diff options
-rw-r--r-- | tv/2configs/xserver/default.nix | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/tv/2configs/xserver/default.nix b/tv/2configs/xserver/default.nix index a6a820507..b5b116786 100644 --- a/tv/2configs/xserver/default.nix +++ b/tv/2configs/xserver/default.nix @@ -37,15 +37,21 @@ let pkgs.ff pkgs.gitAndTools.qgit pkgs.mpv - pkgs.slock pkgs.sxiv pkgs.xsel pkgs.zathura ]; - security.setuidPrograms = [ - "slock" - ]; + # TODO dedicated group, i.e. with a single user + # TODO krebs.setuid.slock.path vs /var/setuid-wrappers + krebs.setuid.slock = { + filename = "${pkgs.slock}/bin/slock"; + group = "wheel"; + envp = { + DISPLAY = ":${toString config.services.xserver.display}"; + USER = user.name; + }; + }; systemd.services.display-manager.enable = false; |