How to Run ‘sudo’ Command Without Entering a Password in Linux

In case you are running Linux on a machine that you normally use alone, say on a laptop, entering a password each time you invoke sudo can become so boring in the long run. Therefore, in this guide, we will describe how to configure the sudo command to run without entering a password.

This setting is done in the /etc/sudoers file, which drives sudoers to use the default security policy plugin for the sudo command; under the user privilege specification section.

Important: In the sudeors file, the authenticate parameter which is turned on by default is used for authentication purposes. If it is set, users must authenticate themselves via a password (or other means of authentication) before they run commands with sudo.

However, this default value may be overridden using the NOPASSWD (require no password when the user invokes sudo command) tag.

The syntax to configure user privileges is as follows:

user_list host_list=effective_user_list tag_list command_list

Where:

  1. user_list – list of users or a user alias that has already been set.
  2. host_list – list of hosts or a host alias on which users can run sudo.
  3. effective_user_list – list of users they must be running as or a run as alias.
  4. tag_list – list of tags such as NOPASSWD.
  5. command_list – list of commands or a command alias to be run by user(s) using sudo.

To allow a user (aaronkilik in the example below) to run all commands using sudo without a password, open the sudoers file:

$ sudo visudo

And add the following line:

aaronkilik ALL=(ALL) NOPASSWD: ALL

For the case of a group, use the % character before the group name as follows; this means that all members of the sys group will run all commands using sudo without a password.

%sys ALL=(ALL) NOPASSWD: ALL

To permit a user to run a given command (/bin/kill) using sudo without a password, add the following line:

aaronkilik ALL=(ALL) NOPASSWD: /bin/kill

The line below will enable members of the sys group to run the commands: /bin/kill, /bin/rm using sudo without a password:

%sys ALL=(ALL) NOPASSWD: /bin/kill, /bin/rm
Run sudo Without Password
Run sudo Without Password

For more sudo configuration and additional usage options, read our articles that describe more examples:

In this article, we described how to configure the sudo command to run without entering a password. Do not forget to offer us your thoughts about this guide or other useful sudeors configurations for Linux system administrators in the comments.

Hey TecMint readers,

Exciting news! Every month, our top blog commenters will have the chance to win fantastic rewards, like free Linux eBooks such as RHCE, RHCSA, LFCS, Learn Linux, and Awk, each worth $20!

Learn more about the contest and stand a chance to win by sharing your thoughts below!

Aaron Kili
Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge.

Each tutorial at TecMint is created by a team of experienced Linux system administrators so that it meets our high-quality standards.

Join the TecMint Weekly Newsletter (More Than 156,129 Linux Enthusiasts Have Subscribed)
Was this article helpful? Please add a comment or buy me a coffee to show your appreciation.

12 Comments

Leave a Reply
  1. In response to the question asked here: https://stackoverflow.com/questions/25189348/unable-to-provide-password-to-a-process-with-subprocess-python

    On Linux you can bypass the sudo prompt using:

    ````bash
    echo  | sudo -S whoami
    ````
    

    Pass the formatted command to subprocess and you are good to go:

    ````python
    import subprocess as sp
    
    cmd = "whoami"
    password= ""
    
    stdout, stderr = sp.Popen("echo {} | sudo -S {}".format(password, cmd), shell=True, stdout=sp.PIPE, stderr=sp.PIPE).communicate()
    
    print(stdout.decode())
    
    if stderr:
        print("error occured:")
        print(stderr.decode())
    ````
    

    It should print `root` as the command is executed by the sudo user.

    Reply
  2. Alternately you can use python pudo package: https://pypi.org/project/pudo/1.0.0/

    Installation:

    $ sudo -H pip3 install pudo # you can install using pip2 also
    

    Below is the code snippet for using in python automation for running commands under root privilege::

        user$ python3 # or python2
        >>> import pudo
        >>> (ret, out) = pudo.run(('ls', '/root')) # or pudo.run('ls /root')
        >>> print(ret)
        >>> 0
        >>> print(out)
        >>> b'Desktop\nDownloads\nPictures\nMusic\n'
    

    Below is the cmd example for running commands under root privilege

        user$ pudo ls /root
        Desktop  Downloads  Pictures  Music
    
    Reply
  3. Hi,When I opened the sudo.conf, I find a default record, “root ALL=(ALL:ALL) ALL“, my question is what’s the meaning of the third ALL, Thanks.

    Reply
        • Sorry, some mistakes have occured, the syntax to add a record , for example, “root ALL=(user1, user2: group1, group2) NOPASSWD: ALL”, is it right, Thanks.

          Reply
          • @Hubo

            Yap, according to the sudoers man page, which explains that, “Multiple users and groups may be present in a Runas_Spec(run as user or group), in which case the user may select any combination of users and groups.

            In this example:

            aaronkilik ALL = (root, bin : operator, system) ALL

            The user aaronkilik may run any command as either user root or bin, optionally setting the group to operator or system. ”

            For additional info, go through the sudoers man page:
            man sudoers

  4. Instead of configuring sudo to not require authentication at all you can setup pam_ssh_agent_auth to have it authenticate you by your ssh key.

    Reply

Got Something to Say? Join the Discussion...

Thank you for taking the time to share your thoughts with us. We appreciate your decision to leave a comment and value your contribution to the discussion. It's important to note that we moderate all comments in accordance with our comment policy to ensure a respectful and constructive conversation.

Rest assured that your email address will remain private and will not be published or shared with anyone. We prioritize the privacy and security of our users.