From 9f82c9903d8cba0685795c526fe5e7c51a6bc9c8 Mon Sep 17 00:00:00 2001
From: Parnell Springmeyer <parnell@digitalmentat.com>
Date: Sun, 29 Jan 2017 05:44:29 -0600
Subject: [PATCH] More fixes

---
 nixos/modules/programs/shadow.nix | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/programs/shadow.nix b/nixos/modules/programs/shadow.nix
index c5a50318026..d497b662113 100644
--- a/nixos/modules/programs/shadow.nix
+++ b/nixos/modules/programs/shadow.nix
@@ -101,9 +101,15 @@ in
         chpasswd = { rootOK = true; };
       };
 
-    security.setuidPrograms = [
-      "su" "chfn" "newuidmap" "newgidmap"
-      ] ++ lib.optionals config.users.mutableUsers
-      [ "passwd" "sg" "newgrp" ];
+    security.wrappers = {
+      su.source        = "${pkgs.shadow.su}/bin/su";
+      chfn.source      = "${pkgs.shadow.out}/bin/chfn";
+      newuidmap.source = "${pkgs.shadow.out}/bin/newuidmap";
+      newgidmap.source = "${pkgs.shadow.out}/bin/newgidmap";
+    } // (lib.mkIf config.users.mutableUsers {
+      passwd.source    = "${pkgs.shadow.out}/bin/passwd";
+      sg.source        = "${pkgs.shadow.out}/bin/sg";
+      newgrp.source    = "${pkgs.shadow.out}/bin/newgrp";
+    });
   };
 }