Because I “own” most of my systems, here’s one of the things I do almost at the start of a new build :
And set “NOPASSWD” e.g. my username is “dan” :
dan ALL=(NOPASSWD): ALL
But - the GUI escalated privileges application I believe is gksu (not sudo) and it doesn’t read the “NOPASSWD” entries in /etc/sudoers, but I believe it must read /etc/sudoers or something (or else the installer does some trickery with pam files in /etc/pam.d/ ) otherwise it wouldn’t let you escalate.
Fortunately for me - there are VERY few things I do in the GUI that need escalated privileges, 95% of stuff I do - I do from the shell in a terminal, or on the console…
Just about the only time I ever need to type my password again, is when gnome prompts me for my keyring (i.e. my user password if I’ve got autologin enabled), and sometimes when I used “Software and Updates” to do stuff (like remove PPA’s I foolishly added), or to install “Additional Drivers” - but 90% of software installation and removal I do from command line, e.g. apt install, apt purge, dpkg -i $package_file.deb.
There’s also a bunch of servers I support where I’ve set “NOPASSWD” in sudoers for my account - this is because the customer does not have any configuration management in place (e.g. no puppet or ansible) - so to automate stuff I write single liner for loops to ssh to all these servers and sudo to change things (usually backup the file to be changed as part of the loop) - because I’m not about to write an expect script to do that…