movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-12 20:55:31 +03:00
Code Issues Projects Releases Packages Wiki Activity

nixos/sudo: Drop the sudoers comment for extraRules

Browse source 
All rules are now handled through `extraRules`,
and it is never empty so `optionalString` isn't needed either.
This commit is contained in:
nicoo 2023-09-07 14:36:29 +00:00
parent 717e51a140
commit c11da39117
1 changed files with 10 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

23
nixos/modules/security/sudo.nix
View file

@ -240,19 +240,16 @@ in
# Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic. # Keep SSH_AUTH_SOCK so that pam_ssh_agent_auth.so can do its magic.
Defaults env_keep+=SSH_AUTH_SOCK Defaults env_keep+=SSH_AUTH_SOCK
'') '')
(optionalString (cfg.extraRules != []) '' (concatStringsSep "\n" (
# extraRules lists.flatten (
${concatStringsSep "\n" ( map (
lists.flatten ( rule: optionals (length rule.commands != 0) [
map ( (map (user: "${toUserString user} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.users)
rule: optionals (length rule.commands != 0) [ (map (group: "${toGroupString group} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.groups)
(map (user: "${toUserString user} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.users) ]
(map (group: "${toGroupString group} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.groups) ) cfg.extraRules
] )
) cfg.extraRules ) + "\n")
)
)}
'')
(optionalString (cfg.extraConfig != "") '' (optionalString (cfg.extraConfig != "") ''
# extraConfig # extraConfig
${cfg.extraConfig} ${cfg.extraConfig}