From 6560a2dfc0cea4d834e38e572e3d011184607a46 Mon Sep 17 00:00:00 2001
From: Eli Schwartz <eschwartz@archlinux.org>
Date: Fri, 14 Dec 2018 02:13:30 -0500
Subject: [PATCH] archbuild: allow passing through the SOURCE_DATE_EPOCH
 variable

When using restrictive sudoers profiles, the builtin mechanism for
whitelisting this variable on the sudo command line does not work.

Explicitly whitelist it anyway by matching on the ARCHBUILD role.
---
 roles/archbuild/files/sudoers | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/roles/archbuild/files/sudoers b/roles/archbuild/files/sudoers
index 68923d086..7a9026725 100644
--- a/roles/archbuild/files/sudoers
+++ b/roles/archbuild/files/sudoers
@@ -3,5 +3,7 @@ Cmnd_Alias ARCHBUILD = /usr/sbin/makechrootpkg, /usr/sbin/mkarchroot, \
                        /usr/sbin/arch-nspawn, /usr/local/bin/syncrepo, /usr/bin/multilib-build, \
                        /usr/bin/multilib-testing-build,    /usr/bin/multilib-staging-build
 
+Defaults!ARCHBUILD     env_keep+=SOURCE_DATE_EPOCH
+
 %dev ALL = NOPASSWD: ARCHBUILD
 %tu  ALL = NOPASSWD: ARCHBUILD
-- 
GitLab