[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: editing /etc/sudoers

From: John Soo
Subject: Re: editing /etc/sudoers
Date: Mon, 17 Jun 2019 10:03:20 -0700

Hi Jeff,

Sorry this is so confusing. Let me know if I’m missed something since I’ve been 
half-following this thread. I think what you may want to do is use the 
sudoers-file field when specifying your operating system rather than using 
visudo to edit the file. This way you will have persistent and declarative 
specification for the sudoers file. The sudoers-file field allows you to place 
an arbitrary file-like object in it, so you can put whatever you want to add 
using visudo there and it will work the same. Check the manual for reference:

Hope that helps,


> On Jun 17, 2019, at 8:44 AM, Jeff Bauer <address@hidden> wrote:
>> On Mon, Jun 17, 2019 at 07:34:46AM -0700, Quiliro's lists wrote:
>> El 2019-06-17 02:17, Andreas Enge escribió:
>>> maybe my reply is off-topic and does not solve your problem, but to just
>>> give sudoer capabilities to a user, it is enough to add them to the "wheel"
>>> group in the system declaration, with something like:
>>> (operating-system
>>>  (users (cons* (user-account
>>>                 (name "andreas")
>>>                 (comment "Andreas Enge")
>>>                 (group "users")
>>>                 (supplementary-groups '("wheel"))
>>>                 (home-directory "/home/andreas"))
>>>                %base-user-accounts))
>>>  ...
>>> This is in line with the principle that "global" files should not be edited,
>>> but instead be declared in some way in the operating system definition.
>>> For more sophisticated uses, the file could be declared in the operating
>>> system definition, I suppose, but I have no experience with this.
>>> Andreas
>> Exactly: if you are using GuixSD, you do not use visudo; you use what
>> Andreas proposes. If you are using just Guix, then you use visudo from
>> the distro you are on.
> My needs go beyond adding a user to the wheel group.  I want
> specific programs to run without a sudo password challenge,
> so editing my local copy of sudoers is necessary.  I'm now
> using guix visudo as a command-line validation tool to
> ensure that sudoers isn't borked -- which is it's primary
> purpose.
> -Jeff

reply via email to

[Prev in Thread] Current Thread [Next in Thread]