From 7e39e12b649de685f393db2e1c3aeeec5fb2b179 Mon Sep 17 00:00:00 2001
From: Charlie Root <charlie@charlieroot.dev>
Date: Sun, 6 Apr 2025 22:09:32 +0200
Subject: [PATCH] security/module.nix: add polkit ad apparmor

---
 modules/system/os/security/module.nix | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/modules/system/os/security/module.nix b/modules/system/os/security/module.nix
index 46c037e..4ecdcf6 100644
--- a/modules/system/os/security/module.nix
+++ b/modules/system/os/security/module.nix
@@ -1,5 +1,18 @@
-_: {
+{pkgs, ...}: {
   imports = [
     ./sudo.nix
   ];
+
+  security = {
+    polkit = {
+      enable = true;
+      package = pkgs.polkit;
+    };
+
+    apparmor = {
+      enable = true;
+      killUnconfinedConfinables = true;
+      packages = [pkgs.apparmor-profiles];
+    };
+  };
 }