diff --git a/nixos/modules/security/doas.nix b/nixos/modules/security/doas.nix
index b81f2d0c2d52..27f6870aaf37 100644
--- a/nixos/modules/security/doas.nix
+++ b/nixos/modules/security/doas.nix
@@ -12,6 +12,7 @@ let
mkOpts = rule: concatStringsSep " " [
(optionalString rule.noPass "nopass")
+ (optionalString rule.noLog "nolog")
(optionalString rule.persist "persist")
(optionalString rule.keepEnv "keepenv")
"setenv { SSH_AUTH_SOCK ${concatStringsSep " " rule.setEnv} }"
@@ -118,6 +119,16 @@ in
'';
};
+ noLog = mkOption {
+ type = with types; bool;
+ default = false;
+ description = ''
+ If true, successful executions will not be logged
+ to
+ syslogd8.
+ '';
+ };
+
persist = mkOption {
type = with types; bool;
default = false;
diff --git a/pkgs/tools/security/doas/default.nix b/pkgs/tools/security/doas/default.nix
index 6aa9759affd3..6867256ea90c 100644
--- a/pkgs/tools/security/doas/default.nix
+++ b/pkgs/tools/security/doas/default.nix
@@ -10,13 +10,13 @@
stdenv.mkDerivation rec {
pname = "doas";
- version = "6.6.1";
+ version = "6.8";
src = fetchFromGitHub {
owner = "Duncaen";
repo = "OpenDoas";
rev = "v${version}";
- sha256 = "07kkc5729p654jrgfsc8zyhiwicgmq38yacmwfvay2b3gmy728zn";
+ sha256 = "1dlwnvy8r6slxcy260gfkximp1ms510wdslpfq9y6xvd2qi5izcb";
};
# otherwise confuses ./configure
@@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
];
postPatch = ''
- sed -i '/\(chown\|chmod\)/d' bsd.prog.mk
+ sed -i '/\(chown\|chmod\)/d' GNUmakefile
'';
buildInputs = [ bison pam ];