Bug#697490: Passwordless sudo without modifying /etc/sudoers ?

To: submit@bugs.debian.org
Subject: Bug#697490: Passwordless sudo without modifying /etc/sudoers ?
From: Charles Plessy <plessy@debian.org>
Date: Sun, 6 Jan 2013 12:32:04 +0900
Message-id: <[🔎] 20130106033204.GF26783@falafel.plessy.net>
Reply-to: Charles Plessy <plessy@debian.org>, 697490@bugs.debian.org

Package: cloud.debian.org
Severity: minor

Hello everybody,

while updating from Squeeze to Wheezy an image created by ec2debian-build-ami,
I was interrupted by dpkg to manage the update of /etc/sudoers as it was
locally modified by ec2debian-build-ami to add the following line:

admin	ALL=(ALL) NOPASSWD: ALL

At first I thought that it could be simplified by simply adding the admin user
to the sudoer group, however this does not work as the admin user does not have
a password, and by default, sudo will ask for one to the members of the sudo
group:

%sudo	ALL=(ALL:ALL) ALL

However, I note that in Ubuntu, a password is not asked, despite that the
configuration is very similar (using the group admin instead of sudo).

%admin ALL=(ALL) ALL

Does anybody know how to allow passwordless access to the members of the sudo
group without modifying /etc/sudoers ?  This would simplify the interactive
upgrades of our virtual machines.

Have a nice Sunday,

-- 
Charles Plessy
Tsurumi, Kanagawa, Japan

Reply to:

Follow-Ups:
- Bug#697490: Passwordless sudo without modifying /etc/sudoers ?
  - From: "Chris Fordham" <chris.fordham@rightscale.com>

Prev by Date: Bug#694035: JSON based API to query available AMIs
Next by Date: Bug#697490: Passwordless sudo without modifying /etc/sudoers ?
Previous by thread: Bug#694035: JSON based API to query available AMIs
Next by thread: Bug#697490: Passwordless sudo without modifying /etc/sudoers ?
Index(es):
- Date
- Thread