Ubuntu – How to run an application using sudo without a password

authenticationsudo

… but still be required for applications that need admin privilegies?

In order to allow the following:

$ apache2ctl restart
httpd not running, trying to start
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs

$ sudo !!
sudo apache2ctl restart             #no password asked
$                                   #works!

For reference I've seen this setup on amazon's e3 instances

Any idea?

Best Answer

  • You need to edit the sudoers file. Be advised that success gives you a less secure system and failure can break sudo. ALWAYS edit the sudoers file with sudo visudo , as visudo checks for errors and will not save the file if any are found.

    It's a bad idea to give everything permission to run as root without a password, so to just let through the one executable you need(apache2ctl); append the following to the very bottom of the file:

    YOURNAME ALL = NOPASSWD: /usr/bin/apache2ctl
    

    You can replace the path to an executable with "ALL" if you choose, giving you complete passwordless sudo.

    Replace YOURNAME with your username and press Ctrl + X to save and exit. If an error occurred, it will offer to revert, edit, or save anyway.

    Be sure that you use the full path to an executable:
    ie. /usr/bin/apache2ctl instead of just apache2ctl. This is important because without explicitly stating the path sudo will allow any program named apachectl on the user's current path to run as root.