Even the old single-user installer sets up /nix using sudo, so it sounds like you want something different than what we used to have in place anyway. As far as safety: why/how are the manual’s instructions on verifying the Nix installer inadequate?
I’m not sure the following argument is actually good, but: if you feel confident setting up a special volume for /nix and whatnot on your own (administering your macOS system yourself so that the installer doesn’t have to be so smart), shouldn’t you also be comfortable administering your system to remove after Nix is installed (e.g., to remove the nixbld users)?
I don’t know that these reasons will speak to you, but these are the reasons that I like the decision to switch to a multi-user installation by default:
-
It’s more NixOS-like. This makes it easier for people switching between Nix on macOS and Nix on NixOS to know what to expect, and makes it easier for folks who exclusively use one or the other to support each other.
-
Multi-user package management (without resort to containerization at runtime) is one of the distinguishing features of Nix. Not leveraging that OOTB makes it harder for users to appreciate the unique advantages of Nix, and also makes it harder to switch to a setup where they can take advantage of that feature once they’ve gotten started.
-
Modern operating systems are multi-user. Single-user behavior like Homebrew’s strikes me as bad design, and a trip back to the DOS days in a bad way. It leaves a bad impression.
-
Single-user mode is harder to support for important use cases like corporate environments, where you might SSH into a MacBook to offer support. In that case, having to log in as the user you’re supporting in order to have Nix commands work right seems wrong (definitely more invasive).
I’m not sure that any of the points I enumerated really make the case for outright removing support for single-user installations. But keep in mind that there have been discussions in the past of removing support for multi-user installations on non-NIxOS for similar concerns about the sustainability of supporting different base configurations for Nix itself. If the community only has the resources to thoroughly support one configuration, in my opinion it should be the configuration that is more versatile and more similar to NixOS.
Re: uninstallation: the Nix build users don’t get $HOME directories or show up for GUI login, so they don’t leave much clutter. IIRC there’s ongoing work for a comprehensive uninstaller, which is great. But in the meantime if you want something simpler that feels more like a native Unix tool than macOS’ dscl, you can use userdel from Pkgsrc’s user-darwin package. It’s just a POSIX sh wrapper around dscl, so you can just download it and run it. You can grab the scripts here. (Maybe it would be worth it to package that for Nixpkgs, if we don’t already?)