Sudoers file, enable NOPASSWD for user, all commands

The line you added was overridden. From man sudoers:

When multiple entries match for a user, they are applied in order. Where there are multiple matches, the last match is used (which is not necessarily the most specific match).

In your case nicholsonjf was a member of the group sudo so for him this line applied:

%sudo   ALL=(ALL:ALL) ALL

If you want to override entries in /etc/sudoers just put the new entries after them.

The new entry should look like

myuser ALL=(ALL) NOPASSWD: ALL for a single user, or

%sudo ALL=(ALL) NOPASSWD: ALL for a group.


For a single user, add this line at the end of your sudoers file using the sudo visudo command:

superuser ALL=(ALL) NOPASSWD:ALL

For a group

%supergroup  ALL=(ALL) NOPASSWD:ALL

To never prompt the current user for a password when that user uses sudo run this command:

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password

this will create a file called /etc/sudoers.d/dont-prompt-<YOUR USERNAME>-for-sudo-password with the following contents:

<YOUR USERNAME> ALL=(ALL:ALL) NOPASSWD: ALL

The advantages of doing it this way over manually adding that line to /etc/sudoers using sudo visudo (as suggested by the other answers) are

  1. /etc/sudoers is sometimes modified by system updates, whereas files in /etc/sudoers.d aren't
  2. the sudo visudo method is prone to error (as evidenced by this very question), whereas copy/pasting a command is harder to mess up

Note that you'll still be prompted for the password in other contexts, such as installing stuff from the Ubuntu Software graphical app.

According to sudo cat /etc/sudoers.d/README this feature (of putting extra sudoer files in /etc/sudoers.d) has been enabled by default since Debian 1.7.2p1-1, which came out in the late 1990's (Ubuntu is based on Debian).

Tags:

Sudo