a user named, devops, the following line would be added in the editor:


The reason for putting the new line after the line containing %sudo  ALL=(ALL:ALL) ALL is explained in the sodoer man page (referenced above):

The sudoer file being edited by visudo will look as follows:

Use ctrl-s to save the file and cttrl-x to exit the editor.

Once the sudoer file has been edited correctly and saved, a user should no longer be prompted to enter a password when invoking the sudo command.

No comments :

Post a Comment