Give Vagrant Sudoer Permissions on OSX

For NFS /etc/exports

By Kevin Quillen, on January 14, 2017

If you want to grant Vagrant the ability to edit your /etc/exports file for NFS shares, there is a short write up on the official Vagrant website for OSX.

However, a few details are left out - particularly for people like me who didn’t know what visudo is.

It requires editing the sudoers file using the visudo program, but if you have modified and extended vim on your machine, your terminal window might dump a lot of errors on the screen the moment you try to edit sudoers (for me, it was regarding missing plugins) which is scary. :q!‘d out.

Turns out, visudo defaults to vi or vim somewhere in the system that isn’t the same vim that I use.

First, I had to edit my user .zprofile, and define vim as my default editor:


export EDITOR=vim

Then reload it, and verify it was set:


kevinquillen > ~: . ~/.zprofile
kevinquillen > ~: env | grep EDI
EDITOR=vim

Now, when I run sudo visudo it will default to my vim, and there were no errors. Note that I edit .zprofile since I use zsh. You may have to edit .profile or .bash_profile - whatever your choice of login shell uses.

From there, simply add the following as noted in the documentation:


Cmnd_Alias VAGRANT_EXPORTS_ADD = /usr/bin/tee -a /etc/exports
Cmnd_Alias VAGRANT_NFSD = /sbin/nfsd restart
Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /usr/bin/sed -E -e /*/ d -ibak /etc/exports
%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE

After that, Vagrant will no longer ask for a password when editing the exports file, making you a hair quicker on local development.

Do be careful though, editing the sudoers file can have dire consequences if you make a mistake.

It would be great to get it working for the vagrant-hostsupdater plugin as well, but, from the issues I have seen it looks problematic.

Tagged with: vagrant, sysadmin
comments powered by Disqus