On 5/15/26 1:53 PM, Marc Haber wrote:
Source: debian-installer
Severity: wishlist
Hi,
sudo maintainer speaking here.
Currently, as far as I know, the installer installs sudo and puts the
initially created user in the sudo group if the user decided to not set
a password for root.
Would you consider, in this case, to drop a snippet (named zz_installer,
zz_sudogroup or zz_<created-user> - the zz_ prefix makes sure that this
snippet takes precedence, as the last match wins) into /etc/sudoers.d,
saying either
%sudo ALL=(ALL:ALL) ALL
or
<created-user> ALL=(ALL:ALL) ALL
?
Sudo will pick that up automatically.
That way, sudo could put the respective line
%sudo ALL=(ALL:ALL) ALL↲
in a comment in the default configuration file, making things a bit more
secure on fresh installation.
How will it make it more secure, it's simply moving a line around!
I'm not a D-I maintainer but I like the idea and that will make things
more obvious.
--
John Doe
