編輯shell腳本中的sudo文件

Question

我想通過在特定行中刪除#或在其中添加#來編輯Solaris中的sudoers文件，因此如何爲此編寫腳本？我sudoer示例文件如下：

# The following line allows su without options/arguments and sux to user root 
Cmnd_Alias SU_ROOT = /usr/bin/su "",\ 
        /usr/local/bin/sux - root 

# Defaults specification 
Defaults:%saptb !authenticate 

# User privilege specification 
%saptb ALL=(root)SU_SAP 
#Uncomment this line when SAP requires root access 
%saptb ALL=(root)SU_ROOT 
##### END SAP-TB specific ###### 
# 
# 
#Tivoli ITM Tools Team Sudo Right 
# 
%cgtools  ALL=(root)  NOPASSWD: /opt/IBM/ITM/bin/* 

---

在這上面sudoers文件，我想的%saptb ALL=(root)SU_ROOT

Answer 1

唯一的行前添加#不要包含用sed：

# Comment out the line %saptb ALL=(root)SU_ROOT 
sudo sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers 

說明：

-E使用擴展regex

-i編輯文件到位。

s/   # Substitution 
^   # Match the start of the line 
(   # Capture the following 
%saptb  # Followed by %saptb 
.*   # Followed by anything 
SU_ROOT # Followed by SU_ROOT 
.*   # Followed by anything 
)   # Close capture 
/  # Replace with 
#   # A hash 
\1   # Followed by the captured line 

取消註釋線原理是一樣的：

1. 比賽由#
2. 捕捉其次該行的其餘線路
3. 開始
4. 更換整條生產線與捕獲的部分線（扔掉#）。

所以：

# Uncomment the line %saptb ALL=(root)SU_ROOT 
sudo sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers 

---

您可以使用下面的腳本運行sudo ./toggle.sh

#!/bin/bash 

# Is the line already commented out 
grep -q '#%saptb ALL=(root)SU_ROOT' /etc/sudoers 

if [ $? -eq 0 ]; then 
    # Uncomment the line %saptb ALL=(root)SU_ROOT 
    sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers 
else 
    # Comment out the line %saptb ALL=(root)SU_ROOT 
    sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers 
fi 

評論/取消註釋