On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
Well I verified that putting the following line in /etc/sudoers works
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However if I put it in /etc/sudoers.d/zabbix-puppet it does not. Exact same spacing and everything.
The file was created with Puppet , and based on these errors I'm at a loss...
I check the syntax, it fails
# visudo -c -f /etc/sudoers.d/zabbix-puppet
/etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
parse error in /etc/sudoers.d/zabbix-puppet near line 0
I then open the file with visudo, make absoltely no changes, just ":q" out, still get error.
# visudo -f /etc/sudoers.d/zabbix-puppet
/etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
Then if I run the syntax check again it passes. However I still can't run the command without password prompt.
# visudo -c -f /etc/sudoers.d/zabbix-puppet /etc/sudoers.d/zabbix-puppet: parsed OK
The files permissions are correct as specified by sudoers documentation on #includedir
---- probably should ask on the puppet list since using an includedir function would be far more likely with puppet where most people would just tack on their edits to /etc/sudoers directly.
I am sort of interested in your solution by the way (I am on the puppet list too) because I use puppet but so far, only on Ubuntu and it appears that our CentOS systems will eventually be phased out.
by the way, I have seen the same sort of spookiness about syntax errors created by visudo on Ubuntu 10.04 on perfectly valid edits. Had me scratching my head too. I used to always just use emacs to edit the file but at work, I try to play by the conventions.
Craig