Always Sudo Privileges

Question

I've searched for this, and the answer is probably in a million places on the 'net, but I can't find it...

How do you give your account root privileges in Linux so that you don't need to sudo every single command that requires privileges? It's even more annoying than Windows's User Accounts Control.

(Please... I don't need a lecture on how I would be living a dangerous life. Thank you.)

score 14 · Answer 1 · answered Jan 11 '11 at 17:04

14

Does this work for you?

sudo EDITOR=gedit visudo

Change this line:

%admin ALL=(ALL) ALL

to this line:

%admin ALL=(ALL) NOPASSWD: ALL

No lectures. :)

answered Jan 11 '11 at 17:04

score 11 · Answer 2 · answered Jan 11 '11 at 02:38

You don't. Two things you can do are:

1) Run sudo -s to stay root when you plan on entering multiple commands and don't want to keep prefixing them with sudo.

2) You can configure your sudoers file to allow you to run sudo without having to enter your password.

score 2 · Answer 3 · answered Jan 11 '11 at 09:21

I don't see how hard it is to run sudo -i once in a terminal, and then just use this one terminal (or you could open more than one, but then you would have to type your password again) to do all your sudo stuff.

(And no, I can't really see the big problem in typing your password once in a while. It's really not that time consuming, and unless you close your terminal after each command, sudo will not ask for your pass for a while after you have authenticated).

score 1 · Answer 4 · answered Jan 11 '11 at 01:17

1

You could install/activate the 'su' command and configure the shell to run it on startup.

answered Jan 11 '11 at 01:17

score 1 · Accepted Answer · edited Sep 09 '14 at 09:59

The correct answer to my question:

You can change your user ID (UID) and group ID (GID) to zero in /etc/passwd, to gain root privileges.

However:

If you do, you will not be able to log back in!

You can, nevertheless, create a new user, and change his group/user ID to 0. Essentially, that user will be another root, but with a different profile folder, etc.

Then you can use that profile as if you were root Himself! :D

Another "solution":

(if you like blank passwords)

Run the commands below, and compare the outputs
```
sudo cat /etc/shadow
sudo sed "s/$^$(whoami):$[^:]*/\1/" /etc/shadow
```
You should see that the latter has removed the gibberish in front of your username (which is read using $(whoami)). (If you don't, don't continue!)
When you're ready, run the command to overwrite /etc/shadow (at your own risk!)
```
sudo sed -i.bak "s/$^$(whoami):$[^:]*/\1/" /etc/shadow
```
Your account now has a blank password, and you should no longer be prompted for sudo permissions. (At least, that's what happened to me.)

Note:

You may also need to enable passwordless login; I'm not sure if that's necessary, though.

score 1 · Answer 6 · answered Nov 24 '16 at 21:22

I advice STRONGLY not to give yourself GID 0. SUDO is not there to make things compicated. Only reason to make another root account (wether home directory is /root/ or custom directory i.e. /home/root2/) is that there is two administratos in system who does not wish to share one root password.

Otherwise, use sudo. And assuming you are not seasoned Unix-user, there is also risk you forget what tools are root-only and what is for common users.

BUT, if you feel that you have secure normal user (i personally use STRONG password with this method), i let my user (i.e. tatu.staff / uid=1xxx, gid 50) run SUDO without password. Therefore I never mix up what is only for root and what's for user.

Use instructions above to create sudoers file (and corresponding groups) to make specific user to run SUDO without password or see example file i'll paste here:

#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
Defaults        !authenticate

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL
YOURUSER    ALL=(ALL) NOPASSWD:ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
%wheel  ALL=(ALL) NOPASSWD:ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d

YOURUSER being your username, that line allowing specific user to run SUDO without password.

all users in group SUDO need to give password.

all users in group wheel can run sudo without password -- useful if you want to give passwordless SUDO ACCESS to multiple users, which is by the way, simply put A VERY BAD IDEA.

ALSO: - Remember the % charachter before GROUP names. - One can edit /etc/group directly, but it is NOT adviced. Use ADDGROUP to edit, see more info by typing: man addgroup

I must stress again that ALWAYS edit sudoers file by using VISUDO command, NEVER directly with editor. That ensures that you always get valid sudoers file - typing errors or bad statements etc. are very bad thing in such important file, and visudo saves you all that trouble you might not be able recover by yourself, and i bet first answer to question after this is "always use visdo. didn't they tell you that? oh they did? What is wrong with you?" or something alike ;)

--

Greetings from Finland - it's nice, quite nice winter here, only -10 Celsius, not those awful lower than -25 C temperatures.

\\ tatu-o

score 0 · Answer 7 · answered Jan 14 '25 at 15:07

while all these solutions are correct, I too had the same question about sudo especially since my hands have alot of nerve damage (I love coding this much) - I made alot of typos (i quickly corrected with a backspace spam) -- but annoying none the less.. So I offer this:

Option 1

In your .bashrc add the following:

  * # if user is not root, pass all commands via sudo* 
 if [ $UID -ne 0 ]; then
     alias reboot='sudo reboot'
    alias update='sudo apt-get upgrade'
 fi

or

Option 2

again in your .bashrc look for the section that looks like this:

  # Alias definitions.
  # You may want to put all your additions into a separate file like
  # ~/.bash_aliases, instead of adding them here directly.
  # See /usr/share/doc/bash-doc/examples in the bash-doc package.
if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi

Close the file and at the prompt type $ source .bashrc

If you get an error about no .bash_aliases available - then make one!

$ touch .bash_aliases
sudo nano/vi/gedit .bash_aliases (open in the editor of your choice)

Aliases are fun and once you get the hang of creating them, the sky is the limit.. or not. anywho-- in your editor, type something like this:

# Debian / Ubuntu:
alias sudo='sudo -s' // (or sudo -i)
// add any/all commands whenver you would have to use sudo:
alias apt-get="sudo apt-get"
alias updatey="sudo apt-get -y"
alias update='sudo apt-get update && sudo apt-get upgrade'
alias git='sudo git'
alias npm='sudo npm'
alias mkdir='sudo mkdir -p'

Close the editor and at the prompt, source .bashrc

You will have to enter your password every so often: but that's a good thing. You just 'alias' the commands you don't want to type sudo each time (you can add alot of differant aliases forcommands).

Here's a link to some great examples. https://www.cyberciti.biz/tips/bash-aliases-mac-centos-linux-unix.html :-)