tv mu: use krebs.setuid

author: tv <tv@krebsco.de> 2021-12-10 23:29:17 +0100
committer: tv <tv@krebsco.de> 2021-12-10 23:29:17 +0100
commit: 0209b3499fe5582b42e21db2cebd9940c7ebc76e (patch)
tree: 7f57e28d0057c86f5b3decd4e313f9ee72edc434
parent: 210c032fca659799376e08abb924536ee2e414ed (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index 8fd6ee45..7c3f8cfd 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -83,8 +83,11 @@ with import <stockholm/lib>;
 
   programs.ssh.startAgent = false;
 
-  security.wrappers = {
-    slock.source = "${pkgs.slock}/bin/slock";
+  krebs.setuid = {
+    slock = {
+      filename = "${pkgs.slock}/bin/slock";
+      mode = "4111";
+    };
   };
 
   security.pam.loginLimits = [
author	tv <tv@krebsco.de>	2021-12-10 23:29:17 +0100
committer	tv <tv@krebsco.de>	2021-12-10 23:29:17 +0100
commit	0209b3499fe5582b42e21db2cebd9940c7ebc76e (patch)
tree	7f57e28d0057c86f5b3decd4e313f9ee72edc434
parent	210c032fca659799376e08abb924536ee2e414ed (diff)