Note on sudo.
Last matching rule is used
When you issue a command via sudo, it will run through /etc/sudoers for all rules that match and then apply the last one that matches.
For example, I wanted steph to be able to shut down the computer without a password, so I used this in my sudoers file:
steph ALL=(ALL) NOPASSWD: /sbin/shutdown *
# Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL
Because steph is in the wheel group, both rules match but the last one is used, so steph has to use a password even when running the shutdown command.