Official NixOS Wiki

Sudo

Revision as of 11:12, 8 October 2025 by Ardenet (talk | contribs) (Created page with "[https://www.sudo.ws Sudo] 允许系统管理员委托权限,授予某些用户(或用户组)以 root 或其他用户身份运行命令的能力,同时提供命令及其参数的审计跟踪。")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Sudo 允許系統管理員委託權限,授予某些用戶(或用戶組)以 root 或其他用戶身份運行命令的能力,同時提供命令及其參數的審計跟蹤。

Usage

Enable sudo-usage for the example user myuser.
users.users.myuser.extraGroups = [ "wheel" ];

Following simple configuration will allow all users which are part of the group wheel to execute commands specified inside extraRules as super user using sudo without the need to supply a user password. 

security.sudo = {
  enable = true;
  extraRules = [{
    commands = [
      {
        command = "${pkgs.systemd}/bin/systemctl suspend";
        options = [ "NOPASSWD" ];
      }
      {
        command = "${pkgs.systemd}/bin/reboot";
        options = [ "NOPASSWD" ];
      }
      {
        command = "${pkgs.systemd}/bin/poweroff";
        options = [ "NOPASSWD" ];
      }
    ];
    groups = [ "wheel" ];
  }];
  extraConfig = with pkgs; ''
    Defaults:picloud secure_path="${lib.makeBinPath [
      systemd
    ]}:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin"
  '';
};
Retrieved from "https://wiki.nixos.org/w/index.php?title=Sudo/zh&oldid=27506"