debugging details on what i’ve tried below,but you can probably stop reading now
debugging (what I’ve tried):
$ sudo visudo
# add this atop the file:
Defaults env_reset
Defaults editor=/usr/bin/nvim:/usr/bin/vim:/usr/bin/vi:/usr/bin/nano, !env_editor
$ # above exited without issues
$ file /usr/bin/nvim
/usr/bin/nvim: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64....
$ echo $EDITOR
nvim
$ sudo visudo
# nano launches
(the last step is the unexpected one)
further debugging
Here are things I’ve tried as single-swap ins for the sequence above (none of these worked):
just one editor= value in sudoers file
I’ve tried setting the right-hand-side value of the editor= line with just one editor (seems fragile to me, but just for debugging’s sake):
$ sudo visudo
visudo: no editor found (editor path = /usr/bin/nvim)
(after this^ I fixed it by, unfortunately, just editing the sudoers file by hand, and testing that fixes things without new breakage in another terminal before exiting).
full $EDITOR path in my shell
I’ve set full path for EDITOR instead, eg: export EDITOR=/usr/bin/nvim before calling sudo visudo but that makes no difference in behavior. I thought this might be key, as the man page for visudo made me think, maybe it’s just doing a naiive string match to the $EDITOR value (rather than like… a basename $EDITOR match). Doing this with or without the above editor= tweak makes no difference.
annddd I figured it out finally. (worth leaving this post up because it took me so long to see that this was the issue with all the posts I read online):
$ sudo -E visudo
you have to pass -E to preserve env. per manpage:
-E, --preserve-env
Indicates to the security policy that the user wishes to preserve their existing environment variables. The
security policy may return an error if the user does not have permission to preserve the environment.
I’m honestly still confused about how to truly just get nano to become a thing that visudo doesn’t know or care about, but … whatever. This is good enough, I’ll just forever remember to call visudo this way on manjaro
-i [command ]
The -i (simulate initial login ) option runs the shell specified by the password database entry of the target user as a login shell. This means that login-specific resource files such as .profile or .login will be read by the shell. If a command is specified, it is passed to the shell for execution via the shell’s -c option. If no command is specified, an interactive shell is executed. sudo attempts to change to that user’s home directory before running the shell. The security policy shall initialize the environment to a minimal set of variables, similar to what is present when a user logs in. The Command Environment section in the sudoers (5) manual documents how the -i option affects the environment in which a command is run when the sudoers policy is in use.
