sudoers parser (awk). This should be the contents of an executable script. Reads from stdin, expands all aliases, and writes to stdout. This parser will not work where you have defined multiple aliases per line.

parsesudoers

#!/bin/gawk -f

/Cmnd_Alias/ {
    value = substr($0, index($0, "=")+1,length($0))
    for (command in commands) gsub(command,commands[command],value)
    sub(/^ */,"",value)
    commands[$2]=value
    print $0
}

/User_Alias/ {
    value = substr($0, index($0, "=")+1,length($0))
    sub(/^ */,"",value)
    for (user in users) gsub(user,users[user],value)
    users[$2]=value
    print $0
}

/Host_Alias/ {
    value = substr($0, index($0, "=")+1,length($0))
    for (host in hosts) gsub(host,hosts[host],value)
    sub(/^ */,"",value)
    hosts[$2]=value
    print $0
}

/Runas_Alias/ {
    value = substr($0, index($0, "=")+1,length($0))
    for (runas in runas_aliases) gsub(runas,runas_aliases[runas],value)
    sub(/^ */,"",value)
    runas_aliases[$2]=value
    print $0
}

!/[A-Za-z]*_Alias/ {
    # Traverse arrays in reverse alphabetical order, so that we do substitutions with longer names first, otherwise tokens named GROUP_ONE_TRUSTED would be first expanded using GROUP_ONE
    PROCINFO["sorted_in"] = "@ind_str_desc"
    for (user in users) gsub(user,users[user],$0)
    for (command in commands) gsub(command,commands[command],$0)
    for (host in hosts) gsub(host,hosts[host],$0)
    for (runas in runas_aliases) gsub(runas,runas_aliases[runas],$0)
    print $0
}