Hi, On Mon, Nov 29, 2021 at 4:50 PM Pierre-Elliott Bécue <p...@debian.org> wrote: > > > Hello, > > Bob Bernstein <poo...@ruptured-duck.com> wrote on 29/11/2021 at 23:25:52+0100: > > > How do I tell sudo not to ask me for my password? > > > > It's me. I'm on my computer. I already logged in with my password. No > > one else is logged on. > > > > I know all you purists out there are rending your garments if not your > > flesh. but c'mon sudo! Can't a brother catch a break around here? > > > > Thank you. > > While I would still recommend you not to do that, here is how you can do > it. > > man 5 sudoers reads: > > > PASSWD and NOPASSWD > > > > By default, sudo requires that a user authenticate him or herself > > before running a command. This behavior can be modified via the > > NOPASSWD tag. Like a Runas_Spec, the NOPASSWD tag sets a default > > for the commands that follow it in the Cmnd_Spec_List. > > Conversely, the PASSWD tag can be used to reverse things. For > > exam‐ ple: > > > > ray rushmore = NOPASSWD: /bin/kill, /bin/ls, /usr/bin/lprm > > > > would allow the user ray to run /bin/kill, /bin/ls, and > > /usr/bin/lprm as root on the machine rushmore with‐ out > > authenticating himself. If we only want ray to be able to run > > /bin/kill without a password the entry would be: > > > > ray rushmore = NOPASSWD: /bin/kill, PASSWD: /bin/ls, /usr/bin/lprm > > > > Note, however, that the PASSWD tag has no effect on users who are > > in the group specified by the exempt_group setting. > > > > By default, if the NOPASSWD tag is applied to any of a user's > > entries for the current host, the user will be able to run “sudo > > -l” without a password. Additionally, a user may only run “sudo > > -v” without a pass‐ word if all of the user's entries for the > > current host have the NOPASSWD tag. This behavior may be over‐ > > ridden via the verifypw and listpw options. > > Have a read at visudo's manpage, too. I won't give you the exact line to > type, as it's a nice way to make sure you understand what you are doing. > > But still, you should consider not doing so, as it can bite back > strongly should your computer be accessed by someone else while you're > not at your desk and still logged in.
Especially if you have any kind of children... ;-) Thank you. > > Anyway, meh. > > -- > PEB
