starred/nix-config
1
0
Fork 0
mirror of https://github.com/ryan4yin/nix-config.git synced 2026-04-23 01:08:32 +02:00
Code Issues Packages Projects Releases 10 Wiki Activity

feat: don't ask for password for wheel group

Browse Source
This commit is contained in:
Ryan Yin
2024-01-23 12:13:58 +08:00
parent 360c218344
commit e4eb232d8f
1 changed files with 5 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
modules/nixos/base/user-group.nix
View File

@@ -41,20 +41,9 @@
openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys; openssh.authorizedKeys.keys = config.users.users."${username}".openssh.authorizedKeys.keys;
}; };
# DO NOT promote the specified user to input password for `nix-store` and `nix-copy-closure` # The wheel group is a special user group,
security.sudo.extraRules = [ # which can access to the `su` or `sudo` command to run commands as super user.
{ #
users = [username]; # Don't ask for password for wheel group
commands = [ security.sudo.wheelNeedsPassword = false;
{
command = "/run/current-system/sw/bin/nix-store";
options = ["NOPASSWD"];
}
{
command = "/run/current-system/sw/bin/nix-copy-closure";
options = ["NOPASSWD"];
}
];
}
];
} }