On Jun 30, 2010, at 9:12 AM, Jeff wrote: > In that example, the command line looked like this: > > "set spec[last()]/host_group/command ALL", > > I added NOPASSWD: and it barfs with this message: > > err: //user::unixadmins/User::Virtual::Sudoer[joe]/Augeas[sudojoe]/ > returns: change from need_to_run to 0 failed: Save failed with return > code false > > The problem seems to be the colon ':' since NOPASSWD:ALL also fails > but this doesn't error: > > "set spec[last()]/host_group/command NOPASSWD ALL", > > Unfortunately, that doesn't produce a desirable output.
I don’t know about the colon, but any value with a space in it needs to be quoted. Does your undesirable-but-working example command set the value to “NOPASSWD ALL” or just to “NOPASSWD”? In any case, I would try this: "set spec[last()]/host_group/command 'NOPASSWD: ALL’”, Also note that your example as written will add this entry to the file on every single Puppet run. You could add an “onlyif”, but by using `last() + 1` and “onlyif” you can only add entries. You can’t modify them later. Well, maybe with a really horrible looking “onlyif”, but forget that. This is what my `sudoers` changes look like. augeas { "sudorob": context => "/files/etc/sudoers", changes => [ "set spec[user = 'rmcbroom']/user rmcbroom", "set spec[user = 'rmcbroom']/host_group/host ALL", "set spec[user = 'rmcbroom']/host_group/command ALL", "set spec[user = 'rmcbroom']/host_group/command/runas_user ALL”, ], } This will add the entry if it doesn’t exist, but it will also apply changes to individual settings (like host_group/command). And if the entry exists as defined, Puppet does nothing, which is what you want. -- Rob McBroom <http://www.skurfer.com/> Don't try to tell me something is important to you if the whole of your “support” entails getting Congress to force *others* to spend time and money on it. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.