@raxod502-plaid It looks like (probably new in Catalina), macOS is requiring the Full Disk Access permission in order to modify these files.

Workaround (for anyone needing to remove these files to finish uninstalling Nix):

1. add the permission:

   • Run open -n "x-apple.systempreferences:com.apple.preference.security?Privacy_AllFiles" or manually open System Preferences > Security & Privacy > Full Disk Access
   • Unlock to make changes.

   • Add an exemption for either your terminal app or shell. I suspect the right program will already be in the list (unchecked--IIRC accessing protected files with a program should add it to the list), in which case you can just tick it's checkbox. If not, you'll need to click "+" and find it.

     I keep the exemption enabled myself, but you may want to remove it after you're done. It's intended to keep programs (whether legitimate, or malware) from accessing some sensitive files without your permission.

2. Re-run the uninstall command that failed (exact command differs between single-/multi-user installs).

Fixing this in the installer

The closest we can probably get to a real fix is either :

1. keeping macOS from creating these/proactively beating macOS to the punch
2. nudging all macOS users towards creating the exemption they'll need to uninstall during the installation process

I don't think the latter is worth exploring unless the former fails for some reason... mixed thoughts:

• It sounds like some people successfully block creation of .Trashes/ with something like touch /nix/.Trashes. Worth testing.
• We already add nobrowse to the mount settings in /etc/fstab, which does appear to disable spotlight indexing (can check this with mdutil -s /nix).
• For some reason nobrowse may both disable indexing but not suffice for keeping it from creating the .Spotlight-V100 directory. I'm not certain why, but I do have the spotlight directory on one of my test systems, but not on my main.
  
  
  
  • At one point I think we had something like sudo mdutil -i off /nix either in the install script, or in the documented recommendations. IIRC we removed it because it reports an error to the user that we couldn't figure out, and it seemed nobrowse was sufficient. Running this command might have some additional effect, even if there's an error. I may have installed my main system when this was still the recommended approach.
  
  
  • Back in April I identified another approach that we haven't tried (since nobrowse seemed sufficient), which is touch /nix/.metadata_never_index. It's worth confirming whether this keeps macOS from creating the file. Not sure if we need to fiddle file permissions?
  
  

Thank you for the response! I really appreciate it. Unfortunately, while enabling the Full Disk Access permission fixes the Operation not permitted errors, it does not fix the Resource busy error:

$ sudo rm -rf /nix
rm: /nix: Resource busy

Does that require an additional step? Unmounting and re-mounting the Nix volume does not seem to affect this.

While investigating this, I discovered that I could delete the Nix volume via Disk Utility, which seemed prudent to follow as an uninstall step. However, I now receive this error message instead:

$ sudo rmdir /nix
rmdir: /nix: Read-only file system

The Catalina-specific install prints a set of Catalina-specific uninstall instructions; I think they are the gap here:

https://github.com/NixOS/nix/blob/2a7ea2eb6c54c82d5e858ea6ae9de929face5e55/scripts/create-darwin-volume.sh#L106-L113

I imagine you may also need to reboot for all of that to take.

Yes, you are exactly right. Those steps successfully remove the /nix directory. Perhaps they can be added to the documentation? It certainly did not occur to me to save a copy of the installer output for reference later.

Alternatively you can just use Disk Utilities

First ERASE
Second REMOVE
Third EMPTY TRASHBIN

Bring up Disk Utilities then go and remove

After deleting you can rm -rf ~/nix
running $ lsof +D /nix will show nothing, meaning it has been removed