install_vagrant_sudoers.sh

#!/bin/bash
# Add vagrant-hostupdater, vagrant-nfs and /sbin/pfctl -ef commands to sudoers, for `vagrant up` without a password

# force sudo on self.
if [ $( id -u ) -ne 0 ]; then
    exec sudo -p "Login password for %p: " "$0" "$@"
    exit $?
fi

# Stage updated sudoers in a temporary file for syntax checking
TMP=$(/usr/bin/mktemp -t vagrant_sudoers.XXX)
cat /etc/sudoers > $TMP

# Remove any previous declarations
sed -i -e '/^# vagrant-hostsupdater/,/^# end vagrant-hostsupdater/d' $TMP
sed -i -e '/^# vagrant-nfs/,/^# end vagrant-nfs/d' $TMP
sed -i -e '/^# port-direction/,/^# end port-direction/d' $TMP

cat >> $TMP <<EOF

# vagrant-hostsupdater
Cmnd_Alias VAGRANT_HOSTS_ADD = /bin/sh -c echo "*" >> /etc/hosts
Cmnd_Alias VAGRANT_HOSTS_REMOVE = /usr/bin/sed -i -e /*/ d /etc/hosts
%admin ALL=(root) NOPASSWD: VAGRANT_HOSTS_ADD, VAGRANT_HOSTS_REMOVE
# end vagrant-hostsupdater
EOF

cat >> $TMP <<EOF

# vagrant-nfs
Cmnd_Alias VAGRANT_EXPORTS_ADD = /usr/bin/tee -a /etc/exports
Cmnd_Alias VAGRANT_NFSD = /sbin/nfsd restart
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /usr/bin/sed -E -e /*/ d -ibak /etc/exports
%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE
# end vagrant-nfs
EOF

if [[ "$OSTYPE" == "linux-gnu" ]]; then
   CMD_REDIRECT="/sbin/iptables -t nat"
elif [[ "$OSTYPE" == "darwin"* ]]; then
   CMD_REDIRECT="/sbin/pfctl -ef"
fi

cat >> $TMP <<EOF

# port-direction
Cmnd_Alias VAGRANT_REDIRECT = ${CMD_REDIRECT}
%admin ALL=(root) NOPASSWD: VAGRANT_REDIRECT
# end port-direction
EOF


# Check syntax and overwrite sudoers if clean
visudo -c -f $TMP
if [ $? -eq 0 ]; then
  echo "Adding vagrant commands to sudoers"
  cat $TMP > /etc/sudoers
else
  echo "sudoers syntax wasn't valid. Aborting!"
fi

rm -f $TMP