To configure the behaviour of sudo we need to edit the /etc/sudoers file.
If you make a mistake in the sudoers file and save that mistake you can lock
yourself out of sudo making it difficult to fix. For this reason we always
use the visudo command to safely edit a sudoers file.
sudo visudo
The configuration lines below will ensure drop-in configuration files are read and that your password entry is cached.
Append the following lines to the end of the file.
##
# Password timestamp specification
##
## The number of minutes before asking for a password again.
Defaults timestamp_timeout=5
## Disable per-tty timestamp separation.
## Keep one password timestamp for multiple terminal windows.
Defaults !tty_tickets
##
# Drop-in files.
##
## Read drop-in files from /private/etc/sudoers.d
## (the '#' here does not indicate a comment).
#includedir /private/etc/sudoers.d
When you install a new command that asks for a password you may want to log the
shell commands it executes with sudo to work out how to configure it to be
Passwordless. To turn on logging to a specific log file, rather than say the
system logs, add the following lines to a sudoers file.
##
# Logging specification
##
Defaults log_host, log_year, logfile="/var/log/sudo.log"
To allow vagrant to automatically update macOS/BSD system files without asking for a password (sudo), create a new drop-in config sudoers file.
sudo visudo -f /etc/sudoers.d/macos-sudoers-vagrant-plugin
Copy in the Passwordless sudo configuration attached for each vagrant plugin or feature. References for each are below:
- vagrant-hostmanager https://github.com/devopsgroup-io/vagrant-hostmanager#readme
- vagrant-hostsupdater https://github.com/cogitatio/vagrant-hostsupdater#readme
- vagrant synced-folders https://www.vagrantup.com/docs/synced-folders/nfs.html