From mboxrd@z Thu Jan 1 00:00:00 1970 From: Quiliro's lists Subject: Re: editing /etc/sudoers Date: Mon, 17 Jun 2019 07:34:46 -0700 Message-ID: <73f74c18f09a60d93371f736c1b4a996@riseup.net> References: <20190614115539.GA22815@serpent> <20190616143031.GD12459@serpent> <45f53d38f8dbf54c80bc7e2153785295@riseup.net> <20190616232054.GA1602@nimrod> <20190617071712.GA1566@jurong> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:470:142:3::10]:46948) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hcsim-0003ry-Te for help-guix@gnu.org; Mon, 17 Jun 2019 10:34:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hcsik-0008Ns-Vg for help-guix@gnu.org; Mon, 17 Jun 2019 10:34:56 -0400 Received: from mx1.riseup.net ([198.252.153.129]:39116) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1hcsih-0008KE-0W for help-guix@gnu.org; Mon, 17 Jun 2019 10:34:51 -0400 Received: from bell.riseup.net (bell-pn.riseup.net [10.0.1.178]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK)) by mx1.riseup.net (Postfix) with ESMTPS id D916A1A4B93 for ; Mon, 17 Jun 2019 07:34:46 -0700 (PDT) Received: from [127.0.0.1] (localhost [127.0.0.1]) by bell.riseup.net (Postfix) with ESMTPSA id B2B732222C8 for ; Mon, 17 Jun 2019 07:34:46 -0700 (PDT) In-Reply-To: <20190617071712.GA1566@jurong> List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: help-guix@gnu.org El 2019-06-17 02:17, Andreas Enge escribi=C3=B3: > Hello, >=20 > On Sun, Jun 16, 2019 at 06:20:54PM -0500, Jeff Bauer wrote: >> Okay, to make it more clear: I was having a problem >> trying to use visudo on a native Guix System. The >> visudo packaged with the Guix System cannot actually >> edit a sudoers file because it relies on /usr/bin/vi, >> but it can be used as a command line validation checker. >=20 > maybe my reply is off-topic and does not solve your problem, but to jus= t > give sudoer capabilities to a user, it is enough to add them to the "wh= eel" > group in the system declaration, with something like: >=20 > (operating-system > (users (cons* (user-account > (name "andreas") > (comment "Andreas Enge") > (group "users") > (supplementary-groups '("wheel")) > (home-directory "/home/andreas")) > %base-user-accounts)) > ... >=20 > This is in line with the principle that "global" files should not be ed= ited, > but instead be declared in some way in the operating system definition. >=20 > For more sophisticated uses, the file could be declared in the operatin= g > system definition, I suppose, but I have no experience with this. >=20 > Andreas Exactly: if you are using GuixSD, you do not use visudo; you use what Andreas proposes. If you are using just Guix, then you use visudo from the distro you are on.