From: Jeremiah@pdp10.guru
To: dannym@scratchpost.org
Cc: guix-devel@gnu.org, ekado@elephly.net
Subject: Re: Missed testing
Date: Tue, 12 Mar 2019 21:21:21 +0000 [thread overview]
Message-ID: <871s3bzt4e.fsf@ITSx01.pdp10.guru> (raw)
In-Reply-To: <20190312122738.1df7eeec@scratchpost.org>
> Also, that doesn't help on initial installation which should be made
> much more user-friendly.
Fault tolerant is far more important than user-friendly because a
reliable system is far easier to make user-friendly than it is to make a
user-friendly system fault tolerant.
> That sounds very strange and would be a very bad bug.
It is a very easy to reproduce bug, simply copy the text and paste it
into the example config above the user field.
> I'm using luks home with current guix master and it prompts for my
> password.
Here is the complete procedure I followed to hit the bug:
# Steps for creating a guix vm image using qemu and guix bootstrap Image
GUIX_VERSION=0.16.0
# Step 0 get, verify and unpack guix bootstrap image
wget "https://alpha.gnu.org/gnu/guix/guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz"
wget "https://alpha.gnu.org/gnu/guix/guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz.sig"
gpg --verify "guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz.sig"
unxz -k "guixsd-usb-install-$GUIX_VERSION.x86_64-linux.xz"
# Step 1 create and starta vm disk image of appropriate format and size
qemu-img create prototype.qcow2 20G -f qcow2
# start qemu
qemu-system-x86_64 -m 1024 -smp 1 -boot menu=on -enable-kvm -drive
file=prototype.qcow2 -drive
file=guixsd-usb-install-$GUIX_VERSION.x86_64-linux
# Step 2 setup disk partitions
# Format virtual drive to have 1 large primary partition and mark it as
# bootable
echo -e "o\nn\np\n1\n\n\na\nw" | fdisk /dev/sda
# Setup encrypted volume
cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 50000 --use-random --verify-passphrase luksFormat /dev/sda1
# or if that takes too long to type:
cryptsetup -v -c aes-xts-plain64 -s 512 -h sha512 -i 50000 --use-random -y luksFormat /dev/sda1
cryptsetup open /dev/sda1 root
# Format drive to allow its use
mkfs.ext4 /dev/mapper/root
# Label the volume for guix
e2label /dev/mapper/root root
# Mount the drive
mount /dev/mapper/root /mnt
# Step 3 setup network for download of packages and source code
# turn on networking
# vmware:: eno16777736
ifconfig ens3 up
dhclient ens3
# Step 4 add tools required to make setup easier
# Set the default storage space for the setup on the drive itself
herd start cow-store /mnt/
# Step 5 replace the uuid with "/dev/sda1" and set bootloader to grub-bootloader
zile /etc/configuration/desktop.scm
# Step 6 Apply the configuration to the disk
guix system init /etc/configuration/desktop.scm /mnt --fallback
Please note the important difference that the entire drive is fully
encrypted (even grub will prompt for password to decrypt /boot)
> The installer can and should be made to automatically amend the system
> config by mptspi etc.
To the examples, that would be fine but I have concerns about guix
silently fixing configuration files.
-Jeremiah
prev parent reply other threads:[~2019-03-12 21:32 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-11 23:14 Missed testing Jeremiah
2019-03-12 2:52 ` Ricardo Wurmus
2019-03-12 10:22 ` Jeremiah
2019-03-12 11:27 ` Danny Milosavljevic
2019-03-12 21:21 ` Jeremiah [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871s3bzt4e.fsf@ITSx01.pdp10.guru \
--to=jeremiah@pdp10.guru \
--cc=dannym@scratchpost.org \
--cc=ekado@elephly.net \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).