sudo commands without password doesnt work, please help

General support questions
ayad
Posts: 2
Joined: 2017/12/07 19:48:03

sudo commands without password doesnt work, please help

Postby ayad » 2017/12/07 20:04:43

hello everyone
this is my first post in the forum, i having issues execute commands without password
, all requirement has been done but still can not run any sudo commands without password, and here is my sudo configuration look like

user name: ansible
OS: CentOS 7.4
environment: test
this "ansible" has been added to the wheel group, i can run all sudo commands with no issues, but when i added the user to the sudoers file to run commands without password its doesn't work, its work only if i add the entire wheel group but not the user, i just want this user only to run all sudo command without password, not sure what wrong, being trying to figure out what the issues since last week but no luck, any help will be appreciated, and here is what the sudoers file look like.





Code: Select all

##      user    MACHINE=COMMANDS
##
## The COMMANDS section may have other options added to it.
##
## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
ansible ALL=(ALL)       NOPASSWD: ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL

## Same thing without a password
#%wheel ALL=(ALL)       NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
~

pjsr2
Posts: 201
Joined: 2014/03/27 20:11:07

Re: sudo commands without password doesnt work, please help

Postby pjsr2 » 2017/12/07 22:04:29

As the user "ansible" belongs to the group "wheel", the following entries both match when user ansible invokes sudo:

Code: Select all

ansible ALL=(ALL)       NOPASSWD: ALL
%wheel  ALL=(ALL)       ALL

When multiple entries match, the last entry will be used, which in your case requires a password authentication.

ayad
Posts: 2
Joined: 2017/12/07 19:48:03

Re: sudo commands without password doesnt work, please help

Postby ayad » 2017/12/07 22:51:05

pjsr2 wrote:As the user "ansible" belongs to the group "wheel", the following entries both match when user ansible invokes sudo:

Code: Select all

ansible ALL=(ALL)       NOPASSWD: ALL
%wheel  ALL=(ALL)       ALL

When multiple entries match, the last entry will be used, which in your case requires a password authentication.


Thanks pjsr2 for the respond
So what the best solution to get it to work?
Crate a group and name it ansible, add user ansible to the group ansible, then add the group to the sudoers file to be like this


Code: Select all

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL

## Allows members of the 'sys' group to run networking, software,
## service management apps and more.
# %sys ALL = NETWORKING, SOFTWARE, SERVICES, STORAGE, DELEGATING, PROCESSES, LOCATE, DRIVERS

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
%ansible ALL=(ALL)      ALL

## Same thing without a password
#%wheel ALL=(ALL)       NOPASSWD: ALL
%ansible ALL=(ALL)      NOPASSWD: ALL

## Allows members of the users group to mount and unmount the
## cdrom as root
# %users  ALL=/sbin/mount /mnt/cdrom, /sbin/umount /mnt/cdrom

## Allows members of the users group to shutdown this system
# %users  localhost=/sbin/shutdown -h now

## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d

User avatar
TrevorH
Forum Moderator
Posts: 21183
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: sudo commands without password doesnt work, please help

Postby TrevorH » 2017/12/08 01:27:39

Just move the ansible line after the wheel one.
CentOS 5 died in March 2017 - migrate NOW!
Full time Geek, part time moderator. Use the FAQ Luke