This ensures that system activation does not depend on various
details of its process environment, ensuring uniformity across various
invocation contexts and with the `activate-system` daemon. This becomes
more important in a postāuserāactivation world to avoid problematic
dependencies like `$SUDO_USER`, but is a good idea in general.
The `sudoers(5)` defaults on my Sequoia system are:
Defaults env_reset
Defaults env_keep += "BLOCKSIZE"
Defaults env_keep += "COLORFGBG COLORTERM"
Defaults env_keep += "__CF_USER_TEXT_ENCODING"
Defaults env_keep += "CHARSET LANG LANGUAGE LC_ALL LC_COLLATE LC_CTYPE"
Defaults env_keep += "LC_MESSAGES LC_MONETARY LC_NUMERIC LC_TIME"
Defaults env_keep += "LINES COLUMNS"
Defaults env_keep += "LSCOLORS"
Defaults env_keep += "SSH_AUTH_SOCK"
Defaults env_keep += "TZ"
Defaults env_keep += "DISPLAY XAUTHORIZATION XAUTHORITY"
Defaults env_keep += "EDITOR VISUAL"
Defaults env_keep += "HOME MAIL"
Of these preserved environment variables, the ones that are set in
practice when I run `sudo env` that arenāt set in the activation
script here are:
* `$COLORTERM`
* `$DISPLAY`
* `$EDITOR`
* `$MAIL`
* `$SSH_AUTH_SOCK`
* `$TERM`
* `$__CF_USER_TEXT_ENCODING`
Most of these seem either pointless or actively harmful to set for
the purpose of the system activation script.
This will mean that tools run during activation wonāt print output
in the userās preferred language, but thatās probably the right
tradeāoff overall, as that is likely to break activation scripts
that parse command output anyway.
It seems like this has been broken since
26bab2fd32 from 2018; macOS `diff(1)`
does not support these arguments and the `$PATH` has been fixed since
that point. Before that, it would presumably only have worked if you
added GNU diffutils to `environment.systemPackages`.
Proactively notifying users about breaking changes isnāt a bad idea,
but the activation script doesnāt seem like the right place for it,
and as itās nonāblocking itās likely that even if it worked it
would get drowned out by the later output anyway. Iād like to move
the changelog into release notes as part of the manual, which would
requires changes to this anyway. Since itās been broken for almost
seven years anyway, letās just drop it for now and revisit later.
This was installing against the base branch, which causes annoying
issues when things like the state version are bumped. Itās possible
this was intentional to test the upgrade path, but itās inconsistent
with the flake installation test and keeps breaking stuff on my
PRs. If we want to test the upgrade path then we could reāadd it
again later in a more sophisticated manner (e.g. using the example
config from the previous version).
We already put `/nix/var/nix/profiles/default/bin` on the `$PATH`,
and whatever `nix.package` is set to already gets installed into
`/run/current-system/sw/bin`, so this is pointless.
This adds support for the following defaults:
- com.apple.WindowManager.EnableTilingByEdgeDrag
- com.apple.WindowManager.EnableTopTilingByEdgeDrag
- com.apple.WindowManager.EnableTilingOptionAccelerator
These are lists, not attribute sets, so the condition was always
succeeding. As far as I can tell this bug has been present since the
function was added.
