Skip to content

Instantly share code, notes, and snippets.

@beddari
Created December 13, 2011 12:47
  • Star 28 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save beddari/1472018 to your computer and use it in GitHub Desktop.
Allow Vagrant sudo-access without password for NFS-setup
#!/bin/bash
# Script for placing sudoers.d files with syntax-checking
if [ -z "$1" ]; then
# Making a temporary file to contain the sudoers-changes to be pre-checked
TMP=$(mktemp)
cat > $TMP <<EOF
Cmnd_Alias VAGRANT_EXPORTS_ADD = /bin/su root -c echo '*' >> /etc/exports
Cmnd_Alias VAGRANT_NFSD = /etc/init.d/nfs-kernel-server restart
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /bin/sed -e /*/ d -ibak /etc/exports
%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE
EOF
# Check if the changes we want are OK
visudo -c -f $TMP
if [ $? -eq 0 ]; then
# This computes! Starting up visudo with this script as first parameter
export EDITOR=$0 && export FILE_OK=$TMP && sudo -E visudo -f /etc/sudoers.d/vagrant_sudoers
fi
else
# Copying changes to the visudo-managed tmp-file
cat $FILE_OK | tee -a $1
rm -f $FILE_OK
fi
# Exiting, visudo will check syntax again (which we already know is OK)
@benbor
Copy link

benbor commented Oct 9, 2014

@beddari, hi
Unfortunately, it doesn't work for MacOS Maveriks:(

./install_vagrant_sudoers.sh: line 7: $TMP: ambiguous redirect
visudo: option requires an argument -- f
usage: visudo [-chqsV] [-f sudoers]

@chadhs
Copy link

chadhs commented Mar 11, 2015

give adding this a shot when you edit with visudo:

%admin ALL=(root) NOPASSWD: /etc/init.d/nfs-kernel-server restart

@cornelisonc
Copy link

@benbor you can fix that by replacing line 6 with this:

TMP=$(mktemp $TMPDIR/$(uuidgen))

@fastzombies
Copy link

fastzombies commented Oct 26, 2016

How is this supposed to work? EDITOR=$0 causes:
visudo: specified editor (install_vagrant_sudoers.sh) doesn't exist

I can replace $0 with vim but I then get an empty vim shell. I'm trying to use on CentOS7.

@fastzombies
Copy link

So I replace $0 with /usr/bin/vim. Then in vim I :r /tmp/tmp.84SDwQ834 or whatever $TMP is and :wq and now I get /etc/sudoer.d/vagrant_sudoers. However, I still get prompted for sudo with everything.

I'm a bit new to Vagrant so I welcome some tips.

@fastzombies
Copy link

I am also using libvirt. This ended up being the solution:

# Enable passwordless libvirt
pkaction --verbose --action-id org.libvirt.unix.manage

sudo tee /etc/polkit-1/localauthority/50-local.d/50-org.libvirt-access.pkla << 'EOF'

[libvirt Admin Access]
Identity=unix-group:virt
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
ResultActive=yes
EOF

sudo groupadd virt
sudo usermod -aG virt $USER

tee -a ~/.bash_aliases << 'EOF'
if test -x `type -p virsh`; then
    export LIBVIRT_DEFAULT_URI=qemu:///system
fi
EOF

@mcandre
Copy link

mcandre commented Oct 21, 2017

Hmm, for some reason I still get repeated password prompts for vagrant after running this script.

I'm using macOS Sierra.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment