I’m using the Opscode sudo cookbook, and I’ve walked through the sudo
example on their site (http://docs.opscode.com/lwrp_sudo.html) but I
get an error ‘validate_fragment’ I’ve tried a few different things,
but can’t find much else online on the topic; most refer to using sudo
to install chef, run chef-client, etc. Thanks
via a GIST here: https://gist.github.com/philcryer/7439401
text:
[…CONFIG…]
user “jenkins” do
supports :manage_home => true
comment "The Jenkins user that handles all deploys"
home "/home/jenkins"
shell "/bin/bash"
password "12341234"
end
node[‘authorization’][‘sudo’][‘include_sudoers_d’] = true
include_recipe "sudo"
sudo “jenkins” do
user “%jenkins"
runas “app_user"
commands [”/etc/init.d/httpd restart”,“chown -R apache:apache /var/www”]
host "ALL"
nopasswd true
end
[…LOGS…]
[2013-11-12T15:45:34-06:00] DEBUG: package[sudo] is already installed
- nothing to do
[2013-11-12T15:45:34-06:00] INFO: Processing directory[/etc/sudoers.d]
action create (sudo::default line 25)
[2013-11-12T15:45:34-06:00] INFO: Processing
cookbook_file[/etc/sudoers.d/README] action create (sudo::default line
[2013-11-12T15:45:34-06:00] INFO: Processing template[/etc/sudoers]
action create (sudo::default line 39)
[2013-11-12T15:45:34-06:00] DEBUG: Not fetching
cookbooks/sudo/templates/default/sudoers.erb, as the cache is up to
date.
[2013-11-12T15:45:34-06:00] DEBUG: current checksum:
6f178ce07803096acacaca23d243f2c2; manifest checksum:
6f178ce07803096acacaca23d243f2c2)
[2013-11-12T15:45:34-06:00] DEBUG: Current content’s checksum:
261759ea279ca54103844c4a929fbcd3bd8b29f3e339ef334cbdea2405e7bd31
[2013-11-12T15:45:34-06:00] DEBUG: Rendered content’s checksum:
261759ea279ca54103844c4a929fbcd3bd8b29f3e339ef334cbdea2405e7bd31
[2013-11-12T15:45:34-06:00] DEBUG: template[/etc/sudoers] content has
not changed.
[2013-11-12T15:45:34-06:00] INFO: Processing sudo[jenkins] action
install (base::default line 135)
[2013-11-12T15:45:34-06:00] DEBUG: Not fetching
cookbooks/sudo/templates/default/sudoer.erb, as the cache is up to
date.
[2013-11-12T15:45:34-06:00] DEBUG: current checksum:
f1a732fa44ee8eacc9ada77f75d580d3; manifest checksum:
f1a732fa44ee8eacc9ada77f75d580d3)
[2013-11-12T15:45:34-06:00] ERROR: Fragment validation failed:
[2013-11-12T15:45:34-06:00] ERROR: # This file is managed by Chef.
Do NOT modify this file directly.
%jenkins ALL=(app_user) NOPASSWD:/etc/init.d/httpd restart
%jenkins ALL=(app_user) NOPASSWD:chown -R apache:apache /var/www
[2013-11-12T15:45:34-06:00] FATAL: Template
/tmp/sudoer20131112-12809-j5303y failed fragment validation!
================================================================================
Error executing action install on resource ‘sudo[jenkins]’
SystemExit
exit
Cookbook Trace:
/var/chef/cache/cookbooks/sudo/providers/default.rb:51:in validate_fragment!' /var/chef/cache/cookbooks/sudo/providers/default.rb:96:inrender_sudoer’
/var/chef/cache/cookbooks/sudo/providers/default.rb:104:in `block in
class_from_file’
Resource Declaration:
In /var/chef/cache/cookbooks/base/recipes/default.rb
135: sudo “jenkins” do
136: user “%jenkins"
137: runas “app_user"
138: commands [”/etc/init.d/httpd restart”,“chown -R apache:apache /opt/iaas”]
139: host "ALL"
140: nopasswd true
141: end
Compiled Resource:
Declared in /var/chef/cache/cookbooks/base/recipes/default.rb:135:in
`from_file’
sudo(“jenkins”) do
action :install
supports {:report=>true, :exception=>true}
retries 0
retry_delay 2
cookbook_name "base"
recipe_name "default"
user “%jenkins"
runas “app_user"
commands [”/etc/init.d/httpd restart”, “chown -R apache:apache /opt/iaas”]
host "ALL"
nopasswd true
end
[2013-11-12T15:45:34-06:00] DEBUG: Re-raising exception: SystemExit -
sudo[jenkins] (base::default line 135) had an error: SystemExit: exit