(address . bug-guix@gnu.org)
Hi Guix,
Running the below command as root overrides the running system's shadow
files
(/etc/shadow, /etc/passwd, and /etc/group).
WARNING: Don't run the following outside of a VM!
guix shell --container --share=/etc
This erases the current user from the passwd database, meaning `su` and
`sudo`
no longer work, and you can't log in.
Discussion
The context is that I was tracking down a libreoffice bug using guix
time-machine and ran the very clever command trying to get the display
working.
sudo guix time-machine ... -- environment -C --ad-hoc coreutils sway \
--preserve='DISPLAY' --preserve='XDG' --share=/etc -- sway
Now of course if you write random commands with sudo, you should expect
to brick
your system from time to time. And setting `--share=/etc` wasn't
particularly
smart idea. However, it would have been nice to not have that wipe my
shadow files.
For example, being warned about sharing /etc with a container.
To reproduce, run the Guix command in a basic VM image, connecting to Guix
daemon on the host.[1]
Please let me know if you have any questions!
Kind regards,
- Christina O'Donnell
---
[1] See my blog for more details: