You can configure sudo
to never ask for your password.
Open a Terminal window and type:
sudo visudo
In the bottom of the file, add the following line:
$USER ALL=(ALL) NOPASSWD: ALL
Where $USER
is your username on your system.
Save and close the sudoers file (if you haven't changed your default terminal editor (you'll know if you have), press Ctl + x to exit nano
and it'll prompt you to save).
As of Ubuntu 19.04, the file should now look something like
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults env_reset
Defaults mail_badpass
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
YOUR_USERNAME_HERE ALL=(ALL) NOPASSWD: ALL
After this you can type sudo <whatever you want>
in a Terminal window without being prompted for the password.
This only applies, to using the sudo
command in the terminal. You'll still be prompted for your password if you (for example) try to install a package from the software center
![gui password prompt](https://i.stack.imgur.com/rs7Kq.png)
Use the NOPASSWD
directive
You can use the NOPASSWD
directive in your /etc/sudoers
file.
If your user is called user
and your host is called host
you could add these lines to /etc/sudoers
:
user host = (root) NOPASSWD: /sbin/shutdown
user host = (root) NOPASSWD: /sbin/reboot
This will allow the user user
to run the desired commands on host
without entering a password. All other sudo
ed commands will still require a password.
The commands specified in the sudoers
file must be fully qualified (i.e. using the absolute path to the command to run) as described in the sudoers
man page. Providing a relative path is considered a syntax error.
If the command ends with a trailing /
character and points to a directory, the user will be able to run any command in that directory (but not in any sub-directories therein). In the following example, the user user
can run any command in the directory /home/someuser/bin/
:
user host = (root) NOPASSWD: /home/someuser/bin/
Note: Always use the command visudo
to edit the sudoers
file to make sure you do not lock yourself out of the system – just in case you accidentally write something incorrect to the sudoers
file. visudo
will save your modified file to a temporary location and will only overwrite the real sudoers
file if the modified file can be parsed without errors.
Using /etc/sudoers.d
instead of modifying /etc/sudoers
As an alternative to editing the /etc/sudoers
file, you could add the two lines to a new file in /etc/sudoers.d
e.g. /etc/sudoers.d/shutdown
. This is an elegant way of separating different changes to the sudo
rights and also leaves the original sudoers
file untouched for easier upgrades.
Note: Again, you should use the command visudo
to edit the file to make sure you do not lock yourself out of the system:
sudo visudo -f /etc/sudoers.d/shutdown
This also automatically ensures that the owner and permissions of the new file is set correctly.
If sudoers
is messed up
If you did not use visudo
to edit your files and then accidentally messed up /etc/sudoers
or messed up a file in /etc/sudoers.d
then you will be locked out of sudo
.
The solution could be to fix the files using pkexec
which is an alternative to sudo
.
To fix /etc/sudoers
:
pkexec visudo
To fix /etc/sudoers.d/shutdown
:
pkexec visudo -f /etc/sudoers.d/shutdown
If the ownership and/or permissions are incorrect for any sudoers
file, the file will be ignored by sudo
so you might also find yourself locked out in this situation. Again, you can use pkexec
to fix this.
The correct permissions should be like this:
$ ls -l /etc/sudoers.d/shutdown
-r--r----- 1 root root 86 Jul 16 15:37 /etc/sudoers.d/shutdown
Use pkexec
like this to fix ownership and permissions:
pkexec chown root:root /etc/sudoers.d/shutdown
pkexec chmod 0440 /etc/sudoers.d/shutdown
Best Answer
Well, the only thing I can think of is
The
-S
flag makessudo
read the password from the standard input. As explained inman sudo
:So, to run
ls
withsudo
privileges, you would doNote that this will produce an error if your
sudo
access token is active, if you don't need to enter your password because you've already done so recently. To get around that, you could use-k
to reset the access token:I don't know of any way of getting you into an actual root shell (like
su
orsudo -i
) do. This might be enough for what you need though.