Page MenuHomeSolus

Transition the default sudo group from sudo to wheel
Open, NormalPublic

Description

In solus historically we've used the sudo group instead of wheel as the default admin group, for the historical reasons why, I don't know. Regardless, most software assumes that the wheel group is the default sudo group and we have to patch several packages to change it to use sudo. I am sure some functionality gets broken as we don't necessarily notice all of the packages that assume wheel.

wheel n. [from slang big wheel' for a powerful person] A person who has an active wheel bit. "We need to find a wheel to unwedge the hung tape drives." (See wedged, sense 1.) The traditional name of security group zero in BSD (to which the major system-internal users like root belong) is wheel'. Some vendors have expanded on this usage, modifying Unix so that only members of group `wheel' can go root.

To resolve:

  • Transition to new go-based qol-assist
  • Implement support in qol-assist to remove users from a group. https://github.com/getsolus/qol-assist/issues/3
  • Add a migration in qol-assist that adds active admin users to the wheel group
  • Change the default sudo group to wheel in the sudo package
  • Change the default admin group from sudo to wheel in the accountsservice package
  • Remove our polkit patches that changes the sudo group from wheel to sudo
  • Remove systemd patches that changes the sudo group from wheel to sudo
  • Any other packages
  • Add a migration in qol-assist that removes active admin users from the sudo group when we are confident it can be removed.

Event Timeline

joebonrichie triaged this task as Normal priority.Sep 7 2022, 11:50 AM
joebonrichie created this task.
joebonrichie added a comment.EditedSep 7 2022, 11:52 AM

The qol-assist work can be considered up for grabs as I don't know when or who will have time for it.

joebonrichie updated the task description. (Show Details)Sep 7 2022, 12:09 PM
joebonrichie updated the task description. (Show Details)Sep 7 2022, 4:55 PM