The wheel-write-via-udev approach for charge_control_end_threshold has
been broken since 2026-04-08: the audit-remediation commit added
ACTION=="add" to the rule, but the threshold attribute doesn't exist
yet at the add event on Lenovo, so chmod fails silently and permissions
are never set. moonarch-batsaver-toggle has been returning Permission
denied since.
Replace the udev-rule approach with a pkexec helper:
defaults/bin/moonarch-batsaver-apply privileged: validate + write
defaults/bin/moonarch-batsaver-toggle user: read sysfs, dispatch via pkexec
defaults/bin/moonarch-batsaver-restore boot-time root restore (extracted
from inline ExecStart for clarity)
Default Standard-pkexec prompt — password cached per session for the
~5min auth window; no polkit no-password rule, no privilege escalation
surface from misvalidated input. Same pattern Battery-Health-Charging
GNOME extension uses.
The boot-time restore service now skips the kernel write when the
sysfs value already matches the saved state (Lenovo drivers reject
same-value writes with EINVAL).
DECISIONS.md documents the failure analysis and trade-offs.
CLAUDE.md updated to describe the new flow.
moonarch-doctor: udev-effectiveness check removed.
Earlier ClaudeCode sessions had wired a `~/.zshrc.d/*.zsh` snippet loop
plus a `~/.zshrc.local` fallback into defaults/shell/zshrc and made
post-install.sh create the directory unconditionally — neither is a zsh
convention nor documented anywhere. Remove both, simplify post-install
to write only `source /etc/zsh/zshrc.moonarch`, drop stale rustup
next-step hint, drop dead `confirm()` in lib.sh (orphan since
transform.sh deletion 2026-04-21).
moonarch-doctor: replace useless existence checks (zshrc.moonarch,
/usr/share/moonarch/) with real signal. User-service and helper-script
lists now derive from `pacman -Qql moonarch-git` (drift-proof) plus an
explicit list of post-install-enabled externals (currently `stasis`).
New udev-effectiveness check for charge_control_end_threshold —
verifies group=wheel + group-writable, surfaces broken rules instead
of staying silent.
Translate two German ABOUTME comments (moonarch-waybar-cpugov,
moonarch-waybar-gpustat) to English for consistency.
- moonarch-waybar: on merge failure, remove the stale output so waybar
falls back to the system config (previously it kept running with stale
merged data despite the error notification claiming otherwise).
- moonarch-doctor: hoist INSTALLED assignment above both OFFICIAL and AUR
blocks so the script survives set -u when only aur.txt is present.
- zshrc parse_git_branch: gate on git rev-parse and replace three grep
subshells with bash pattern matching, cutting prompt latency from
~5 subprocesses per render to 2 (status + symbolic-ref).
- moonarch-batsaver.service: validate the threshold is an integer 1-100
before writing to sysfs, add NoNewPrivileges and protection directives
instead of relying on kernel validation alone.
- ci/act-runner/Dockerfile: drop the broad "pacman -Sy *" sudoers entry
(only -S --needed is required by makepkg), and pin run.sh to
act_runner:0.3.1 so it cannot drift ahead of the pinned binary.
- .gitea/workflows/update-pkgver.yaml: push via credential.helper=store
with a chmod 600 temp file instead of `git -c http.extraHeader=...`,
so the token no longer shows up in /proc/PID/cmdline.
The `[moonarch-pkgbuilds]` paru-repo check was a false failure: that
mechanism was retired on 2026-04-20 and the install hook strips the
legacy paru.conf section on upgrade.
Audit of the rest of the doctor surfaced two related gaps — the
user-services loop skipped `walker.service` and `nautilus.service`,
even though moonarch-git ships both and enables them via
graphical-session.target.wants. Added them to the loop and filled in
the missing `wlsunset` in the CLAUDE.md listing.
Move nightlight from niri spawn-at-startup to a systemd user service
with After=kanshi.service to ensure all outputs are configured before
wlsunset starts. Toggle now uses enable/disable --now for persistent
state across reboots.
Diagnostic script that verifies services, configs, packages and paths
against the expected moonarch system state. Reports pass/fail/warn with
colored output and summary. Deployed as moonarch-doctor (alias: moondoc).
nevaforget