[CentOS] Sudo #includedir function ignored CentOS 6

Tue Aug 2 20:31:13 UTC 2011
Trey Dockendorf <treydock at gmail.com>

On Wed, Jul 27, 2011 at 7:39 AM, Craig White <craigwhite at azapple.com> wrote:

> On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
> > Well I verified that putting the following line in /etc/sudoers works
> >
> >
> > zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
> >
> >
> > However if I put it in /etc/sudoers.d/zabbix-puppet it does not.
> >  Exact same spacing and everything.
> >
> >
> > The file was created with Puppet , and based on these errors I'm at a
> > loss...
> >
> >
> > I check the syntax, it fails
> >
> >
> > # visudo -c -f /etc/sudoers.d/zabbix-puppet
> > >>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
> > parse error in /etc/sudoers.d/zabbix-puppet near line 0
> >
> >
> > I then open the file with visudo, make absoltely no changes, just ":q"
> > out, still get error.
> >
> >
> > # visudo -f /etc/sudoers.d/zabbix-puppet
> > >>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
> >
> >
> > Then if I run the syntax check again it passes.  However I still can't
> > run the command without password prompt.
> >
> >
> > # visudo -c -f /etc/sudoers.d/zabbix-puppet
> > /etc/sudoers.d/zabbix-puppet: parsed OK
> >
> >
> > The files permissions are correct as specified by sudoers
> > documentation on #includedir
> ----
> probably should ask on the puppet list since using an includedir
> function would be far more likely with puppet where most people would
> just tack on their edits to /etc/sudoers directly.
>
> I am sort of interested in your solution by the way (I am on the puppet
> list too) because I use puppet but so far, only on Ubuntu and it appears
> that our CentOS systems will eventually be phased out.
>
> by the way, I have seen the same sort of spookiness about syntax errors
> created by visudo on Ubuntu 10.04 on perfectly valid edits. Had me
> scratching my head too. I used to always just use emacs to edit the file
> but at work, I try to play by the conventions.
>
> Craig
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Craig,

I got things working...I posted my module on github if your interested ,
https://github.com/treydock/puppet-sudo .  Was two problems.  First was
can't have quotations around the #includedir path, second was that puppet
wasn't puppeting a new line character in the file when using the "content"
approach (see modules note).

- Trey
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110802/b6e177a8/attachment-0003.html>