Does Vagrant create the /etc/sudoers.d/vagrant file, or does it need to be added manually to use ansible sudo_user?

Question

Some ubuntu cloud images such as this one : http://cloud-images.ubuntu.com/vagrant/precise/20140120/precise-server-cloudimg-amd64-vagrant-disk1.box

have the file /etc/sudoers.d/vagrant, with the content vagrant ALL=(ALL) NOPASSWD:ALL

Other boxes such as this one https://opscode-vm-bento.s3.amazonaws.com/vagrant/virtualbox/opscode_ubuntu-13.10_chef-provisionerless.box

doesn't have it, and as a result ansible commands with sudo_user don't work.

I can add the file with :

- name: ensure Vagrant is a sudoer
  copy: content="vagrant ALL=(ALL) NOPASSWD:ALL" dest=/etc/sudoers.d/vagrant owner=root group=root
  sudo: yes

I'm wondering if something Vagrant should be doing, because this task will not be applicable when running the ansible playbook on a real (non vagrant) machine.

Answer 1

Vagrant requires privileged access to the VM, either using config.ssh.username = "root", or more commonly, via sudo. The Bento Ubuntu boxes currently configure it directly to /etc/sudoers.

I don't know what ansible's sudo_user does or means, but I guess your provisioning is overriding /etc/sudoers. In this case you really need to ensure you don't lose Vagrant's sudo access to the VM. Or build your own base box which uses sudoers.d.

As a side note, if you create a /etc/sudoers.d/ file, you should also set it's mode to 0440 or at least some older sudo versions refuse to apply it.