In my Ubuntu 20.04 installation the /etc/sudoers.d directory has the following default files
99-snapd.conf
README
So you would assume that creating a file such as 50-mysudo.conf with the contents needed to allow passwordless sudo would work
jamesm ALL=(ALL:ALL) NOPASSWD:ALL
But no!
So what rules you need to do to follow to have a working /etc/sudoers.d file. From the README in /etc/sudoers.d the file you drop into /etc/sudoers.d needs to comply with these rules:
# This will cause sudo to read and parse any files in the /etc/sudoers.d
# directory that do not end in '~' or contain a '.' character.
#
# Note that there must be at least one file in the sudoers.d directory (this
# one will do), and all files in this directory should be mode 0440.
If the file has ‘.’ character i.e. 55-mysudo.conf it won’t be picked up
If the file has the wrong permissions it won’t be parsed either.
Notice the test file I created with touch test has 644 permissions which is incorrect:
ls -alh
total 28K
drwxr-xr-x 2 root root 4.0K Jan 3 07:53 .
drwxr-xr-x 144 root root 12K Jan 2 20:56 ..
-r--r----- 1 root root 91 Jul 10 23:59 99-snapd.conf
-r--r----- 1 root root 958 Feb 4 2020 README
-rw-r--r-- 1 root root 0 Jan 3 07:53 test
So you should create the file with visudo -f mysudo which will create the file with the right permissions of 0440
ls -alh
total 28K
drwxr-xr-x 2 root root 4.0K Jan 3 07:57 .
drwxr-xr-x 144 root root 12K Jan 2 20:56 ..
-r--r----- 1 root root 91 Jul 10 23:59 99-snapd.conf
-r--r----- 1 root root 0 Jan 3 07:57 mysudo
-r--r----- 1 root root 958 Feb 4 2020 README
Example of how to add a file to /etc/sudoer.d correctly
cd /etc/sudoer.d
visudo -f mysudo
# add the contents as per below and edit to taste
The contents of mysudo
# this is the content of 'mysudo' to allow passwordless sudo
# jamesm is my linux username
jamesm ALL=(ALL:ALL) NOPASSWD:ALL
0 Comments