Skip to content

sudo

Enable sudo without password

echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-sudo-password

sudo no password

sudo sh -c 'echo "$SUDO_USER ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/$SUDO_UID

Run shell as another user

sudo su -l www-data -s /bin/bash

Run shell as another user

sudo -u anotheruser /bin/bash

Run command as different user

su -c "/usr/share/elasticsearch/bin/elasticsearch" -s /bin/sh elasticsearch

Execute any command with a password promt but allow one command without password prompt (WinSCP require)

%sudo   ALL=(ALL:ALL) ALL
kvuser  ALL=(root) NOPASSWD: /usr/lib/openssh/sftp-server

If there are multiple matching entries in /etc/sudoers, sudo uses the last one Note the use of (root), to allow the program to be run as root but not as other users. (Don't give more permissions than the minimum required unless you've thought out the implications