How to give user root access without giving him root password
Solution 1
Type visudo
, you will see something like this:
<your_user> ALL=(ALL) NOPASSWD:ALL
If you want sudo
prompt for a password, just remove NOPASSWD
<your_user> ALL=(ALL) ALL
UPDATE
As @MikeyB mentioned, by default, sudo
will prompt for a password of the invoking user. But if you turn on the targetpw
flag:
Defaults targetpw
sudo
will ask for the password of the target user.
Solution 2
The answer lies in the sudoers(5) file, which you edit using visudo(8).
As the exmaples there show you, your current sudoers setup will look like this:
%wheel ALL = (ALL) NOPASSWD: ALL
You can change this to:
%wheel ALL = (ALL) ALL
Solution 3
This is just a remark... Some people new with sudo may do the following mistake : sudo -u root -i or sudo -s or sudo -i -->which has the effect to ask your own password, and then if you re successful give you a brand new shell environment(/bin/bash) running with root privilege... Wonderfull... yeah, BUT then the "sudo-newbie" wants to create a file...and he type the following : sudo touch myEpicStoriesWithSudo.txt
--> Of course now sudo will ask for a password... but not your own!!! the one of root because you were not you --> you were root
And you can replace root by any generic-user you want, I had the issue with a lot of DBA when we went to sudo "sudo -u oracle -i" ;)
I hope this can helps you with sudo and all the schizophrenic issue that come with it ;) Regards
Related videos on Youtube
Ravi Teja Bodla
Updated on September 18, 2022Comments
-
Ravi Teja Bodla over 1 year
The scenario is this:
- I have a development machine I want (need) to have root access to
- Our admin setups the machines using his own credentials for the root user. The explanation being that if something goes wrong or he needs to change something he just have to remember one password
- He then proceeds to give each user access to "sudo" without questioning for the password
Now I really dislike the fact that sudo wouldn't prompt me for my password. How does a user configuration look like that gives me and the admin complete root permissions (2 logins), with sudo prompting me for my password (and not root) look like?
-
Greg Petersen over 12 yearsWhich distro are you using?
-
Ravi Teja Bodla over 12 yearsI'm running OpenSuse 11.2
-
Ravi Teja Bodla over 12 yearsBut then it will prompt me for root's password which I don't have. I want it to prompt for mine
-
pauska over 12 yearsNo - it will prompt you for your password. Sudo does not use the root password at all, only su does that.
-
Greg Petersen over 12 yearsNo, you are wrong. It will prompt you for your password, not
root
. -
Ravi Teja Bodla over 12 yearsI got to admit that I'm not that familiar with unix security model but this is what the terminal says after I changed
<your_user> ALL=(ALL) NOPASSWD:ALL
to<your_user> ALL=(ALL) ALL
:touch file
,sudo rm file
$ root's password:
and when I type in my own it statesSorry, try again
-
Steve Townsend over 12 yearsAh, in your particular file the
targetpw
option is turned on. -
Ravi Teja Bodla over 12 yearsWhat happens to the other users on the system if I turn off the option? Any side effects I don't see now?
-
Greg Petersen over 12 yearsIt will prompt for their own password.
-
Greg Petersen over 12 yearsFrankly speaking, I forgot this option.
-
Ravi Teja Bodla over 12 yearsNo problem. I'm new here. So what is the etiquette? Accept the answer if a comment points out missing some minor part of the solution?