tv mu: use krebs.setuid

author: tv <tv@krebsco.de> 2021-12-10 23:29:17 +0100
committer: tv <tv@krebsco.de> 2021-12-10 23:29:17 +0100
commit: 1849674ed64880a4bb7ba085d07ab25e9b804add (patch)
tree: f525cb9d9c92d161408d6de5aa24dff2887b023a /tv
parent: bba65572e2c562a575ccc2d8fd3951cf16b36a5c (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 8fd6ee4..7c3f8cf 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -83,8 +83,11 @@ with import <stockholm/lib>;
 
   programs.ssh.startAgent = false;
 
-  security.wrappers = {
-    slock.source = "${pkgs.slock}/bin/slock";
+  krebs.setuid = {
+    slock = {
+      filename = "${pkgs.slock}/bin/slock";
+      mode = "4111";
+    };
   };
 
   security.pam.loginLimits = [
author	tv <tv@krebsco.de>	2021-12-10 23:29:17 +0100
committer	tv <tv@krebsco.de>	2021-12-10 23:29:17 +0100
commit	1849674ed64880a4bb7ba085d07ab25e9b804add (patch)
tree	f525cb9d9c92d161408d6de5aa24dff2887b023a /tv
parent	bba65572e2c562a575ccc2d8fd3951cf16b36a5c (diff)