nixos-rebuild: use sudo when whoami != root

Currently, executing `nixos-rebuild switch` as a non-root user will
result in a somewhat confusing error about being unable to link a
profile to a nix store path. This is not ideal, especially as we already
have most of the code to handle this properly and use `sudo` to elevate
permissions to install.

This is preferrable for flakes (better eval caching), and also more
intuitive for new users.

nixos/doc/manual/manpages/nixos-rebuild.8

@@ -56,7 +56,9 @@ must run
 .Nm
 to make the changes take effect. It builds the new system in
 .Pa /nix/store Ns
-, runs its activation script, and stop and (re)starts any system services if
+, runs its activation script (invoking
+.Ic sudo Ns
+\& if required), and stop and (re)starts any system services if
 needed. Please note that user services need to be started manually as they
 aren't detected by the activation script at the moment.
 .
@@ -355,6 +357,11 @@ or
 is also set. This is useful when the target-host connection to cache.nixos.org
 is faster than the connection between hosts.
 .
+.It Fl -no-auto-sudo
+When set, disables automatic use of
+.Ic sudo Ns
+\& when deploying to localhost as a non-root user.
+.
 .It Fl -use-remote-sudo
 When set, nixos-rebuild prefixes remote commands that run on the
 .Fl -build-host

nixos/doc/manual/release-notes/rl-2305.section.md

@@ -205,6 +205,8 @@ In addition to numerous new and upgraded packages, this release has the followin
 
 - A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm).
 
+- `nixos-rebuild` now uses `sudo` when deploying to localhost as a non-root user. This behaviour can be disabled with `--no-auto-sudo`.
+
 - The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically.
 
 - The `root` package is now built with the `"-Dgnuinstall=ON"` CMake flag, making the output conform the `bin` `lib` `share` layout. In this layout, `tutorials` is under `share/doc/ROOT/`; `cmake`, `font`, `icons`, `js` and `macro` under `share/root`; `Makefile.comp` and `Makefile.config` under `etc/root`.

pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh

@@ -32,6 +32,7 @@ specialisation=
 buildHost=
 targetHost=
 remoteSudo=
+noAutoSudo=
 verboseScript=
 noFlake=
 # comma separated list of vars to preserve when using sudo
@@ -127,6 +128,9 @@ while [ "$#" -gt 0 ]; do
       --use-remote-sudo)
         remoteSudo=1
         ;;
+      --no-auto-sudo)
+        noAutoSudo=1
+        ;;
       --flake)
         flake="$1"
         shift 1
@@ -153,8 +157,10 @@ while [ "$#" -gt 0 ]; do
     esac
 done
 
+sudoCommand=(sudo --preserve-env="$preservedSudoVars" --)
+
 if [[ -n "$SUDO_USER" || -n $remoteSudo ]]; then
-    maybeSudo=(sudo --preserve-env="$preservedSudoVars" --)
+    maybeSudo=("${sudoCommand[@]}")
 fi
 
 # log the given argument to stderr if verbose mode is on
@@ -182,7 +188,11 @@ buildHostCmd() {
 
 targetHostCmd() {
     if [ -z "$targetHost" ]; then
-        runCmd "${maybeSudo[@]}" "$@"
+        if [ "$(whoami)" = root ] || [ -n "$noAutoSudo" ]; then
+            runCmd "${maybeSudo[@]}" "$@"
+        else
+            runCmd "${sudoCommand[@]}" "$@"
+        fi
     else
         runCmd ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@"
     fi