In the next article we are going to take a look at how we can run particular commands without the sudo password in Ubuntu thanks to the sudoers file. It seems logical to me to warn that what is going to be read below is for educational purposes only. It is essential to be very careful when applying what you will be able to read here. If for whatever reason you allow a user to execute the 'rm' command without having to write the sudo password, you could accidentally or maliciously remove important things from the operating system.
As I say, in the following lines we are going to see how to execute specific commands without having to write the sudo password in Unix-like operating systems. As all Ubuntu users know, it is necessary to write it when we execute a command using sudo. But when it comes to automating certain tasks, perhaps having to be writing it can be an inconvenience.
Execute specific commands without sudo password in Ubuntu
If for any reason, whatever it may be, you are interested in allowing a user to execute a particular command without having to type the sudo password, you should add that command to the sudoers file.
Let's say we want a user named interunosyceros run the mkdir command without having to type the sudo password. To do this, we will have to edit the sudoers. In the terminal (Ctrl + Alt + T) we write:
sudo visudo
When the file is opened, at the end of it we will add the following line:
entreunosyceros ALL=NOPASSWD:/bin/mkdir
In this line that is added in the previous capture, entreunosyceros is the username. According to this line, this user will be able to execute the command 'mkdir'without typing the sudo password.
The system is simple. We will be able add as many commands as we want separating them with commas, as it's shown in the following:
entreunosyceros ALL=NOPASSWD:/bin/mkdir,/bin/chmod
After finishing adding the line, log out and log in again or reboot the system. From now on, the user referred to by the line added to the file sweats you will not need to enter the sudo password while executing any of the added commands. Yes indeed, when running all other commands, if you will be prompted to enter the password to use sudo.
Find the path to the command and add it to the sudoers file
In this case we want to add a command with a different path than the one we have used so far, the path to apt for example, we will need to correctly write the path to the executable file. In case of not being sure of it, we can use the command 'where's'to find out the correct path to apt. In the terminal (Ctrl + Alt + T) you would have to write:
whereis apt
As you can see in the screenshot above, the path for the apt command is / usr / bin / apt, therefore this is the path to add in the sudoers file.
In case we are interested in not having to type the password for sudo when executing the apt command, we will have to edit the sudoers file again:
sudo visudo
Inside it would be add the command 'apt' in the file as we did with the previous commands:
entreunosyceros ALL=NOPASSWD:/bin/mkdir,/bin/chmod,/usr/bin/apt
After adding the command, save and close the sudoers file. Then log out and log in again. Now, it can be verified if the user can execute the command with the sudo prefix without using the password:
sudo apt update
Ask for the sudo password for a specific command in the sudoers file
If after doing so, if you need the user to have to type the password again, all you have to do is edit the sudoers file and remove the added command. Save the file, log out, and log back in.
An alternative would be add the directive 'PASSWD:' in front of the command that we want it to need to write the sudo password. Following the example, we are going to modify the line added to the sudoers file as shown below:
entreunosyceros ALL=NOPASSWD:/bin/mkdir,/bin/chmod,PASSWD:/usr/bin/apt
In this case, the user entreunosyceros can execute the commands'mkdir'Y'chmod'without typing the sudo password. However, you will have to type it when you want to run the command 'apt'.
Hello. I was able to edit the sudoers file as you well explained in the post. Right now I am starting to use arch. To add the pacman command, for certain actions ... how should I do?, For example, I'm interested in not asking for a password to update the operating system, eg: sudo pacman update. But to quickly ask for pass. Thanks, best regard.