编辑shell脚本中的sudo文件

Question

我想通过在特定行中删除#或在其中添加#来编辑Solaris中的sudoers文件，因此如何为此编写脚本？我sudoer示例文件如下：

# The following line allows su without options/arguments and sux to user root 
Cmnd_Alias SU_ROOT = /usr/bin/su "",\ 
        /usr/local/bin/sux - root 

# Defaults specification 
Defaults:%saptb !authenticate 

# User privilege specification 
%saptb ALL=(root)SU_SAP 
#Uncomment this line when SAP requires root access 
%saptb ALL=(root)SU_ROOT 
##### END SAP-TB specific ###### 
# 
# 
#Tivoli ITM Tools Team Sudo Right 
# 
%cgtools  ALL=(root)  NOPASSWD: /opt/IBM/ITM/bin/* 

---

在这上面sudoers文件，我想的%saptb ALL=(root)SU_ROOT

Answer 1

唯一的行前添加#不要包含用sed：

# Comment out the line %saptb ALL=(root)SU_ROOT 
sudo sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers 

说明：

-E使用扩展regex

-i编辑文件到位。

s/   # Substitution 
^   # Match the start of the line 
(   # Capture the following 
%saptb  # Followed by %saptb 
.*   # Followed by anything 
SU_ROOT # Followed by SU_ROOT 
.*   # Followed by anything 
)   # Close capture 
/  # Replace with 
#   # A hash 
\1   # Followed by the captured line 

取消注释线原理是一样的：

1. 比赛由#
2. 捕捉其次该行的其余线路
3. 开始
4. 更换整条生产线与捕获的部分线（扔掉#）。

所以：

# Uncomment the line %saptb ALL=(root)SU_ROOT 
sudo sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers 

---

您可以使用下面的脚本运行sudo ./toggle.sh

#!/bin/bash 

# Is the line already commented out 
grep -q '#%saptb ALL=(root)SU_ROOT' /etc/sudoers 

if [ $? -eq 0 ]; then 
    # Uncomment the line %saptb ALL=(root)SU_ROOT 
    sed -Ei 's/^#(%saptb.*SU_ROOT.*)/\1/' /etc/sudoers 
else 
    # Comment out the line %saptb ALL=(root)SU_ROOT 
    sed -Ei 's/^(%saptb.*SU_ROOT.*)/#\1/' /etc/sudoers 
fi 

评论/取消注释