I'm trying to build a user data script for an EC2 instance that builds node and npm from github, and then starts a service. To grease these wheels, I need to add:
:/usr/local/bin
to the end of the line in /etc/sudoers which starts:
Defaults secure_path="
https://superuser.com/questions/927512/how-to-set-path-for-sudo-commands talks about using visudo to achieve this, but I want to do it programatically within the EC2 user data.
https://stackoverflow.com/questions/16282789/adding-sudo-permissions-to-sudoers-for-user-via-shell-script talks about editing the sudoers file, but it seems awfully over baked for what I'm trying to achieve.
I thought it'd be easy to grep the line and replace it, but I'm stumped. Not only because of that annoying closing inverted comma!
Best Answer
If you can live with replacing the
secure_path
value instead of appending it, you can use a much easier solution. Usually sudo has a config directory like/etc/sudoers.d
where you can drop additional configuration files.Just create a file there with your complete
secure_path
value:This overwrites the value from the main config. If the path value is the same for all your machines this can easily be deployed with scripts or a package.
This has the additional advantage that you don't have to check and possibly merge config files when the sudo package is updated in the future.