[openssh-commits] [openssh] branch V_10_2 updated: Switch OpenBSD VMs to use doas instead of sudo.

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Oct 13 21:01:37 AEDT 2025 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch V_10_2
in repository openssh.

The following commit(s) were added to refs/heads/V_10_2 by this push:
     new ecc795c13 Switch OpenBSD VMs to use doas instead of sudo.
ecc795c13 is described below

commit ecc795c135a67386e771d5a202a20480f72817f5
Author: Darren Tucker <dtucker at dtucker.net>
AuthorDate: Mon Oct 13 19:02:45 2025 +1100

    Switch OpenBSD VMs to use doas instead of sudo.
    
    OpenBSD 7.3 packages have been removed from the mirrors so we can't
    install sudo for it any more, so switch to the native doas utility.
---
 .github/workflows/vm.yml | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/vm.yml b/.github/workflows/vm.yml
index 9dcf5fcca..759de69cb 100644
--- a/.github/workflows/vm.yml
+++ b/.github/workflows/vm.yml
@@ -282,9 +282,12 @@ jobs:
         release: ${{ matrix.target }}
         usesh: true
         prepare: |
-          env PKG_PATH=https://ftp.openbsd.org/pub/OpenBSD/${{matrix.target}}/packages/amd64 pkg_add sudo--
           useradd -m builder
-          echo "builder ALL=(ALL:ALL) NOPASSWD: ALL" >>/etc/sudoers
+          echo "permit nopass keepenv root" >/etc/doas.conf
+          echo "permit nopass keepenv builder" >>/etc/doas.conf
+          ls -l /etc/doas.conf
+          chown root:wheel /etc/doas.conf
+          chmod 644 /etc/doas.conf
           mkdir -p /var/empty /usr/local/etc
           cp $GITHUB_WORKSPACE/moduli /usr/local/etc/moduli
 
@@ -293,18 +296,18 @@ jobs:
       run: cd $GITHUB_WORKSPACE && chown -R builder .
     - name: configure
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder ./configure
+      run: cd $GITHUB_WORKSPACE && doas -u builder ./configure
     - name: make clean
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder make clean
+      run: cd $GITHUB_WORKSPACE && doas -u builder make clean
     - name: make
       shell: openbsd {0}
-      run: cd $GITHUB_WORKSPACE && sudo -u builder make -j4
+      run: cd $GITHUB_WORKSPACE && doas -u builder make -j4
     - name: make tests
       shell: openbsd {0}
       run: |
         cd $GITHUB_WORKSPACE
-        sudo -u builder env SUDO=sudo make tests
+        doas -u builder env SUDO=doas make tests
 
 
   solaris:

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list