How to give user root access without giving him root password

5,001

Solution 1

Type visudo, you will see something like this:

<your_user>  ALL=(ALL)   NOPASSWD:ALL

If you want sudo prompt for a password, just remove NOPASSWD

<your_user>  ALL=(ALL)   ALL

UPDATE

As @MikeyB mentioned, by default, sudo will prompt for a password of the invoking user. But if you turn on the targetpw flag:

Defaults targetpw

sudo will ask for the password of the target user.

Solution 2

The answer lies in the sudoers(5) file, which you edit using visudo(8).

As the exmaples there show you, your current sudoers setup will look like this:

%wheel ALL = (ALL) NOPASSWD: ALL

You can change this to:

%wheel ALL = (ALL) ALL

Solution 3

This is just a remark... Some people new with sudo may do the following mistake : sudo -u root -i or sudo -s or sudo -i -->which has the effect to ask your own password, and then if you re successful give you a brand new shell environment(/bin/bash) running with root privilege... Wonderfull... yeah, BUT then the "sudo-newbie" wants to create a file...and he type the following : sudo touch myEpicStoriesWithSudo.txt

--> Of course now sudo will ask for a password... but not your own!!! the one of root because you were not you --> you were root

And you can replace root by any generic-user you want, I had the issue with a lot of DBA when we went to sudo "sudo -u oracle -i" ;)

I hope this can helps you with sudo and all the schizophrenic issue that come with it ;) Regards

Share:
5,001

Related videos on Youtube

Ravi Teja Bodla
Author by

Ravi Teja Bodla

Updated on September 18, 2022

Comments

  • Ravi Teja Bodla
    Ravi Teja Bodla over 1 year

    The scenario is this:

    • I have a development machine I want (need) to have root access to
    • Our admin setups the machines using his own credentials for the root user. The explanation being that if something goes wrong or he needs to change something he just have to remember one password
    • He then proceeds to give each user access to "sudo" without questioning for the password

    Now I really dislike the fact that sudo wouldn't prompt me for my password. How does a user configuration look like that gives me and the admin complete root permissions (2 logins), with sudo prompting me for my password (and not root) look like?

    • Greg Petersen
      Greg Petersen over 12 years
      Which distro are you using?
    • Ravi Teja Bodla
      Ravi Teja Bodla over 12 years
      I'm running OpenSuse 11.2
  • Ravi Teja Bodla
    Ravi Teja Bodla over 12 years
    But then it will prompt me for root's password which I don't have. I want it to prompt for mine
  • pauska
    pauska over 12 years
    No - it will prompt you for your password. Sudo does not use the root password at all, only su does that.
  • Greg Petersen
    Greg Petersen over 12 years
    No, you are wrong. It will prompt you for your password, not root.
  • Ravi Teja Bodla
    Ravi Teja Bodla over 12 years
    I got to admit that I'm not that familiar with unix security model but this is what the terminal says after I changed <your_user> ALL=(ALL) NOPASSWD:ALL to <your_user> ALL=(ALL) ALL: touch file, sudo rm file $ root's password: and when I type in my own it states Sorry, try again
  • Steve Townsend
    Steve Townsend over 12 years
    Ah, in your particular file the targetpw option is turned on.
  • Ravi Teja Bodla
    Ravi Teja Bodla over 12 years
    What happens to the other users on the system if I turn off the option? Any side effects I don't see now?
  • Greg Petersen
    Greg Petersen over 12 years
    It will prompt for their own password.
  • Greg Petersen
    Greg Petersen over 12 years
    Frankly speaking, I forgot this option.
  • Ravi Teja Bodla
    Ravi Teja Bodla over 12 years
    No problem. I'm new here. So what is the etiquette? Accept the answer if a comment points out missing some minor part of the solution?