-2

I am trying to enable passwordless sudo for updating yum on a RHEL box. I have the following line in sudo visudo.

myuser ALL=(ALL) NOPASSWD: /usr/bin/yum update

After doing this under myuser I am still unable to update yum without giving my sudo password.

  • /usr/bin/env sudo yum -y update
  • sudo yum -y update

The reason why I need this done is because in Capistrano 3 it says this is the best way. It does not seem to allow a prompt of sudo anymore.

Cristian Ciupitu
  • 6,432
Jacob Waller
  • 135
  • 5

3 Answers3

8

Actually, the command string listed in the sudoers is requiring to be the exact match.

In your example, you put the command string /usr/bin/yum update in the sudoers configuration line, but the command you finally executes is yum -y update. (the difference is the extra parameter -y).

Then, the mismatch in command string caused the sudoers failed to hit the designed definition.

So, the following ways are my suggestion to rectify the problem:

  1. use the command string /usr/bin/yum -y update when you setting the sudoer configuration, or

  2. use the command string /usr/bin/yum (no parameter in there).

Cristian Ciupitu
  • 6,432
YLW
  • 161
1

Try:

Cmnd_Alias YUM = /usr/bin/yum

user ALL=(ALL) NOPASSWD: YUM

dmourati
  • 25,870
  • You might also have to comment out the requiretty setting: "Defaults requiretty" if you are using SSH. – dmourati Aug 05 '14 at 22:41
1

Check if you have the following in your sudoers file :

%sudo   ALL=(ALL:ALL) ALL

If yes, try to comment it :

#%sudo   ALL=(ALL:ALL) ALL
krisFR
  • 13,500