summary refs log tree commit diff stats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--modules/nixos/sils/sudo.nix28
1 files changed, 22 insertions, 6 deletions
diff --git a/modules/nixos/sils/sudo.nix b/modules/nixos/sils/sudo.nix
index 3dfd79d..a1904bd 100644
--- a/modules/nixos/sils/sudo.nix
+++ b/modules/nixos/sils/sudo.nix
@@ -1,8 +1,24 @@
-{...}: {
-  security.sudo = {
-    enable = true;
-    extraConfig = ''
-      Defaults lecture = never
-    '';
+{
+  config,
+  lib,
+  ...
+}: let
+  persistentLecture = !config.sils.sudo.persistentLecture.disable;
+in {
+  options.sils.sudo.persistentLecture.disable = lib.mkEnableOption "sudo lecture after every boot";
+  config = {
+    security.sudo = {
+      enable = true;
+    };
+    environment.persistence.${config.sils.meta.globalDataDir}.files = lib.mkIf persistentLecture [
+      {
+        file = "/var/db/sudo/lectured/${builtins.toString config.users.users.sils.uid}";
+        parentDirectory = {
+          user = "root";
+          group = config.users.users.sils.group;
+          mode = "0600";
+        };
+      }
+    ];
   };
 }
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-29 01:47:40 +0000