From 3a6aa1fa745d945b8dfe3b5d240021279693e6e6 Mon Sep 17 00:00:00 2001
From: Bertrand Jacquin <bertrand@jacquin.bzh>
Date: Sun, 29 Sep 2019 00:20:28 +0100
Subject: factory-default/app-admin/sudo: add /etc/sudoers

---
 factory-default/app-admin/sudo/etc/sudoers | 32 ++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 factory-default/app-admin/sudo/etc/sudoers

(limited to 'factory-default')

diff --git a/factory-default/app-admin/sudo/etc/sudoers b/factory-default/app-admin/sudo/etc/sudoers
new file mode 100644
index 00000000..29072702
--- /dev/null
+++ b/factory-default/app-admin/sudo/etc/sudoers
@@ -0,0 +1,32 @@
+# Insult users when they enter an incorrect password
+Defaults insults
+
+# Send mail to the mailto user on misuse
+Defaults mail_badpass
+Defaults mail_no_host
+Defaults mail_no_perms
+Defaults mail_no_user
+
+# Don't inherit environnement variable
+Defaults env_reset
+
+# Keep some environnement variable for %whell
+Defaults:%wheel env_keep += USE
+Defaults:%wheel env_keep += FEATURES
+Defaults:%wheel env_keep += MAKEOPTS
+
+# Force LOGNAME, USER and USERNAME
+Defaults set_logname
+
+# Users must authenticate on a per-tty basis
+Defaults tty_tickets
+
+# No restriction for user root
+root ALL=(ALL) ALL
+
+# Allow members of group wheel to execute any command
+%wheel ALL=(ALL) NOPASSWD: ALL
+
+## Read drop-in files from /etc/sudoers.d
+## (the '#' here does not indicate a comment)
+#includedir /etc/sudoers.d
-- 
cgit v1.2.3