diff --git a/nix/modules/gitea-runner.nix b/nix/modules/gitea-runner.nix
index 3ec3d37..cb88cf3 100644
--- a/nix/modules/gitea-runner.nix
+++ b/nix/modules/gitea-runner.nix
@@ -27,7 +27,6 @@
         kubectl
         kubernetes-helm
         curl
-        sudo
       ];
       settings = {
         container = { 
@@ -115,6 +114,7 @@
     RestrictAddressFamilies = lib.mkForce [ ];
     ReadWritePaths = lib.mkForce [ ];
     BindReadOnlyPaths = lib.mkForce [ ];
+    BindPaths = lib.mkForce [ "/run/wrappers" ];
     
     DeviceAllow = lib.mkForce [ "/dev/zfs rw" ];
     DevicePolicy = lib.mkForce "auto";