unable to update sudoers file on RH6u5 with validate option.

Archives Ansible Project
1

Hi,
I am not able to change ‘/etc/sudoers’ file successfully on RH 6.5 (Santiago) when using validate option. The same thing works fine on RH6u4 sever.

Below is my playbook and response from the server.

Note: When I run the commented ‘lineinfile’ task works fine on RH6u5 as well but I want to validate before changing ‘sudoers’ file.

  • hosts: proxy
    gather_facts: yes
    remote_user: “{{ ssh_remote_user }}”
    sudo: yes
    tasks:

  • name: update sudoer file to allow ADMIN nopasswd
    lineinfile: dest=/etc/sudoers state=present regexp=‘^%admin ALL =’ line=‘%admin ALL=(ALL) NOPASSWD:ALL’ validate=‘visudo -cf %s’
    #lineinfile: dest=/etc/sudoers state=present regexp=‘^%admin ALL =’ line=‘%admin ALL=(ALL) NOPASSWD:ALL’

TASK: [update sudoer file to allow ADMIN nopasswd] *******************************
failed: [proxy10-qa1] => {“cmd”: “visudo -cf /tmp/tmp8UPaDy”, “failed”: true, “rc”: 2}
msg: [Errno 2] No such file or directory

FATAL: all hosts have already failed – aborting

Thanks,
Yasir.

2

Hmmmm.

No such file or directory MIGHT be referring to visudo. Can you try explicitly pathing it?

3

Mike,

I am sorry, I was able to fix the problem by specify full path for visudo command. It was in ‘/usr/sbin/visudo’

Validate part looks like below:

validate=‘/usr/sbin/visudo -cf %s’

For my RH6U5 boxes root does not have /usr/sbin in the path.

I could have replied earlier, When I tried to reply yesterday I was not able to access the group…

Thanks,

Yasir.