Hey Ricardo, Ricardo Wurmus writes: > Perhaps also wrap “NOPASSWD” in @code{…}. Got it, thanks! > This is a comment for future changes only: currently, we can assume that > the remote machine already runs Guix System. In the future “guix > deploy” should probably also be able to initialize a system. In that > case “sudo” may have to be searched on the target or otherwise be > provided. Ah, that's a good point. I'd imagine that would involve changing a few other things with how the REPL is spawned, too. > (What happens if /run/setuid-programs/sudo is not available on the > target machine?) I'm a bit short on time before boarding this flight, so I can't test it out at the moment, but I'm pretty sure the "failed to run..." message condition would be thrown. I'll check and get back to you. > I’m just stumbling upon “socket-name”. “/var/guix” is not guaranteed to > be the localstatedir. It would be better to use (guix config) to > determine the configured value. > > This doesn’t block this patch, of course, but it would be good to change > this in the future. Right, yeah. I may submit a separate patch for it shortly since it should be a simple change. Regards, Jakob