Commit cd5e70c1f2e3

Vincent Demeester <vincent@sbr.pm>
2026-01-12 17:14:42
fix(microshift): use coreutils paths for sudo rules
Use the actual coreutils package paths for chown/chmod instead of wrapper paths in sudo rules. This should properly match the commands CRC executes via sudo.
main
1 parent 2dbf966
Changed files (1)
modules
microshift
default.nix
modules/microshift/default.nix
@@ -69,17 +69,18 @@ in
     # Ensure user has libvirt access
     users.users.${cfg.user}.extraGroups = [ "libvirt" ];
 
-    # Allow CRC to use sudo for admin helper without password
+    # Allow CRC to use sudo for admin helper setup without password
+    # CRC needs chown/chmod for the admin helper executable
     security.sudo.extraRules = [
       {
         users = [ cfg.user ];
         commands = [
           {
-            command = "/run/wrappers/bin/chown";
+            command = "${pkgs.coreutils}/bin/chown";
             options = [ "NOPASSWD" ];
           }
           {
-            command = "/run/wrappers/bin/chmod";
+            command = "${pkgs.coreutils}/bin/chmod";
             options = [ "NOPASSWD" ];
           }
         ];