LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-31-2012, 09:17 AM   #1
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 289

Rep: Reputation: 34
Modify group(%admin) with username in sudoers file


Hi,

How can I transform/modify group(%admin) in sudoers file where users are added in the admin group as "%admin ALL=(ALL) ALL" but I want to relect with user name on thome the system belongs which should fetch username from a file or database.

Is there any bash script or other to process the same through puppet ?

Any solution will be appreciated.
 
Old 05-31-2012, 09:25 AM   #2
Snark1994
Senior Member
 
Registered: Sep 2010
Location: Wales, UK
Distribution: Arch
Posts: 1,630
Blog Entries: 3

Rep: Reputation: 345Reputation: 345Reputation: 345Reputation: 345
Quote:
Originally Posted by smilemukul View Post
I want to relect with user name on thome the system belongs which should fetch username from a file or database.
I'm not entirely clear on what exactly you want to be able to do... Could you clarify it?
 
Old 05-31-2012, 09:49 AM   #3
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 289

Original Poster
Rep: Reputation: 34
Actually I have a list of username from my domain where users are added in %admin group as specified in /etc/sudoers file but I want to specify username instead of %admin for all the users which are in the list according to the owner of the system such as,

File (list of users):-
David
Mapple
---------------

so want to replace %admin ALL=(ALL) ALL with David ALL=(ALL) ALL <--- System Owner is David
Mapple ALL=(ALL) ALL <--- System Owner is Mapple
 
Old 06-01-2012, 07:12 AM   #4
Snark1994
Senior Member
 
Registered: Sep 2010
Location: Wales, UK
Distribution: Arch
Posts: 1,630
Blog Entries: 3

Rep: Reputation: 345Reputation: 345Reputation: 345Reputation: 345
And why are you wanting to do that? The 'admin' group is much more convenient and flexible in general...

However, if you wanted to systematically replace '%admin' then the following should help:

Code:
name='Mapple'
cp /etc/sudoers{,.bak}
chmod +w /etc/sudoers
sed "s/^%admin\( ALL=(ALL) ALL\)/${name}\1/" /etc/sudoers.bak > /etc/sudoers
chmod -w /etc/sudoers
I'm still not 100% sure on exactly what you want to achieve, but if you were to SSH to each machine and execute this code with the appropriate value for 'name' as root, then it would do what I think you want to do.

Needless to say, MAKE A BACKUP before doing ANYTHING with the /etc/sudoers file without using the visudo command. Or else.
 
Old 06-08-2012, 02:11 AM   #5
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 289

Original Poster
Rep: Reputation: 34
Actually I want to replace the username's in the /etc/sudoers from a list of users from a database & also the users list should be compared with the system's owners name means,

if system owner (David) = David (from users list from database)
then replace "David ALL=(ALL) ALL" in /etc/sudoers instead of "%admin ALL=(ALL) ALL"

Also the same I want to push through puppet.

I hope now it should be cleared.
 
Old 06-08-2012, 02:39 AM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,384

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
OK, so you have an abstract (NON-POSIX) group list out there somewhere, and you want to use that list under puppet to customize the sudoers file on a range of systems?

So first up, don't. Stick with user groups, I expect there's some way to keep this simpler model.

But after that, if this really is what you're going to do (and TBH I can see why it's not so bad - you have to make some sort of arbitrary mapping at some point, so maybe this point is OK) what is the association between the system and the user? It seems like an extremely puppet based solution is pretty simple. First thought to use an external arbitrary text list is to use an extlookup - http://docs.puppetlabs.com/reference...html#extlookup within a simple template file, but plenty of other solutions are also out there. I like using puppet-dashboard for this finer detail of config, in which you could add all the nodes within dashboard and use external node processing in puppet to pull in these little scrappy bits of data which you can manage fairly painlessly through a web interface.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora /etc/sudoers file and sudoers.d directory davejjj Linux - Newbie 2 10-21-2011 06:19 PM
How To Modify Username KAOZ_IT Linux - Newbie 5 01-28-2007 08:36 PM
How do I modify /etc/sudoers from an install ? osle Linux - Newbie 12 12-11-2006 12:56 AM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 05:03 PM
Group Admin, Group Root, or God over Group crickett Linux - General 5 07-12-2004 04:01 PM


All times are GMT -5. The time now is 06:04 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration