Why is sudo command asking for root password in RHEL/CentOs 6 / RHEL/CentOS 7?

Follow the below link to get an overview of the syntax used in the sudoers file

Understanding Syntax, Aliases, Variables used in sudoers file with examples

In this blog I will try to keep my self strictly to the point of issue. You might have noticed that at times when you try to execute a command using sudo user it prompts for root password.

 

Solution:

For Red Hat 6 and older variants:

You can see the below line in your /etc/sudoers file

Defaults targetpw
[deepak@golinuxhub ~]$ sudo /etc/init.d/sshd restart
[sudo] password for root:

As per this configuration ask for the password of the target user i.e. root.

To fix this comment out this line
# visudo
# Defaults targetpw

Save and exit the file

Now the sudo will prompt for the password of the respective user

[deepak@golinuxhub ~]$ sudo /etc/init.d/sshd restart
[sudo] password for deepak:

 

For Red Hat 7

For disabling the root authentication prompt create /etc/polkit-1/localauthority/50-local.d/disable-passwords.pkla with below contents:

[description]
Identity=unix-user:username
Action=*
ResultActive=yes

Replace the variable highlighted with blue suitable to your requirement

For example:

[GoLinuxHub]
Identity=unix-user:deepak
Action=*
ResultActive=yes

Now you can re-run the sudo command as normal user, it should prompt you for the target user password

 

1 thought on “Why is sudo command asking for root password in RHEL/CentOs 6 / RHEL/CentOS 7?”

Leave a Comment