Bug#697490: Passwordless sudo without modifying /etc/sudoers ?

["Chris Fordham" <chris.fordham@rightscale.com>]

On Sun, 06 Jan 2013 14:32:04 +1100, Charles Plessy <plessy@debian.org>  
wrote:

> Package: cloud.debian.org
> Severity: minor
>
> Hello everybody,
>
> while updating from Squeeze to Wheezy an image created by  
> ec2debian-build-ami,
> I was interrupted by dpkg to manage the update of /etc/sudoers as it was
> locally modified by ec2debian-build-ami to add the following line:
>
> admin	ALL=(ALL) NOPASSWD: ALL
>
> At first I thought that it could be simplified by simply adding the  
> admin user
> to the sudoer group, however this does not work as the admin user does  
> not have
> a password, and by default, sudo will ask for one to the members of the  
> sudo
> group:
>
> %sudo	ALL=(ALL:ALL) ALL
>
> However, I note that in Ubuntu, a password is not asked, despite that the
> configuration is very similar (using the group admin instead of sudo).
>
> %admin ALL=(ALL) ALL
>
> Does anybody know how to allow passwordless access to the members of the  
> sudo
> group without modifying /etc/sudoers ?  This would simplify the  
> interactive
> upgrades of our virtual machines.
Afaik, this is what /etc/sudoers is for and should be edited by visudo, at  
least for interactive (SUDOERS(5)).
For automation of this configuration I like using Chef and the sudo  
cookbook, http://community.opscode.com/cookbooks/sudo. I am not sure why  
you are looking for another way without editing /etc/sudoers.

> Have a nice Sunday,


--

Chris Fordham

Backline Support Engineer
RightScale Technical Services


Direct: +1 805 243 0252

Cell: +61 423 003 417

Skype: chris.fordham.rs

Email: chris.fordham@rightscale.com