On Darwin, launchd may attempt to start agents before the Nix store is
mounted and available. This leads to failures when the agent's executable
or arguments reside in the Nix store.
This change wraps the agent's command in a shell script that uses
/bin/wait4path to ensure /nix/store is ready before executing the
original program. It also ensures that ProgramArguments are correctly
escaped and concatenated.
Since PR #8099, the module sets `$SSH_AUTH_SOCK` through shells' options
for interactive shell initialization instead of
`home.sessionVariablesExtra`. The replacement was not faithful, however,
since `home.sessionVariablesExtra` is sourced also in non-interactive
shells. With this commit, the shells' profile options (where
`home.sessionVariablesExtra` is sourced) are used to set
`$SSH_AUTH_SOCK`.
Fixes#8129.
