NOPASSWD for yum

Latest response

If I have a user (me) in the sudoers as:

user1 ALL=(ALL) ALL

Is it possible to also enter:

user1 ALL=(ALL) NOPASSWD: /usr/bin/yum *

The end result is that the user can still run root commands with a password prompt but run yum without a password prompt.
Is this possible?
I just tested it and it does not seem to work, unless I am doing something wrong. I also want to be able to run yum update with options too (yum -y update).

Responses

Yes, that is possible. If you don't want to limit the command options at all, leave out the asterisk. Specifying just the command name will allow running that command with any (or no) options.

To explicitly specify that a particular command is allowed only without any options, the syntax is:

user1 ALL=(ALL) /command/with/no/options ""

Also, the ordering of sudoers lines matters: place the more specific lines (e.g. with the NOPASSWD: option) after the generic "user1 ALL=(ALL) ALL" line.

Run "sudo -l -U user1" as root to see how sudo interprets your current configuration for user1: I've caught several mistakes this way.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.