diff options
author | nicoo <nicoo@mur.at> | 2023-09-04 21:01:09 +0000 |
---|---|---|
committer | nicoo <nicoo@mur.at> | 2023-11-05 17:23:41 +0000 |
commit | ad9295157901e218f9e27b0cb14a9cb791d139d4 (patch) | |
tree | 3c22c258ab3eda66c4703171a33a181cfa38e20d /nixos/modules | |
parent | a8e6f0a81a99c613512082be3588c62f0aa614c0 (diff) |
nixos/sudo: Don't include empty sections
This makes the generated sudoers a touch easier to read.
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/security/sudo.nix | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index c665c15242a5..4728a697de86 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -203,7 +203,7 @@ in } ]; - security.sudo.configFile = + security.sudo.configFile = concatStringsSep "\n" (filter (s: s != "") [ '' # Don't edit this file. Set the NixOS options ‘security.sudo.configFile’ # or ‘security.sudo.extraRules’ instead. @@ -213,7 +213,8 @@ in # "root" is allowed to do anything. root ALL=(ALL:ALL) SETENV: ALL - + '' + (optionalString (cfg.extraRules != []) '' # extraRules ${concatStringsSep "\n" ( lists.flatten ( @@ -225,9 +226,12 @@ in ) cfg.extraRules ) )} - + '') + (optionalString (cfg.extraConfig != "") '' + # extraConfig ${cfg.extraConfig} - ''; + '') + ]); security.wrappers = let owner = "root"; |