Hello, Ludovic Courtès writes: > Maxim Cournoyer skribis: > >> Indeed, the default recommended invocation to update the root's guix >> could be changed to be 'sudo -i guix pull', which should work on all >> systems including Ubuntu. > > Oh right. Could you make this change in the manual? > > Thanks, > Ludo’. I looked at what was in the manual, and became less sure, thought maybe 'sudo -E' could be better, so I've done the following little experiment using Docker to test an Ubuntu enviroment: Here's the Dockerfile, with instructions to reproduce in it: --8<---------------cut here---------------start------------->8--- FROM ubuntu RUN apt-get update && apt-get install sudo RUN useradd -ms /bin/bash user RUN usermod -aG sudo user RUN echo user:user | chpasswd USER user CMD bash # To test (in the directory where this file is written as 'Dockerfile'): # docker build . # docker run -it --rm # Then run the following commands: # export PATH=extra-stuff:$PATH # sudo -E sh -c 'echo -e "env when using -E: \n$(env)\n\n"' # sudo -i sh -c 'echo -e "env when using -i: \n$(env)\n\n"' # sudo sh -c 'echo -e "env with plain sudo: $(env)\n\n"' --8<---------------cut here---------------end--------------->8--- And the result: --8<---------------cut here---------------start------------->8--- echo $PATH echo $PATH extra-stuff:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 0;user@e538556bf337: /user@e538556bf337:/$ sudo -E sh -c 'echo -e "env when using -E: \n$(env)\n\n"' sudo -E sh -c 'echo -e "env when using -E: \n$(env)\n\n"' -e env when using -E: SUDO_GID=1000 USER=root HOSTNAME=e538556bf337 SHLVL=1 HOME=/home/user SUDO_UID=1000 LOGNAME=root _=/usr/bin/sudo TERM=xterm USERNAME=root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin LS_COLORS=rs=0:di=01;34:[...] SUDO_COMMAND=/bin/sh -c echo -e "env when using -E: $(env) " SHELL=/bin/bash SUDO_USER=user PWD=/ 0;user@e538556bf337: /user@e538556bf337:/$ sudo -i sh -c 'echo -e "env when using -i: \n$(env)\n\n"' sudo -i sh -c 'echo -e "env when using -i: \n$(env)\n\n"' -e env when using -i: SUDO_GID=1000 MAIL=/var/mail/root USER=root HOSTNAME=e538556bf337 SHLVL=1 HOME=/root SUDO_UID=1000 LOGNAME=root _=/bin/sh USERNAME=root TERM=xterm PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin LS_COLORS=rs=0:di=01;34:ln=01;36: [...] $(env) " SHELL=/bin/bash SUDO_USER=user PWD=/root user@e538556bf337: /user@e538556bf337:/$ sudo sh -c 'echo -e "env with plain sudo: $(env)\n\n"' sudo sh -c 'echo -e "env with plain sudo: $(env)\n\n"' -e env with plain sudo: SUDO_GID=1000 MAIL=/var/mail/root USER=root HOSTNAME=e538556bf337 HOME=/home/user SUDO_UID=1000 LOGNAME=root TERM=xterm USERNAME=root PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin LS_COLORS=rs=0:di=01;34:ln=01;36: [...] SUDO_COMMAND=/bin/sh -c echo -e "env with plain sudo: $(env) " SHELL=/bin/bash SUDO_USER=user PWD=/ --8<---------------cut here---------------end--------------->8--- What do we get from this? Well, first, the user's PATH is *not* preserved when using 'sudo', at least on Debian and Ubuntu. These are configured out of the box to reset the PATH to a 'safe' value, even when using the -E option of sudo. We also see, as Ludovic found out, that the user's HOME is preserved for the normal invocation of sudo on Ubuntu. In light of this, I suggest the attached patch to our documentation. It's a bit sub-optimal in that it modifies a section of the 'Guix System', which behaved as described; but given that it's the only place where we mention of 'sudo guix pull', better safe than sorry, I'd say (foreign distribution users might read it, thinking it also applies to themselves). Does that seem worthwile/reasonable?