I'm not getting privileges, edited /etc/sudoers

sudo root privileges

43,987

Solution 1

First some general points:

Never edit /etc/sudoers directly. You should always use sudo visudo instead which allows you to edit the file but checks it for errors before saving. The syntax of sudoers is tricky and a mistake can render your system unusable since you will not longer be able to use sudo.
Never change the permissions of /etc/sudoers. In general, you shouldn't change the permissions of system files. In many cases, the programs associated with them will not work properly and it is bad practice and a security hole. That's what sudo is for in the first place, so you don't need to change the permissions.

In addition, if you have set the permissions of /etc/sudoers to 640 and were able to write to it, that means you have also changed its owner to your user. That will effectively break it. As explained in man sudoers:

/etc/sudoers is owned by gid N, should be 1 The sudoers file has the wrong group ownership. If you wish to change the sudoers file group ownership, please add “sudoers_gid=N” (where ‘N’ is the group ID that owns the sudoers file) to the sudoers Plugin line in the sudo.conf(5) file.
If you want regular users to be able to mount a drive, a better way is to specify that in /etc/fstab. Using your example, you would want this line there:
```
/dev/sda6   /media/sgg/D    vfat    users,rw,errors=remount-ro,noauto  0   0
```
That will allow regular users to mount it with
```
mount /dev/sda6
```
If despite the above, you still want to allow your user to run any command without a password, the line you want to add to /etc/sudoers (using sudo visudo) is:
```
sgg ALL=NOPASSWD:ALL
```
Save the file and exit visudo and try running sudo ls, you shouldn't be asked for a password. I just tested and can confirm it works on my LMDE.

Solution 2

That just tells the system that you may run all commands (which is the default anyway) but doesn't say anything about passwords. You need:

sgg ALL = (ALL) NOPASSWD: ALL

From the man page:

FULLTIMERS      ALL = NOPASSWD: ALL
Full time sysadmins (millert, mikef, and dowdy) may run any command on any host without authenticating themselves.

43,987

gangadhars

Updated on September 18, 2022

Comments

gangadhars over 1 year
I want to run any program without asking root password. Because I'm the only person who use the system. So I googled and edited /etc/sudoers.

What I did:
```
# chmod 640 /etc/sudoers
# vim /etc/sudoers
```
Added a line like below:
```
# User privilege specification
root    ALL=(ALL:ALL) ALL
sgg ALL=(ALL:ALL) ALL
```
saved and closed the file. Rebooted system. But no change/improvement. Am I want to change any other lines? or Is there any way?

EDIT:

1.I changed permissions /etc/sudoers to 0440. ls -l /etc/sudoers result is
```
-r--r----- 1 root root 772 May  4 19:43 /etc/sudoers
```
2.I run # visudo. File content is
```
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL
sgg ALL=NOPASSWD:ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
```
But still it asking for password when I run sudo ls.

System Info: Ubuntu 14.04 x86_64 3.13.0-24-generic
- Admin about 10 years
  
  do not vim /etc/sudoers, use visudo
- Admin about 10 years
  
  also, I think you tinkering with sudoers file persmissions could be cause of errors, put it back to 0440
gangadhars about 10 years

not working. asking for password
Hauke Laging about 10 years

@SGG Quite strange because it does work here. What exactly is the command you run?
gangadhars about 10 years

i'm trying to run sudo mount -t vfat /media/sgg/D /dev/sda6
Hauke Laging about 10 years

@SGG It does not explain the password request but the mount command is wrong. It must be mount -t vfat /dev/sda6 /media/sgg/D. Please try sudo ls /root.
gangadhars about 10 years

sorry, that's a typo. Why when run the mount command it's asking pswd. I don't want to ask it. So that normal user can also mount.
gangadhars about 10 years

visudo giving usage: visudo [-chqsV] [-f sudoers] [-x file]
terdon about 10 years

@SGG how are you running it? Did you run sudo visudo?
gangadhars about 10 years

i already tried with /etc/fstab. It gave me error at booting time Unable to mount /dev/sda6. press S to skip and M to manually ... some kind of message
gangadhars about 10 years

sudo visudo /etc/sudoers
terdon about 10 years

@SGG please run it the way I suggest in my answer, simply sudo visudo. The error message you're getting suggests that you are trying to mount an external or network drive that is not present at boot time. Is that so? That's the kind of detail you should mention in your question. Anyway, try the updated answer, I have changed the fstab line.
terdon about 10 years

@SGG what worked? The sudo visudo works because that's the correct format for it, not sudo visudo /path/to/file. The fstab line works because the noauto option tells your system not to try and mount the drive automatically when booting. The users option tells it to allow regular users to mount.
terdon about 10 years

@SGG also, make sure to revert your /etc/sudoers file to the correct permissions. It should be 0440 and owned by root.
gangadhars about 10 years

fstab worked. And I reverted back /etc/sudoers to default permissions
gangadhars about 10 years

/etc/sudoers not working. Still it asking for password when I run sudo ls
terdon about 10 years

@SGG you need to save the file and exit visudo for the changes to take effect. If this is still not working, please update your question with the current contents of your sudoers file and the output of ls -l /etc/sudoers. Also make sure you tell us what operating system you're using. I'm guessing Linux but which one?
gangadhars about 10 years

Edited question.
gangadhars about 10 years

I edited my question.
terdon almost 10 years

@SGG that's very strange. I tried with the exact same file and the newly created user sgg was not asked for a password when running sudo.
Goran_Ilic_Ilke over 2 years

Not working on ubuntu 20.04 .
Goran_Ilic_Ilke over 2 years

Not working on ubuntu 20.04
terdon over 2 years

@Goran_Ilic_Ilke sorry, but without more context I have no idea what you mean. Please ask a new question, explain what you need, explain what you tried and how it failed.