linux下,普通用戶,sudo時需要密碼
改成沒密碼,
vi /etc/sudoers
在 root ALL=(ALL) ALL后加一行
sysusr ALL=(ALL) NOPASSWD: ALL (92行)
有時將用戶設了nopasswd,但無效,原因是被后面的group的設置覆蓋了,需要把group的設置也改為nopasswd。
sysusr賬號所在組(wheel):見102行,%wheel,設置用戶組sudo不加密,保存即可生效。
...
81 ## Next comes the main part: which users can run what software on 82 ## which machines (the sudoers file can be shared between multiple 83 ## systems). 84 ## Syntax: 85 ## 86 ## user MACHINE=COMMANDS 87 ## 88 ## The COMMANDS section may have other options added to it. 89 ## 90 ## Allow root to run any commands anywhere 91 root ALL=(ALL) ALL 92 sysusr ALL=(ALL) NOPASSWD: ALL 93 94 ## Allows members of the 'sys' group to run networking, software, 95 ## service management apps and more. 96 # %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS 97 98 ## Allows people in group wheel to run all commands 99 %wheel ALL=(ALL) ALL 100 101 ## Same thing without a password 102 # %wheel ALL=(ALL) NOPASSWD: ALL //這一行的#要放開,效果上,覆蓋99行的設置 103 104 ## Allows members of the users group to mount and unmount the 105 ## cdrom as root 106 # %users ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom 107 108 ## Allows members of the users group to shutdown this system 109 # %users localhost=/sbin/shutdown -h now 110 111 ## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment) 112 #includedir /etc/sudoers.d
附錄:查看用戶所在組的兩個方式:
1.groups命令
[sysusr@GCOS 12:15:58]$ groups
sysusr wheel service <~>
2.查看/etc/group
[sysusr@GCOS 12:18:49]$ cat /etc/group|grep sysusr wheel:x:10:sysusr sysusr:x:1000:service,postgres,mysql,nginx,apache service:x:2000:sysusr,postgres,mysql,nginx,apache <~>
參考: