20

I am writing a Java application where i need to do a command line execution and get a result back, but when i execute the command, it ask for sudo password. So far i tried:

$ sudo -s
$ vim /etc/sudoers
# User privilege specification
root         ALL=(ALL:ALL) NOPASSWD: ALL
javauser     ALL=(ALL:ALL) NOPASSWD: ALL

:wq
$ 4 -r--r-----   1 root root     615 2011-10-26 09:23 sudoers

Once i execute the command it again asks "[javauser] password for javauser:". But i already mentioned noPASSWD.

whoami returns alex and I am adding it as this in the sudoers file

# User privilege specification
root    ALL=(ALL:ALL) ALL
alex ALL=NOPASSWD: ALL


# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

Running keeps asking me for my password, any ideas?

muru
  • 207,228

2 Answers2

32

On a terminal type sudo visudo and add a line like this at the end of the file specifying the commands you want to run without typing the sudo password (I suggest you use each command you want to use in your terminal and not just allow all programs to be executed this way)

<yourusername> ALL=NOPASSWD: <command1>, <command2>

Now you can run the specified commands without needing to type a password as long as you prefix that command with sudo.

ie: let's say you want to run shutdown -r now without having to type your username's password every time and your username is 'joedoe'

  1. Type sudo visudo on a terminal.

  2. Add joedoe ALL=NOPASSWD: /usr/sbin/shutdown -r now as a new line at the end of the file, use absolute paths to the program you are trying to use.

  3. On your program, you can then use sudo shutdown -r now without having to type the user's password.

You can find the absolute path to a program by using which <program name> on a terminal.

This can leave your system open for dangers, but I am guessing you know what you are doing and want this.

You need to make sure that the permissions you are setting are at the end of the file so that nothing is overwritten by previous configuration.

Bruno Pereira
  • 74,715
1

I was able to enable poweroff (normally a sudoer command) in an ssh prompt for non-sudoers, by, as a sudoer, adding the +s flag to the command executable. Like so:

sudo chmod a+s /usr/sbin/poweroff

After this, non-sudoers were be able to power off the system, over ssh, or even via a shell script running in their name.

jorisw
  • 111