[sudo-users] NOPASSWD option prompts for pw if user attempts cmd not in auth list.

Todd C. Miller Todd.Miller at courtesan.com
Fri Feb 8 19:01:31 EST 2008


The problem is that NOPASSWD is specific to the command.  If the
command doesn't match then it will not be in effect.  One thing you
might look at is disabling the "authenticate" option for the user
in question.  E.g.

Defaults:xxx	!authenticate

which will prevent sudo from ever asking user xxx for a password.

That may or may not suit your needs.  Other people have asked for
a non-interactive option to prevent sudo from asking for input in
cases like this.  Something along those lines will probably show
up in a future sudo release.

 - todd



More information about the sudo-users mailing list