`visudo ` : `-f` option might cause `parse error` even if the file is saved successfully.

[kmn]

Issue

visudo -f does not raise errors even if the same alias names of Cmnd_Alias are defined in /etc/sudoers or /etc/sudoers.d/*. After duplicating alias name definition of Cmnd_Alias, sudo fails like this error message.

sudo: parse error in /etc/sudoers near line 31
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Reproducibility

1. exec sudo visudo and add last two lines at the end of the /etc/sudoers.

: 
 #includedir /etc/sudoers.d

Cmnd_Alias USERCOMMANDS = /usr/bin/hostname
cameong1  ALL=USERCOMMANDS

2. exec sudo visudo -f /etc/sudoers.d/cameong2 and add following two lines to /etc/sudoers.d/cameong2.

Cmnd_Alias USERCOMMANDS = /usr/bin/hostname
cameong2  ALL=USERCOMMANDS

3. execute sudo command, then the following error occurs and fails.

>>> /etc/sudoers: Alias "USERCOMMANDS" already defined near line 32 <<<
sudo: parse error in /etc/sudoers near line 32
sudo: no valid sudoers sources found, quitting
sudo: unable to initialize policy plugin

Execution order is important.
When executing sudo visudo after sudo visudo -f, sudo visudo raises errors and successfully fails.

[millert]

visudo -f edits a file in isolation so there is no way for visudo to know whether it is an include file for another sudoers file. If you are editing a file in /etc/sudoers.d you should verify that the entire sudoers file parses correctly by running visudo -c. Perhaps visudo needs an option explicitly for editing files in an includedir.

Newer versions of sudo will recover from errors like this instead of refusing to run.