I have 50 Linux servers and can login to the servers without root password (I know the password). Now I would like to add 3 lines in sudoers file on each servers. Obviously logging into 50 servers and adding lines are painful. Is there a different approach we can achieve this by a bash script or a loop?
Asked
Active
Viewed 742 times
0
-
1Scp the new file to each server? – Gerard H. Pille May 31 '21 at 03:35
-
1Ansible is designed to do exactly this. – Ackack May 31 '21 at 04:20
-
This setup is for ansible only. I am tying to add ansible user in all 50 servers and want to update sudoers permissions on each server so that I can run my playbooks from control node. – KKE May 31 '21 at 04:23
-
There are various methods described at https://stackoverflow.com/questions/33359404/ansible-best-practice-for-maintaining-list-of-sudoers – Gerald Schneider May 31 '21 at 05:10
1 Answers
2
Rather than editing /etc/sudoers directly:
Most Linux distributions support by default a modular sudo configuration by loading files / configuration snippets from drop-in directory via the #includedir directive.
Note the # in that is NOT A COMMENT marker.
## Read drop-in files from /etc/sudoers.d (the # here does not mean a comment)
#includedir /etc/sudoers.d
That allows you to copy/upload the sudo directives you want to set as separate drop-in file, e.g. /etc/sudoers.d/ansible-user which is much easier to script and maintain than a single configuration file.
Bob
- 5,805
- 7
- 25
-
-
I have added below line to /etc/sudoers.d/ansible-user file. It is not working. ansible ALL=(ALL) NOPASSWD: ALL – KKE Jun 07 '21 at 00:16
-
Finally it worked when I renamed file name from 'ansible-user' to 'ansible' – KKE Jun 07 '21 at 00:46