I believe horrible config editing practices are allowed (you can indent a line with spaces and it's still respected), so I might recommend a slightly more robust version:
egrep -vr "^([[:space:]]*)?(#|$)" test.sudo | grep -i nopasswd || echo 'not found'
That's just a rough first draft, with the /etc/sudoers from RHEL7 copied and then I added this trash to it:
xyzzy ALL=(ALL) ALL xyzzy ALL=(ALL) ALL # xyzzy ALL=(ALL) ALL # xyzzy ALL=(ALL) NOPASSWD:ALL xyzzy ALL=(ALL) NOPASSWD:ALL xyzzy ALL=(ALL) NOPASSWD:ALL
Tested: $ visudo -c -f test.sudo test.sudo: parsed OK
Here's just the left hand side of the egrep:
$ egrep -vr "^([[:space:]]*)?(#|$)" test.sudo Defaults !visiblepw Defaults always_set_home Defaults env_reset Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS" Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE" Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES" Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE" Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY" Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin root ALL=(ALL) ALL %wheel ALL=(ALL) ALL xyzzy ALL=(ALL) ALL xyzzy ALL=(ALL) ALL xyzzy ALL=(ALL) NOPASSWD:ALL xyzzy ALL=(ALL) NOPASSWD:ALL
Maybe do it backwards?
$ grep -ir nopasswd test.sudo | egrep -v "^([[:space:]]*)?(#|$)" xyzzy ALL=(ALL) NOPASSWD:ALL xyzzy ALL=(ALL) NOPASSWD:ALL
...something like that?
I believe horrible config editing practices are allowed (you can indent a line with spaces and it's still respected), so I might recommend a slightly more robust version:
egrep -vr "^([[:space: ]]*)?(# |$)" test.sudo | grep -i nopasswd || echo 'not found'
That's just a rough first draft, with the /etc/sudoers from RHEL7 copied and then I added this trash to it:
xyzzy ALL=(ALL) ALL
xyzzy ALL=(ALL) ALL
# xyzzy ALL=(ALL) ALL
# xyzzy ALL=(ALL) NOPASSWD:ALL
xyzzy ALL=(ALL) NOPASSWD:ALL
xyzzy ALL=(ALL) NOPASSWD:ALL
Tested:
$ visudo -c -f test.sudo
test.sudo: parsed OK
Here's just the left hand side of the egrep:
$ egrep -vr "^([[:space: ]]*)?(# |$)" test.sudo bin:/usr/ sbin:/usr/ bin
Defaults !visiblepw
Defaults always_set_home
Defaults env_reset
Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR LS_COLORS"
Defaults env_keep += "MAIL PS1 PS2 QTDIR USERNAME LANG LC_ADDRESS LC_CTYPE"
Defaults env_keep += "LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES"
Defaults env_keep += "LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE"
Defaults env_keep += "LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET XAUTHORITY"
Defaults secure_path = /sbin:/
root ALL=(ALL) ALL
%wheel ALL=(ALL) ALL
xyzzy ALL=(ALL) ALL
xyzzy ALL=(ALL) ALL
xyzzy ALL=(ALL) NOPASSWD:ALL
xyzzy ALL=(ALL) NOPASSWD:ALL
Maybe do it backwards?
$ grep -ir nopasswd test.sudo | egrep -v "^([[:space: ]]*)?(# |$)"
xyzzy ALL=(ALL) NOPASSWD:ALL
xyzzy ALL=(ALL) NOPASSWD:ALL
...something like that?