Fix sudo SELinux settings

By settinf Defaults role/type parameters, sudo starts asking for
password when called as root. It isn't clear why this happens, but
rollback that change. Instead, set ROLE/TYPE just for the rule for the
'qubes' group, which already has NOPASSWD option.

Fixes 3bcc1c3 "“sudo” must remove SELinux restrictions"
This commit is contained in:
Marek Marczykowski-Górecki 2021-01-08 05:21:19 +01:00
parent 4dfd0a4278
commit 0fac1aa45c
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724

View File

@ -1,5 +1,5 @@
Defaults role=unconfined_r, type=unconfined_t, !requiretty Defaults !requiretty
%qubes ALL=(ALL) NOPASSWD: ALL %qubes ALL=(ALL) ROLE=unconfined_r TYPE=unconfined_t NOPASSWD: ALL
# WTF?! Have you lost your mind?! # WTF?! Have you lost your mind?!
# #