How to symlink sudo to doas

Father2303 · July 31, 2022, 8:16pm

I am running Nixos 22.05 and replaced sudo with doas like this:

  security.doas.enable = true;
  security.doas.extraRules = [{
    groups = [ "wheel" ];
    persist = true;
    keepEnv = true;
  }];
  security.sudo.enable = false;
  security.sudo.execWheelOnly = true;

This is working fine, except for Doom Emacs which calls sudo for TRAMP connections. I didn’t find a doas alternative in Doom Emacs.

How can i symlink sudo to doas in Nixos to remedy that?

NobbZ · July 31, 2022, 8:23pm

This wouldn’t gain you anything, as doas doesn’t support the -e flag as far as I know, though that is used by “TRAMP” afair.

tejing · August 1, 2022, 5:46am

If the lack of the -e flag wasn’t a problem, however, I would use a wrapper script rather than a symlink, since it gets around the complications of security wrappers:

environment.systemPackages = [
  (pkgs.writeScriptBin "sudo" ''exec doas "$@"'')
];

Father2303 · August 1, 2022, 12:17pm

Your wrapper works. However, TRAMP shows an error because doas can’t handle the flag passed to it by TRAMP (it refered to an option H, if i remember correctly).

Thank you anyway - i now know, how to wrap something in the future!

Sandro · August 1, 2022, 10:23pm

Didn’t test but doing it like this would be less sketchy

security.sudo.enable = false;
security.doas.enable = true;