Add line in visudo after root line

Question

I'm testing some Ansible deployment and need to add ansible user to sudoers. Instead of editing I just every time copy this script:

echo 'ansible ALL=(ALL)       NOPASSWD: ALL' | sudo EDITOR='tee -a' visudo

Which is adds ansible ALL=(ALL) NOPASSWD: ALL to the end of file.

How to add it after root line to make it like this via script?

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
ansible ALL=(ALL)       NOPASSWD: ALL

Please avoid *"Give me the codez"* questions. Instead show the script you are working on and state where the problem is. Also see [How much research effort is expected of Stack Overflow users?](https://meta.stackoverflow.com/q/261592/608639) — jww, Aug 25 '18 at 16:00
jww, I think you misunderstood me. The problem is that below script adds line in the end of the file but I need to add line after "root ALL=(ALL) ALL" like I showed. — user3428, Aug 25 '18 at 16:52

score 1 · Accepted Answer · answered Aug 25 '18 at 18:54

1

Well, it seems a little kludgy, but...

Create a file called add_ansible.sed with the following line:

/^root/aansible ALL=(ALL) NOPASSWD: ALL

Then run your visudo like this:

sudo EDITOR='sed -i -f add_ansible.sed' visudo

answered Aug 25 '18 at 18:54

Jack

score -1 · Answer 2 · answered Aug 25 '18 at 15:49

-1

If you really have to do it, make it part of the playbook.
Configuration management should not happen outside the tool to prevent drift.

template:
src: templates/sudoers
dest: /etc/sudoers
validate: '/usr/sbin/visudo -cf %s'

answered Aug 25 '18 at 15:49

Szabolcs Szallár

2 Answers2