gerg-l/nixos
1
0
Fork 0
mirror of https://github.com/Gerg-L/nixos.git synced 2025-12-10 00:43:56 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

shell.nix: split sudo/run0 to security.nix

Browse source 
fix run0 pam auth
This commit is contained in:
Gerg-L 2024-12-11 20:14:54 -05:00
parent 4590349ac2
commit 0623dd11e1
Signed by: gerg-l
SSH key fingerprint: SHA256:FPYDHIkvMocr4wdmZXpgpJjsb2Tw6rASs2ISPbOb0KI
2 changed files with 22 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/security.nix Normal file
View file

@ -0,0 +1,22 @@
{
environment.shellAliases = {
sudo = "sudo ";
#make run0 use aliases
run0 = "run0 --background='' ";
s = "run0";
};
security = {
sudo = {
execWheelOnly = true;
extraConfig = ''
Defaults timestamp_timeout=1
Defaults env_keep += "EDITOR VISUAL PAGER SYSTEMD_PAGERSECURE MANPAGER"
Defaults lecture = never
'';
};
pam.services.systemd-run0 = {
setEnvironment = true;
pamMount = false;
};
};
}

13
modules/shell.nix
View file

@ -18,10 +18,6 @@
MANPAGER = "page -t man"; MANPAGER = "page -t man";
}; };
shellAliases = { shellAliases = {
sudo = "sudo ";
#make run0 use aliases
run0 = "run0 --background='' ";
s = "run0";
#paste link trick #paste link trick
pastebin = "curl -F 'clbin=<-' https://clbin.com"; pastebin = "curl -F 'clbin=<-' https://clbin.com";
termbin = "nc termbin.com 9999"; termbin = "nc termbin.com 9999";
@ -45,15 +41,6 @@
interactiveShellInit = "fetch-rs"; interactiveShellInit = "fetch-rs";
}; };
security.sudo = {
execWheelOnly = true;
extraConfig = ''
Defaults timestamp_timeout=1
Defaults env_keep += "EDITOR VISUAL PAGER SYSTEMD_PAGERSECURE MANPAGER"
Defaults lecture = never
'';
};
#zsh stuff #zsh stuff
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
programs = { programs = {