fix: address review — reuse sudo var, add chown -h on symlink update

- hermes_cli/main.py: reuse the existing `sudo` variable instead of redundant `shutil.which("sudo")` call that could return None - nix/nixosModules.nix: add missing `chown -h` when updating an existing symlink target so ownership stays consistent with the fresh-create and backup-replace branches
2026-04-25 00:51:20 +00:00 · 2026-04-11 17:59:48 +00:00 · 2026-04-11 17:59:48 +00:00 · 38277a6a95
commit 38277a6a95
parent 79e8cd1233
2 changed files with 2 additions and 1 deletions
--- a/hermes_cli/main.py
+++ b/hermes_cli/main.py
@ -612,7 +612,7 @@ def _exec_in_container(container_info: dict, cli_args: list):
        if val:
            env_flags.extend(["-e", f"{var}={val}"])

-    cmd_prefix = [shutil.which("sudo"), "-n", runtime] if needs_sudo else [runtime]
+    cmd_prefix = [sudo, "-n", runtime] if needs_sudo else [runtime]
    exec_cmd = (
        cmd_prefix + ["exec"]
        + tty_flags
--- a/nix/nixosModules.nix
+++ b/nix/nixosModules.nix
@ -684,6 +684,7 @@ HERMES_CONTAINER_MODE_EOF
                  current_target=$(readlink "${symlinkPath}")
                  if [ "$current_target" != "${target}" ]; then
                    ln -sfn "${target}" "${symlinkPath}"
+                    chown -h ${user}:${cfg.group} "${symlinkPath}"
                  fi
                elif [ -d "${symlinkPath}" ]; then
                  # Existing real directory — backup and replace