sudoers: how to disable requiretty per user

You said that you want one particular user to not require a tty. That’s the default behavior. Nevertheless, you can explicitly set that like this: Defaults:username !requiretty If you want everyone else to require a tty, then you’ll have to uncommment the line.

Log all commands run by admins on production servers

Update: 2 more things that have popped up in the comments and in follow-up questions: Using auditd this way will dramatically increase your log volume, especially if the system is heavily in use via commandline. Adjust your log retention policy. Auditd logs on the host where they are created are just as secure as other … Read more

ssh-agent forwarding and sudo to another user

As you mentioned, the environment variables are removed by sudo, for security reasons. But fortunately sudo is quite configurable: you can tell it precisely which environment variables you want to keep thanks to the env_keep configuration option in /etc/sudoers. For agent forwarding, you need to keep the SSH_AUTH_SOCK environment variable. To do so, simply edit … Read more

How to setup passwordless `sudo` on Linux?

EDIT thanks to medina’s comment: According to the man page, you should be able to write ALL ALL = (ALL) NOPASSWD: ALL to allow all users to run all commands without a password. For reference, I’m leaving my previous answer: If you add a line of the form %wheel ALL = (ALL) NOPASSWD: ALL to … Read more

ERROR: While executing gem … (Gem::FilePermissionError)

I have checked all the other similar answers and none was exactly like mine, neither did any of those solutions work for me. gem environment and sudo gem environment give the same result: rvm -v : rvm 1.22.3 ruby -v : ruby 1.8.7 OSX 10.8.4 echo $PATH /usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:/home/ava/.rvm/bin:/home/ava/bin gem install <gem-name> gives whereas I am … Read more