faukah/nichts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nichts/modules/system/os/security/sudo.mod.nix

26 lines
554 B
Nix
Raw Normal View History

sudo.nix: initial config
2024-08-22 21:41:20 +02:00
{
lib,
pkgs,
sudo.nix: added override withInsults
2024-08-22 21:46:18 +02:00
...
treewide: format using nixfmt Signed-off-by: Bloxx12 <charlie@charlieroot.dev> Change-Id: I6a6a69641c36f9763e104087a559c148d0449f00
2025-07-20 01:23:48 +02:00
}:
let
flake: inherit explicitly from parts of lib Instead of doing `inherit (lib) <something>``, all inherits now use `inherit (lib.<subsystem>) <something>`, which is much nicer.
2025-04-09 15:31:18 +02:00
inherit (lib.modules) mkForce mkDefault;
treewide: format using nixfmt Signed-off-by: Bloxx12 <charlie@charlieroot.dev> Change-Id: I6a6a69641c36f9763e104087a559c148d0449f00
2025-07-20 01:23:48 +02:00
in
{
sudo.nix: initial config
2024-08-22 21:41:20 +02:00
security = {
sudo-rs.enable = mkForce false;
sudo = {
enable = true;
sudo.nix: added override withInsults
2024-08-22 21:46:18 +02:00
# We use the default sudo package, but with insults if we
# fail to provide the correct password
treewide: format using nixfmt Signed-off-by: Bloxx12 <charlie@charlieroot.dev> Change-Id: I6a6a69641c36f9763e104087a559c148d0449f00
2025-07-20 01:23:48 +02:00
package = pkgs.sudo.override { withInsults = true; };
sudo.nix: initial config
2024-08-22 21:41:20 +02:00
# Wheel user should need the password to execute sudo commands
wheelNeedsPassword = mkDefault true;
# BUT, only wheel users should be able to use sudo.
execWheelOnly = mkForce true;
};
};
}
Reference in a new issue Copy permalink