Mic92/stockholm
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tv slock: user krebs.setuid

Browse Source
This commit is contained in:
tv 2016-05-25 03:03:21 +02:00
parent 82a8e7eca8
commit 36c5834c28
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
tv/2configs/xserver/default.nix
View File

@ -37,15 +37,21 @@ let
pkgs.ff pkgs.ff
pkgs.gitAndTools.qgit pkgs.gitAndTools.qgit
pkgs.mpv pkgs.mpv
pkgs.slock
pkgs.sxiv pkgs.sxiv
pkgs.xsel pkgs.xsel
pkgs.zathura pkgs.zathura
]; ];
security.setuidPrograms = [ # TODO dedicated group, i.e. with a single user
"slock" # TODO krebs.setuid.slock.path vs /var/setuid-wrappers
]; krebs.setuid.slock = {
filename = "${pkgs.slock}/bin/slock";
group = "wheel";
envp = {
DISPLAY = ":${toString config.services.xserver.display}";
USER = user.name;
};
};
systemd.services.display-manager.enable = false; systemd.services.display-manager.enable = false;