!10 fix desktop entry config for nixos

Merge pull request !10 from SunnyPai/master

.gitignore

@@ -0,0 +1,3 @@
+result
+result-*
+spark-store/

README.md

@@ -59,8 +59,9 @@ Commands:
 ### 完整命令列表
 使用 `apm --help-all` 查看完整的命令列表，包括高级命令如 `sandbox-run`、`bwrap-run`、`hold`、`unhold`、`full-upgrade`、`download`、`ssinstall`、`ssaudit`、`debug` 等。
 
+## NixOS 构建与本地测试
 
-
+NixOS 本地构建、安装、module 使用以及 NUR/nixpkgs 打包复用说明见 [docs/NIXOS.md](docs/NIXOS.md)。
 
 ## APM Deb 包全自动转换器使用方法
 

build.config

@@ -1 +1 @@
-@VERSION@=1.3.4
+@VERSION@=1.3.4.0

default.nix

@@ -0,0 +1,3 @@
+{ pkgs ? import <nixpkgs> { } }:
+
+pkgs.callPackage ./nix/package.nix { }

docs/NIXOS.md

@@ -0,0 +1,123 @@
+# NixOS 构建与本地测试
+
+本仓库提供了实验性的 Nix 打包文件，可用于在 NixOS 上本地构建和测试 APM。
+
+## 本地构建
+
+在仓库根目录执行：
+
+```bash
+nix-build default.nix
+```
+
+构建成功后会生成 `result` 符号链接，可先做基础命令测试：
+
+```bash
+./result/bin/apm --version
+./result/bin/apm --help
+./result/bin/amber-pm-init-state --help
+```
+
+如果使用 Flake，也可以执行：
+
+```bash
+nix build .#amber-pm
+nix flake check
+```
+
+## 初始化本地状态目录
+
+APM 需要可写的 `/var/lib/apm` 目录保存自身运行环境和已安装应用。Nix 包中的文件位于只读 Nix store，因此首次测试前需要初始化状态目录：
+
+```bash
+sudo ./result/bin/amber-pm-init-state
+```
+
+如需用新构建结果覆盖 APM 自身文件，可执行：
+
+```bash
+sudo ./result/bin/amber-pm-init-state --force
+```
+
+`--force` 会原地覆盖 `/var/lib/apm/apm` 中的 APM 自身文件，不会移动、备份或删除整个 `/var/lib/apm/apm` 目录，以免影响已经安装在该目录下的 APM 应用。
+
+随后初始化内置 AmberCE 环境：
+
+```bash
+sudo /var/lib/apm/apm/files/bin/ace-init
+```
+
+完成后可继续测试：
+
+```bash
+./result/bin/apm debug
+./result/bin/apm update
+./result/bin/apm search amber-pm-
+```
+
+## 作为 NixOS Module 使用
+
+可在 NixOS 配置中引入本仓库的 module：
+
+```nix
+{ pkgs, ... }:
+{
+  imports = [
+    /path/to/amber-pm/nix/module.nix
+  ];
+
+  nixpkgs.overlays = [
+    (final: prev: {
+      amber-pm = final.callPackage /path/to/amber-pm/nix/package.nix { };
+    })
+  ];
+
+  programs.amber-pm.enable = true;
+}
+```
+
+然后执行：
+
+```bash
+sudo nixos-rebuild switch
+```
+
+该 module 会将 `amber-pm` 加入 `environment.systemPackages`，并在系统激活时初始化 `/var/lib/apm/apm`。APM 使用 bwrap 与 fuse-overlayfs，module 默认会设置 `kernel.apparmor_restrict_unprivileged_userns = 0`，并启用 `nix-ld` 以提高兼容性。
+
+## NUR/nixpkgs 打包复用
+
+`nix/package.nix` 支持外部传入 `version` 和 `src`，因此 NUR 或 nixpkgs 中可以复用同一个表达式，不必依赖本地源码路径。
+
+NUR 仓库中的示例：
+
+```nix
+{ pkgs ? import <nixpkgs> { } }:
+
+{
+  amber-pm = pkgs.callPackage ./pkgs/amber-pm {
+    version = "1.3.4.0";
+    src = pkgs.fetchFromGitHub {
+      owner = "amber-ce";
+      repo = "amber-pm";
+      rev = "v1.3.4.0";
+      hash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
+    };
+  };
+}
+```
+
+nixpkgs 中的包通常应放在类似路径：
+
+```text
+pkgs/by-name/am/amber-pm/package.nix
+```
+
+提交 nixpkgs 前建议先满足以下条件：
+
+- 使用正式 tag 或 release，不使用本地路径作为源码。
+- 固定 `src.hash`。
+- 本地通过 `nix-build -A amber-pm` 或 `nix build .#amber-pm`。
+- 确认 `apm --version`、`apm --help`、`amber-pm-init-state --help` 正常。
+- `meta` 中填写 license、homepage、platforms 和 maintainers。
+
+当前 NixOS 适配仍偏测试用途。建议先发布到 NUR 收集测试反馈，再投 nixpkgs。

flake.nix

@@ -0,0 +1,50 @@
+{
+  description = "Amber Package Manager packaged for NixOS testing";
+
+  inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+
+  outputs =
+    { self, nixpkgs }:
+    let
+      systems = [
+        "x86_64-linux"
+        "aarch64-linux"
+        "loongarch64-linux"
+      ];
+      forAllSystems = nixpkgs.lib.genAttrs systems;
+    in
+    {
+      packages = forAllSystems (
+        system:
+        let
+          pkgs = import nixpkgs { inherit system; };
+        in
+        {
+          amber-pm = pkgs.callPackage ./nix/package.nix { };
+          default = self.packages.${system}.amber-pm;
+        }
+      );
+
+      checks = forAllSystems (
+        system:
+        let
+          pkgs = import nixpkgs { inherit system; };
+          amber-pm = self.packages.${system}.amber-pm;
+        in
+        {
+          cli-smoke = pkgs.runCommand "amber-pm-cli-smoke" { } ''
+            ${amber-pm}/bin/apm --version
+            ${amber-pm}/bin/apm --help >/dev/null
+            ${amber-pm}/bin/amber-pm-init-state --help >/dev/null
+            touch "$out"
+          '';
+        }
+      );
+
+      nixosModules.default = import ./nix/module.nix;
+
+      overlays.default = final: prev: {
+        amber-pm = final.callPackage ./nix/package.nix { };
+      };
+    };
+}

nix/module.nix

@@ -0,0 +1,84 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.programs.amber-pm;
+  apmXdgDataDir = "/var/lib/apm/apm/files/ace-env/amber-ce-tools/data-dir";
+
+  aceRuntimePath = lib.makeBinPath (with pkgs; [
+    bash
+    bubblewrap
+    coreutils
+    gawk
+    gnugrep
+    gnused
+    gnutar
+    sudo
+  ]);
+in
+{
+  options.programs.amber-pm = {
+    enable = lib.mkEnableOption "Amber Package Manager";
+
+    package = lib.mkPackageOption pkgs "amber-pm" { };
+
+    initializeState = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = "Create /var/lib/apm/apm during system activation when it does not already exist.";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    environment.systemPackages = [ cfg.package ];
+    environment.sessionVariables.XDG_DATA_DIRS = lib.mkAfter [ apmXdgDataDir ];
+    environment.etc."systemd/user-environment-generators/60-apm".source =
+      pkgs.writeShellScript "60-apm" ''
+        apm_xdg_data_dir=${lib.escapeShellArg apmXdgDataDir}
+        xdg_data_dirs="''${XDG_DATA_DIRS:-/usr/local/share:/usr/share}"
+
+        case ":$xdg_data_dirs:" in
+          *":$apm_xdg_data_dir:"*) ;;
+          *) xdg_data_dirs="$xdg_data_dirs:$apm_xdg_data_dir" ;;
+        esac
+
+        printf 'XDG_DATA_DIRS=%s\n' "$xdg_data_dirs"
+      '';
+
+    programs.nix-ld.enable = lib.mkDefault true;
+
+    boot.kernel.sysctl."kernel.apparmor_restrict_unprivileged_userns" = lib.mkDefault 0;
+
+    system.activationScripts.amber-pm-state = lib.mkIf cfg.initializeState ''
+      export PATH="${aceRuntimePath}:$PATH"
+      target="/var/lib/apm/apm"
+      version_file="$target/.amber-pm-version"
+      current_version="${cfg.package.version}"
+
+      if [ ! -e "$target" ]; then
+        echo "APM state directory not found, initializing..."
+        ${cfg.package}/bin/amber-pm-init-state
+        echo "Running ace-init for first-time setup..."
+        /var/lib/apm/apm/files/bin/ace-init
+      elif [ -f "$version_file" ]; then
+        stored_version="$(cat "$version_file")"
+        if [ "$stored_version" != "$current_version" ]; then
+          echo "APM version changed ($stored_version -> $current_version), re-initializing..."
+          ${cfg.package}/bin/amber-pm-init-state --force
+          echo "Running ace-init..."
+          /var/lib/apm/apm/files/bin/ace-init
+        else
+          echo "APM version unchanged ($current_version), skipping ace-init."
+        fi
+      else
+        echo "No version file found, refreshing state and running ace-init..."
+        ${cfg.package}/bin/amber-pm-init-state --force
+        /var/lib/apm/apm/files/bin/ace-init
+      fi
+    '';
+  };
+}

nix/package.nix

@@ -0,0 +1,202 @@
+{
+  lib,
+  stdenvNoCC,
+  makeWrapper,
+  bash,
+  bubblewrap,
+  coreutils,
+  curl,
+  desktop-file-utils,
+  dpkg,
+  fakeroot,
+  file,
+  findutils,
+  fuse-overlayfs,
+  gawk,
+  glib,
+  gnugrep,
+  gnused,
+  gzip,
+  libnotify,
+  procps,
+  sudo,
+  systemd,
+  gnutar,
+  util-linux,
+  which,
+  xdg-user-dirs,
+  xz,
+  zenity,
+  version ? "1.3.4.0",
+  sourceRoot ? ../.,
+  src ? lib.cleanSourceWith {
+    src = sourceRoot;
+    filter =
+      path: type:
+      let
+        base = baseNameOf path;
+      in
+      ! lib.elem base [
+        ".git"
+        "result"
+      ];
+  },
+}:
+
+let
+  runtimePath = lib.makeBinPath [
+    bash
+    bubblewrap
+    coreutils
+    curl
+    desktop-file-utils
+    dpkg
+    fakeroot
+    file
+    findutils
+    fuse-overlayfs
+    gawk
+    glib
+    gnugrep
+    gnused
+    gzip
+    libnotify
+    procps
+    sudo
+    systemd
+    gnutar
+    util-linux
+    which
+    xdg-user-dirs
+    xz
+    zenity
+  ];
+in
+stdenvNoCC.mkDerivation {
+  pname = "amber-pm";
+  inherit version;
+
+  inherit src;
+
+  nativeBuildInputs = [ makeWrapper ];
+
+  dontConfigure = true;
+  dontBuild = true;
+
+  installPhase = ''
+    runHook preInstall
+
+    echo "copying Debian-style install tree"
+    mkdir -p "$out"
+    cp -a src/* "$out"/
+
+    rm -f "$out/usr/bin/apm" \
+      "$out/usr/bin/amber-pm-debug" \
+      "$out/usr/bin/amber-pm-configure-nvidia"
+
+    echo "substituting version and store paths"
+    substituteInPlace "$out/usr/libexec/apm/apm-main" \
+      --replace-fail '@VERSION@' '${version}' \
+      --replace-fail '/usr/libexec/apm/apm-eggs' "$out/usr/libexec/apm/apm-eggs"
+
+    while IFS= read -r -d "" file; do
+      if grep -Iq '@VERSION@' "$file" && grep -q '@VERSION@' "$file"; then
+        sed -i 's|@VERSION@|${version}|g' "$file"
+      fi
+    done < <(find "$out/usr" "$out/etc" -type f -print0)
+
+    echo "patching host script shebangs"
+    patchShebangs "$out/usr/bin" "$out/usr/libexec"
+    patchShebangs \
+      "$out/var/lib/apm/apm/files/ace-run" \
+      "$out/var/lib/apm/apm/files/ace-run-pkg" \
+      "$out/var/lib/apm/apm/files/bin/ace-init" \
+      "$out/var/lib/apm/apm/files/bin/ace-run" \
+      "$out/var/lib/apm/apm/files/bin/amber-ce-configure-nvidia" \
+      "$out/var/lib/apm/apm/files/build-container.sh" \
+      "$out/var/lib/apm/apm/files/feedback.sh" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/ace-upgrader/ace-upgrader" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/container-init/init.sh" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/apm-debug" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/bwrap" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/gio" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/pkexec" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/sudo" \
+      "$out/var/lib/apm/apm/files/amber-ce-tools/bin-override/xdg-open"
+
+    echo "installing wrappers"
+    mkdir -p "$out/bin" "$out/share/amber-pm/var-lib-apm"
+    ln -s /var/lib/apm/apm/files/bin/ace-run "$out/bin/amber-pm-debug"
+    ln -s /var/lib/apm/apm/files/bin/amber-ce-configure-nvidia "$out/bin/amber-pm-configure-nvidia"
+
+    for prog in "$out"/usr/bin/*; do
+      if [ -f "$prog" ] || [ -L "$prog" ]; then
+        name="$(basename "$prog")"
+        if [ "$name" != apm ] \
+          && [ "$name" != amber-pm-debug ] \
+          && [ "$name" != amber-pm-configure-nvidia ]; then
+          makeWrapper "$prog" "$out/bin/$name" \
+            --prefix PATH : "$out/bin:${runtimePath}"
+        fi
+      fi
+    done
+
+    cp -a "$out/var/lib/apm/apm" "$out/share/amber-pm/var-lib-apm/apm"
+    rm -rf "$out/var"
+
+    makeWrapper "$out/usr/libexec/apm/apm-main" "$out/bin/apm" \
+      --prefix PATH : "$out/bin:${runtimePath}"
+
+    cat > "$out/bin/amber-pm-init-state" <<'EOF'
+#!@bash@/bin/bash
+set -euo pipefail
+
+if [ "''${1:-}" = "--help" ]; then
+  echo "Usage: amber-pm-init-state [--force]"
+  echo "Initializes /var/lib/apm/apm from the Nix store seed."
+  exit 0
+fi
+
+if [ "$(id -u)" != 0 ]; then
+  echo "amber-pm-init-state must be run as root because it writes /var/lib/apm" >&2
+  exit 1
+fi
+
+seed="@out@/share/amber-pm/var-lib-apm/apm"
+target="/var/lib/apm/apm"
+
+mkdir -p /var/lib/apm
+if [ -e "$target" ] && [ "''${1:-}" != "--force" ]; then
+  echo "$target already exists; leaving it untouched."
+  echo "Run 'amber-pm-init-state --force' to refresh APM's own files."
+  exit 0
+fi
+
+mkdir -p "$target"
+cp -a "$seed"/. "$target"/
+echo '@version@' > "$target/.amber-pm-version"
+chmod -R u+rwX "$target"
+echo "Initialized $target"
+echo "Next step: run '/var/lib/apm/apm/files/bin/ace-init' as root, or run 'apm --help' for CLI smoke testing."
+EOF
+    substituteInPlace "$out/bin/amber-pm-init-state" \
+      --replace-fail '@bash@' '${bash}' \
+      --replace-fail '@out@' "$out" \
+      --replace-fail '@version@' '${version}'
+    chmod +x "$out/bin/amber-pm-init-state"
+
+    runHook postInstall
+  '';
+
+  meta = {
+    description = "bwrap and fuse-overlayfs based package manager for Debian-style application containers";
+    homepage = "https://gitee.com/amber-ce/amber-pm/";
+    license = lib.licenses.gpl3Only;
+    platforms = [
+      "x86_64-linux"
+      "aarch64-linux"
+      "loongarch64-linux"
+    ];
+    maintainers = [ ];
+  };
+}

src/DEBIAN/postinst

@@ -9,10 +9,13 @@ systemctl daemon-reload
 systemctl enable apm-daily-update
 systemctl start apm-daily-update
 systemctl restart apparmor.service || true
+mkdir -p /etc/apparmor.d/disable/
+ln -sv /etc/apparmor.d/bwrap-userns-restrict /etc/apparmor.d/disable/
 
         if [ -f /usr/lib/sysctl.d/apm.conf ];then
                 sysctl -p /usr/lib/sysctl.d/apm.conf
         fi
+systemctl reload apparmor
 		# Send statistics data
 		/var/lib/apm/apm/files/feedback.sh &
         ln -sv / /host

src/usr/bin/amber-pm-convert

@@ -8,6 +8,10 @@ log.debug() { echo -e "[\e[32mDEBUG\e[0m]: \e[1m$*\e[0m"; }
 
 SCRIPT_NAME=$(basename "$0")
 
+is_nixos() {
+    [ -r /etc/os-release ] && . /etc/os-release && [ "${ID:-}" = "nixos" ]
+}
+
 if ! command -v dpkg > /dev/null ; then
     log.error "若想使用APM软件包转换器，您需先安装dpkg"
     exit 1
@@ -617,6 +621,12 @@ interactive_copy_entries() {
 process_desktop_file() {
     local desktop_file="$1"
     local pkgname="$2"
+    local apm_exec_prefix="apm run $pkgname"
+
+    if is_nixos; then
+        apm_exec_prefix="/run/current-system/sw/bin/apm run $pkgname"
+    fi
+
     # 新增：精确路径检查
     local apps_path1="/usr/share/applications"
     local apps_path2="/opt/apps/${ORIG_PKGNAME}/entries/applications"
@@ -632,16 +642,16 @@ process_desktop_file() {
     log.info "处理桌面文件: $desktop_file"
     
     # 检查文件是否已经处理过（避免重复添加 apm run）
-    if grep -q "^Exec=apm run $pkgname " "$desktop_file"; then
+    if grep -q "^Exec=${apm_exec_prefix} " "$desktop_file"; then
         log.info "桌面文件已经处理过，跳过: $desktop_file"
         return 0
     fi
     
     # 检查是否有其他包的 apm run 前缀（清理旧的）
-    if grep -q "^Exec=apm run [^ ]* " "$desktop_file"; then
+    if grep -Eq "^Exec=(/run/current-system/sw/bin/)?apm run [^ ]* " "$desktop_file"; then
         log.info "发现旧的 apm run 前缀，清理后重新添加"
         # 移除所有 apm run 前缀
-        sed -i "s|^Exec=apm run [^ ]* ||" "$desktop_file"
+        sed -i -E "s|^Exec=(/run/current-system/sw/bin/)?apm run [^ ]* |Exec=|" "$desktop_file"
     fi
     
     # 尝试用 busybox dos2unix（若不存在则跳过转换）
@@ -653,7 +663,7 @@ process_desktop_file() {
     
     # 处理 Exec 行：在原有命令前追加 apm run $pkgname
     if grep -q '^Exec=' "$desktop_file"; then
-        sed -i "s|^Exec=\(.*\)$|Exec=apm run $pkgname \1|" "$desktop_file"
+        sed -i "s|^Exec=\(.*\)$|Exec=${apm_exec_prefix} \1|" "$desktop_file"
     fi
     
     # 删除 TryExec 行

src/var/lib/apm/apm/files/ace-run

@@ -27,8 +27,18 @@ function ensure_dir() {
         return 0
     fi
 }
+
 chrootEnvPath="${chrootEnvPath:-$(dirname $0)/ace-env}"
 
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
 APM_PKG_NAME="${APM_PKG_NAME:-apm-general}"
 
 non_root_user=$(who  | awk '{print $1}' | head -n 1)
@@ -61,7 +71,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / / "
 
 # add_command 函数定义
 function add_command() {
@@ -106,7 +116,7 @@ done
 ENV_VARS=(
     "FAKEROOTDONTTRYCHOWN 1"
     "PULSE_SERVER /run/user/\$uid/pulse/native"
-    "PATH /amber-ce-tools/bin-override:\$PATH"
+    "PATH $APM_CONTAINER_PATH"
     "IS_ACE_ENV 1"
     "GTK_USE_PORTAL 1"
     "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
@@ -201,4 +211,4 @@ add_command "bash -c \"${container_command}\""
 # echo "${EXEC_COMMAND}"
 
 # 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
-eval "${EXEC_COMMAND}"
+eval "${EXEC_COMMAND}"

src/var/lib/apm/apm/files/ace-run-pkg

@@ -7,6 +7,14 @@ export -f bash
 
 chrootEnvPath="${chrootEnvPath:-$(pwd)/ace-env}"
 
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
 
 
 non_root_user=$(who  | awk '{print $1}' | head -n 1)
@@ -28,7 +36,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / / "
 
 # add_command 函数定义
 function add_command() {
@@ -80,7 +88,7 @@ done
 ENV_VARS=(
     "FAKEROOTDONTTRYCHOWN 1"
     "PULSE_SERVER /run/user/\$uid/pulse/native"
-    "PATH /amber-ce-tools/bin-override:\$PATH"
+    "PATH $APM_CONTAINER_PATH"
     "IS_ACE_ENV 1"
     "GTK_USE_PORTAL 1"
     "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
@@ -139,4 +147,3 @@ add_command "bash -c \"${container_command}\""
 
 # 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
 eval ${EXEC_COMMAND}
-

src/var/lib/apm/apm/files/bin/ace-init

@@ -15,6 +15,15 @@ else
 PKGNAME=$PACKAGE_NAME
 fi
 chrootEnvPath=/var/lib/apm/$PKGNAME/files/ace-env
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
 #if [ ! -e $chrootEnvPath ];then
 echo "Uncompress the env...."
 tar  -xvf $chrootEnvPath.tar.xz -C /var/lib/apm/$PKGNAME/files/
@@ -41,7 +50,7 @@ uid=$(id -u $non_root_user)
 function bookworm-run(){
 bwrap --dev-bind $chrootEnvPath/ / \
   --setenv PULSE_SERVER /run/user/$uid/pulse/native \
-  --setenv PATH /amber-ce-tools/bin-override:$PATH \
+  --setenv PATH "$APM_CONTAINER_PATH" \
   --setenv IS_ACE_ENV "1" \
   --dev-bind-try /media /media \
   --dev-bind-try /tmp /tmp \
@@ -89,7 +98,7 @@ bookworm-run apt clean
 bookworm-run chown -R $(get_current_user)  /usr/lib/locale/
 sudo -u $(get_current_user) bwrap --dev-bind $chrootEnvPath/ / \
   --setenv PULSE_SERVER /run/user/$uid/pulse/native \
-  --setenv PATH /amber-ce-tools/bin-override:$PATH \
+  --setenv PATH "$APM_CONTAINER_PATH" \
   --setenv IS_ACE_ENV "1" \
   --dev-bind $chrootEnvPath/ / \
   --dev-bind-try /media /media \
@@ -121,4 +130,4 @@ ln -sfv ../../usr/share/pixmaps/   $chrootEnvPath/amber-ce-tools/data-dir/
 
 chmod 777 -R $chrootEnvPath/usr/share/icons
 rm -vfr $chrootEnvPath/dev/*
-true
+true

src/var/lib/apm/apm/files/bin/ace-run

@@ -14,6 +14,15 @@ export ACE_PACKAGE_NAME=$PKGNAME
 
 chrootEnvPath=/var/lib/apm/$PKGNAME/files/ace-env
 
+is_nixos() {
+    [ -f /etc/os-release ] && grep -Eq '^ID="?nixos"?$' /etc/os-release
+}
+
+APM_CONTAINER_PATH="/amber-ce-tools/bin-override:$PATH"
+if is_nixos; then
+    APM_CONTAINER_PATH="/amber-ce-tools/bin-override:/usr/local/bin:/usr/bin/"
+fi
+
 # if [ ! -e $chrootEnvPath/finish.flag ];then
 
 # if [ "$(id -u)" = "0" ]; then
@@ -42,7 +51,7 @@ fi
 #########################################################################################
 ##########合成bwrap 1. 基础函数配置段
 # 初始化 EXEC_COMMAND 为 bwrap 基础指令
-EXEC_COMMAND="bwrap --dev-bind / / bwrap"
+EXEC_COMMAND="bwrap --dev-bind / /"
 
 # add_command 函数定义
 function add_command() {
@@ -94,7 +103,7 @@ done
 ENV_VARS=(
     "FAKEROOTDONTTRYCHOWN 1"
     "PULSE_SERVER /run/user/\$uid/pulse/native"
-    "PATH /amber-ce-tools/bin-override:\$PATH"
+    "PATH $APM_CONTAINER_PATH"
     "IS_ACE_ENV 1"
     "IS_APM_ENV 1"
     "XDG_DATA_DIRS /amber-ce-tools/additional-data-dir-in-container:\$XDG_DATA_DIRS"
@@ -149,5 +158,3 @@ add_command "bash -c \"${container_command}\""
 
 # 注意: 实际执行时，请确保所有变量（如 $uid, $chrootEnvPath 等）都已正确定义
 eval ${EXEC_COMMAND}
-
-