From dfb5fd45007121105ad74a99b7d3190126e3daaf Mon Sep 17 00:00:00 2001
From: caandt <caandt@twoha.cc>
Date: Wed, 13 Nov 2024 04:16:06 -0600
Subject: [PATCH] doas rules

---
 hosts/hyuganatsu/default.nix | 8 ++++++++
 system/security.nix          | 5 +++++
 2 files changed, 13 insertions(+)

diff --git a/hosts/hyuganatsu/default.nix b/hosts/hyuganatsu/default.nix
index 290a38b..b2959c1 100644
--- a/hosts/hyuganatsu/default.nix
+++ b/hosts/hyuganatsu/default.nix
@@ -20,5 +20,13 @@
       isNormalUser = true;
     };
   };
+  security.doas.extraRules = [
+    {
+      users = ["u2h"];
+      noPass = true;
+      cmd = "rmmod";
+      args = ["wacom"];
+    }
+  ];
   services.xserver.wacom.enable = true;
 }
diff --git a/system/security.nix b/system/security.nix
index 5ca8730..5510969 100644
--- a/system/security.nix
+++ b/system/security.nix
@@ -6,6 +6,11 @@
         groups = ["wheel"];
         persist = true;
       }
+      {
+        groups = ["wheel"];
+        noPass = true;
+        cmd = "journalctl";
+      }
     ];
   };
   security.polkit.enable = true;