DWQA QuestionsCategory: ServerWhy do other users enter passwords when using sudo installed as root?
ithelloworld asked 4 weeks ago

System environment: cent OS 5.8

$Su -

In fact, www users have no password (SSH login). What’s the matter?

2 Answers
Best Answer
felix021 answered 4 weeks ago

Why does the lock installed as the owner need a key to open? The guest has no key. What’s the matter?

Sunyanzi answered 4 weeks ago

In fact, I’m hesitant to write this answer… Because the answer of the senior upstairs is wrongimplementsudoThe command requires a password… It has nothing to do with you installing it as rootIn fact, if you don’t have root privileges, you can’t install it at allThe reason why I ask you to enter the password… Is that sudo has only two states… Input password and no passwordThe default configuration is that all users need to enter a password for authorization… This method does not support empty passwordIn fact, at this time, it’s wrong for you to enter any passwordThe solution is simple… It’s the no password option I just mentioned… It’s justVery, very, very not recommendedDo thisYou should note that I used three very… If you know the risk of this matter, you still insist on it… The specific operation is as followsusevisudoCommand to open/etc/sudoer… modify as follows

# User privilege specification
root ALL=(ALL) ALL
www ALL=(ALL) NOPASSWD: /usr/bin/make

The last line is for you to addAt this time, the WWW user is executingsudo makeYou don’t need to enter a password for the commandEven if the user has his own password, he doesn’t need to enter it… He can directly execute commands like rootOf course, other commands of sudo still need to enter their own passwordThat is to say, if this user uses a blank password, he still cannot sudo other commandsIf it still doesn’t satisfy you… You can use itNOPASSWD: ALLTo give this user full root privilegesThis way… It’s easy to confirm the security of the machine above… Don’t do this on machines with Internet IPWell, that’s it. It’s very disturbing to fix the problem of senior answers

Sunyanzi replied 4 weeks ago

Well, I just want to say that when I use the sudo command, I don’tCertainRequire users to have passwords… Users without passwords can also sudo is just very dangerous… Of course… As long as you understand, I wrote so much…:)