summaryrefslogtreecommitdiff
path: root/profiles
diff options
context:
space:
mode:
Diffstat (limited to 'profiles')
-rw-r--r--profiles/nixos/security.nix22
1 files changed, 7 insertions, 15 deletions
diff --git a/profiles/nixos/security.nix b/profiles/nixos/security.nix
index 7ad0069..4e7303a 100644
--- a/profiles/nixos/security.nix
+++ b/profiles/nixos/security.nix
@@ -7,26 +7,18 @@
apparmor.enable = lib.mkDefault true;
audit.enable = lib.mkDefault true;
auditd.enable = lib.mkDefault true;
- rtkit.enable = true;
- sudo = {
- execWheelOnly = true;
- extraRules = [
- {
- users = ["root"];
- groups = ["root"];
- commands = ["ALL"];
- }
- {
- users = ["seth"];
- commands = ["ALL"];
- }
- ];
- };
polkit.enable = true;
+ rtkit.enable = true;
+ sudo.execWheelOnly = true;
};
users = {
defaultUserShell = pkgs.bash;
mutableUsers = false;
};
+
+ nix.settings = {
+ allowed-users = ["root" "@wheel"];
+ trusted-users = ["root"];
+ };
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 22:44:33 +0000