wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-07-06 21:41:48 +02:00
Code Activity

Use KeepAlive.PathState instead of wait4path.

Browse source 
This allows the spawning program to be the nix-daemon instead of
/bin/sh.  That means that the Full Disk Access permission can be only
for the nix-daemon.
This commit is contained in:
John Soo 2021-11-30 14:52:51 -08:00
parent 1a9bfdc4ca
commit 5d959b33c5
No known key found for this signature in database
GPG key ID: D8A148F8CE4DDBC2
1 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

12
misc/launchd/org.nixos.nix-daemon.plist.in
View file

@ -12,14 +12,18 @@
<key>Label</key>
<string>org.nixos.nix-daemon</string>
<key>KeepAlive</key>
<true/>
<dict>
<key>PathState</key>
<dict>
<key>/nix/var/nix/profiles/default/bin/nix-daemon</key>
<true/>
</dict>
</dict>
<key>RunAtLoad</key>
<true/>
<key>ProgramArguments</key>
<array>
<string>/bin/sh</string>
<string>-c</string>
<string>/bin/wait4path /nix/var/nix/profiles/default/bin/nix-daemon &amp;&amp; exec /nix/var/nix/profiles/default/bin/nix-daemon</string>
<string>/nix/var/nix/profiles/default/bin/nix-daemon</string>
</array>
<key>StandardErrorPath</key>
<string>/var/log/nix-daemon.log</string>