diff --git a/files/etc/sudoers b/files/etc/sudoers
new file mode 100644
index 0000000..b7202f2
--- /dev/null
+++ b/files/etc/sudoers
@@ -0,0 +1,62 @@
+# sudoers file.
+#
+# This file MUST be edited with the 'visudo' command as root.
+# Failure to use 'visudo' may result in syntax or file permission errors
+# that prevent sudo from running.
+#
+# See the sudoers man page for the details on how to write a sudoers file.
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# Defaults specification
+Defaults    env_reset
+Defaults    env_keep += "BLOCKSIZE"
+Defaults    env_keep += "COLORFGBG COLORTERM"
+Defaults    env_keep += "__CF_USER_TEXT_ENCODING"
+Defaults    env_keep += "CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE"
+Defaults    env_keep += "LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME"
+Defaults    env_keep += "LINES COLUMNS"
+Defaults    env_keep += "LSCOLORS"
+Defaults    env_keep += "SSH_AUTH_SOCK"
+Defaults    env_keep += "TZ"
+Defaults    env_keep += "DISPLAY XAUTHORIZATION XAUTHORITY"
+Defaults    env_keep += "EDITOR VISUAL"
+Defaults    env_keep += "HOME MAIL"
+
+Defaults    lecture_file = "/etc/sudo_lecture"
+
+# Runas alias specification
+
+# User privilege specification
+root ALL=(ALL) ALL
+%admin  ALL=(ALL) ALL
+
+# Uncomment to allow members of group wheel to execute any command
+# %wheel ALL=(ALL) ALL
+
+# Same thing without a password
+# %wheel ALL=(ALL) NOPASSWD: ALL
+
+# Uncomment to allow members of group sudo to execute any command
+# %sudo	ALL=(ALL) ALL
+
+# Uncomment to allow any user to run sudo if they know the password
+# of the user they are running the command as (root by default).
+# Defaults targetpw  # Ask for the password of the target user
+# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'
+
+# Read drop-in files from /private/etc/sudoers.d
+# (the '#' here does not indicate a comment)
+#includedir /private/etc/sudoers.d
+
+# Vagrant sudoers config
+Cmnd_Alias VAGRANT_EXPORTS_ADD = /usr/bin/tee -a /etc/exports
+Cmnd_Alias VAGRANT_NFSD = /sbin/nfsd restart
+Cmnd_Alias VAGRANT_EXPORTS_REMOVE = /usr/bin/sed -E -e /*/ d -ibak /etc/exports
+Cmnd_Alias VAGRANT_HOSTS_ADD = /bin/sh -c echo "*" >> /etc/hosts
+Cmnd_Alias VAGRANT_HOSTS_REMOVE = /bin/sed -i -e /*/ d /etc/hosts
+%admin ALL=(root) NOPASSWD: VAGRANT_EXPORTS_ADD, VAGRANT_NFSD, VAGRANT_EXPORTS_REMOVE, VAGRANT_HOSTS_ADD, VAGRANT_HOSTS_REMOVE