From 219b89e85f1ba30b76e5ca1fe833cc3d023c111f Mon Sep 17 00:00:00 2001
From: mustard <email@example.com>
Date: Mon, 7 Oct 2024 20:14:25 +0200
Subject: [PATCH] troubleshooting sudo script

---
 sudo-dom0.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sudo-dom0.sh b/sudo-dom0.sh
index cb701b2..9c78313 100644
--- a/sudo-dom0.sh
+++ b/sudo-dom0.sh
@@ -2,8 +2,8 @@ sudo authselect create-profile sudo-dom0-prompt --base-on=sssd --symlink-meta --
 sudo mv /etc/authselect/custom/sudo-dom0-prompt/system-auth /etc/authselect/custom/sudo-dom0-prompt/system-auth.original_aside
 sudo cp /etc/authselect/system-auth /etc/authselect/custom/sudo-dom0-prompt
 
-sudo sed -i '/^auth/d' /etc/authselect/system-auth
-sudo sed -i '/^account/b\auth  [success=1 default=ignore]  pam_exec.so seteuid /usr/lib/qubes/qrexec-client-vm dom0 qubes.VMAuth /bin/grep -q ^1$\nauth  requisite  pam_deny.so\nauth  required   pam_permit.so' /etc/authselect/system-auth
+sudo sed -i '/^auth/d' /etc/authselect/custom/sudo-dom0-prompt/system-auth
+sed -i '/^account/{0,/auth/s/^auth /&\n        auth  [success=1 default=ignore]  pam_exec.so seteuid \ /usr/lib/qubes/qrexec-client-vm dom0 qubes.VMAuth \ /bin/grep -q ^1$/&\n        auth  requisite  pam_deny.so\n        auth  required   pam_permit.so\n\n/' /etc/authselect/custom/sudo-dom0-prompt/system-auth
 sudo authselect select custom/sudo-dom0-prompt
 
 sudo sed -i '/^%qubes/s/.*/user ALL=(ALL) ALL/' /etc/sudoers.d/qubes