Updating Laravel Valet: sorry, you’re not allowed to preserve environment

I updated to Laravel Valet 2.3.3, and then got this message immediately after trying to run any valet command:

$ valet links
sudo: sorry, you are not allowed to preserve the environment

What is this?

Recently Valet introduced a changeset where it would try to preserve the environment on linux computers before elevating itself to run as sudo. The changeset in question: https://github.com/laravel/valet/commit/df7e46ebea36f2991c731285a2b646c965dd0781

Wait, Valet runs as sudo?

Sure does! When you install Valet, you’re given a bash script called valet, which is in your PATH, so you can do commands with $ valet <command>, and it will work.

That bash script has had this bit in it for a while (before the changeset above):

if [[ "$EUID" -ne 0 ]]
then
    sudo "$SOURCE" "$@"
    exit
fi

What it does is takes your system user ID, and if it’s not 0, then runs the same thing as sudo. So this:

$ valet links

Becomes

$ sudo valet links

But I didn't have to enter my password for forever!

Yep, because chances are after you’ve first installed Valet (with sudo back then), you also executed this command:

$ sudo valet trust

That command creates a new snippet that the system’s sudoers file also reads, and basically says that your own non-super-user account is allowed to run the valet command as a super-user.

Okay, but why is it then complaining about preserving environment?

Because the --preserve-env is a different sudoers capability than what’s presently set. Previously your extra sudoers snippet only allowed you to bypass having to give the password, but setting environment is not one of those.

Running sudo valet trust again will overwrite the extra sudoers file with the correct configuration.

tl;dr

Run sudo valet trust again.

$ valet links
sudo: sorry, you are not allowed to preserve the environment
$ sudo valet trust
$ valet links
// list of links here

Photo by marcos mayer on Unsplash