Sudoers NOPASSWD Option Not Working

Although not good security practice, it can be helpful for a user to account to have at least some (or all) sudo ability without the need to re-enter the user’s password to gain sudoers.

By adding the user within the file /etc/sudoers (via visudo is recommended for Ubuntu Linux), with the following, you can ensure a user can sudo without re-entering their password. For example for Ansible plays is a good example.

myuseraccount ALL=(ALL) NOPASSWD: ALL

What is important is where in the file you are entering this. You should put that line after the line with the rule for the sudo group, because, as the sudoers man page states:

When multiple entries match for a user, they are applied in order.
Where there are multiple matches, the last match is used (which is not necessarily the most specific match).

So just add it at the bottom and you should find it works as expected.

Leave a comment