Re: Sudo #includedir function ignored CentOS 6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]





On Wed, Jul 27, 2011 at 7:39 AM, Craig White <craigwhite@xxxxxxxxxxx> wrote:
On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
> Well I verified that putting the following line in /etc/sudoers works
>
>
> zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
>
>
> However if I put it in /etc/sudoers.d/zabbix-puppet it does not.
>  Exact same spacing and everything.
>
>
> The file was created with Puppet , and based on these errors I'm at a
> loss...
>
>
> I check the syntax, it fails
>
>
> # visudo -c -f /etc/sudoers.d/zabbix-puppet
> >>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
> parse error in /etc/sudoers.d/zabbix-puppet near line 0
>
>
> I then open the file with visudo, make absoltely no changes, just ":q"
> out, still get error.
>
>
> # visudo -f /etc/sudoers.d/zabbix-puppet
> >>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
>
>
> Then if I run the syntax check again it passes.  However I still can't
> run the command without password prompt.
>
>
> # visudo -c -f /etc/sudoers.d/zabbix-puppet
> /etc/sudoers.d/zabbix-puppet: parsed OK
>
>
> The files permissions are correct as specified by sudoers
> documentation on #includedir
----
probably should ask on the puppet list since using an includedir
function would be far more likely with puppet where most people would
just tack on their edits to /etc/sudoers directly.

I am sort of interested in your solution by the way (I am on the puppet
list too) because I use puppet but so far, only on Ubuntu and it appears
that our CentOS systems will eventually be phased out.

by the way, I have seen the same sort of spookiness about syntax errors
created by visudo on Ubuntu 10.04 on perfectly valid edits. Had me
scratching my head too. I used to always just use emacs to edit the file
but at work, I try to play by the conventions.

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


Craig,

I got things working...I posted my module on github if your interested , https://github.com/treydock/puppet-sudo .  Was two problems.  First was can't have quotations around the #includedir path, second was that puppet wasn't puppeting a new line character in the file when using the "content" approach (see modules note).

- Trey
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux