正文
linux设置sudo不要密码
小程序:扫一扫查出行【扫一扫了解最新限行尾号】
复制小程序
linux下,普通用户,sudo时需要密码
改成没密码,
vi /etc/sudoers
在 root ALL=(ALL) ALL后加一行
sysusr ALL=(ALL) NOPASSWD: ALL(92行)
有时将用户设了nopasswd,但无效,原因是被后面的group的设置覆盖了,需要把group的设置也改为nopasswd。
sysusr账号所在组(wheel):见102行,%wheel,设置用户组sudo不加密,保存即可生效。
...
81 ## Next comes the main part: which users can run what software on
82 ## which machines (the sudoers file can be shared between multiple
83 ## systems).
84 ## Syntax:
85 ##
86 ## user MACHINE=COMMANDS
87 ##
88 ## The COMMANDS section may have other options added to it.
89 ##
90 ## Allow root to run any commands anywhere
91 root ALL=(ALL) ALL
92 sysusr ALL=(ALL) NOPASSWD: ALL
93
94 ## Allows members of the 'sys' group to run networking, software,
95 ## service management apps and more.
96 # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS
97
98 ## Allows people in group wheel to run all commands
99 %wheel ALL=(ALL) ALL
100
101 ## Same thing without a password
102 # %wheel ALL=(ALL) NOPASSWD: ALL //这一行的#要放开,效果上,覆盖99行的设置
103
104 ## Allows members of the users group to mount and unmount the
105 ## cdrom as root
106 # %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom
107
108 ## Allows members of the users group to shutdown this system
109 # %users localhost=/sbin/shutdown -h now
110
111 ## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
112 #includedir /etc/sudoers.d
附录:查看用户所在组的两个方式:
1.groups命令
[sysusr@GCOS 12:15:58]$ groups
sysusr wheel service
<~>
2.查看/etc/group
[sysusr@GCOS 12:18:49]$ cat /etc/group|grep sysusr
wheel:x:10:sysusr
sysusr:x:1000:service,postgres,mysql,nginx,apache
service:x:2000:sysusr,postgres,mysql,nginx,apache
<~>
参考:
