From 146231ccecae1c3bab3396dc43f1df82b8ef28c0 Mon Sep 17 00:00:00 2001
From: Andreas Zweili <andreas@zweili.ch>
Date: Tue, 15 Nov 2022 15:20:01 +0100
Subject: [PATCH] Limit password less sudo to nix-env

---
 modules/common/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/common/default.nix b/modules/common/default.nix
index e6b094f..2f5ffd3 100644
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@@ -118,8 +118,8 @@
             options = [ "NOPASSWD" ];
           }
           {
-            command = "ALL";
-            options = [ "SETENV" ];
+            command = "/run/current-system/sw/bin/nix-env";
+            options = [ "NOPASSWD" ];
           }
         ];
       }