Finally I found a package manager I can agree with, can be used on macOS and
that Nix what I like about it, is that it does not touch the
folder on macOS let alone change the ownership of the directory, instead it create a sub-volume and mount it at
I read the manual and I paid close attention to the multi-user section
Nix has multi-user support. This means that non-privileged users can securely install software. Each user can have a different profile, a set of packages in the Nix store that appear in the user’s PATH. If a user installs a package that another user has already installed previously, the package won’t be built or downloaded a second time. At the same time, it is not possible for one user to inject a Trojan horse into a package that might be used by another user.
I especially like the last sentence in the paragraph, in other package manager like Homebrew, that is quite possible to do, here is a quote I got from the wikipedia article.
Homebrew does not honor the default privileges of
/usr/local; directory ownership is changed from root with group permissions for the wheel group to the installing user and the “admin” group. Specifically, the mode changes from
drwxr-xr-x rootwheel to
drwxrwxr-x myuser admin. All files, not just the directories, have their ownership changed by the installer. This is considered by some as a major security flaw.
It is a major security flaw, for example it can be use to override command like
sudo and use that to steal password
from the admin and therefore gain root access to the system. They change the ownership so you don’t use
in my humble opinion this is not a very good approach, because of that alone I choose not to install the Homebrew.
But thankfully Nix does not use that approach, it relies on the unprivileged user to interact with the lightweight
daemon which has the privileged to managed anything in the
/nix directory in a very safe manner and like Homebrew you
don’t need to use the
sudo command. If I wanted to install neovim, I can run the following
nix-env -iA nixpkgs.neovim
Well I just love the Nix package manager, I really love the way it was designed and I also heard it can more than package manager, it can do manage server configurations and it can also do DevOps stuff, pretty much what Chef does. I think it awesome it can do all those, but I choose to use it as a package manager. I had other advices to check out home manager as well, but I choose not to, I prefer to install and uninstall the package as I need to.
There is also part of NixOS, which demonstrates to me that they got a great background in dealing with Unix (Linux and
macOS). Homebrew is just one of the those things built by a cool kid, who thinks it cool to change the owner
/usr/local which in reality that is dangerous, therefore I don’t recommend Homebrew. I leave it at that. 🙂
Have a nice day ☀️