Commit graph

14 commits

Author SHA1 Message Date
Travis A. Everett bf2ee3c565 install: fix addVolume perm issue for some users
As reported in #5198, volume creation can fail with a permission error
for some macOS users (probably secondary user accounts?) Sudo appears
to be sufficient to avoid this.

While I'm here, I also updated the sudo invocation added in 079bde2ae
to use the _sudo explanation wrapper.
2021-09-01 19:02:25 -05:00
Matthew Bauer 079bde2aef Try setting enableOwnership in macOS install
For external hard disks where ownership is not enabled by default.
2021-08-24 19:23:18 -05:00
Travis A. Everett eab14a642c darwin: encrypt nix volume if filevault is enabled 2021-04-29 13:26:51 -05:00
Travis A. Everett fe807904e5 adapt to apfs.util flag diff in catalina/big sur
Fixes #3957. Just runs both forms to minimize moving parts.
2020-10-19 12:24:31 -05:00
Travis A. Everett e736f8f6e4 replace xpath with xmllint --xpath; simplify
As mentioned in previous commit, Big Sur changes the syntax for the
xpath command slightly.

In the process of testing out replacements for these, I noticed a few
small simplification wins.
2020-10-19 12:24:04 -05:00
Domen Kožar 2a7ea2eb6c
scripts/create-darwin-volume.sh: remove unused variable 2020-05-23 11:12:05 +02:00
Daiderd Jordan d3df1889a1
installer: don't clobber synthetic.conf 2020-05-21 20:03:09 +02:00
Travis A. Everett 2b0a81d92d
focus on golden-path covering most scenarios
This should handle installation scenarios we can handle with
anything resembling confidence. Goal is approximating the existing
setup--not enforcing a best-practice...

Approaches (+ installer-handled, - manual) and configs each covers:

+ no change needed; /nix OK on boot volume:
  All pre-Catalina (regardless of T2 or FileVault use)

+ create new unencrypted volume:
  Catalina, pre-T2, no FileVault

+ create new encrypted-at-rest volume:
  Catalina, pre-T2, FileVault
  Catalina, T2, no FileVault

- require user to pre-create encrypted volume
  Catalina, T2, FileVault
2020-05-21 19:58:11 +02:00
Daiderd Jordan 477d7c2d07
installer: refuse apfs volume creation when FileVault is enabled 2020-05-21 19:58:11 +02:00
Daiderd Jordan bc24c09968
install: make synthetic.conf and fstab checks stricter 2020-05-21 19:58:11 +02:00
Daiderd Jordan 04f597c3f4
install: improve output and error handling 2020-05-21 19:58:11 +02:00
Daiderd Jordan caface1980
install: hide the store volume on darwin 2020-05-21 19:58:11 +02:00
Daiderd Jordan 083bb3bbfc
install: show macOS 10.15 message with --daemon 2020-05-21 19:58:10 +02:00
Daiderd Jordan 0726ad5825
install: configure and bootstrap synthetic.conf on darwin
Starting macOS 10.15 /nix can't be creasted directly anymore due to the
readonly filesystem, but synthetic.conf was introduced to enable
creating mountpoints or symlinks for special usecases like package
managers.
2020-05-21 19:58:10 +02:00