How a non-root user sudo to another non-root user without password?
10,600
You can edit the "User privilege specification" section of /etc/sudoers
, adding:
non-root-user ALL = (appuser) NOPASSWD: ALL
This will allow non-root-user
to run all commands as appuser
. non-root-user
will not be allowed to run commands as root.
Note that errors in /etc/sudoers
can make a system unusable. The file should only be edited with:
$ sudo visudo
This special editor checks the sudoers
file for errors before saving and refuses to save it if errors are found.
Related videos on Youtube
Author by
overexchange
Updated on September 18, 2022Comments
-
overexchange almost 2 years
As root, created a new non-root user on RHEL 7.5
appuser:x:1903:1903:appuser:/home/appuser:/bin/bash
A non-root user to be able to sudo to
appuser
,sudo -u appuser
without a password,
What are the changes required on RHEL 7.5?
-
overexchange over 5 yearsBut
-r--r----- 1 root root 1225 Jun 12 12:04 /etc/sudoers
. Do you think this is customised permision? -
overexchange over 5 yearsE45 error on modifying the file with vi editor
-
fra-san over 5 yearsIt looks like
-r--r-----
is the standard file mode for/etc/sudoers
. Refer to my edited answer for how to edit it. -
Sridhar Sarnobat over 4 yearsThis still gives
visudo: /etc/sudoers: Permission denied
if I do not have root privileges, so I don't see how this answers the question. -
fra-san over 4 years@SridharSarnobat The
sudo visudo
part is just a clarification on how to (safely) edit/etc/sudoers
, i.e. how to configure the system so that an unprivileged user can authenticate as another unprivileged user without being prompted for a password. That step requires root access, of course (and the OP does have it). Apparently, the question is not about how to configure a non-root user using a non-root user. Does this clear your doubts? -
Sridhar Sarnobat over 4 yearsFair enough, my case isn't quite the same as the OP. I don't have the ability to temporarily use root permissions so I guess I'm out of luck. This seems like a bit of a flaw in Linux's model.