On Sun, Aug 23, 2020 at 11:24:43PM +0200, Danny Milosavljevic wrote:
> Paul did not know that it is a per-user operation.
> 
> I did almost exactly the same thing when I was a new guix user.
> That's pretty much what one is used to from Debian etc.

I see. Coming from Debian, I also had trouble learning the differences
between various options of sudo, and also the differences between login
shells, interactive shells, etc. They don't matter on Debian, but they
do matter for Guix.

> I don't really know whether it should do anything useful, but the current
> situation is seriously weird.

Considering how often people stumble on this, I've been wondering if
Guix should handle privilege escalation internally, rather than asking
users to learn these arcane details of Unix.

Systemd does that. For example, given an operation that requires
privileges, if I attempt to run it without privileges, it will use
polkit (I think) to escalate safely. It's optional and not all distros
enable it by default. It looks like this:

------
$ systemctl restart guix-daemon 
==== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to restart 'guix-daemon.service'.
Authenticating as: leo,,, (leo)
Password: 
==== AUTHENTICATION COMPLETE ===
------