In my lab, I want to allow the wheel group users to run sudo without typing password. As always, I have done it in puppet. Here is the how to:
1) I use resource ‘file_line’ to do the work. As it is not in not in the default module, I need to install it. Run ‘puppet module install puppetlabs-stdlib‘ in the puppet master.
2) Add ‘pluginsync=true‘ in the [main] section in the puppet nodes. This allows the node to download the newly added modules in the master.
3) Create a new manifest to uncomment the entry in the sudoers file. What the manifest does is to replace the line that matched the regular expression with the one defined in the line =>.
class sys_sudo::enable_wheel {
file_line { ‘enable_wheel’:
path => ‘/etc/sudoers’,
line => ‘%wheel ALL=(ALL) NOPASSWD: ALL’,
match => ‘.*%wheel.*NOPASSWD: .*$’,
}
}
Reference:
http://puppetlabs.com/blog/module-of-the-week-puppetlabsstdlib-puppet-labs-standard-library
Jackie Chen's IT Workshop 