From 2076569ce886058db860232d4db84443c05044a1 Mon Sep 17 00:00:00 2001 From: Tony Hutter Date: Thu, 4 Jun 2026 16:45:13 -0700 Subject: [PATCH] Remove /etc/sudoers.d/zfs The smartctl exception in /etc/sudoers.d/zfs doesn't cover devices like NVMe or symlinked devices. Just get rid of it rather than keep maintaining it. Reviewed-by: Brian Behlendorf Reviewed-by: Alexander Motin Signed-off-by: Tony Hutter Closes #18626 --- contrib/debian/not-installed | 1 - etc/Makefile.am | 6 ------ etc/sudoers.d/zfs | 9 --------- man/man8/zpool-iostat.8 | 5 +---- rpm/generic/zfs.spec.in | 1 - 5 files changed, 1 insertion(+), 21 deletions(-) delete mode 100644 etc/sudoers.d/zfs diff --git a/contrib/debian/not-installed b/contrib/debian/not-installed index 9c08da5a6a7..efe17c90c3b 100644 --- a/contrib/debian/not-installed +++ b/contrib/debian/not-installed @@ -2,7 +2,6 @@ usr/bin/zarcsummary.py usr/share/zfs/zfs-helpers.sh etc/default/zfs etc/init.d -etc/sudoers.d etc/zfs/vdev_id.conf.alias.example etc/zfs/vdev_id.conf.multipath.example etc/zfs/vdev_id.conf.sas_direct.example diff --git a/etc/Makefile.am b/etc/Makefile.am index 2bea12ae514..5168c3cde13 100644 --- a/etc/Makefile.am +++ b/etc/Makefile.am @@ -1,10 +1,4 @@ # SPDX-License-Identifier: CDDL-1.0 -sudoersddir = $(sysconfdir)/sudoers.d -sudoersd_DATA = \ - %D%/sudoers.d/zfs - -dist_noinst_DATA += $(sudoersd_DATA) - sysconf_zfsdir = $(sysconfdir)/zfs diff --git a/etc/sudoers.d/zfs b/etc/sudoers.d/zfs deleted file mode 100644 index 82a25ba81ec..00000000000 --- a/etc/sudoers.d/zfs +++ /dev/null @@ -1,9 +0,0 @@ -## -## Allow any user to run `zpool iostat/status -c smart` in order -## to read basic SMART health statistics for a pool. -## -## CAUTION: Any syntax error introduced here will break sudo. -## Editing with 'visudo' is recommended: visudo -f /etc/sudoers.d/zfs -## - -# ALL ALL = (root) NOPASSWD: /usr/sbin/smartctl -a /dev/[hsv]d[a-z0-9]* diff --git a/man/man8/zpool-iostat.8 b/man/man8/zpool-iostat.8 index 4abe0895064..16d469849ee 100644 --- a/man/man8/zpool-iostat.8 +++ b/man/man8/zpool-iostat.8 @@ -109,10 +109,7 @@ environment variable set. If a script requires the use of a privileged command, like .Xr smartctl 8 , then it's recommended you allow the user access to it in -.Pa /etc/sudoers -or add the user to the -.Pa /etc/sudoers.d/zfs -file. +.Pa /etc/sudoers . .Pp If .Fl c diff --git a/rpm/generic/zfs.spec.in b/rpm/generic/zfs.spec.in index 48ed7bf2eb7..71923a7808e 100644 --- a/rpm/generic/zfs.spec.in +++ b/rpm/generic/zfs.spec.in @@ -525,7 +525,6 @@ systemctl --system daemon-reload >/dev/null || true %config(noreplace) %{_sysconfdir}/%{name}/zed.d/* %config(noreplace) %{_sysconfdir}/%{name}/zpool.d/* %config(noreplace) %{_sysconfdir}/%{name}/vdev_id.conf.*.example -%attr(440, root, root) %config(noreplace) %{_sysconfdir}/sudoers.d/* %config(noreplace) %{_bashcompletiondir}/zfs %config(noreplace) %{_bashcompletiondir}/zpool