diff --git a/conf/sudoers.conf b/conf/sudoers.conf
deleted file mode 100644
index 5942292..0000000
--- a/conf/sudoers.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-Cmnd_Alias WIREGUARDSERVICE = /usr/bin/systemctl restart wg-quick@wg0.service
-%__USER__ ALL = NOPASSWD: WIREGUARDSERVICE
diff --git a/conf/wireguard_ui_conf.service b/conf/wireguard_ui_conf.service
index d5bea50..91779ed 100644
--- a/conf/wireguard_ui_conf.service
+++ b/conf/wireguard_ui_conf.service
@@ -4,6 +4,5 @@ After=network.target
 
 [Service]
 Type=oneshot
-User=__APP__
-Group=__APP__
-ExecStart=sudo /usr/bin/systemctl restart wg-quick@wg0.service
+User=root
+ExecStart=/usr/bin/systemctl restart wg-quick@wg0.service
diff --git a/scripts/install b/scripts/install
index b0e7745..23df7d0 100644
--- a/scripts/install
+++ b/scripts/install
@@ -117,10 +117,6 @@ ynh_script_progression --message="Configuring system user..." --weight=1
 # Create a system user
 ynh_system_user_create --username=$app
 
-# Ensure the system user has enough permissions
-install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
-ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
-
 #=================================================
 # SPECIFIC SETUP
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index ff6d92e..396c6e4 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -92,10 +92,9 @@ Now wireguard_ynh use a DKMS module allowing itself to be used with the stable k
 	fi
 fi
 
-# Add sudoers file if missing
+# Drop sudoers file if present
 if [ -f "/etc/sudoers.d/${app}_ynh" ]; then
-	install -b -o root -g root -m 0440 ../conf/sudoers.conf /etc/sudoers.d/${app}_ynh
-	ynh_replace_string "__USER__" "${app}" /etc/sudoers.d/${app}_ynh
+	ynh_secure_remove /etc/sudoers.d/${app}_ynh
 fi
 
 # Remove deprecated services