Set sudo max tries to 10, binary for easy lockout reset (#686)

* set sudo max fail count to 10, bin for easy reset

* Slim down

Let the failure just fail in the shell

* Rename to be more descriptive

* No need for the 00- prefix

* Add migration to raise sudo try limit

---------

Co-authored-by: Manuel <manuel.ramsaier@gmail.com>
Co-authored-by: David Heinemeier Hansson <david@hey.com>

bin/omarchy-reset-sudo

@@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo "Resetting sudo lockout for user: $USER"
+su -c "faillock --reset --user $USER"

install.sh

@@ -44,6 +44,7 @@ source $OMARCHY_INSTALL/config/power.sh
 source $OMARCHY_INSTALL/config/timezones.sh
 source $OMARCHY_INSTALL/config/login.sh
 source $OMARCHY_INSTALL/config/nvidia.sh
+source $OMARCHY_INSTALL/config/increase-sudo-tries.sh
 
 # Development
 show_logo decrypt 920

install/config/increase-sudo-tries.sh

@@ -0,0 +1,2 @@
+echo "Defaults passwd_tries=10" | sudo tee /etc/sudoers.d/passwd-tries
+sudo chmod 440 /etc/sudoers.d/passwd-tries

migrations/1754996869.sh

@@ -0,0 +1,3 @@
+echo "Increase sudo attempts limit to 10"
+
+source $OMARCHY_PATH/install/config/increase-sudo-tries.sh