-
-
Save beddari/1472018 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
# Script for placing sudoers.d files with syntax-checking | |
if [ -z "$1" ]; then | |
# Making a temporary file to contain the sudoers-changes to be pre-checked | |
TMP=$(mktemp) | |
cat > $TMP <<EOF | |
Cmnd_Alias VAGRANT_EXPORTS_ADD = /bin/su root -c echo '*' >> /etc/exports | |
Cmnd_Alias VAGRANT_NFSD = /etc/init.d/nfs-kernel-server restart | |
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /bin/sed -e /*/ d -ibak /etc/exports | |
%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE | |
EOF | |
# Check if the changes we want are OK | |
visudo -c -f $TMP | |
if [ $? -eq 0 ]; then | |
# This computes! Starting up visudo with this script as first parameter | |
export EDITOR=$0 && export FILE_OK=$TMP && sudo -E visudo -f /etc/sudoers.d/vagrant_sudoers | |
fi | |
else | |
# Copying changes to the visudo-managed tmp-file | |
cat $FILE_OK | tee -a $1 | |
rm -f $FILE_OK | |
fi | |
# Exiting, visudo will check syntax again (which we already know is OK) |
give adding this a shot when you edit with visudo:
%admin ALL=(root) NOPASSWD: /etc/init.d/nfs-kernel-server restart
@benbor you can fix that by replacing line 6 with this:
TMP=$(mktemp $TMPDIR/$(uuidgen))
How is this supposed to work? EDITOR=$0 causes:
visudo: specified editor (install_vagrant_sudoers.sh) doesn't exist
I can replace $0 with vim but I then get an empty vim shell. I'm trying to use on CentOS7.
So I replace $0 with /usr/bin/vim. Then in vim I :r /tmp/tmp.84SDwQ834
or whatever $TMP is and :wq
and now I get /etc/sudoer.d/vagrant_sudoers
. However, I still get prompted for sudo with everything.
I'm a bit new to Vagrant so I welcome some tips.
I am also using libvirt. This ended up being the solution:
# Enable passwordless libvirt pkaction --verbose --action-id org.libvirt.unix.manage sudo tee /etc/polkit-1/localauthority/50-local.d/50-org.libvirt-access.pkla << 'EOF' [libvirt Admin Access] Identity=unix-group:virt Action=org.libvirt.unix.manage ResultAny=yes ResultInactive=yes ResultActive=yes EOF sudo groupadd virt sudo usermod -aG virt $USER tee -a ~/.bash_aliases << 'EOF' if test -x `type -p virsh`; then export LIBVIRT_DEFAULT_URI=qemu:///system fi EOF
Hmm, for some reason I still get repeated password prompts for vagrant after running this script.
I'm using macOS Sierra.
@beddari, hi
Unfortunately, it doesn't work for MacOS Maveriks:(