The new system generation was produced without "test" group, so you could reboot into it. And it could lead to problems if we will have a tiny output to console and big output to a log file, I guess. > A user-land program is not supposed to be able to cause a kernel panic; > if it does, that’s a kernel bug. How to make a kernel panic The problem will be No defined variable IPTABLES-SSH after 'guix system reconfigure' and kernel crash after. $HOME/src/iptables/iptables/ru.scm (define-module (iptables ru) ;; … ) (define %iptables-ssh "-A INPUT -p tcp --dport 22 \ -m state --state NEW -m recent --set --name SSH -j ACCEPT") /etc/config.scm (use-modules ;; … (iptables ru)) (define start-firewall #~(let ((iptables (lambda (str) (zero? (system (string-join `(,#$(file-append iptables "/sbin/iptables") ,str) " ")))))) (format #t "Install iptables rules.~%") (and ;; … (iptables %iptables-ssh)))) (define firewall-service (simple-service 'firewall shepherd-root-service-type (list (shepherd-service (provision '(firewall)) (requirement '()) (start #~(lambda _ #$start-firewall)) (respawn? #f) (stop #~(lambda _ (zero? (system* #$(file-append iptables "/sbin/iptables") "-F")))))))) (operating-system ;; … (services (cons* ;; … firewall-service))) Make a kernel panic sudo GUILE_LOAD_PATH=\"$HOME/src/iptables\ :$GUILE_LOAD_PATH\" guix system reconfigure \ $HOME/dotfiles/guix/system-magnolia.scm # Run above again and kernel will panic. > But perhaps you got the kernel panic *after* rebooting in the > reconfigured system? That could well be a GuixSD bug, indeed. No, it happens after second 'guix system reconfigure' with howto above. [...] Thanks, Oleg.