From 1238e4dfc33bc4347564350bbfadac50aa8da0cd Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Wed, 13 May 2026 13:43:36 +0100 Subject: fix(waybar): pacdiff click — set DIFFPROG inside the root shell MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit sudo-rs scrubs the env by default, so neither `DIFFPROG=… sudo pacdiff` nor `sudo DIFFPROG=… pacdiff` reaches pacdiff with the variable set. Sidestep the env-policy question entirely by running sudo sh -c 'DIFFPROG="nvim -d" pacdiff' so the assignment happens inside the privileged shell, after the env-scrubbing boundary. No sudoers-rs change required, and the same form works identically under stock sudo if the user ever switches back. --- dot_config/waybar/executable_pacdiff-status.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'dot_config/waybar/executable_pacdiff-status.sh') diff --git a/dot_config/waybar/executable_pacdiff-status.sh b/dot_config/waybar/executable_pacdiff-status.sh index dad3166..e1a2291 100755 --- a/dot_config/waybar/executable_pacdiff-status.sh +++ b/dot_config/waybar/executable_pacdiff-status.sh @@ -5,8 +5,10 @@ # from "no problems" to "non-zero" (i.e. on the post-`pacman -Syu` # settle), so you're nudged exactly once per upgrade wave. # -# Click handler runs `sudo DIFFPROG='nvim -d' pacdiff` in a floating -# ghostty. +# Click handler hands off to a root shell that sets DIFFPROG before +# invoking pacdiff (sudo-rs scrubs the env by default, so passing +# `DIFFPROG=… sudo pacdiff` or `sudo DIFFPROG=… pacdiff` doesn't +# survive — but `sudo sh -c 'DIFFPROG=… pacdiff'` does). set -eu -- cgit v1.3.1