Documentation update needed: Passwordless root access in VMs

The /etc/sudoers.d/qubes file in Debian has changed sufficiently to make the documentation confusing. It used to have one line before Joanna’s “WTF?! Have you lost your mind!?” rant (user ALL=(ALL) NOPASSWD: ALL), but now there are two lines:

Defaults !requiretty
%qubes ALL=(ALL) ROLE=unconfined_r TYPE=unconfined_t NOPASSWD: ALL

The documentation still says:

Require authentication for sudo. Replace the first line of /etc/sudoers.d/qubes with:

user ALL=(ALL) ALL

I was confused for a second and I guess those who are new to Linux might just follow the instructions religiously and get stuck with a non-functioning VM since they won’t know about qvm-run -u root VM xterm.

By the way, is the correct answer is to delete replace both lines with user ALL=(ALL) ALL? I’m not too sure myself and I’m worried I might have broken something important

1 Like

Well the documentation is produced in large by people like you. If the change makes sense, then I’d suggest you make that contribution directly to the documentation :slight_smile:

I would, but I’m knee deep in stuff trying to get my 4.0.4 running properly as soon as possible, as you could probably tell by my latest posts

1 Like

You can see the change history of that file.

https://github.com/QubesOS/qubes-core-agent-linux/commits/release4.0/misc/qubes.sudoers