-2

I am trying to enable passwordless sudo for updating yum on a RHEL box. I have the following line in sudo visudo.

myuser ALL=(ALL) NOPASSWD: /usr/bin/yum update

After doing this under myuser I am still unable to update yum without giving my sudo password.

  • /usr/bin/env sudo yum -y update
  • sudo yum -y update

The reason why I need this done is because in Capistrano 3 it says this is the best way. It does not seem to allow a prompt of sudo anymore.

Cristian Ciupitu
  • 6,226
  • 2
  • 41
  • 55
wallerjake
  • 135
  • 5
  • possible duplicate of [How to setup passwordless \`sudo\` on Linux?](http://serverfault.com/questions/160581/how-to-setup-passwordless-sudo-on-linux) – Dennis Nolte Aug 06 '14 at 07:25
  • It's not a duplicate as it's a different problem. The problem there does not reference the need to have the extra parameter in the sudoers file. I thought it would automatically pick that up and know about it. – wallerjake Aug 06 '14 at 15:24
  • @wallerjake, I've changed the **redhat** tag with **rhel6**, as [**redhat**](http://serverfault.com/questions/tagged/redhat) is way too generic. If you're using a different version, please update the tags accordingly. – Cristian Ciupitu Aug 06 '14 at 22:45

3 Answers3

7

Actually, the command string listed in the sudoers is requiring to be the exact match.

In your example, you put the command string /usr/bin/yum update in the sudoers configuration line, but the command you finally executes is yum -y update. (the difference is the extra parameter -y).

Then, the mismatch in command string caused the sudoers failed to hit the designed definition.

So, the following ways are my suggestion to rectify the problem:

  1. use the command string /usr/bin/yum -y update when you setting the sudoer configuration, or

  2. use the command string /usr/bin/yum (no parameter in there).

Cristian Ciupitu
  • 6,226
  • 2
  • 41
  • 55
YLW
  • 151
  • 4
1

Try:

Cmnd_Alias YUM = /usr/bin/yum

user ALL=(ALL) NOPASSWD: YUM

dmourati
  • 24,720
  • 2
  • 40
  • 69
  • You might also have to comment out the requiretty setting: "Defaults requiretty" if you are using SSH. – dmourati Aug 05 '14 at 22:41
1

Check if you have the following in your sudoers file :

%sudo   ALL=(ALL:ALL) ALL

If yes, try to comment it :

#%sudo   ALL=(ALL:ALL) ALL
krisFR
  • 12,830
  • 3
  • 31
  • 40