sudo NOPASSWD not working

[Greendrake]

I have added this line to the sudoers config:

Code:

user ALL=(ALL:ALL) NOPASSWD: ALL

(yes, the username of my user is just "user")

— but it still requires me to enter password. Bloody annoying. What is wrong with that config? Is there something else that needs to be done to enable no-password sudo on Pro?

[arzach]

If you added the line to /etc/sudoers be sure that you placed it at the end of the file not at the beginning.  I *think* it should go after the line which says @includedir /etc/sudoers.d.  The reason for this is that the file is processed sequentially which means that something later in the file could override your change.

Additionally, I *think* the syntax you've used is for groups not individual users.  Try

Code:

user ALL=(ALL) NOPASSWD: ALL

Also, be sure to edit the /etc/sudoers file using only visudo.  Funky things can/will happen if you use something else.


Caveat: I try really really hard to never leave such a huge yawning security opening as this, so I haven't tried any of the above.  I.e., ymmv.  Hopefully something here is helpful for you, though.

---

Ulp...my reply got lost.  Here's what I can remember of it.

Do your editing at the very end of /etc/sudoers.  I think you want to put it after the line that includes stuff from sudoers.d.  The reason for that is because the file is processed sequentially so if you do stuff at the beginning of that file it *could* get overridden by lines later in the file or in the included file(s).

Only use visudo to edit /etc/sudoers.  Funky stuff can/will happen if you use some other editor.

Your syntax might be wrong.  I think your syntax is for a group not an individual user.  Try this

Code:

user ALL=(ALL) NOPASSWD: ALL

Obligatory warnings...I wouldn't do this because it leaves a huge security opening.  So I haven't tried any of the above.  Consequentially ymmv.

I hope something here is helpful for you.

rz

[packmule43]

Try adding

Defaults:USER_NAME !authenticate

Instead of

user ALL=(ALL:ALL) NOPASSWD: ALL

I got this from:
https://wiki.archlinux.org/title/Sudo

[Greendrake]

Moving the line to the very bottom of the file (after "[at]includedir /etc/sudoers.d") did the trick!
Thanks to arzach!

[arzach]

I'll try one more time to post a reply...two previous attempts have been dumpstered by the forum for reasons unknown

Use visudo to edit /etc/sudoers.  Add your change at the very end of the file.  The syntax looks wrong to me...try user ALL=(ALL) NOPASSWD:ALL

[Fred Zyphal]

I'll try one more time to post a reply...two previous attempts have been dumpstered by the forum for reasons unknown

Hi arzach ... it's a bug in the forum that got me a couple times too.  For some reason you can't use the "at" symbol in a post.  Just edit your posts, and remove any "at" symbols, and the post will magically reappear.

[arzach]

I'll try one more time to post a reply...two previous attempts have been dumpstered by the forum for reasons unknown

Hi arzach ... it's a bug in the forum that got me a couple times too.  For some reason you can't use the "at" symbol in a post.  Just edit your posts, and remove any "at" symbols, and the post will magically reappear.

Ah...thanks!

My short, successful reply above is probably better than the failed ones...so I'll just leave 'em hidden