From e075c35813a4b9ea39be8de8a1e27eb13c301b82 Mon Sep 17 00:00:00 2001
From: "Casper V. Kristensen" <casper@vkristensen.dk>
Date: Wed, 6 Mar 2024 21:37:39 +0100
Subject: [PATCH] fix sudo

---
 modules/base/default.nix | 1 +
 modules/base/sudo.nix    | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/base/default.nix b/modules/base/default.nix
index dc5938d..35c6ea8 100644
--- a/modules/base/default.nix
+++ b/modules/base/default.nix
@@ -13,6 +13,7 @@
     ./packages.nix
     ./ripgrep.nix
     ./ssh.nix
+    ./sudo.nix
     ./users.nix
     ./vim
   ];
diff --git a/modules/base/sudo.nix b/modules/base/sudo.nix
index d4a0841..56d9b82 100644
--- a/modules/base/sudo.nix
+++ b/modules/base/sudo.nix
@@ -1,14 +1,14 @@
 {...}: {
   security.sudo = {
     # Only allow members of the wheel group to execute sudo by setting the
-    # executable’s permissions accordingly. This prevents users that are not
+    # executable's permissions accordingly. This prevents users that are not
     # members of wheel from exploiting vulnerabilities in sudo such as
     # CVE-2021-3156.
-    security.sudo.execWheelOnly = true;
+    execWheelOnly = true;
 
     # With great power comes great responsibility, we get it.. Also means we
     # don't have state in /var/db/sudo/lectured.
-    security.sudo.extraConfig = ''
+    extraConfig = ''
       Defaults lecture = never
     '';
   };