{ pkgs, config, systemd, ... }:
{
	
  # enabling firejail for sandboxing
  programs.firejail = {
    enable = true;
  };

  # enabling doas
  security.doas.enable = true;
  security.sudo.enable = false;
  security.doas.extraRules = [{
    users = [ "grape" ];
    keepEnv = true;
    persist = true;
  }];

  # setting up a polkit 
  security.polkit.enable = true;
}