From 331ded0ec15ae45c2685daa5b28e13260ac0084e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felix=20Schr=C3=B6ter?= Date: Mon, 21 Jul 2025 20:57:00 +0200 Subject: [PATCH] feat(hardened): switch from sudo to sudo-rs --- system/hardened.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/system/hardened.nix b/system/hardened.nix index cf94bc4..5bc2b25 100644 --- a/system/hardened.nix +++ b/system/hardened.nix @@ -12,8 +12,16 @@ # @TODO hardened kernel causes Bluetooth issues boot.kernelPackages = lib.mkOverride 900 pkgs.linuxPackages; - # Xbox Controller not working via Bluetooth if enabled - security.lockKernelModules = lib.mkOverride 900 false; + security = { + # Xbox Controller not working via Bluetooth if enabled + lockKernelModules = lib.mkOverride 900 false; + + sudo.enable = false; + sudo-rs = { + enable = true; + execWheelOnly = true; + }; + }; boot.loader.systemd-boot.editor = lib.mkDefault false;