Enable `sudo` on a specified user

NOPASSWD ?

  • Environment: Debian 10 Buster

Switch to superuser with su

run su and enter root password.

Install sudo

apt-get install sudo -y

Add user account to group sudo.

/sbin/adduser {username} sudo

Grant sudo privileges to users (if needed)

In my case, that file is not modified but assume that sudoers file was altered inappropriately.

  1. run nano with su

  2. Add content to /etc/sudoers with content below:

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    #
    # This file MUST be edited with the 'visudo' command as root.
    #
    # Please consider adding local content in /etc/sudoers.d/ instead of
    # directly modifying this file.
    #
    # See the man page for details on how to write a sudoers file.
    #
    Defaults        env_reset
    Defaults        mail_badpass
    Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

    # Host alias specification

    # User alias specification

    # Cmnd alias specification

    # User privilege specification
    root    ALL=(ALL:ALL) ALL

    # Allow members of group sudo to execute any command
    %sudo   ALL=(ALL:ALL) ALL

    # See sudoers(5) for more information on "#include" directives:

    #includedir /etc/sudoers.d

Set correct permission on sudoers file.

1
chmod 0440 /etc/sudoers

Enable sudo without password aHa~

It’s not recommended for security reasons. sudo enables you to only be granted privileged for one specified command.

sudo is also safer than su for it only needs current user’s password to avoid transferring sensitive information.

add this line to /etc/sudoers:

1
{YourUserName}   ALL=(ALL) NOPASSWD:ALL;

However, there’s another awesome feature that allows NOPASSWD configured in specified commands.

I won’t do so because I’m lazy.