Sudoers NOPASSWD option not working

boredsquirrel · March 20, 2023, 8:40am

are both things needed? the Group and the polkit rule?

vgaetera · March 20, 2023, 2:01pm

The group should be created automatically by the package libvirt-daemon.

boredsquirrel · March 20, 2023, 8:35pm

Yes the group is created, but the user has to be added to it. It had no effect on the password prompt for me though. So I wonder if just allowing the commands for all wheel users would be enough to avoid them.

vgaetera · March 20, 2023, 8:49pm

A new group membership requires to terminate all active user processes or just reboot:

sudo loginctl terminate-user ${USER}
sudo pkill -9 -u ${USER}
sudo reboot

Logout is often not enough as it only sends a graceful termination signal ignored by some processes unless the option KillUserProcesses is enabled.

boredsquirrel · March 22, 2023, 3:26pm

I made a small script automatically creating Polkit rules, as the process is tedious. What do you think of it?

vgaetera · March 22, 2023, 3:56pm

You can optimize the code to look like this:
Fedora 37 - Can't have wifi properly working - Realtek 8821CE - #7 by vgaetera

Topic		Replies	Views
Firewall-cmd question Ask Fedora f39 , workstation	2	23510	January 18, 2024
Polkit errors: not authorized Ask Fedora f37 , kde , wayland , polkit , kinoite , silverblue	15	1154	April 2, 2023
Sudo password entry using gnome password prompt Ask Fedora gnome	4	675	January 3, 2022
Fixing nonwheel user accounts Ask Fedora kde , system-config-users , flatpak , security , f39	3	164	January 13, 2024
Polkit.service start fails Ask Fedora f37	1	495	August 17, 2023

Sudoers NOPASSWD option not working

Related Topics