Hi all,

I have a network that uses cfengine with Centos 4 and 5. I'm trying to get the sudoers file updated with cfengine. I know I can kludge a cfengine config for sudoers on a line-by-line basis like this:

AppendIfNoSuchLine "jsmith host1=/etc/rc.d/init.d/coldfusionmx restart"
AppendIfNoSuchLine "jsmith host1=/bin/chown"
AppendIfNoSuchLine "jsmith host2=/etc/rc.d/init.d/coldfusionmx restart"
AppendIfNoSuchLine "jsmith host2=/bin/chown"

The regular sudoers file goes something like this:

Host_Alias COLDFUSIONHOSTS=host1,host2
User_Alias COLDFUSIONFOLKS=jsmith,mjones
COLDFUSIONFOLKS COLDFUSIONHOSTS=/etc/rc.d/init.d/coldfusionmx,/bin/chown

Optimally, I would like to get the cfengine file to have one line to manage multiple hosts and/or users. So, how can I combine the User_Alias, Host_Alias, and their associated commands into the cfengine config without the line-by-line kludge?

Perhaps I don't understand your intent properly but I would think that you could either:

AppendIfNoSuchLine the host, user, and command alias directives as opposed to the more user specific directives

ie
<code>
AppendIfNoSuchLine "jsmith host1=/etc/rc.d/init.d/coldfusionmx restart"
</code>

You could also provide a single sudoers file to be copied over from the central cfengine server if the sudoers file is static enough.

Third option is to define as cfengine variables things like user list and hostnames and create or append appropriately the lines in cfengine based on said variables.

also I would suggest that this is not really a network question but more of a thread appropriate for the Server or Enterprise forums.

jpbarto

Moved: This thread is more suitable in Linux Software and has been moved accordingly to help your thread/question get the exposure it deserves.