From caad9aba5a2ed81dc74b432660fa5766b4dd29d7 Mon Sep 17 00:00:00 2001
From: Cole Helbling <cole.e.helbling@outlook.com>
Date: Sat, 14 Nov 2020 19:14:54 -0800
Subject: [PATCH 1/2] doas: 6.6.1 -> 6.8

https://github.com/duncaen/opendoas/compare/v6.6.1...v6.8
---
 pkgs/tools/security/doas/default.nix | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkgs/tools/security/doas/default.nix b/pkgs/tools/security/doas/default.nix
index 6aa9759affd3..6867256ea90c 100644
--- a/pkgs/tools/security/doas/default.nix
+++ b/pkgs/tools/security/doas/default.nix
@@ -10,13 +10,13 @@
 
 stdenv.mkDerivation rec {
   pname = "doas";
-  version = "6.6.1";
+  version = "6.8";
 
   src = fetchFromGitHub {
     owner = "Duncaen";
     repo = "OpenDoas";
     rev = "v${version}";
-    sha256 = "07kkc5729p654jrgfsc8zyhiwicgmq38yacmwfvay2b3gmy728zn";
+    sha256 = "1dlwnvy8r6slxcy260gfkximp1ms510wdslpfq9y6xvd2qi5izcb";
   };
 
   # otherwise confuses ./configure
@@ -35,7 +35,7 @@ stdenv.mkDerivation rec {
   ];
 
   postPatch = ''
-    sed -i '/\(chown\|chmod\)/d' bsd.prog.mk
+    sed -i '/\(chown\|chmod\)/d' GNUmakefile
   '';
 
   buildInputs = [ bison pam ];

From 19c0927d306d3cfdd3f4f313c4b4277c3da22ea0 Mon Sep 17 00:00:00 2001
From: Cole Helbling <cole.e.helbling@outlook.com>
Date: Sat, 14 Nov 2020 19:15:11 -0800
Subject: [PATCH 2/2] nixos/doas: add noLog option

---
 nixos/modules/security/doas.nix | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/nixos/modules/security/doas.nix b/nixos/modules/security/doas.nix
index b81f2d0c2d52..27f6870aaf37 100644
--- a/nixos/modules/security/doas.nix
+++ b/nixos/modules/security/doas.nix
@@ -12,6 +12,7 @@ let
 
   mkOpts = rule: concatStringsSep " " [
     (optionalString rule.noPass "nopass")
+    (optionalString rule.noLog "nolog")
     (optionalString rule.persist "persist")
     (optionalString rule.keepEnv "keepenv")
     "setenv { SSH_AUTH_SOCK ${concatStringsSep " " rule.setEnv} }"
@@ -118,6 +119,16 @@ in
               '';
             };
 
+            noLog = mkOption {
+              type = with types; bool;
+              default = false;
+              description = ''
+                If <code>true</code>, successful executions will not be logged
+                to
+                <citerefentry><refentrytitle>syslogd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+              '';
+            };
+
             persist = mkOption {
               type = with types; bool;
               default = false;