diff --git a/etc/pacman.d/gnupg/gpg.conf b/etc/pacman.d/gnupg/gpg.conf
index 439c457..7ce733a 100644
--- a/etc/pacman.d/gnupg/gpg.conf
+++ b/etc/pacman.d/gnupg/gpg.conf
@@ -1,6 +1,5 @@
 no-greeting
 no-permission-warning
-lock-never
 #keyserver-options timeout=10
 keyserver hkps://hkps.pool.sks-keyservers.net:443
 #keyserver hkp://pgp.mit.edu:11371
diff --git a/etc/sudoers b/etc/sudoers
index 2999cd3..79885a5 100644
--- a/etc/sudoers
+++ b/etc/sudoers
@@ -27,11 +27,29 @@
 ## Groups of commands.  Often used to group related commands together.
 # Cmnd_Alias	PROCESSES = /usr/bin/nice, /bin/kill, /usr/bin/renice, \
 # 			    /usr/bin/pkill, /usr/bin/top
+#
 # Cmnd_Alias	REBOOT = /sbin/halt, /sbin/reboot, /sbin/poweroff
+#
+# Cmnd_Alias	DEBUGGERS = /usr/bin/gdb, /usr/bin/lldb, /usr/bin/strace, \
+# 			    /usr/bin/truss, /usr/bin/bpftrace, \
+# 			    /usr/bin/dtrace, /usr/bin/dtruss
+#
+# Cmnd_Alias	PKGMAN = /usr/bin/apt, /usr/bin/dpkg, /usr/bin/rpm, \
+# 			 /usr/bin/yum, /usr/bin/dnf,  /usr/bin/zypper, \
+# 			 /usr/bin/pacman
 
 ##
 ## Defaults specification
 ##
+## Preserve editor environment variables for visudo.
+## To preserve these for all commands, remove the "!visudo" qualifier.
+Defaults!/usr/bin/visudo env_keep += "SUDO_EDITOR EDITOR VISUAL"
+##
+## Use a hard-coded PATH instead of the user's to find commands.
+## This also helps prevent poorly written scripts from running
+## artbitrary commands under sudo.
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/bin"
+##
 ## You may wish to keep some of the following environment variables
 ## when running commands via sudo.
 ##
@@ -56,19 +74,39 @@
 ## this may allow users to subvert the command being run via sudo.
 # Defaults env_keep += "XMODIFIERS GTK_IM_MODULE QT_IM_MODULE QT_IM_SWITCHER"
 ##
-## Uncomment to use a hard-coded PATH instead of the user's to find commands
-# Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+## Uncomment to disable "use_pty" when running commands as root.
+## Commands run as non-root users will run in a pseudo-terminal,
+## not the user's own terminal, to prevent command injection.
+# Defaults>root !use_pty
+##
+## Uncomment to run commands in the background by default.
+## This can be used to prevent sudo from consuming user input while
+## a non-interactive command runs if "use_pty" or I/O logging are
+## enabled.  Some commands may not run properly in the background.
+# Defaults exec_background
 ##
 ## Uncomment to send mail if the user does not enter the correct password.
 # Defaults mail_badpass
 ##
 ## Uncomment to enable logging of a command's output, except for
 ## sudoreplay and reboot.  Use sudoreplay to play back logged sessions.
+## Sudo will create up to 2,176,782,336 I/O logs before recycling them.
+## Set maxseq to a smaller number if you don't have unlimited disk space.
 # Defaults log_output
 # Defaults!/usr/bin/sudoreplay !log_output
 # Defaults!/usr/local/bin/sudoreplay !log_output
 # Defaults!REBOOT !log_output
-Defaults env_reset,timestamp_timeout=1440
+# Defaults maxseq = 1000
+##
+## Uncomment to disable intercept and log_subcmds for debuggers and
+## tracers.  Otherwise, anything that uses ptrace(2) will be unable
+## to run under sudo if intercept_type is set to "trace".
+# Defaults!DEBUGGERS !intercept, !log_subcmds
+##
+## Uncomment to disable intercept and log_subcmds for package managers.
+## Some package scripts run a huge number of commands, which is made
+## slower by these options and also can clutter up the logs.
+# Defaults!PKGMAN !intercept, !log_subcmds
 
 ##
 ## Runas alias specification
@@ -77,23 +115,22 @@ Defaults env_reset,timestamp_timeout=1440
 ##
 ## User privilege specification
 ##
-root 		ALL=(ALL) ALL
-default		ALL=(ALL) ALL
+root ALL=(ALL:ALL) ALL
+default ALL=(ALL:ALL) ALL
 
 ## Uncomment to allow members of group wheel to execute any command
-# %wheel ALL=(ALL) ALL
+%wheel ALL=(ALL:ALL) ALL
 
 ## Same thing without a password
-# %wheel ALL=(ALL) NOPASSWD: ALL
+# %wheel ALL=(ALL:ALL) NOPASSWD: ALL
 
 ## Uncomment to allow members of group sudo to execute any command
-# %sudo	ALL=(ALL) ALL
+# %sudo	ALL=(ALL:ALL) ALL
 
 ## Uncomment to allow any user to run sudo if they know the password
 ## of the user they are running the command as (root by default).
 # Defaults targetpw  # Ask for the password of the target user
-# ALL ALL=(ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'
+# ALL ALL=(ALL:ALL) ALL  # WARNING: only use this together with 'Defaults targetpw'
 
 ## Read drop-in files from /etc/sudoers.d
-## (the '#' here does not indicate a comment)
-#includedir /etc/sudoers.d
+@includedir /etc/sudoers.d
diff --git a/home/default/.bashrc b/home/default/.bashrc
old mode 100644
new mode 100755
diff --git a/home/default/.config/sway/config b/home/default/.config/sway/config
index b603801..7345f9b 100644
--- a/home/default/.config/sway/config
+++ b/home/default/.config/sway/config
@@ -230,7 +230,7 @@ bindsym $mod+m exec makoctl dismiss
 bindsym $mod+n exec makoctl restore
 
 # wayvnc
-bindsym $mod+Shift+p exec wayvncctl output-cycle
+bindsym $mod+Shift+o exec wayvncctl output-cycle
 
 ### styles
 
diff --git a/packages.txt b/packages.txt
index 02058f6..af9e559 100644
--- a/packages.txt
+++ b/packages.txt
@@ -31,11 +31,11 @@ ccache
 cheese
 chromium
 cnrdrvcups-lb
+corectrl
 coreutils
 cowsay
 cryptsetup
 cups
-cups-pdf
 darktable
 device-mapper
 dhcpcd
@@ -52,7 +52,6 @@ elinks
 esptool
 etcher-bin
 evince
-evolution
 f2fs-tools
 fail2ban
 fakeroot
@@ -80,6 +79,7 @@ fortune-mod-matrix
 fortune-mod-portal-game
 fortune-mod-starwars
 freecad
+freerdp
 fwbuilder
 fwupd
 gamemode
@@ -114,7 +114,6 @@ gst-plugins-bad
 gst-plugins-ugly
 gstreamer-vaapi
 gtk-engine-murrine
-gutenprint
 gvfs-gphoto2
 gwakeonlan
 gzip
@@ -128,6 +127,7 @@ hunspell-en_us
 inkscape
 inotify-tools
 iotop
+iperf
 iproute2
 iputils
 itstool
@@ -136,7 +136,6 @@ jammr
 jansson
 jq
 kanshi
-kdocker
 keepassxc
 kid3
 kitty
@@ -149,11 +148,7 @@ lib32-gamemode
 lib32-giflib
 lib32-gnutls
 lib32-gst-plugins-base-libs
-lib32-gtk3
-lib32-libappindicator-gtk2
-lib32-libappindicator-gtk3
 lib32-libgpg-error
-lib32-libjpeg-turbo
 lib32-libldap
 lib32-libpng
 lib32-libpulse
@@ -167,7 +162,6 @@ lib32-mpg123
 lib32-ocl-icd
 lib32-openal
 lib32-sqlite
-lib32-v4l-utils
 lib32-vkd3d
 lib32-vulkan-icd-loader
 libappindicator-gtk3
@@ -228,6 +222,7 @@ neofetch
 neovim
 networkmanager
 network-manager-applet
+networkmanager-openvpn
 nmap
 nomacs
 noto-fonts-cjk
@@ -302,6 +297,7 @@ sed
 shadow
 shellcheck
 shotcut
+signal-desktop
 simple-scan
 slurp
 smartmontools
@@ -312,7 +308,6 @@ ssh-audit
 sshpass
 stalonetray
 steam
-steam-native-runtime
 sudo
 sway
 swaybg
@@ -323,6 +318,7 @@ syncplay
 syncthing
 syncthing-gtk
 sysfsutils
+systemd-resolvconf
 systemd-sysvcompat
 systemd-ui
 tar
@@ -387,6 +383,6 @@ xorg-xinput
 xorg-xwayland
 xsel
 xterm
-yay-bin
+yay
 yt-dlp
 zimg