diff options
| -rw-r--r-- | profiles/nixos/security.nix | 22 | ||||
| -rw-r--r-- | users/seth/default.nix | 1 |
2 files changed, 8 insertions, 15 deletions
diff --git a/profiles/nixos/security.nix b/profiles/nixos/security.nix index 7ad0069..4e7303a 100644 --- a/profiles/nixos/security.nix +++ b/profiles/nixos/security.nix @@ -7,26 +7,18 @@ apparmor.enable = lib.mkDefault true; audit.enable = lib.mkDefault true; auditd.enable = lib.mkDefault true; - rtkit.enable = true; - sudo = { - execWheelOnly = true; - extraRules = [ - { - users = ["root"]; - groups = ["root"]; - commands = ["ALL"]; - } - { - users = ["seth"]; - commands = ["ALL"]; - } - ]; - }; polkit.enable = true; + rtkit.enable = true; + sudo.execWheelOnly = true; }; users = { defaultUserShell = pkgs.bash; mutableUsers = false; }; + + nix.settings = { + allowed-users = ["root" "@wheel"]; + trusted-users = ["root"]; + }; } diff --git a/users/seth/default.nix b/users/seth/default.nix index 93368d9..452f058 100644 --- a/users/seth/default.nix +++ b/users/seth/default.nix @@ -12,6 +12,7 @@ }; programs.fish.enable = true; + nix.settings.trusted-users = ["seth"]; home-manager.users.seth = let inherit (config.nixpkgs) overlays; |