我想在Solaris中通过删除#或在特定行中添加#来编辑sudoers文件,那么如何为此编写脚本呢? 我的sudoer示例文件如下:
# The following line allows su without options/arguments and sux to user root Cmnd_Alias SU_ROOT = /usr/bin/su "",\ /usr/local/bin/sux - root # Defaults specification Defaults:%saptb !authenticate # User privilege specification %saptb ALL=(root)SU_SAP #Uncomment this line when SAP requires root access %saptb ALL=(root)SU_ROOT ##### END SAP-TB specific ###### # # #Tivoli ITM Tools Team Sudo Right # %cgtools ALL=(root) NOPASSWD: /opt/IBM/ITM/bin/*
在这个sudoers文件中,我希望在%saptb ALL=(root)SU_ROOT的唯一一行之前加上#
用sed做一个替换:
# Comment out the line %saptb ALL=(root)SU_ROOT sudo sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers
说明:
-E使用扩展regex
-i编辑文件。
s/ # Substitution ^ # Match the start of the line ( # Capture the following %saptb # Followed by %saptb .* # Followed by anything SU_ROOT # Followed by SU_ROOT .* # Followed by anything ) # Close capture / # Replace with # # A hash \1 # Followed by the captured line
要取消注释行的原则是一样的:
# # )。 所以:
# Uncomment the line %saptb ALL=(root)SU_ROOT sudo sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers
您可以使用以下脚本通过运行sudo ./toggle.sh来评论/取消注释
#!/bin/bash # Is the line already commented out grep -q '#%saptb ALL=(root)SU_ROOT' /etc/sudoers if [ $? -eq 0 ]; then # Uncomment the line %saptb ALL=(root)SU_ROOT sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers else # Comment out the line %saptb ALL=(root)SU_ROOT sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers fi