diff options
| author | Timo Wilken | 2023-01-24 22:44:39 +0100 |
|---|---|---|
| committer | Timo Wilken | 2023-01-24 22:44:39 +0100 |
| commit | f74fb866de4a018a749e3a592c184010c397790a (patch) | |
| tree | b18757142029e8a42445d5ce46663404fb1f50fd /tw | |
| parent | 5c8a2a8504519d43b5b681424b3694dca0418965 (diff) | |
Remove guixdeploy user again
It's probably better to just SSH in as root instead, seeing as the
guixdeploy user can otherwise do anything as root anyway.
Diffstat (limited to 'tw')
| -rw-r--r-- | tw/system.scm | 17 | ||||
| -rw-r--r-- | tw/system/lud.scm | 1 | ||||
| -rw-r--r-- | tw/system/vin.scm | 1 |
3 files changed, 0 insertions, 19 deletions
diff --git a/tw/system.scm b/tw/system.scm index 8734885b..290b81c3 100644 --- a/tw/system.scm +++ b/tw/system.scm @@ -29,16 +29,6 @@ "keypad:oss" "kpdl:kposs"))) -(define-public %sudoers-file - (plain-file "sudoers" - (string-append - (plain-file-content %sudoers-specification) - ;; Let the "guixdeploy" user do anything as root, without a - ;; password required. "guix deploy" needs this, so that it can - ;; reconfigure the system without logging in as root. - ;; See: '(guix)Invoking guix deploy' info node. - "guixdeploy ALL = NOPASSWD: ALL\n"))) - ;; This is used for the servers, and also by (tw home) to generate the ;; appropriate ~/.ssh/config. (define-public %ssh-ports @@ -100,13 +90,6 @@ (home-directory "/home/timo") (supplementary-groups '("wheel" "netdev" "audio" "video")) (shell (file-append zsh "/bin/zsh"))) - (user-account ; needs a matching sudoers entry - (system? #t) - (name "guixdeploy") - (comment "Guix-deploy access") - (group "root") - (home-directory "/var/empty") - (create-home-directory? #f)) %base-user-accounts)) (define %wireguard-peers diff --git a/tw/system/lud.scm b/tw/system/lud.scm index f4827f8a..cc605b76 100644 --- a/tw/system/lud.scm +++ b/tw/system/lud.scm @@ -205,7 +205,6 @@ ProxyPass \"/\" \"https://127.0.0.1:48448/\" (locale-definition (name "pt_BR.utf8") (source "pt_BR")) (locale-definition (name "en_US.utf8") (source "en_US")))) - (sudoers-file %sudoers-file) (hosts-file %wireguard-etc-hosts) ;; Allow resolution of '.local' host names with mDNS. (name-service-switch %mdns-host-lookup-nss) diff --git a/tw/system/vin.scm b/tw/system/vin.scm index 3a5a6b62..834ce273 100644 --- a/tw/system/vin.scm +++ b/tw/system/vin.scm @@ -27,7 +27,6 @@ (locale-definition (name "fr_FR.utf8") (source "fr_FR")) (locale-definition (name "en_US.utf8") (source "en_US")))) - (sudoers-file %sudoers-file) (hosts-file %wireguard-etc-hosts) ;; Allow resolution of '.local' host names with mDNS. (name-service-switch %mdns-host-lookup-nss) |