lnlidawei

  博客园 :: 首页 :: 博问 :: 闪存 :: 新随笔 :: 联系 :: 订阅 订阅 :: 管理 ::
[linux]:sudo配置--取消输入密码

[linux]:sudo配置--取消输入密码

 

 

 

 

一、说明

 

  1.  用户使用sudo命令时,需要输入密码;经常输入密码,太麻烦。因此我想取消我的用户使用sudo时输入密码。

 

  2.  原理:配置sudoers文件【/etc/sudoers】

 

  3.  重点说明:

# [config_by_wit:20250911]
user     ALL=(ALL)       NOPASSWD:ALL


说明:
    --    user:        (本处配置)【user】改为【你的用户名】
    --    wit:         (后续配置)【wit】改为【你的用户名】

 

  4.  【sudo特殊配置】:  取消【所有用户】使用sudo时输入密码

# [CONFIG_FOR_ALL_USERS]
ALL    ALL=(ALL)    NOPASSWD:ALL

 

 

 

二、操作

 

  1.  临时切换sudoers文件的编辑器【vim】:  sudo  VISUAL=vim  visudo

 

  2.  在【/etc/sudoers】文件末尾,添加文字:

# [config_by_wit:20250911]
wit     ALL=(ALL)       NOPASSWD:ALL

 

 

 

三、完整文本

[wit@ubuntu:tmp]$ sudo  VISUAL=vim  visudo

# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"

# Ditto for GPG agent
#Defaults:%sudo env_keep += "GPG_AGENT_INFO"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL


# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL


# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL


# See sudoers(5) for more information on "@include" directives:
@includedir /etc/sudoers.d


# [config_by_wit:20250911]
wit     ALL=(ALL)       NOPASSWD:ALL


visudo: /etc/sudoers.tmp unchanged
[wit@ubuntu:tmp]$ 
[wit@ubuntu:tmp]$ 
[wit@ubuntu:tmp]$ sudo cat  /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"

# This fixes CVE-2005-4890 and possibly breaks some versions of kdesu
# (#1011624, https://bugs.kde.org/show_bug.cgi?id=452532)
Defaults        use_pty

# This preserves proxy settings from user environments of root
# equivalent users (group sudo)
#Defaults:%sudo env_keep += "http_proxy https_proxy ftp_proxy all_proxy no_proxy"

# This allows running arbitrary commands, but so does ALL, and it means
# different sudoers have their choice of editor respected.
#Defaults:%sudo env_keep += "EDITOR"

# Completely harmless preservation of a user preference.
#Defaults:%sudo env_keep += "GREP_COLOR"

# While you shouldn't normally run git as root, you need to with etckeeper
#Defaults:%sudo env_keep += "GIT_AUTHOR_* GIT_COMMITTER_*"

# Per-user preferences; root won't have sensible values for them.
#Defaults:%sudo env_keep += "EMAIL DEBEMAIL DEBFULLNAME"

# "sudo scp" or "sudo rsync" should be able to use your SSH agent.
#Defaults:%sudo env_keep += "SSH_AGENT_PID SSH_AUTH_SOCK"

# Ditto for GPG agent
#Defaults:%sudo env_keep += "GPG_AGENT_INFO"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL


# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL


# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL


# See sudoers(5) for more information on "@include" directives:
@includedir /etc/sudoers.d


# [config_by_wit:20250911]
wit     ALL=(ALL)       NOPASSWD:ALL


[wit@ubuntu:tmp]$ 
[wit@ubuntu:tmp]$

 

 

 

四、sudo配置的另一种方法【/etc/sudoers.d】

 

 

  1.  在【/etc/sudoers.d】文件夹内,写自己的配置文件。

    --  配置文件的要求:

      --  文件名要求:  文件名中,不能包含点(".");文件名的末尾,不能是波浪线("~") 。文件的名字,可以包含下划线("_")。

      --  文件的权限:  文件权限必须是440(sudo  chmod  440 wit)

    --  配置文件实例:

[wit@ubuntu:sudoers.d]$ sudo cat wit
#       position:               /etc/sudoers.d/
#       file_name:              not including  "." "~"
#       file_author:            sudo chmod  440  wit


# [config_by_wit:20250911]
wit     ALL=(ALL)       NOPASSWD:ALL

 

 

  2.  相关操作以及配置文件

[wit@ubuntu:sudoers.d]$ pwd
/etc/sudoers.d
[wit@ubuntu:sudoers.d]$ 
[wit@ubuntu:sudoers.d]$ ll
total 8.0K
-r--r----- 1 root root 1.1K Feb 19  2025 README
-r--r----- 1 root root  161 Sep 11 21:12 wit
[wit@ubuntu:sudoers.d]$ 
[wit@ubuntu:sudoers.d]$ sudo cat wit
#       position:               /etc/sudoers.d/
#       file_name:              not including  "." "~"
#       file_author:            sudo chmod  440  wit


# [config_by_wit:20250911]
wit     ALL=(ALL)       NOPASSWD:ALL


[wit@ubuntu:sudoers.d]$ 
[wit@ubuntu:sudoers.d]$

 

 

 

五、参考资料

 

  1.  chat.baidu.com

 

  .

 

posted on 2025-09-11 20:50  lnlidawei  阅读(49)  评论(0)    收藏  举报