For the past few days, I was having trouble with sudo on my Arch Linux machine.
The problem was that sudo was asking me to enter my password even for the commands I was using with the NOPASSWD directive.
Searching the Arch forums, bug tracker, mailing list etc., yielded no hint about this problem.
Then I checked if the sudo or pam packages were updated recently. Nope, the problem started occuring much later after they were updated.
Scratching my head, I fired up:
as well as:
# man sudoers
and started verifying the entries in my
/etc/sudoers file line-by-line. I couldn't find any problem with any of the entries and no sudo options had been changed upstream.
Then I started scanning the
Cmnd_Alias lines in my sudoers file and started trying each of the commands specified there one-by-one. Surprisingly, some commands worked without asking for the password, while some still kept asking for one.
Then it struck me. I realized that since the Arch Linux developers are finalising the /usr move, the binaries for most packages have been moved to
This is what had caused the problem to occur in my case too.
Hardcoded paths were the culprit
In my sudoers file, the commands specified next to the
Cmnd_Alias directive had hardcoded paths. The commands giving me trouble were the ones whose binaries had been affected by the /usr move. Fixing the paths made the problem go away.
The Arch Linux devs have specified instructions for the /usr move, but they pertain to upgrading the system. In any case, they cannot cover all use cases. I am sure many people will start facing this and similar unexpected problems with the /usr move. But that's the price you pay for using a Rolling Release distribution.