Skip to content

Instantly share code, notes, and snippets.

@joemaller
Forked from GUI/install_vagrant_sudoers.sh
Last active January 9, 2019 07:36
  • Star 34 You must be signed in to star a gist
  • Fork 17 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save joemaller/6764700 to your computer and use it in GitHub Desktop.
#!/bin/bash
# Add Vagrant's NFS setup commands to sudoers, for `vagrant up` without a password
# Updated to work with Vagrant 1.3.x
# Stage updated sudoers in a temporary file for syntax checking
TMP=$(mktemp -t vagrant_sudoers)
cat /etc/sudoers > $TMP
cat >> $TMP <<EOF
# Allow passwordless startup of Vagrant when using NFS.
# https://gist.github.com/joemaller/6764700
Cmnd_Alias VAGRANT_EXPORTS_ADD = /bin/bash -c echo '*' >> /etc/exports
Cmnd_Alias VAGRANT_NFSD = /sbin/nfsd restart
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /usr/bin/sed -E -e /*/ d -ibak /etc/exports
%staff ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE
EOF
# Check syntax and overwrite sudoers if clean
visudo -c -f $TMP
if [ $? -eq 0 ]; then
echo "Adding vagrant commands to sudoers"
cat $TMP > /etc/sudoers
else
echo "sudoers syntax wasn't valid. Aborting!"
fi
rm -f $TMP
@justinatcamfil
Copy link

Doesn't work with 1.5 because they changed the system command to something like:

sudo -s -- echo "#{line}" >> /etc/exports

@ngocphamm, the reason it worked the first time is likely that your sudo timestamp_timeout was not up. You can verify that by setting, in sudoers:

Defaults  timestamp_timeout = 0

Then sudo won't cache the result of a good authentication for a time. This means you have to enter the password for every sudo attempt... successive attempts are normally "cached".

The solution for this to work with vagrant 1.5 isn't clear to me since changing VAGRANT_EXPORTS_ADD to something like the below doesn't seem to work.

/bin/bash echo '*' >> /etc/exports

@ngocphamm
Copy link

Too bad GitHib doesn't have notification for mentions in Gist comments. I didn't know there're answers here till today.

@karlingen yes I'm using zsh

@justinatcamfil That's probably the reason. I ended up leave it alone as I rarely destroy the box. When I don't need it I just need to vagrant suspend and it's all good. Memory released.

@ngocphamm
Copy link

Finally Vagrant 1.6 has this fixed with a "stable" hack to visudo:

Cmnd_Alias VAGRANT_EXPORTS_ADD = /usr/bin/tee -a /etc/exports
Cmnd_Alias VAGRANT_NFSD = /sbin/nfsd restart
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /usr/bin/sed -E -e /*/ d -ibak /etc/exports
%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE

Ref: hashicorp/vagrant#3638

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment