diff --git a/linux-sudo-bypass-password.md b/linux-sudo-bypass-password.md
new file mode 100644
index 0000000..05b024a
--- /dev/null
+++ b/linux-sudo-bypass-password.md
@@ -0,0 +1,8 @@
+You can configure sudo not to require a password for specific commands, by adding a sudoers rule with the NOPASSWD: tag. Note that NOPASSWD rules must come after non-NOPASSWD rules that match the same command.
+
+```
+%admin: ALL = (ALL:ALL) ALL
+%admin: ALL = (root) NOPASSWD: apt-get
+```
+
+Note that allowing apt-get is as dangerous as allowing any command, since the caller could pass options that cause apt-get to download packages from sources that they specify, that cause it to invoke hooks that they specify, etc.