diff --git a/src/etc/one-context.d/loc-20-set-username-password b/src/etc/one-context.d/loc-20-set-username-password
index 89fbb27..d2a196f 100755
--- a/src/etc/one-context.d/loc-20-set-username-password
+++ b/src/etc/one-context.d/loc-20-set-username-password
@@ -24,6 +24,13 @@ if ! getent passwd "${USERNAME}" > /dev/null 2>&1; then
     useradd -m "${USERNAME}"
 fi
 
+if [ "${GRANT_SUDO}" == "YES" -a "${USERNAME}" != "root" ]; then
+    if [ ! -f /etc/sudoers.d/${USERNAME} ]; then
+        echo "${USERNAME} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${USERNAME}
+        chmod 644 /etc/sudoers.d/${USERNAME}
+    fi
+fi
+
 if [ -n "${CRYPTED_PASSWORD_BASE64}" ]; then
     CRYPTED_PASSWORD=$(echo $CRYPTED_PASSWORD_BASE64 | base64 -d)
     usermod -p "${CRYPTED_PASSWORD}" "${USERNAME}"