commit 5730f341778e95d4699c67df149ed4fcb29ee3c5
parent 0c340c6d952f9774320c468db7d817850b461760
Author: awy <awy@awy.one>
Date: Tue, 13 May 2025 15:08:11 +0300
doas
Diffstat:
1 file changed, 16 insertions(+), 4 deletions(-)
diff --git a/post_chroot.sh b/post_chroot.sh
@@ -122,10 +122,22 @@ echo "Include = /etc/pacman.d/mirrorlist-arch" >> /etc/pacman.conf
curl -s "https://archlinux.org/mirrorlist/?country=RU&protocol=https&use_mirror_status=on" | sed -e 's/^#Server/Server/' -e '/^#/d' > /etc/pacman.d/mirrorlist-arch
pacman -Sy --noconfirm
-pacman -S sudo --noconfirm
-echo "%wheel ALL=(ALL:ALL) ALL" >/etc/sudoers.d/00-wheel-can-sudo
-echo "%wheel ALL=(ALL:ALL) NOPASSWD: /usr/bin/shutdown,/usr/bin/reboot,/usr/bin/systemctl suspend,/usr/bin/wifi-menu,/usr/bin/mount,/usr/bin/umount,/usr/bin/pacman -Syu,/usr/bin/pacman -Syyu,/usr/bin/pacman -Syyu --noconfirm,/usr/bin/loadkeys,/usr/bin/pacman -Syyuw --noconfirm,/usr/bin/pacman -S -y --config /etc/pacman.conf --,/usr/bin/pacman -S -y -u --config /etc/pacman.conf --" >/etc/sudoers.d/01-cmds-without-password
-echo "Defaults editor=/usr/bin/nvim" >/etc/sudoers.d/02-visudo-editor
+pacman -S doas --noconfirm
+cat <<EOL >> /etc/doas.conf
+permit :wheel
+permit nopass :wheel cmd pacman args -Syu
+permit nopass :wheel cmd pacman args -Syyu
+permit nopass :wheel cmd pacman args -Syyu --noconfirm
+permit nopass :wheel cmd pacman args -Syyuw --noconfirm
+permit nopass :wheel cmd pacman args --sync -y --
+permit nopass :wheel cmd pacman args --sync -y -u --
+permit nopass :wheel cmd shutdown
+permit nopass :wheel cmd reboot
+permit nopass :wheel cmd wifi-menu
+permit nopass :wheel cmd mount
+permit nopass :wheel cmd umount
+EOL
+
pacman -S dhcpcd dhcpcd-dinit dbus-dinit --noconfirm
ln -sf /etc/dinit.d/dhcpcd /etc/dinit.d/boot.d/
