From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id Tpq/C6bjQl9DNQAA0tVLHw (envelope-from ) for ; Sun, 23 Aug 2020 21:46:14 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id 0G8YB6bjQl+nEQAAbx9fmQ (envelope-from ) for ; Sun, 23 Aug 2020 21:46:14 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id DE6B89404C5 for ; Sun, 23 Aug 2020 21:46:12 +0000 (UTC) Received: from localhost ([::1]:50522 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k9xoX-00009W-Sp for larch@yhetil.org; Sun, 23 Aug 2020 17:46:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58296) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k9xoQ-00009M-9e for bug-guix@gnu.org; Sun, 23 Aug 2020 17:46:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:43727) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k9xoQ-0001kT-05 for bug-guix@gnu.org; Sun, 23 Aug 2020 17:46:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1k9xoP-0002HX-Uc for bug-guix@gnu.org; Sun, 23 Aug 2020 17:46:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#42983: "sudo -E guix pull" breaks ~/.config/guix/current for regular user Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sun, 23 Aug 2020 21:46:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42983 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Danny Milosavljevic Received: via spool by 42983-submit@debbugs.gnu.org id=B42983.15982191578759 (code B ref 42983); Sun, 23 Aug 2020 21:46:01 +0000 Received: (at 42983) by debbugs.gnu.org; 23 Aug 2020 21:45:57 +0000 Received: from localhost ([127.0.0.1]:55273 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k9xoK-0002HD-VW for submit@debbugs.gnu.org; Sun, 23 Aug 2020 17:45:57 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:57281) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k9xoJ-0002H0-OS for 42983@debbugs.gnu.org; Sun, 23 Aug 2020 17:45:56 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 628595C0041; Sun, 23 Aug 2020 17:45:50 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 23 Aug 2020 17:45:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=2LDSMpreXb4pR/imNvQ767Tq X8Wiq2b7BGc40O4PQpA=; b=sDFNH0RpMdo0BwD9l2CFaUBeefnYzyBH5mQTkA+F Gx2ae+ajaWqIz9J9HGuFNWNDuVvy7SGWSZGg2daaHBUUAjSVHg5g/aO3JugTE3k+ dZnX3jwBha+FG7SEuVdafigXFil5fXfW2ygt55Xl0JyR8/5jo/vwjefSq97rkQaW 0q4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=2LDSMp reXb4pR/imNvQ767TqX8Wiq2b7BGc40O4PQpA=; b=UxQ0hoTbPidx/gokpUfGfR Hm8DDPPLdreV9aal1qjpP6izKCqyF4IXuruQqzOiyjpzAfZUrgIS+fDkpgx8fzQd AI7qy5l7VIgIkU8zbxtBXKmygfTjBupQoJt2GO9TX553Mj8+GpShDbLerrxAUt6X aCfFlNb/pPW/+OlTc3YNy2f1kePVL7G293PN7rBzx/FiGt7yRclTBpgSTH8UyryQ Geq2ENEFy2DBL4/ZGe12sDjz60GqCGkgIvdZJa7rjhB6uWGebXqeXaRkXv2Fq/lr IUHrmL/hFxBRkUeIiT5bl7gK3f3oVGv41rM0NqQ53tr4lXz+2AFv8HQsX18BPx0Q == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrudduiedgudehfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkfhggtggujgesghdtreertddtvdenucfhrhhomhepnfgvohcu hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecuggftrfgrth htvghrnhepudekveegteekleetgfeitdejgfejkeffudethedvhfeukeduleeikeejfeeh ffetnecukfhppeejfedrudeguddruddvjedrudegieenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Received: from localhost (c-73-141-127-146.hsd1.pa.comcast.net [73.141.127.146]) by mail.messagingengine.com (Postfix) with ESMTPA id 6C00B30600A9; Sun, 23 Aug 2020 17:45:49 -0400 (EDT) Date: Sun, 23 Aug 2020 17:45:47 -0400 From: Leo Famulari Message-ID: <20200823214547.GA30907@jasmine.lan> References: <20200822122750.78ddc111@scratchpost.org> <20200822162241.GA5895@jasmine.lan> <20200823232429.13c8c10e@scratchpost.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline In-Reply-To: <20200823232429.13c8c10e@scratchpost.org> X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.0 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 42983@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=famulari.name header.s=mesmtp header.b=sDFNH0Rp; dkim=fail (rsa verify failed) header.d=messagingengine.com header.s=fm3 header.b=UxQ0hoTb; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -2.11 X-TUID: fZEUjd9QsfBZ --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Aug 23, 2020 at 11:24:43PM +0200, Danny Milosavljevic wrote: > Paul did not know that it is a per-user operation. >=20 > I did almost exactly the same thing when I was a new guix user. > That's pretty much what one is used to from Debian etc. I see. Coming from Debian, I also had trouble learning the differences between various options of sudo, and also the differences between login shells, interactive shells, etc. They don't matter on Debian, but they do matter for Guix. > I don't really know whether it should do anything useful, but the current > situation is seriously weird. Considering how often people stumble on this, I've been wondering if Guix should handle privilege escalation internally, rather than asking users to learn these arcane details of Unix. Systemd does that. For example, given an operation that requires privileges, if I attempt to run it without privileges, it will use polkit (I think) to escalate safely. It's optional and not all distros enable it by default. It looks like this: ------ $ systemctl restart guix-daemon=20 =3D=3D=3D=3D AUTHENTICATING FOR org.freedesktop.systemd1.manage-units =3D= =3D=3D Authentication is required to restart 'guix-daemon.service'. Authenticating as: leo,,, (leo) Password:=20 =3D=3D=3D=3D AUTHENTICATION COMPLETE =3D=3D=3D ------ --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl9C44sACgkQJkb6MLrK fwh9iA//c3lD8Q73bJ6+qMUdIzL9yTyqQKGP1ZamIvyvtNluJ73xQfSGu5n93BBm O5K/kCjeA7bBG08uSTXPULQV7wCnwmdeVusm9+39qFE2mr7w1XlLPULU66K0cTXq M2Ir1vNxknUsgJ1aLBeN87HbJcwhyy5IjWiBio52+vOrAcnpMD5dWox1iO1Sje/2 kZj6wdSXW7yLpFvpH3nl3A7CHNOFaWH2R0SMUHrsCZMDX3AA3t/pvGfYPTAyZxeO 24U87arxY7z4j1qbXl8LQgGy7YiWN/+85dWFemtnWIFOKjBfaIPD74hJ8ChCyoQc 8pSYPszcQ75SQnhlNX24qK1iZbunCLXTD3uqw6lkvJmr139Wgld87U8b8FMYdbcn 1dQEceE9AVHvrPuH0wWfRLWdkEvr3QCg9zqTIYDMXnbCwGBtHY38CDRb9gbcAgyK fw069+lnm8rwMRQdAtB88/s7EVUW3hOadsLPTegjJn9Cxy69xcEZrcNfY0za9L7U B8GZqPxSGGiF7xTavjfzDUuYc5DLnLRRzoYZOoD15CHQ6t1phhhHu5RZkHPphJl+ EoERdVJ8S7AX0ArkJrNjELmQPEHammAWaJDBE20cJ45BESeq8xCLoelyCIPA0Zi6 tXvynFOC5PX+0/G+7K6TW9ONw3JoW6/R7hfJWNGiOyoUxIqHMwM= =SM4L -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI--