Skip to content

Fix sudo::defaults function to correctly place list#338

Open
gettalong wants to merge 1 commit into
saz:masterfrom
gettalong:patch-1
Open

Fix sudo::defaults function to correctly place list#338
gettalong wants to merge 1 commit into
saz:masterfrom
gettalong:patch-1

Conversation

@gettalong

Copy link
Copy Markdown

I was using this module on a new Debian 13 host and checked the changes to the default sudoers file.

Reviewing the changes I wanted to preserve some of the defaults. However, most of the Debian defaults are specified like Defaults:%sudo .... Therefore I tried using the list value with :%sudo. As this was placed after the key and not directly after Defaults it led to an error in the sudoers configuration:

/etc/sudoers:4:18: syntax error
Defaults        env_keep:%sudo+="http_proxy https_proxy ftp_proxy all_proxy no_proxy"
                 ^~~~~~~

I'm not entirely sure what the list key does in the current form but I think it needs to go directly after the Defaults string, as indicated by man sudoers. With this change the resulting sudoers file works correctly:

Defaults:%sudo env_keep+="http_proxy https_proxy ftp_proxy all_proxy no_proxy"

I was using this module on a new Debian 13 host and checked the changes to the default sudoers file.

Reviewing the changes I wanted to preserve some of the defaults. However, most of the Debian defaults are specified like `Defaults:%sudo ...`. Therefore I tried using the `list` value with `:%sudo`. As this was placed after the key and not directly after `Defaults` it led to an error in the sudoers configuration:

~~~
/etc/sudoers:4:18: syntax error
Defaults        env_keep:%sudo+="http_proxy https_proxy ftp_proxy all_proxy no_proxy"
                 ^~~~~~~
~~~

I'm not entirely sure what the `list` key does in the current form but I think it needs to go directly after the `Defaults` string, as indicated by `man sudoers`. With this change the resulting sudoers file works correctly:

~~~
Defaults:%sudo env_keep+="http_proxy https_proxy ftp_proxy all_proxy no_proxy"
~~~
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant