3

I’m using Ubuntu 14.04. I have this in my /etc/sudoers file

Defaults        env_reset
Defaults        mail_badpass
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

# Host alias specification

# User alias specification

# Cmnd alias specification

# User privilege specification
root    ALL=(ALL:ALL) ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL
%deployers ALL=(ALL) ALL

rails ALL = NOPASSWD: /usr/local/rvm/gems/ruby-2.3.0/bin/bundle, /usr/local/rvm/rubies/ruby-2.3.0/bin/ruby, /usr/local/rvm/gems/ruby-2.3.0/bin/rake, /usr/bin/service, /sbin/   restart

# Allow members of group sudo to execute any command
%sudo   ALL=(ALL:ALL) ALL

I thought including the above command (the one with “NOPASSWD”) would prevent getting prompted for a password, but after I reboot my system and login as my “rails” user, note I’m still getting asked for a password when running sudo …

rails@mymachine:~$ sudo rake db:migrate
[sudo] password for rails: 
rails@mymachine:~$ which rake
/usr/local/rvm/gems/ruby-2.3.0/bin/rake

What do I need to do so I’m not prompted for a password when running the “rake” command (and other commands I listed)?

Jeff Schaller
  • 67,283
  • 35
  • 116
  • 255
Dave
  • 2,548

1 Answers1

2

sudo resets your environment by default, so it won't search your $PATH. So it might be trying to run a system-default version of ruby instead of the one listed. In particular the $PATH seen by sudo is given in your sudoers file:

secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

Try using sudo -E to preserve your environment or use the fully-qualified pathname for ruby, or add the paths to secure_path, before the ones given.

Chris
  • 1,539