From 52670ebd9c1c1414624be4b1cddd2ad78132e25a Mon Sep 17 00:00:00 2001
From: Yves Dubromelle <root@phenom.dubronetwork.fr>
Date: Sat, 25 Feb 2017 15:03:33 +0100
Subject: [PATCH] setuid: slock

---
 public/app-securite.nix | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/public/app-securite.nix b/public/app-securite.nix
index 2162ce0..ec89433 100644
--- a/public/app-securite.nix
+++ b/public/app-securite.nix
@@ -15,8 +15,12 @@ mkIf profiles.isDesktop {
     gnome3.seahorse # gestionnaire graphique de clef GPG
     pass            # gestionnaire de mots de passe
     pwgen           # générateur de mots de passe
-    slock           # vérouiller l''écran. "cannot disable the out-of-memory killer for this process (make sure to suid or sgid slock)" --> en root
     #yubikey-personalization-gui # utilisation de la clef Yubikey
   ];
-  security.setuidPrograms = [ "slock" ];
+
+  # Paquets avec setui root
+  security.wrappers = {
+    # vérouiller l''écran. "cannot disable the out-of-memory killer for this process (make sure to suid or sgid slock)" --> en root
+    slock.source = "${pkgs.slock}/bin/slock";
+  };
 }