diff --git a/home/.local/bin/startwl b/home/.local/bin/startwl
index 738046a..fca1291 100755
--- a/home/.local/bin/startwl
+++ b/home/.local/bin/startwl
@@ -6,13 +6,10 @@
 # Flatpak apps will not work because of hardcoded /run/user/$UID
 if [ -z "${XDG_RUNTIME_DIR}" ]
 then
-	userid=$(id -u ${USER})
-	export XDG_RUNTIME_DIR="$(mktemp -d /tmp/${userid}-runtime-XXXXXX)"
-	if [ ! -d "${XDG_RUNTIME_DIR}" ]
-	then
-		mkdir -p "${XDG_RUNTIME_DIR}"
-		chmod 0700 "${XDG_RUNTIME_DIR}"
-	fi
+    userid=$(id -u ${USER})
+    export XDG_RUNTIME_DIR="$(mktemp -d /tmp/${userid}-runtime-XXXXXX)"
+    [ ! -d "${XDG_RUNTIME_DIR}" ] && mkdir -p "${XDG_RUNTIME_DIR}"
+    chmod 0700 "${XDG_RUNTIME_DIR}"
 fi
 
 # Valid values: seatd, logind
diff --git a/system/etc/default/grub b/system/etc/default/grub
index 0c15550..4cabd2b 100644
--- a/system/etc/default/grub
+++ b/system/etc/default/grub
@@ -23,6 +23,7 @@ GRUB_COLOR_NORMAL="white/black"
 GRUB_COLOR_HIGHLIGHT="black/white"
 #GRUB_DISABLE_OS_PROBER=true
 GRUB_ENABLE_CRYPTODISK=y
+GRUB_DISABLE_SUBMENU=y
 
 # To generate new font:
 # grub-mkfont -s 24 -o /boot/grub/fonts/hack.pf2 ~/Hack-Regular.ttf
diff --git a/system/etc/doas.conf b/system/etc/doas.conf
index 83418b4..5cf0764 100644
--- a/system/etc/doas.conf
+++ b/system/etc/doas.conf
@@ -1 +1,6 @@
-permit persist :wheel as root
+# Void specified
+permit persist setenv { SVDIR=/var/service LANG=$LANG } :wheel as root
+permit nopass :wheel cmd reboot
+permit nopass :wheel cmd poweroff
+permit nopass :wheel cmd zzz
+permit nopass :wheel cmd vsv args
diff --git a/system/etc/nftables.conf b/system/etc/nftables.conf
index 82def02..30ab8c1 100644
--- a/system/etc/nftables.conf
+++ b/system/etc/nftables.conf
@@ -22,6 +22,8 @@
 
 # --------------------------------------------------------------------------------- #
 
+# TODO: move block rules to mangle for faster blocking time (perfomance)
+
 flush ruleset
 
 # TCP ports to accept (both IPv4 and IPv6)