ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Solved Scripted visudo updates

    IT Discussion
    sed visudo apple unix terminal shell zsh
    4
    16
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stacksofplatesS
      stacksofplates @DustinB3403
      last edited by

      @DustinB3403 said in Scripted visudo updates:

      @stacksofplates said in Scripted visudo updates:

      Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

      So would I simply drop a file with my Cmnd_Alias and users there?

      Sorry (just looking to see an example)

      Here's an example. The file could be called dustin:

      dustin     ALL=(ALL) NOPASSWD: ALL
      
      DustinB3403D 1 Reply Last reply Reply Quote 1
      • stacksofplatesS
        stacksofplates
        last edited by

        So you prob have more complicated sudo rules than that but you get the point.

        1 Reply Last reply Reply Quote 0
        • DustinB3403D
          DustinB3403 @stacksofplates
          last edited by

          @stacksofplates said in Scripted visudo updates:

          @DustinB3403 said in Scripted visudo updates:

          @stacksofplates said in Scripted visudo updates:

          Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

          So would I simply drop a file with my Cmnd_Alias and users there?

          Sorry (just looking to see an example)

          Here's an example. The file could be called dustin:

          dustin     ALL=(ALL) NOPASSWD: ALL
          

          Gotcha, so yeah I'd just setup a touch and vi process to add a file to that location with my permissions.

          Thanks for the clarity.

          IRJI 1 Reply Last reply Reply Quote 1
          • IRJI
            IRJ @DustinB3403
            last edited by IRJ

            @DustinB3403 said in Scripted visudo updates:

            @stacksofplates said in Scripted visudo updates:

            @DustinB3403 said in Scripted visudo updates:

            @stacksofplates said in Scripted visudo updates:

            Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

            So would I simply drop a file with my Cmnd_Alias and users there?

            Sorry (just looking to see an example)

            Here's an example. The file could be called dustin:

            dustin     ALL=(ALL) NOPASSWD: ALL
            

            Gotcha, so yeah I'd just setup a touch and vi process to add a file to that location with my permissions.

            Thanks for the clarity.

            use cat instead of vi to automatically write the file

            cat > /etc/sudoers.d/dustin <<\EOF
            dustin     ALL=(ALL) NOPASSWD: ALL
            EOF
            scottalanmillerS stacksofplatesS 2 Replies Last reply Reply Quote 1
            • scottalanmillerS
              scottalanmiller @IRJ
              last edited by

              @IRJ said in Scripted visudo updates:

              @DustinB3403 said in Scripted visudo updates:

              @stacksofplates said in Scripted visudo updates:

              @DustinB3403 said in Scripted visudo updates:

              @stacksofplates said in Scripted visudo updates:

              Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

              So would I simply drop a file with my Cmnd_Alias and users there?

              Sorry (just looking to see an example)

              Here's an example. The file could be called dustin:

              dustin     ALL=(ALL) NOPASSWD: ALL
              

              Gotcha, so yeah I'd just setup a touch and vi process to add a file to that location with my permissions.

              Thanks for the clarity.

              use cat instead of vi to automatically write the file

              cat > /etc/sudoers.d/dustin <<\EOF
              dustin     ALL=(ALL) NOPASSWD: ALL
              EOF
              

              Or just use SED to modify it.

              IRJI 1 Reply Last reply Reply Quote 0
              • IRJI
                IRJ @scottalanmiller
                last edited by

                @scottalanmiller said in Scripted visudo updates:

                @IRJ said in Scripted visudo updates:

                @DustinB3403 said in Scripted visudo updates:

                @stacksofplates said in Scripted visudo updates:

                @DustinB3403 said in Scripted visudo updates:

                @stacksofplates said in Scripted visudo updates:

                Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

                So would I simply drop a file with my Cmnd_Alias and users there?

                Sorry (just looking to see an example)

                Here's an example. The file could be called dustin:

                dustin     ALL=(ALL) NOPASSWD: ALL
                

                Gotcha, so yeah I'd just setup a touch and vi process to add a file to that location with my permissions.

                Thanks for the clarity.

                use cat instead of vi to automatically write the file

                cat > /etc/sudoers.d/dustin <<\EOF
                dustin     ALL=(ALL) NOPASSWD: ALL
                EOF
                

                Or just use SED to modify it.

                He is creating a new file, but yeah if he was just adding to /etc/sudoers

                1 Reply Last reply Reply Quote 0
                • DustinB3403D
                  DustinB3403
                  last edited by

                  So no matter how I set up this file, when I go and test it, I'm getting syntax issues.

                  Definitely going to keep working on this, but need some food.

                  1 Reply Last reply Reply Quote 0
                  • DustinB3403D
                    DustinB3403
                    last edited by

                    Well I managed to get the file created, I had to use visudo to create a custom file with my edits.

                    I'm testing it now to see if everything works.

                    stacksofplatesS 1 Reply Last reply Reply Quote 0
                    • stacksofplatesS
                      stacksofplates @IRJ
                      last edited by

                      @IRJ said in Scripted visudo updates:

                      @DustinB3403 said in Scripted visudo updates:

                      @stacksofplates said in Scripted visudo updates:

                      @DustinB3403 said in Scripted visudo updates:

                      @stacksofplates said in Scripted visudo updates:

                      Just drop in a file with the sudo permissions there. A good convention is to name the file the user/group name and then put the user or group in the file with the permissions. It should be picked up by the system then. That's just the dump directory for configs so you don't have to edit /etc/sudoers

                      So would I simply drop a file with my Cmnd_Alias and users there?

                      Sorry (just looking to see an example)

                      Here's an example. The file could be called dustin:

                      dustin     ALL=(ALL) NOPASSWD: ALL
                      

                      Gotcha, so yeah I'd just setup a touch and vi process to add a file to that location with my permissions.

                      Thanks for the clarity.

                      use cat instead of vi to automatically write the file

                      cat > /etc/sudoers.d/dustin <<\EOF
                      dustin     ALL=(ALL) NOPASSWD: ALL
                      EOF
                      

                      Or set up a template in your automation 😉

                      1 Reply Last reply Reply Quote 0
                      • stacksofplatesS
                        stacksofplates @DustinB3403
                        last edited by

                        @DustinB3403 said in Scripted visudo updates:

                        Well I managed to get the file created, I had to use visudo to create a custom file with my edits.

                        I'm testing it now to see if everything works.

                        Really? It doesn't let you just sudo a file in the dump directory? I wonder how they are enforcing that?

                        DustinB3403D 1 Reply Last reply Reply Quote 0
                        • DustinB3403D
                          DustinB3403 @stacksofplates
                          last edited by

                          @stacksofplates said in Scripted visudo updates:

                          @DustinB3403 said in Scripted visudo updates:

                          Well I managed to get the file created, I had to use visudo to create a custom file with my edits.

                          I'm testing it now to see if everything works.

                          Really? It doesn't let you just sudo a file in the dump directory? I wonder how they are enforcing that?

                          Yeah, not sure why it was having a hissy fit over it, but I've got a good working custom sudoer.d/god file now that can be used for what I have, and I can simply cp that into the appropriate folder and reset the perms on it (if required) to get everything working.

                          Thanks for the help guys!

                          1 Reply Last reply Reply Quote 0
                          • 1 / 1
                          • First post
                            Last post