Sudo: Difference between revisions
imported>Onny Initial page |
→Usage: Enable sudo for specific user |
||
| (4 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
[https://www.sudo.ws | <translate> | ||
<!--T:1--> | |||
[https://www.sudo.ws Sudo] allows a system | |||
administrator to delegate authority to give certain users - or groups of users - the ability to run commands as root or another user while providing an audit trail of the commands and their arguments. | |||
</translate> | |||
<translate> | |||
== Usage == | == Usage == | ||
Enable sudo-usage for the example user <code>myuser</code>.<syntaxhighlight lang="nix"> | |||
users.users.myuser.extraGroups = [ "wheel" ]; | |||
</syntaxhighlight><!--T:2--> | |||
</translate> | |||
<translate> | |||
<!--T:3--> | |||
Following simple configuration will allow all users which are part of the group <code>wheel</code> to execute commands specified inside <code>extraRules</code> as super user using <code>sudo</code> without the need to supply a user password. | Following simple configuration will allow all users which are part of the group <code>wheel</code> to execute commands specified inside <code>extraRules</code> as super user using <code>sudo</code> without the need to supply a user password. | ||
</translate> | |||
<syntaxhighlight lang="nix"> | <syntaxhighlight lang="nix"> | ||
security.sudo = { | security.sudo = { | ||
| Line 25: | Line 34: | ||
groups = [ "wheel" ]; | groups = [ "wheel" ]; | ||
}]; | }]; | ||
extraConfig = with pkgs; '' | |||
Defaults:picloud secure_path="${lib.makeBinPath [ | |||
systemd | |||
]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin" | |||
''; | |||
}; | }; | ||
</syntaxhighlight> | </syntaxhighlight> | ||
[[Category:Security]] | [[Category:Security]] | ||