diff --git a/tasks/main.yml b/tasks/main.yml
index a23a6a1..f6e6a0b 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -15,6 +15,7 @@
 - include_tasks: time.yml
 - include_tasks: usergroup.yml
 - include_tasks: ssh.yml
+- include_tasks: sudoers.yml
 - include_tasks: pacman.yml
   when: ansible_facts['os_family'] == "Archlinux"
 - include_tasks: firewalld.yml
diff --git a/tasks/sudoers.yml b/tasks/sudoers.yml
index e69de29..98ec62b 100644
--- a/tasks/sudoers.yml
+++ b/tasks/sudoers.yml
@@ -0,0 +1,15 @@
+- name: set sudoers right
+  lineinfile:
+    dest: "/etc/sudoers.d/{{user.name}}"
+    regexp: "{{ item.regexp }}"
+    line: "{{ item.line }}"
+    state: "present"
+    create: True
+    owner: "root"
+    group: "root"
+    mode: "0440"
+    validate: 'visudo -cf "%s"'
+  with_items:
+    - regexp: '^{{user.name}}\s'
+      line: "{{user.name}} ALL = (ALL) NOPASSWD:ALL"
+  become: True