diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix
index 3fb9d7e304f7..fa8d1ad6486a 100644
--- a/maintainers/maintainer-list.nix
+++ b/maintainers/maintainer-list.nix
@@ -4149,6 +4149,16 @@
     githubId = 1931963;
     name = "David Sferruzza";
   };
+  dsuetin = {
+    name = "Danil Suetin";
+    email = "suetin085@gmail.com";
+    matrix = "@dani0854:matrix.org";
+    github = "dani0854";
+    githubId = 32674935;
+    keys = [{
+      fingerprint = "6CC2 D713 6703 0D86 CA29  C71F 23B5 AA6F A374 F2FE";
+    }];
+  };
   dsymbol = {
     name = "dsymbol";
     github = "dsymbol";
diff --git a/pkgs/tools/security/doas-sudo-shim/default.nix b/pkgs/tools/security/doas-sudo-shim/default.nix
new file mode 100644
index 000000000000..80b913d4cc9e
--- /dev/null
+++ b/pkgs/tools/security/doas-sudo-shim/default.nix
@@ -0,0 +1,54 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, runCommand
+, asciidoctor
+, coreutils
+, gawk
+, glibc
+, util-linux
+, bash
+, makeBinaryWrapper
+, doas-sudo-shim
+}:
+
+stdenv.mkDerivation rec {
+  pname = "doas-sudo-shim";
+  version = "0.1.1";
+
+  src = fetchFromGitHub {
+    owner = "jirutka";
+    repo = "doas-sudo-shim";
+    rev = "v${version}";
+    sha256 = "QYVqGxeWC7Tiz8aNY/LukwG4EW0km/RunGEfkzY/A38=";
+  };
+
+  nativeBuildInputs = [ asciidoctor makeBinaryWrapper ];
+  buildInputs = [ bash coreutils gawk glibc util-linux ];
+
+  dontConfigure = true;
+  dontBuild = true;
+
+  installFlags = [ "DESTDIR=$(out)" "PREFIX=\"\"" ];
+
+  postInstall = ''
+    wrapProgram $out/bin/sudo \
+      --prefix PATH : ${lib.makeBinPath [ bash coreutils gawk glibc util-linux ]}
+  '';
+
+  passthru.tests = {
+    helpTest = runCommand "${pname}-helpTest" {} ''
+      ${doas-sudo-shim}/bin/sudo -h > $out
+      grep -q "Execute a command as another user using doas(1)" $out
+    '';
+  };
+
+  meta = with lib; {
+    description = "A shim for the sudo command that utilizes doas";
+    homepage = "https://github.com/jirutka/doas-sudo-shim";
+    license = licenses.isc;
+    mainProgram = "sudo";
+    maintainers = with maintainers; [ dsuetin ];
+    platforms = platforms.linux;
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 8a06420574b5..1373cef64c77 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -6778,6 +6778,8 @@ with pkgs;
 
   doas = callPackage ../tools/security/doas { };
 
+  doas-sudo-shim = callPackage ../tools/security/doas-sudo-shim { };
+
   docbook2x = callPackage ../tools/typesetting/docbook2x { };
 
   docbook2mdoc = callPackage ../tools/misc/docbook2mdoc { };