From mboxrd@z Thu Jan 1 00:00:00 1970 From: "pelzflorian (Florian Pelz)" Subject: bug#35996: User account password got locked when booting old generation Date: Wed, 5 Jun 2019 13:06:58 +0200 Message-ID: <20190605110658.7metilrqike4juml@pelzflorian.localdomain> References: <20190603060301.2nu2zqi5j3v3j5ki@pelzflorian.localdomain> <87tvd6erbo.fsf@gnu.org> <20190603145209.ub7663zp7yh7n7i4@pelzflorian.localdomain> <87d0jtemca.fsf@gnu.org> <20190604121710.uqni7cwp5jo4pwmq@pelzflorian.localdomain> <20190604141217.7tq33idseebne5v2@pelzflorian.localdomain> <20190604171715.gvwr54wiek4xs24e@pelzflorian.localdomain> <87o93d6o8u.fsf@gnu.org> <20190605061611.py3v3msydbfn2eoe@pelzflorian.localdomain> <87imtk73xs.fsf@gnu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Return-path: Received: from eggs.gnu.org ([209.51.188.92]:55098) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1hYTly-0005Zk-Ui for bug-guix@gnu.org; Wed, 05 Jun 2019 07:08:03 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hYTly-00007Z-2p for bug-guix@gnu.org; Wed, 05 Jun 2019 07:08:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33086) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hYTlx-00006s-Uy for bug-guix@gnu.org; Wed, 05 Jun 2019 07:08:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hYTlx-0003Bc-Js for bug-guix@gnu.org; Wed, 05 Jun 2019 07:08:01 -0400 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <87imtk73xs.fsf@gnu.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 35996@debbugs.gnu.org It appears your patch fixes the issue. I admire the speed at which you write patches. :) Thank you! On Wed, Jun 05, 2019 at 11:54:23AM +0200, Ludovic Courtès wrote: > Note that you’ll have to create a new “broken” generation with this > patch (because we already know that the old one can corrupt > /etc/shadow.) > I created a new working generation and then a new unbootable generation with broken udevd args, both with all your patches. I rebooted the broken and then the working generation repeatedly twelve times. I waited varying amounts of time before doing Ctrl+Alt+Del in the broken generation. /etc/shadow is still in good health. However: On Tue, Jun 04, 2019 at 11:21:05PM +0200, Ludovic Courtès wrote: > Indeed, ‘shepherd’ calls ‘disable-reboot-on-ctrl-alt-del’ (which > disables “hard” reboots upon ctrl-alt-del and instead notifies it) after > it has loaded its config file. Is there a good reason shepherd calls disable-reboot-on-ctrl-alt-del at the end? I get recovering journal messages unless on the previous boot I waited for the whole GDM to start (I can login on the TTY before GDM has fully started), which takes a long time during which users could change their mind and decide they do not want to boot. (The Macbook is not fast anyway and Guix is even slower when booting compared to Debian.) Regards, Florian