Allow guixdeploy user to do anything as root

This is required to use "guix deploy".
author: Timo Wilken 2023-01-22 22:39:46 +0100
committer: Timo Wilken 2023-01-22 22:58:58 +0100
commit: 4d6cf9e02cdcdd51dc29a118e9af0977217c252a (patch)
tree: f9480bae39f003681648c02973b419b46500ffb3 /tw/system/common.scm
parent: 6c4a28f1e1b9c3caac9f5f171b6f5909b909872d (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/tw/system/common.scm b/tw/system/common.scm
index 57be678b..1eb48c52 100644
--- a/tw/system/common.scm
+++ b/tw/system/common.scm
@@ -29,6 +29,16 @@
                     "keypad:oss"
                     "kpdl:kposs")))
 
+(define-public %sudoers-file
+  (plain-file "sudoers"
+              (string-append
+               (plain-file-content %sudoers-specification)
+               ;; Let the "guixdeploy" user do anything as root, without a
+               ;; password required.  "guix deploy" needs this, so that it can
+               ;; reconfigure the system without logging in as root.
+               ;; See: '(guix)Invoking guix deploy' info node.
+               "guixdeploy ALL = NOPASSWD: ALL\n")))
+
 ;; This is used for the servers, and also by (tw home common) to generate the
 ;; appropriate ~/.ssh/config.
 (define-public %ssh-ports
author	Timo Wilken	2023-01-22 22:39:46 +0100
committer	Timo Wilken	2023-01-22 22:58:58 +0100
commit	4d6cf9e02cdcdd51dc29a118e9af0977217c252a (patch)
tree	f9480bae39f003681648c02973b419b46500ffb3 /tw/system/common.scm
parent	6c4a28f1e1b9c3caac9f5f171b6f5909b909872d (diff)