From e68a5b265a96134243a1572f43dfc4ff75dd082b Mon Sep 17 00:00:00 2001
From: Michael Raskin <7c6f434c@mail.ru>
Date: Mon, 9 Jun 2014 00:54:13 +0400
Subject: Enable checking sudoers syntax. Fixes #2850, probably.

---
 nixos/modules/security/sudo.nix | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'nixos')

diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix
index 6cfeac0d7dc8..cce1e785563b 100644
--- a/nixos/modules/security/sudo.nix
+++ b/nixos/modules/security/sudo.nix
@@ -81,10 +81,13 @@ in
     security.pam.services.sudo = { sshAgentAuth = true; };
 
     environment.etc = singleton
-      { source = pkgs.writeText "sudoers-in" cfg.configFile;
+      { source =
+          pkgs.runCommand "sudoers"
+	  {src = pkgs.writeText "sudoers-in" cfg.configFile; }
           # Make sure that the sudoers file is syntactically valid.
           # (currently disabled - NIXOS-66)
-          #"${pkgs.sudo}/sbin/visudo -f $src -c && cp $src $out";
+          "${pkgs.sudo.override {keepVisudo = true;}}/sbin/visudo -f $src -c &&
+	      cp $src $out";
         target = "sudoers";
         mode = "0440";
       };
-- 
cgit 1.4.1