MacOS install has unidentified Login Items

I noticed that after installing Flox, there are 2 unidentified login items that are associated with the sh command. I believe one of these is so that Nix can run a daemon. When I did not have them enabled, I got this error.

To build the most trust with users, these login items should be associated with Flox in some way on the Login Items & Extensions settings page. Is this being tracked somewhere?

flox install frp
❌ ERROR: Failed to build environment:

Failed to realise 'awscli2':
error:
       … while fetching the input 'flox-nixpkgs:v0/flox/2c8d3f48d33929642c1c12cd243df4cc7d2ce434'

       … while fetching the input 'path:/private/tmp/nix-74784-0'

       error: cannot connect to socket at '/nix/var/nix/daemon-socket/socket': Connection refused

Screenshot 2025-04-08 at 10.29.29 AM489×368 25.7 KB

Hej James

Thanks for bringing this to our attention!

This issue is in fact a result of the nix installation we perform (and is the same when you install nix with the official installer. That said, we should look into better descriptions.

To see this for yourself, you can follow along these commands:

❯ sfltool dumpbtm
========================
 Records for UID -2 : FFFFEEEE-DDDD-CCCC-BBBB-AAAAFFFFFFFE
========================

 ServiceManagement migrated: true
 SharedFileList migrated: false
 LaunchServices registered: false

 Items:

 #1:
                 UUID: 436D7707-0D2A-44D2-BB39-EF3B81E58442
                 Name: (null)
       Developer Name: (null)
                 Type: developer (0x20)
                Flags: [  ] (0)
          Disposition: [disabled, allowed, visible, not notified] (0x2)
           Identifier: Unknown Developer
                  URL: (null)
           Generation: 0
  Embedded Item Identifiers:
    #1: 16.org.nixos.darwin-store

 #2:
                 UUID: 93F7BB0E-1985-409B-899E-BA21D3B5DE8B
                 Name: diskutil
       Developer Name: (null)
                 Type: legacy daemon (0x10010)
                Flags: [ legacy ] (0x1)
          Disposition: [enabled, allowed, visible, notified] (0xb)
           Identifier: 16.org.nixos.darwin-store
                  URL: file:///Library/LaunchDaemons/org.nixos.darwin-store.plist
      Executable Path: /usr/sbin/diskutil
           Generation: 3
    Parent Identifier: Unknown Developer

 #3:
                 UUID: FEB882A6-9CF8-4A2F-A2B4-240712F11545
                 Name: sh
       Developer Name: (null)
                 Type: legacy daemon (0x10010)
                Flags: [ legacy ] (0x1)
          Disposition: [enabled, allowed, visible, notified] (0xb)
           Identifier: 16.org.nixos.nix-daemon
                  URL: file:///Library/LaunchDaemons/org.nixos.nix-daemon.plist
      Executable Path: /bin/sh
           Generation: 7
    Parent Identifier: Unknown Developer

 #4:
                 UUID: 67521C6B-E1F8-4CC3-A949-ABC65C033071
                 Name: sh
       Developer Name: (null)
                 Type: legacy daemon (0x10010)
                Flags: [ legacy ] (0x1)
          Disposition: [enabled, allowed, visible, notified] (0xb)
           Identifier: 16.org.nixos.activate-system
                  URL: file:///Library/LaunchDaemons/org.nixos.activate-system.plist
      Executable Path: /bin/sh
           Generation: 6
    Parent Identifier: Unknown Developer

[ .. snip .. ]

These are the login jobs labelled diskutil and sh and sh (2x), (which are essentially missing a couple metadata fields).

You can cat the plist files to see what is actually being executed upon startup.

Fantastic explanation! Thank you very much. Hopefully the upstream Nix team will be open to improving that. I’m working on a work machine and need to be able to explain and understand each of the items in my software installation.