From dde239d8e3a7bd6d0694915a23c3f56ab516590f Mon Sep 17 00:00:00 2001
From: "Stuart P. Bentley" <s@stuartpb.com>
Date: Sun, 10 May 2026 21:53:19 -0700
Subject: [PATCH] Fix sed command to remove last line in sudoers file

This way the `DOCKER_USER` variable won't accidentally retain sudoer permissions for any user not named `coder` (almost certainly a security hole).
---
 ci/release-image/entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ci/release-image/entrypoint.sh b/ci/release-image/entrypoint.sh
index efe2f39d9bd9..d1c38ddf2ec2 100755
--- a/ci/release-image/entrypoint.sh
+++ b/ci/release-image/entrypoint.sh
@@ -14,7 +14,7 @@ if [ "${DOCKER_USER-}" ]; then
     sudo usermod --login "$DOCKER_USER" coder
     sudo groupmod -n "$DOCKER_USER" coder
 
-    sudo sed -i "/coder/d" /etc/sudoers.d/nopasswd
+    sudo sed -i '$d' /etc/sudoers.d/nopasswd
   fi
 fi