No password prompt at sudo command

Question

Whenever I issue command sudo apt-get install ** it does not ask for password, not in my admin user too.

How to make it prompt for password?

My sudoer :

ubuntu:~$ sudo cat /etc/sudoers
#
# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults    env_reset
Defaults    secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

# See sudoers(5) for more information on "#include" directives:

#includedir /etc/sudoers.d
ALL ALL=(ALL) NOPASSWD:ALL

comment out the last line. [#ALL ALL=(ALL) NOPASSSD:ALL] – shantanu Jun 21 '12 at 03:39 — shantanu, Jun 21 '12 at 03:39

score 19 · Accepted Answer · answered Jun 21 '12 at 03:40

19

Edit /etc/sudoers using sudo visudo, and remove the last line:

ALL ALL=(ALL) NOPASSWD:ALL

(By the way, please note that this line at the end of the file is not the preferred way to make sudo not prompt for a password, for those who want to do that.)

answered Jun 21 '12 at 03:40

Eliah Kagan

117,780

1

Thanks for the reply Eliah, But how could it be there by default ? – data9 Jun 21 '12 at 04:13
1

It's not supposed to be there by default. This doesn't usually appear in /etc/sudoers files in Ubuntu. In any case, commenting it out (by putting # in front of it) is as good as deleting the line, and makes it easier to get it back, if you ever want it back. – Eliah Kagan Jun 21 '12 at 04:16
2

ok, so what is the preferred way to make sudo not prompt for a password? – Michael Ben-Nes Oct 15 '14 at 11:17
@EliahKagan Thanks my friend, I had the same problem and this solved.... BUT I have this doubt, I never edited these files, what are the ways it can be modified without user permission? – Severus Tux Feb 09 '16 at 15:15
@SeverusTux you would have given the root permission to a program from untrusted source. which modified this file so that in future it will not need to ask password from you again and again... ............You can think about virus.. or Trojan horse... – sanjeevprasad Jan 02 '17 at 18:09
1

@michaelbn I know this is a very late comment but read https://askubuntu.com/questions/147241/execute-sudo-without-password – Nate Jun 10 '21 at 21:15

score 6 · Answer 2 · edited Feb 28 '17 at 04:42

6

Use this command to find the source of the problem:

sudo grep -HRn NOPASSWD /etc/sudoers.d/

In my case:

/etc/sudoers.d/50_stack_sh:1:username ALL=(root) NOPASSWD:ALL

comment the line with # and close your terminal.

edited Feb 28 '17 at 04:42

d a i s y

5,511

answered Aug 23 '13 at 12:01

hamza

61
1
2

Yes - I hit this same issue, from an Azure cloud-init script. The tricksy bit about this is that it appears in a separate script in the sudoers.d directory and so the sudo visudo wrongly implies that nothing is wrong. This is where I got the script from https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cloudinit-add-user#add-a-user-to-a-vm-with-cloud-init note the sudo: ['ALL=(ALL) NOPASSWD:ALL'] – icc97 Jan 15 '21 at 20:22

score 0 · Answer 3 · edited Mar 28 '15 at 16:24

I think it is better to add the "admin user" at the end of the file, because the admin should not have to put the password in every order in the terminal, and no other user is allowed to do it neither:

# This file MUST be edited with the 'visudo' command as root.
#
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
#
# See the man page for details on how to write a sudoers file.
#
Defaults    env_reset
Defaults    secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root    ALL=(ALL:ALL) ALL
# Members of the admin group may gain root privileges
%admin  ALL=(ALL) ALL
# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL
# See sudoers(5) for more information on "#include" directives:
#includedir /etc/sudoers.d
# ALL ALL=(ALL) NOPASSWD:ALL
(user here) ALL=(ALL) NOPASSWD:ALL

use formatting. Highlight the text and use the <$> button – Panther Mar 28 '15 at 16:24 — Panther, Mar 28 '15 at 16:24

No password prompt at sudo command

3 Answers3

Linked

Related