From 7e4383aa897bbdcf6124d3d4b52ce6249630e09a Mon Sep 17 00:00:00 2001 From: Mikhail Klementev Date: Mon, 13 Feb 2023 09:16:09 +0000 Subject: [PATCH] to not affect local development, remove system-wide out-of-tree --- security.nix | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/security.nix b/security.nix index 033a90e..1ef5ec2 100644 --- a/security.nix +++ b/security.nix @@ -41,22 +41,10 @@ extraConfig = '' %wheel ALL=(ALL:ALL) NOPASSWD: ${pkgs.light}/bin/light %wheel ALL=(captive) NOPASSWD: ${pkgs.firefox}/bin/firefox - %wheel ALL=(out-of-tree) NOPASSWD: ${pkgs.out-of-tree}/bin/out-of-tree ''; }; - users.users.out-of-tree = { - home = "/var/out-of-tree"; - group = "out-of-tree"; - isSystemUser = true; - createHome = true; - extraGroups = [ "docker" "kvm" ]; - }; - users.groups.out-of-tree = {}; - environment.systemPackages = with pkgs; [ (writeShellScriptBin "captive" "sudo -H -u captive ${pkgs.firefox}/bin/firefox") - (writeShellScriptBin "out-of-tree" - "sudo -H -u out-of-tree ${pkgs.out-of-tree}/bin/out-of-tree $@") ]; }