From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp10.migadu.com ([2001:41d0:2:bcc0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id kMw/BFtD22H/GQAAgWs5BA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 09 Jan 2022 21:19:39 +0100
Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp10.migadu.com with LMTPS
	id 2DeAOFpD22FWbAEAG6o9tA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 09 Jan 2022 21:19:38 +0100
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 9F0E23F01E
	for <larch@yhetil.org>; Sun,  9 Jan 2022 21:19:38 +0100 (CET)
Received: from localhost ([::1]:36406 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1n6efB-0008R7-R5
	for larch@yhetil.org; Sun, 09 Jan 2022 15:19:37 -0500
Received: from eggs.gnu.org ([209.51.188.92]:37336)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1n6eec-0008QX-RG
 for bug-guix@gnu.org; Sun, 09 Jan 2022 15:19:02 -0500
Received: from debbugs.gnu.org ([209.51.188.43]:58495)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1n6eec-0007Dq-KT
 for bug-guix@gnu.org; Sun, 09 Jan 2022 15:19:02 -0500
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1n6eec-0000y3-Ci
 for bug-guix@gnu.org; Sun, 09 Jan 2022 15:19:02 -0500
X-Loop: help-debbugs@gnu.org
Subject: bug#45295: Alternative
Resent-From: Maxime Devos <maximedevos@telenet.be>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Sun, 09 Jan 2022 20:19:02 +0000
Resent-Message-ID: <handler.45295.B45295.16417594853648@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: followup 45295
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: Jorge Acereda <jacereda@gmail.com>, 45295@debbugs.gnu.org
Received: via spool by 45295-submit@debbugs.gnu.org id=B45295.16417594853648
 (code B ref 45295); Sun, 09 Jan 2022 20:19:02 +0000
Received: (at 45295) by debbugs.gnu.org; 9 Jan 2022 20:18:05 +0000
Received: from localhost ([127.0.0.1]:51397 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1n6edg-0000wm-Q6
 for submit@debbugs.gnu.org; Sun, 09 Jan 2022 15:18:05 -0500
Received: from michel.telenet-ops.be ([195.130.137.88]:33576)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maximedevos@telenet.be>) id 1n6eda-0000w5-4u
 for 45295@debbugs.gnu.org; Sun, 09 Jan 2022 15:18:02 -0500
Received: from [172.20.10.5] ([188.188.14.77])
 by michel.telenet-ops.be with bizsmtp
 id gkHv2600D1flEHY06kHwhl; Sun, 09 Jan 2022 21:17:56 +0100
Message-ID: <cf26786af911b594627d07b0467164e7d6368ee1.camel@telenet.be>
From: Maxime Devos <maximedevos@telenet.be>
Date: Sun, 09 Jan 2022 21:17:49 +0100
In-Reply-To: <87r19gy980.fsf@gmail.com>
References: <87mtycila0.fsf@inria.fr> <87r19gy980.fsf@gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512";
 protocol="application/pgp-signature"; boundary="=-8oP91rAmE7P0fguo/fwW"
User-Agent: Evolution 3.38.3-1 
MIME-Version: 1.0
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telenet.be; s=r22;
 t=1641759476; bh=CYP7oCPOP7fDUmgqeN85ubevXPqawInjJjEJiDhPAyU=;
 h=Subject:From:To:Date:In-Reply-To:References;
 b=mNUlT0a31GXPQ2aPiy2fy43XhFyZbisdJVmI10UKgWeucN8qyP108RXXq3LupetMr
 Y7eStYYbnoMFn6U7JuPY8SAm+Mw1lvpTLuNCfsGIUVPv6mSmk04fkf/PMWwsNsttAW
 lOKO+51sYkIfoEG5HhCFaDuk433q03vGKMLF+KGx75jt8rX4vPZ0ReExzfQyVqg7Y2
 J9qWaqMzASkuAg1k26PiVOR5AsZJkzCVIkNRqS/KMEc8GopB6HVrN0gfyMzgXiIgfJ
 zuHBCv3oYEX58DTThHO6AGr+GA3CZHH6xuZ4rPyrA42uI9CaZZCbwMPQaKZZWGoLKb
 bTcorVp2pzRCA==
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
X-Migadu-Country: US
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1641759578;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=CYP7oCPOP7fDUmgqeN85ubevXPqawInjJjEJiDhPAyU=;
	b=DkcJVntHY1THBicrHr8eC94wvr/mFDPksZpzi6UzW4aB1riNmkss8og3Srf2Yc/i4r73c9
	RwubNpSuOC84e+wGGz+yzdR5T9k0OLo/jWcJFruaSTCLJH/SkI8H7L21Yl/uFS5Tc39dAB
	LRjTNHG9nJ2aL1q3ghGu0pBBnrjvW7eVut5P5YqbaBAj4H8hlnxTYxA5KELJ2y7QvW41H/
	3bY2VC5u+P+Xg7gzC6dzDiFsE/EGkejp9niSPBqbvxGNWzD11hCxr5eVOYu6+/7oovUZx9
	35zlEJifZkYkD/KDk5PjQugXoW8CivmQW90MHuKzkHJyUBMhskNxhSgJC52+mA==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1641759578; a=rsa-sha256; cv=none;
	b=GZ7Yyhzv/oW5xFIuSRoyo1YkGxu719LDhchUT7L6mKz8Iv8HUFFmLDfQvlXKG/nqIw39zF
	IlG0/G2soFDPgcXWqO5ODtVK+QMxxrhiee1YkeI1Ksf+JnLmqU2LVKm/3QH7wIx5WF0akj
	5tW1N9f9vNAKQeNC7RNaCS7YoWDxKPFDSNBXlCPNkp4Kd4DgfpE06s+o11+LYDcEgCgDgi
	VBHBBrkf+UY7nMObV35njPfqD+A36O+gbrXd7jKWNm++EvXhxsA77FykSIdGcQK+MBjLcO
	gxDHRVq3RPJfm7VUXCaYolkUwzKEzGgvFNaEDTOpqinfYwuQ8PEiUxnW9uGgGg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=mNUlT0a3;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Spam-Score: -4.61
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=telenet.be header.s=r22 header.b=mNUlT0a3;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=telenet.be (policy=none);
	spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org"
X-Migadu-Queue-Id: 9F0E23F01E
X-Spam-Score: -4.61
X-Migadu-Scanner: scn0.migadu.com
X-TUID: QVAF2bZyKLxx


--=-8oP91rAmE7P0fguo/fwW
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Jorge Acereda schreef op zo 09-01-2022 om 20:55 [+0100]:
> Hi,
>=20
> New user here, so maybe I'm talking BS.=20
>=20
> I'm wondering if getting rid of sudo for reconfiguration is an option.
>=20
> What if instead of running all the process as root, it invoked sudo (or
> doas) in the final stage, so it can perform the bits that require
> permissions?

A problem here is that this assumes sudo, so "guix system reconfigure"
needs to guess whether to use "su", "sudo", "sudo -E", "doas", ...

Looking at guix/scripts/system.scm, it appears that
"guix system reconfigure" interacts with shepherd directly,
so "guix system reconfigure" needs to be run as root to work;
at least currently it cannot delegate this to a separate process
to be run under "sudo" or the like.

Greetings,
Maxime.

--=-8oP91rAmE7P0fguo/fwW
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----

iI0EABYKADUWIQTB8z7iDFKP233XAR9J4+4iGRcl7gUCYdtC7RccbWF4aW1lZGV2
b3NAdGVsZW5ldC5iZQAKCRBJ4+4iGRcl7mF6AQCFx/jqBi75yR2LpdVBQiOqNhEN
qDrSIHy8Kblp9Q2yVQD9HVl1T+Uc4ZvgHhNFNczmehQZuhlPNmIFAj/TDlBddQk=
=Rkz0
-----END PGP SIGNATURE-----

--=-8oP91rAmE7P0fguo/fwW--