As I have very recently dug into modifying sudoers myself, you may want to look at the saz/sudo module at Puppet Forge. It allows you to do a lot of different methods to create a sudoers file that fits the supported OS.
If you want to just do edits, you may want to look at the stdlib - file_line type. There are examples for it that show sudoers specifically. In my environment I am using the file_line with a matcher with a regular expression to change the directory colors from dark blue to the lighter blue. class os_config::ls_dir_color ($dir_default_color = '01;34') { # This is used to change the DIR color from dark blue to a brighter blue to # see it on a black background # It will use the file_line include stdlib file_line { 'dir_colors': path => '/etc/DIR_COLORS', line => "DIR ${dir_default_color} # directory", match => '^DIR\s*.*', replace => true, } For sudoers you could do that to check if the line already exists to remove it with ensure => absent or add it with ensure => present. Since I'm using Foreman as a front-end to Puppet I use the smart parameters that I can override on a host by host basis when needed. Here is a pseudo code snippet that may do something like what you want. class sudo::add_dba_perm ($ensure = 'present', $dba_perm_line = '%dba ALL=ALL NOPASSWD: ALL') { include stdlib file_line { 'sudo_dba': path => '/etc/sudoers', ensure => $ensure, line => $dba_perm_line, match => '^%dba\s*.*', replace => true, } Now I haven't coded or tested the above, but theoretically something coded along these lines should work. As I don't yet have a full grasp on doing defines and create_resources, I have to stay basic in my coding. Hope this helps. On Wednesday, April 26, 2017 at 10:14:34 PM UTC-4, Warron French wrote: > > Does it make sense to use the puppetlabs-inifile module when trying to > modify the /etc/sudoers file? > > From my observations, the /etc/sudoers file isn't exactly laid out in an > ini-stylized configuration; like the /etc/smb.conf is. > > Comments welcomed. > -------------------------- > Warron French > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/95299141-786a-449d-a51d-dadfcedba7d4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.