Hi Jeff,
Sorry this is so confusing. Let me know if I’m missed something since I’ve been
half-following this thread. I think what you may want to do is use the
sudoers-file field when specifying your operating system rather than using
visudo to edit the file. This way you will have persistent and declarative
specification for the sudoers file. The sudoers-file field allows you to place
an arbitrary file-like object in it, so you can put whatever you want to add
using visudo there and it will work the same. Check the manual for reference:
https://www.gnu.org/software/guix/manual/en/html_node/operating_002dsystem-Reference.html#operating_002dsystem-Reference
Hope that helps,
John
> On Jun 17, 2019, at 8:44 AM, Jeff Bauer <jeffru...@gmail.com> wrote:
>
>> On Mon, Jun 17, 2019 at 07:34:46AM -0700, Quiliro's lists wrote:
>> El 2019-06-17 02:17, Andreas Enge escribió:
>>> maybe my reply is off-topic and does not solve your problem, but to just
>>> give sudoer capabilities to a user, it is enough to add them to the "wheel"
>>> group in the system declaration, with something like:
>>>
>>> (operating-system
>>> (users (cons* (user-account
>>> (name "andreas")
>>> (comment "Andreas Enge")
>>> (group "users")
>>> (supplementary-groups '("wheel"))
>>> (home-directory "/home/andreas"))
>>> %base-user-accounts))
>>> ...
>>>
>>> This is in line with the principle that "global" files should not be edited,
>>> but instead be declared in some way in the operating system definition.
>>>
>>> For more sophisticated uses, the file could be declared in the operating
>>> system definition, I suppose, but I have no experience with this.
>>>
>>> Andreas
>>
>> Exactly: if you are using GuixSD, you do not use visudo; you use what
>> Andreas proposes. If you are using just Guix, then you use visudo from
>> the distro you are on.
>
> My needs go beyond adding a user to the wheel group. I want
> specific programs to run without a sudo password challenge,
> so editing my local copy of sudoers is necessary. I'm now
> using guix visudo as a command-line validation tool to
> ensure that sudoers isn't borked -- which is it's primary
> purpose.
>
> -Jeff
>
