From debbugs-submit-bounces@debbugs.gnu.org Sat Sep 26 16:21:46 2015 Received: (at 21566) by debbugs.gnu.org; 26 Sep 2015 20:21:46 +0000 Received: from localhost ([127.0.0.1]:45209 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Zfvyc-00066X-0K for submit@debbugs.gnu.org; Sat, 26 Sep 2015 16:21:46 -0400 Received: from eggs.gnu.org ([208.118.235.92]:51840) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1ZfvyZ-00066P-6O for 21566@debbugs.gnu.org; Sat, 26 Sep 2015 16:21:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ZfvyV-0002z3-5w for 21566@debbugs.gnu.org; Sat, 26 Sep 2015 16:21:43 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_40,RP_MATCHES_RCVD autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:46880) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ZfvyV-0002yh-2m; Sat, 26 Sep 2015 16:21:39 -0400 Received: from reverse-83.fdn.fr ([80.67.176.83]:60992 helo=pluto) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.82) (envelope-from ) id 1ZfvyU-0005z4-CZ; Sat, 26 Sep 2015 16:21:38 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: goglosh@openmailbox.org Subject: Re: bug#21566: Bug when moving between system instances References: X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 5 =?utf-8?Q?Vend=C3=A9miaire?= an 224 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x3D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-unknown-linux-gnu Date: Sat, 26 Sep 2015 22:21:36 +0200 In-Reply-To: (goglosh@openmailbox.org's message of "Sat, 26 Sep 2015 03:21:23 +0000") Message-ID: <87612xylrj.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: Error: Malformed IPv6 address (bad octet value). X-Received-From: 2001:4830:134:3::e X-Spam-Score: -6.0 (------) X-Debbugs-Envelope-To: 21566 Cc: 21566@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) goglosh@openmailbox.org skribis: > I got this unexpected behaviour. I used `guix system reconfigure ...` > to make a new system instance, used it for a while, and later booted > back into the old system. I used diferent names for the user in the > first and second system, let's call them sys1user and sys2user. I > booted into the old system and tried to login as sys1user (the user > created with that system) with it's password and this was no longer > possible. Yes, good point. I see how this may look confusing. When you boot a specific generation of the system, it gets to see only the set of users that were declared for that generation. So one sees =E2=80=98sys1user=E2=80=99 and =E2=80=98root=E2=80=99, and the other has = =E2=80=98sys2user=E2=80=99 and =E2=80=98root=E2=80=99. So when you booted the new generation, the =E2=80=98sys1user=E2=80=99 accou= nt was deleted and the =E2=80=98sys2user=E2=80=99 account was created. When you b= ooted again into the old generation, =E2=80=98sys1user=E2=80=99 was added back and =E2= =80=98sys2user=E2=80=99 was deleted. This is on purpose, see . Now, the problem is that passwords are state that is outside of GuixSD=E2= =80=99s control. Passwords are stored in /etc/shadow, and removing a user account removes its entry in /etc/shadow. This is why you would get uninitialized passwords when booting back in the old generation. I think this is an acceptable =E2=80=9Climitation=E2=80=9D of the approach = though. > I then rebooted back into the new system, only to find the exact same > problem. in /home/sys2user all files belonged to some user called > 30011. Same issue: Unless the =E2=80=98user-account=E2=80=99 declaration asked for= a specific user ID via the =E2=80=98uid=E2=80=99 field (see ), the UID is assigned when the account is first created. What happens here is that maybe =E2=80=98sys2user=E2=80=99 got the UID 3001= 1 at some point, and then got a different one. Again, I don=E2=80=99t thin there=E2=80=99s much that GuixSD can do here, b= ecause it doesn=E2=80=99t control what files are created under which UID in /home, et= c. Does that make sense? Thanks, Ludo=E2=80=99.