thanks.... I think I am grasping it! :-)~MIKE~(-: On Mon, Jul 14, 2014 at 9:48 PM, James Dugger wrote: > Michael, > > The following line: > > %sudo ALL=(ALL) NOPASSWD: ALL > > literally means: > > ALL users in the sudo group can execute ALL commands as ALL users > from ALL places without a password. > > Without any lines after this. The only thing that you would need to do is > add users to the sudo group (/etc/group). Thus the line: > > $ sudo useradd -G sudo > > The %sudo portion of the stanza tells Linux to look in the /etc/group file > for a line starting with "sudo" and include any users listed on that line > in the sudo group. This way you don't have to add them individually as > separate lines in the sudoers file. For example lets say you have 3 users > (john, jane, sam) that you want to have sudo rights w/o a password. It > could be done in one of two ways: > > 1st- in sudoers > > jane ALL=(ALL) NOPASSWD: ALL > john ALL=(ALL) NOPASSWD: ALL > sam ALL=(ALL) NOPASSWD: ALL > > or > > 2nd - in sudoers and /etc/group > > %sudo ALL=(ALL) NOPASSWD: ALL > > in /etc/group > > sudo:x:##:john,jane,sam > > Both work but programmatically the 2nd option eliminates redundant code > when writing scripts and allows the use of additional shell commands (and > arguably more simple ones) to be used to maintain file changes (i.e. sudo > useradd -a -G sudo ). When scripting it is easier add the use of > usermod and useradd to a script than to use commands like sed -i and then > having to escape special characters like "%, (, and )" when making changes > or updates. > > > > On Mon, Jul 14, 2014 at 7:48 PM, Michael Havens wrote: > >> I was wondering: these are the instructions I was given to make it so I >> don't need to input my password after I sudo. >> --- >> sudo visudo >> >> >> comment out the line: >> >> %sudo ALL=(ALL:ALL) ALL >> >> and add a new line below it like this: >> >> %sudo ALL=(ALL) NOPASSWD: ALL >> >> sudo useradd -G sudo >> --- >> I was thinking that with the script being like that I probably don't need >> the last line because the way it is I am telling it no one needs a password >> with sudo. It would probably be more secure to have: >> >> %sudo ALL=(ALL) NOPASSWD: >> >> is that correct? If I had multiple users who I wanted to not use a >> password would I separate the users with a space or comma? If I only wanted >> one user to be able to sudo it would be: >> >> %sudo =(ALL) NOPASSWD: >> >> what is the point of th ALL surrounded by parentheses? >> :-)~MIKE~(-: >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > > > -- > James > > *Linkedin * > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >