Loading nixos/modules/config/terminfo.nix +12 −6 Original line number Diff line number Diff line Loading @@ -76,12 +76,18 @@ export TERM=$TERM ''; security.sudo.extraConfig = lib.mkIf config.security.sudo.keepTerminfo '' security = let extraConfig = '' # Keep terminfo database for root and %wheel. Defaults:root,%wheel env_keep+=TERMINFO_DIRS Defaults:root,%wheel env_keep+=TERMINFO ''; in lib.mkIf config.security.sudo.keepTerminfo { sudo = { inherit extraConfig; }; sudo-rs = { inherit extraConfig; }; }; }; } nixos/modules/security/sudo-rs.nix +1 −1 Original line number Diff line number Diff line Loading @@ -36,7 +36,7 @@ in defaultOptions = lib.mkOption { type = with lib.types; listOf str; default = [ ]; default = [ "SETENV" ]; description = '' Options used for the default rules, granting `root` and the `wheel` group permission to run any command as any user. Loading nixos/tests/all-tests.nix +1 −1 Original line number Diff line number Diff line Loading @@ -1052,7 +1052,7 @@ in { stub-ld = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./stub-ld.nix {}; stunnel = handleTest ./stunnel.nix {}; sudo = handleTest ./sudo.nix {}; sudo-rs = handleTest ./sudo-rs.nix {}; sudo-rs = runTest ./sudo-rs.nix; sunshine = handleTest ./sunshine.nix {}; suricata = handleTest ./suricata.nix {}; suwayomi-server = handleTest ./suwayomi-server.nix {}; Loading nixos/tests/sudo-rs.nix +122 −125 Original line number Diff line number Diff line # Some tests to ensure sudo is working properly. { pkgs, ... }: let inherit (pkgs.lib) mkIf optionalString; password = "helloworld"; in import ./make-test-python.nix ( { lib, pkgs, ... }: { name = "sudo-rs"; meta.maintainers = pkgs.sudo-rs.meta.maintainers; Loading Loading @@ -134,7 +131,8 @@ import ./make-test-python.nix ( }; }; testScript = '' testScript = # python '' with subtest("users in wheel group should have passwordless sudo"): machine.succeed('faketty -- su - test0 -c "sudo -u root true"') Loading Loading @@ -166,4 +164,3 @@ import ./make-test-python.nix ( strict.fail('faketty -- su - noadmin -c "sudo --help"') ''; } ) Loading
nixos/modules/config/terminfo.nix +12 −6 Original line number Diff line number Diff line Loading @@ -76,12 +76,18 @@ export TERM=$TERM ''; security.sudo.extraConfig = lib.mkIf config.security.sudo.keepTerminfo '' security = let extraConfig = '' # Keep terminfo database for root and %wheel. Defaults:root,%wheel env_keep+=TERMINFO_DIRS Defaults:root,%wheel env_keep+=TERMINFO ''; in lib.mkIf config.security.sudo.keepTerminfo { sudo = { inherit extraConfig; }; sudo-rs = { inherit extraConfig; }; }; }; }
nixos/modules/security/sudo-rs.nix +1 −1 Original line number Diff line number Diff line Loading @@ -36,7 +36,7 @@ in defaultOptions = lib.mkOption { type = with lib.types; listOf str; default = [ ]; default = [ "SETENV" ]; description = '' Options used for the default rules, granting `root` and the `wheel` group permission to run any command as any user. Loading
nixos/tests/all-tests.nix +1 −1 Original line number Diff line number Diff line Loading @@ -1052,7 +1052,7 @@ in { stub-ld = handleTestOn [ "x86_64-linux" "aarch64-linux" ] ./stub-ld.nix {}; stunnel = handleTest ./stunnel.nix {}; sudo = handleTest ./sudo.nix {}; sudo-rs = handleTest ./sudo-rs.nix {}; sudo-rs = runTest ./sudo-rs.nix; sunshine = handleTest ./sunshine.nix {}; suricata = handleTest ./suricata.nix {}; suwayomi-server = handleTest ./suwayomi-server.nix {}; Loading
nixos/tests/sudo-rs.nix +122 −125 Original line number Diff line number Diff line # Some tests to ensure sudo is working properly. { pkgs, ... }: let inherit (pkgs.lib) mkIf optionalString; password = "helloworld"; in import ./make-test-python.nix ( { lib, pkgs, ... }: { name = "sudo-rs"; meta.maintainers = pkgs.sudo-rs.meta.maintainers; Loading Loading @@ -134,7 +131,8 @@ import ./make-test-python.nix ( }; }; testScript = '' testScript = # python '' with subtest("users in wheel group should have passwordless sudo"): machine.succeed('faketty -- su - test0 -c "sudo -u root true"') Loading Loading @@ -166,4 +164,3 @@ import ./make-test-python.nix ( strict.fail('faketty -- su - noadmin -c "sudo --help"') ''; } )
