srvos icon indicating copy to clipboard operation
srvos copied to clipboard
verified publisher icon nix-community

hardware-amazon conflicts with common

Open Pandapip1 opened this issue 6 months ago • 3 comments

https://github.com/nix-community/srvos/blob/59e4d88787de0a2bdc58854566ab90419de73a06/nixos/common/sudo.nix#L18-L23

is triggered by

https://github.com/NixOS/nixpkgs/blob/02b5eec8cb2b350925debe86f2d5025c1a09a44b/nixos/modules/services/misc/amazon-ssm-agent.nix#L22-L30

Setting users.users.ssm-user.extraGroups = [ "wheel" ]; does not help.

Pandapip1 avatar Jun 23 '25 20:06 Pandapip1

security.sudo.execWheelOnly = lib.mkForce false;

sedlund avatar Jun 23 '25 21:06 sedlund

Yup, ideally I'd like to keep it true though. Any chance the check could be updated to:

  1. Mention the group or user that isn't root or wheel
  2. Check that the user doesn't have the wheel group?

Thanks!

Pandapip1 avatar Jun 23 '25 21:06 Pandapip1

Bump

Pandapip1 avatar Jul 05 '25 20:07 Pandapip1