nixpkgs

nordic-dev.net/nixpkgs

Fork 0

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-28 08:33:54 +00:00

Commit Graph

Author	SHA1	Message	Date
Erik Arvstedt	781ab443c2	nixos/doas: fix recursive calls to doas Previously, for processes launched by doas the unwrapped doas binary preceded the setuid-wrapped doas binary in PATH. This caused error `doas: not installed setuid` when running doas from processes launched by doas. doas seems to short-circuit the PATH lookup when called like `doas -u myuser doas -u myuser ...` so the error doesn't appear in this case.	2021-08-12 14:40:22 +02:00
Cole Helbling	82f897333a	doas: add NixOS binary dirs to safe PATH I recently tried to give myself passwordless `doas` for `virsh` commands (starting, stopping, and editing VMs), but `doas` was complaining that it didn't know what `virsh` was. This patch adds `/run/current-system/sw/{s,}bin` and `/run/wrappers/bin` to the safe path, allowing system binaries to be discovered and executed properly.	2020-05-27 08:11:30 -07:00

Author

SHA1

Message

Date

Erik Arvstedt

781ab443c2

nixos/doas: fix recursive calls to doas

Previously, for processes launched by doas the unwrapped doas binary preceded the
setuid-wrapped doas binary in PATH.

This caused error `doas: not installed setuid` when running doas from
processes launched by doas.

doas seems to short-circuit the PATH lookup when called like
`doas -u myuser doas -u myuser ...` so the error doesn't appear in this case.

2021-08-12 14:40:22 +02:00

Cole Helbling

82f897333a

doas: add NixOS binary dirs to safe PATH

I recently tried to give myself passwordless `doas` for `virsh` commands
(starting, stopping, and editing VMs), but `doas` was complaining that
it didn't know what `virsh` was.

This patch adds `/run/current-system/sw/{s,}bin` and `/run/wrappers/bin`
to the safe path, allowing system binaries to be discovered and executed
properly.

2020-05-27 08:11:30 -07:00

2 Commits