sudo allows a normal user to run commands which require administrative privilege. This works by a user running any of the commands via sudo. A user is then required to authenticate to the system before the command is executed.
sudo could be configured so that a select user or members of a select group does not need to enter their password to authenticate when running their commands via sudo. This could be done by configuring the sudoers file using the visudo tool at the terminal.
[email protected]:~$ sudo -l Matching Defaults entries for user on host: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin User user may run the following commands on host: (ALL : ALL) ALL
$ sudo visudo
user ALL = (ALL) NOPASSWD: ALL
Passwordless sudo could be assigned to a group by replacing the username with %groupname or by replacing it with ALL to allow passwordless sudo for all users in the system
[email protected]:~$ sudo -l Matching Defaults entries for user on host: env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin User user may run the following commands on host: (ALL : ALL) ALL (ALL) NOPASSWD: ALL
[email protected]:~$ sudo ls -la /root total 32 drwx------ 5 root root 4096 Jul 24 05:54 . drwxr-xr-x 19 root root 4096 Jul 24 05:53 .. -rw------- 1 root root 18 Jul 19 01:57 .bash_history -rw-r--r-- 1 root root 3106 Aug 6 2018 .bashrc drwxr-xr-x 3 root root 4096 Jul 24 05:54 .local -rw-r--r-- 1 root root 148 Aug 6 2018 .profile drwxr-xr-x 3 root root 4096 Apr 22 07:56 snap drwx------ 2 root root 4096 Apr 22 07:56 .ssh
Comment anonymously. Login not required.