puppet file_line: remove line with unknown number of whitespaces

puppet

7,685

Solution 1

I would not use ensure => absent here as it only allows for an exact match. A simple but effective workaround would be using a comment (or empty) line along with a match regex to look for to replace:

file_line { 'sudoers-myuser':
          path   => '/etc/sudoers',
          line   => '# myuser  ALL=NOPASSWD:/bin/su -', 
          match  => 'myuser.*ALL=NOPASSWD:/bin/su.*-',
}

This would introduce line even if the match is not present in the file, but as the content is a no-op, it should not present any serious issues. Take care to escape regex special characters in the match line.

Solution 2

file_line is an "ok" resource for ensuring lines appear in a file but not so good for ensuring lines are not there -- which is why I completely stopped using it.

If you really need to manage this file piecemeal and need to ensure the line is absolutely gone, the augeas resource will accomplish it much better. It's rather complicated but does the job really well. And there should already be a lens for the sudoers file.

But lornix is correct. You should not be managing this file this way. It is laden with dangers and there be monsters here.

Prefer templates and include files.

To answer your question explicitly: You can't. One look at the source code for file_line shows that it only looks for an exact match -- white space and all.

  def destroy
    local_lines = lines
    File.open(resource[:path],'w') do |fh|
      fh.write(local_lines.reject{|l| l.chomp == resource[:line] }.join(''))
    end
  end

7,685

Acki

Updated on September 18, 2022

Comments

Acki over 1 year
I'd like to remove a line from the sudoers. All works fine as long as I give the exact line. But there might be differences in white space on some machines. Couldn't find a workaround even with "match".
```
file_line { '/etc/sudoers':
          ensure => absent,
          path   => '/etc/sudoers',
          line   => 'myuser  ALL=NOPASSWD:/bin/su -', }
```
Any ideas? Thanks Acki
Acki almost 10 years

Sorry, but my question is more about puppet and file_line. I have to remove an entry! So your answer does not really help.
Scott - Слава Україні almost 5 years

(1) Did you “discover” this by thinking and experimenting, or did you read it somewhere? If you read it somewhere, you must say so and identify the source. Linking to the source document and saying “More details here” isn’t sufficient; you must say that you copied your answer from there. (2) Likewise, you should link to documentation when you quote it. (If you have a better source for the information about match_for_absence, please add it.) (3) Since the objective is to match whitespace, you should probably use  * (space + star) rather than .*.
Scott - Слава Україні almost 5 years

By the way, I noticed that your user profile has a typo: “Words cam later.”
Scottie H almost 5 years

It is e lionka combination of both. I read the link that I posted, and did some experimenting on my own. The answer the I posted is my own answer for something I was doing.