rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow passwordless sudo for fred

Browse source 
40-char password from a manager is impractical for frequent sudo use.
SSH is already key-only, so local privilege escalation is the only
remaining threat — acceptable on a single-user home server.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
ediblerope 2026-04-07 13:07:24 +01:00
parent 29dae0c5ea
commit 570ddf38f6
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
settings/users.nix
View file

@ -3,6 +3,11 @@
{ {
# Define a user account. Don't forget to set a password with 'passwd'. # Define a user account. Don't forget to set a password with 'passwd'.
security.sudo.extraRules = [{
users = [ "fred" ];
commands = [{ command = "ALL"; options = [ "NOPASSWD" ]; }];
}];
users.users.fred = { users.users.fred = {
isNormalUser = true; isNormalUser = true;
description = "fred"; description = "fred";