[openssh-commits] [openssh] branch master updated: Switch OpenBSD VMs to use doas instead of sudo.

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Oct 13 20:59:25 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

The following commit(s) were added to refs/heads/master by this push:
     new a6ee0eb8c Switch OpenBSD VMs to use doas instead of sudo.
a6ee0eb8c is described below

commit a6ee0eb8cd951d0a00b2f06687c77f8f573b5985
Author: Darren Tucker <dtucker at dtucker.net>
AuthorDate: Mon Oct 13 19:02:45 2025 +1100

    Switch OpenBSD VMs to use doas instead of sudo.
    
    OpenBSD 7.3 packages have been removed from the mirrors so we can't
    install sudo for it any more, so switch to the native doas utility.
---
 .github/workflows/vm.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml
index 9dcf5fcca..759de69cb 100644
--- a/.github/workflows/vm.yml
+++ b/.github/workflows/vm.yml
@@ -282,9 +282,12 @@ jobs:
         release: ${{ matrix.target }}
         usesh: true
         prepare: |
-          env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo--
           useradd -m builder
-          echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers
+          echo "permit nopass keepenv root" >/etc/doas.conf
+          echo "permit nopass keepenv builder" >>/etc/doas.conf
+          ls -l /etc/doas.conf
+          chown root:wheel /etc/doas.conf
+          chmod 644 /etc/doas.conf
           mkdir -p /var/empty /usr/local/etc
           cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli
 
@@ -293,18 +296,18 @@ jobs:
       run: cd $GITHUB_WORKSPACE && chown -R builder .
     - name: configure
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure
+      run: cd $GITHUB_WORKSPACE && doas -u builder ./configure
     - name: make clean
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder make clean
+      run: cd $GITHUB_WORKSPACE && doas -u builder make clean
     - name: make
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4
+      run: cd $GITHUB_WORKSPACE && doas -u builder make -j4
     - name: make tests
       shell: openbsd {0}
       run: |
         cd $GITHUB_WORKSPACE
-        sudo -u builder env SUDO=sudo make tests
+        doas -u builder env SUDO=doas make tests
 
 
   solaris:

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list