From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jeremiah@pdp10.guru Subject: Re: Missed testing Date: Tue, 12 Mar 2019 21:21:21 +0000 Message-ID: <871s3bzt4e.fsf@ITSx01.pdp10.guru> References: <20190312122738.1df7eeec@scratchpost.org> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([209.51.188.92]:36259) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1h3p0J-0003ZS-CS for guix-devel@gnu.org; Tue, 12 Mar 2019 17:32:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1h3oq0-0000zd-Dc for guix-devel@gnu.org; Tue, 12 Mar 2019 17:21:29 -0400 Received: from itsx01.pdp10.guru ([74.207.247.251]:40516 helo=itsx01) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1h3oq0-0000xf-5n for guix-devel@gnu.org; Tue, 12 Mar 2019 17:21:28 -0400 In-Reply-To: <20190312122738.1df7eeec@scratchpost.org> List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: dannym@scratchpost.org Cc: guix-devel@gnu.org, ekado@elephly.net > Also, that doesn't help on initial installation which should be made > much more user-friendly. Fault tolerant is far more important than user-friendly because a reliable system is far easier to make user-friendly than it is to make a user-friendly system fault tolerant. > That sounds very strange and would be a very bad bug. It is a very easy to reproduce bug, simply copy the text and paste it into the example config above the user field. > I'm using luks home with current guix master and it prompts for my > password. Here is the complete procedure I followed to hit the bug: # Steps for creating a guix vm image using qemu and guix bootstrap Image GUIX_VERSION=0.16.0 # Step 0 get, verify and unpack guix bootstrap image wget "https://alpha.gnu.org/gnu/guix/guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz" wget "https://alpha.gnu.org/gnu/guix/guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz.sig" gpg --verify "guixsd-install-$GUIX_VERSION.x86_64-linux.iso.xz.sig" unxz -k "guixsd-usb-install-$GUIX_VERSION.x86_64-linux.xz" # Step 1 create and starta vm disk image of appropriate format and size qemu-img create prototype.qcow2 20G -f qcow2 # start qemu qemu-system-x86_64 -m 1024 -smp 1 -boot menu=on -enable-kvm -drive file=prototype.qcow2 -drive file=guixsd-usb-install-$GUIX_VERSION.x86_64-linux # Step 2 setup disk partitions # Format virtual drive to have 1 large primary partition and mark it as # bootable echo -e "o\nn\np\n1\n\n\na\nw" | fdisk /dev/sda # Setup encrypted volume cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 50000 --use-random --verify-passphrase luksFormat /dev/sda1 # or if that takes too long to type: cryptsetup -v -c aes-xts-plain64 -s 512 -h sha512 -i 50000 --use-random -y luksFormat /dev/sda1 cryptsetup open /dev/sda1 root # Format drive to allow its use mkfs.ext4 /dev/mapper/root # Label the volume for guix e2label /dev/mapper/root root # Mount the drive mount /dev/mapper/root /mnt # Step 3 setup network for download of packages and source code # turn on networking # vmware:: eno16777736 ifconfig ens3 up dhclient ens3 # Step 4 add tools required to make setup easier # Set the default storage space for the setup on the drive itself herd start cow-store /mnt/ # Step 5 replace the uuid with "/dev/sda1" and set bootloader to grub-bootloader zile /etc/configuration/desktop.scm # Step 6 Apply the configuration to the disk guix system init /etc/configuration/desktop.scm /mnt --fallback Please note the important difference that the entire drive is fully encrypted (even grub will prompt for password to decrypt /boot) > The installer can and should be made to automatically amend the system > config by mptspi etc. To the examples, that would be fine but I have concerns about guix silently fixing configuration files. -Jeremiah