nixos/sudo: Check syntax using the configured package

This is preferable even for regular `sudo`, but will ensure the check is useful
when using `sudo-rs` in the future.

Also, dropped antediluvian comment about the syntax check being disabled,
when it was clearly not commented out:
  - introduced in 2007, commit 6d65f0ae03ae14f3e978d89959253d9a8f5e0ec1;
  - reverted in 2014, commit e68a5b265a,
    but without ammending the comments.
This commit is contained in:
nicoo 2023-09-07 14:38:51 +00:00
parent c11da39117
commit f0107b4f63

View file

@ -283,9 +283,7 @@ in
src = pkgs.writeText "sudoers-in" cfg.configFile;
preferLocalBuild = true;
}
# Make sure that the sudoers file is syntactically valid.
# (currently disabled - NIXOS-66)
"${pkgs.buildPackages.sudo}/sbin/visudo -f $src -c && cp $src $out";
"${cfg.package}/bin/visudo -f $src -c && cp $src $out";
mode = "0440";
};