[sudo-users] problem with NOPASSWD and specific commands

seph seph at directionless.org
Wed Mar 16 12:36:09 EDT 2011


I'd like to give several users permission to run a command as root,
without being prompted for their password. I've done this before, and
I'm not sure why I'm having trouble. But maybe one of you can see what
I'm missing.

Running on ubuntu 10.04 LTS, sudo version 1.7.2p1-1ubuntu5.3

If I have the line:

   deploy ALL = (root) NOPASSWD: ALL

The deploy user gains permission to run everything as root. But if I
have the line:

  deploy ALL = (root) NOPASSWD: /usr/sbin/monit

My deploy user is still prompted for their password:

  deploy at App1:~$ sudo -K
  deploy at App1:~$ sudo -l
  Matching Defaults entries for deploy on this host:
    env_reset, env_keep+=http_proxy, env_keep+=SSH_AUTH_SOCK,
    syslog=auth,
    syslog_badpri=alert, syslog_goodpri=notice

  User deploy may run the following commands on this host:
    (root) NOPASSWD: /usr/sbin/monit
  deploy at App1:~$ sudo /usr/sbin/monit
  [sudo] password for deploy: 

Suggestions?

seph



More information about the sudo-users mailing list