Allow users of a certain group to run a command without sudo passwd

Time to time I usually find myself typing sudo to execute commands requiring sudo rights, and this is repetitive which simply means one gets weary of typing sudo password every time, hence this blog post. Reason for this is to remind me how to do it the next time I am faced with such conundrum(s).

Suppose I wanted to add a group of users who are allowed to run mount and umount without passwords. So I first want to add a group called “staff”

sudo groupadd staff

Next we need to edit the /etc/group and add the users


will be present ,hence append users you want to add the users separated by commas.


Now we need to configure sudo to allow members of the “staff” group to actually invoke the mount and umount commands.

You just need to add the following lines to /etc/sudoers or execute sudo visudo

%staff ALL=NOPASSWD: /sbin/mount, /sbin/umount

Now sudo mount won’t ask password but since it is a pain in the butt typing sudo all the time, we can avoid it by doing the following:

I can create the following script called “/usr/bin/mount” (and similar script for umount)

#! /bin/sh
sudo /sbin/mount $*

To make this slightly more secure, We might want to change the ownership of these scripts to the “staff” group.

chgrp staff /usr/bin/mount /usr/bin/umount

and then make them executable only for the group “staff”

chmod g+x /usr/bin/mount  /usr/bin/umount

Note:Depending on the OS you are using please check where mount and umount commands are located. It might be in /bin/ instead of /sbin.
So you might have to make necessary changes




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s