If you’re an administrator of a computer with multiple users, it can be a hassle having to give permission to certain users to perform tasks above what their user privileges would normally grant them. For instance, maybe a user wants to be able to install programs from the Terminal or via the Synaptic package manager. Using “dpkg” or “apt-get” or “synaptic” from the Terminal all require Administrator privileges, which normal (non-Administrator) users don’t have.
Instead of the Administrator being required to grant privileges each time it is requested, it’s possible to allow certain users to use certain programs without requiring a password. This doesn’t mean a typical user can do any task requiring a root password, but simply those he or she is authorized. How do we do this? We simply edit a particular file.
First, open up the Terminal.
Now type sudo visudo.
You’ll be asked to enter your password.
We’ll be entering all of our edits at the end of the file, so scroll all the way to the bottom. You should now see something similar to this.
To allow a user to run a certain program as root without a password, you’ll need that person’s username, as well as the path to the program’s binary.
Let’s say we want a user named “ericcflem” to be able to install programs using “apt-get” but don’t want to make “ericcflem” a full Administrator. We can allow “username” access to “apt-get” and only “apt-get” by typing ericcflem ALL = NOPASSWD: /usr/bin/apt-get at the end of the file, as shown below.
Now simply hit Ctrl-x to close the program, then hit y when you see this prompt. This tells the computer to save your changes (typing n would tell it you don’t wish your changes to be saved).
You will then be asked (in the following prompt), to type a name and location for the saved file.
Simply hit the Enter key, which will save the file with the same name and location as the original.
In our example, we chose our own username to be the one able to run “apt-get” without entering a password, as it’s our personal computer, and not having to enter a password saves time. To see that it worked, we decided to install a program (in this case we installed gPodder, a podcast client) via the Terminal, by using the sudo apt-get install gpodder command.
As you can see in the following screenshot, we were never asked for a password.
Success! Obviously, giving any random user the power to perform potentially dangerous tasks is something you won’t want to do without serious thought. However, for some users, or for some tasks, this should be an easy way to make certain tasks just a bit more convenient.