Skip to content

Commit

Permalink
Synchronize macOS UIDs and GIDs with upstream scripts to prepare for …
Browse files Browse the repository at this point in the history
…Sequoia

This removes the conditionality of the higher UID range and instead
makes all future installs on macOS use 351+.
  • Loading branch information
cole-h committed Aug 27, 2024
1 parent f14dffd commit 5f059a1
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 75 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -491,10 +491,10 @@ These settings are available for all commands.
| `--extra-conf` | Extra configuration lines for `/etc/nix.conf` | | `NIX_INSTALLER_EXTRA_CONF` |
| `--force` | If `nix-installer` should forcibly recreate files it finds existing | `false` | `NIX_INSTALLER_FORCE` |
| `--init` | Which init system to configure (if `--init none` Nix will be root-only) | `launchd` (macOS), `systemd` (Linux) | `NIX_INSTALLER_INIT` |
| `--nix-build-group-id` | The Nix build group GID | `30000` | `NIX_INSTALLER_NIX_BUILD_GROUP_ID` |
| `--nix-build-group-id` | The Nix build group GID | `350` (macOS), `30000` (Linux) | `NIX_INSTALLER_NIX_BUILD_GROUP_ID` |
| `--nix-build-group-name` | The Nix build group name | `nixbld` | `NIX_INSTALLER_NIX_BUILD_GROUP_NAME` |
| `--nix-build-user-count` | The number of build users to create | `32` | `NIX_INSTALLER_NIX_BUILD_USER_COUNT` |
| `--nix-build-user-id-base` | The Nix build user base UID (ascending) | `300` (macOS), `30000` (Linux) | `NIX_INSTALLER_NIX_BUILD_USER_ID_BASE` |
| `--nix-build-user-id-base` | The Nix build user base UID (ascending) (NOTE: the first UID will be this base + 1) | `350` (macOS), `30000` (Linux) | `NIX_INSTALLER_NIX_BUILD_USER_ID_BASE` |
| `--nix-build-user-prefix` | The Nix build user prefix (user numbers will be postfixed) | `_nixbld` (macOS), `nixbld` (Linux) | `NIX_INSTALLER_NIX_BUILD_USER_PREFIX` |
| `--nix-package-url` | The Nix package URL | | `NIX_INSTALLER_NIX_PACKAGE_URL` |
| `--no-confirm` | Run installation without requiring explicit user confirmation | `false` | `NIX_INSTALLER_NO_CONFIRM` |
Expand Down
88 changes: 15 additions & 73 deletions src/settings.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,6 @@ use clap::{
error::{ContextKind, ContextValue},
ArgAction,
};
use color_eyre::owo_colors::OwoColorize as _;
use eyre::Context as _;
use once_cell::sync::OnceCell;
use serde::Deserialize;
use url::Url;

pub const SCRATCH_DIR: &str = "/nix/temp-install-dir";
Expand Down Expand Up @@ -100,12 +96,12 @@ pub struct CommonSettings {
/// The Nix build group GID
#[cfg_attr(
feature = "cli",
clap(
long,
default_value_t = 30_000,
env = "NIX_INSTALLER_NIX_BUILD_GROUP_ID",
global = true
)
clap(long, env = "NIX_INSTALLER_NIX_BUILD_GROUP_ID", global = true)
)]
#[cfg_attr(all(target_os = "macos", feature = "cli"), clap(default_value_t = 350))]
#[cfg_attr(
all(target_os = "linux", feature = "cli"),
clap(default_value_t = 30_000)
)]
pub nix_build_group_id: u32,

Expand Down Expand Up @@ -228,74 +224,20 @@ pub struct CommonSettings {
pub diagnostic_endpoint: Option<String>,
}

#[derive(Deserialize, Clone, Debug, PartialEq)]
#[serde(rename_all = "PascalCase")]
pub struct SystemVersionPlist {
product_version: String,
}

const MACOS_SYSTEM_VERSION_PLIST_PATH: &str = "/System/Library/CoreServices/SystemVersion.plist";
const MACOS_SYSTEM_VERSION_PLIST_SYMLINK_PATH: &str =
"/System/Library/CoreServices/.SystemVersionPlatform.plist";

pub fn is_macos_15_or_later() -> bool {
static MACOS_MAJOR_VERSION: OnceCell<u64> = OnceCell::new();
let maybe_major_version = MACOS_MAJOR_VERSION
.get_or_try_init(|| {
// NOTE(cole-h): Sometimes, macOS decides it's a good idea to change the contents of the file you're reading.
// See also:
// https://eclecticlight.co/2020/08/13/macos-version-numbering-isnt-so-simple/
// https://github.com/ziglang/zig/pull/7714/
let symlink_path = std::path::Path::new(MACOS_SYSTEM_VERSION_PLIST_SYMLINK_PATH);
let plist: SystemVersionPlist = if symlink_path.exists() {
plist::from_file(symlink_path).with_context(|| {
format!("Failed to parse plist from {MACOS_SYSTEM_VERSION_PLIST_SYMLINK_PATH}")
})?
} else {
plist::from_file(MACOS_SYSTEM_VERSION_PLIST_PATH).with_context(|| {
format!("Failed to parse plist from {MACOS_SYSTEM_VERSION_PLIST_PATH}")
})?
};

let Some((major, _rest)) = plist.product_version.split_once('.') else {
return Err(eyre::eyre!(
"Failed to parse ProductVersion: {}",
plist.product_version
));
};

let major = major
.parse::<u64>()
.with_context(|| format!("Failed to parse major version '{major}'"))?;

Ok::<_, eyre::Error>(major)
})
.inspect_err(|e| {
// NOTE(cole-h): cannot using tracing here because this is called before we setup the
// tracing subscriber
eprintln!(
"{}",
format!("WARNING: Failed to detect macOS major version, assuming <= macOS 14: {e}")
.yellow()
);
})
.ok();
fn default_nix_build_user_id_base() -> u32 {
use target_lexicon::OperatingSystem;

maybe_major_version.is_some_and(|&v| v >= 15)
match OperatingSystem::host() {
OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => 350,
_ => 30_000,
}
}

fn default_nix_build_user_id_base() -> u32 {
fn default_nix_build_group_id() -> u32 {
use target_lexicon::OperatingSystem;

match OperatingSystem::host() {
OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => {
// NOTE(cole-h): https://github.com/NixOS/nix/issues/10892#issuecomment-2212094287
if is_macos_15_or_later() {
450
} else {
300
}
},
OperatingSystem::MacOSX { .. } | OperatingSystem::Darwin => 350,
_ => 30_000,
}
}
Expand Down Expand Up @@ -335,7 +277,7 @@ impl CommonSettings {
determinate_nix: false,
modify_profile: true,
nix_build_group_name: String::from("nixbld"),
nix_build_group_id: 30_000,
nix_build_group_id: default_nix_build_group_id(),
nix_build_user_id_base: default_nix_build_user_id_base(),
nix_build_user_count: 32,
nix_build_user_prefix: nix_build_user_prefix.to_string(),
Expand Down

0 comments on commit 5f059a1

Please sign in to comment.