From debbugs-submit-bounces@debbugs.gnu.org Sun Aug 23 17:45:57 2020 Received: (at 42983) by debbugs.gnu.org; 23 Aug 2020 21:45:57 +0000 Received: from localhost ([127.0.0.1]:55273 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k9xoK-0002HD-VW for submit@debbugs.gnu.org; Sun, 23 Aug 2020 17:45:57 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:57281) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k9xoJ-0002H0-OS for 42983@debbugs.gnu.org; Sun, 23 Aug 2020 17:45:56 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 628595C0041; Sun, 23 Aug 2020 17:45:50 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Sun, 23 Aug 2020 17:45:50 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=2LDSMpreXb4pR/imNvQ767Tq X8Wiq2b7BGc40O4PQpA=; b=sDFNH0RpMdo0BwD9l2CFaUBeefnYzyBH5mQTkA+F Gx2ae+ajaWqIz9J9HGuFNWNDuVvy7SGWSZGg2daaHBUUAjSVHg5g/aO3JugTE3k+ dZnX3jwBha+FG7SEuVdafigXFil5fXfW2ygt55Xl0JyR8/5jo/vwjefSq97rkQaW 0q4= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=2LDSMp reXb4pR/imNvQ767TqX8Wiq2b7BGc40O4PQpA=; b=UxQ0hoTbPidx/gokpUfGfR Hm8DDPPLdreV9aal1qjpP6izKCqyF4IXuruQqzOiyjpzAfZUrgIS+fDkpgx8fzQd AI7qy5l7VIgIkU8zbxtBXKmygfTjBupQoJt2GO9TX553Mj8+GpShDbLerrxAUt6X aCfFlNb/pPW/+OlTc3YNy2f1kePVL7G293PN7rBzx/FiGt7yRclTBpgSTH8UyryQ Geq2ENEFy2DBL4/ZGe12sDjz60GqCGkgIvdZJa7rjhB6uWGebXqeXaRkXv2Fq/lr IUHrmL/hFxBRkUeIiT5bl7gK3f3oVGv41rM0NqQ53tr4lXz+2AFv8HQsX18BPx0Q == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedrudduiedgudehfecutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpeffhffvuffkfhggtggujgesghdtreertddtvdenucfhrhhomhepnfgvohcu hfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhirdhnrghmvgeqnecuggftrfgrth htvghrnhepudekveegteekleetgfeitdejgfejkeffudethedvhfeukeduleeikeejfeeh ffetnecukfhppeejfedrudeguddruddvjedrudegieenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Received: from localhost (c-73-141-127-146.hsd1.pa.comcast.net [73.141.127.146]) by mail.messagingengine.com (Postfix) with ESMTPA id 6C00B30600A9; Sun, 23 Aug 2020 17:45:49 -0400 (EDT) Date: Sun, 23 Aug 2020 17:45:47 -0400 From: Leo Famulari To: Danny Milosavljevic Subject: Re: bug#42983: "sudo -E guix pull" breaks ~/.config/guix/current for regular user Message-ID: <20200823214547.GA30907@jasmine.lan> References: <20200822122750.78ddc111@scratchpost.org> <20200822162241.GA5895@jasmine.lan> <20200823232429.13c8c10e@scratchpost.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="+HP7ph2BbKc20aGI" Content-Disposition: inline In-Reply-To: <20200823232429.13c8c10e@scratchpost.org> X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 42983 Cc: 42983@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Aug 23, 2020 at 11:24:43PM +0200, Danny Milosavljevic wrote: > Paul did not know that it is a per-user operation. >=20 > I did almost exactly the same thing when I was a new guix user. > That's pretty much what one is used to from Debian etc. I see. Coming from Debian, I also had trouble learning the differences between various options of sudo, and also the differences between login shells, interactive shells, etc. They don't matter on Debian, but they do matter for Guix. > I don't really know whether it should do anything useful, but the current > situation is seriously weird. Considering how often people stumble on this, I've been wondering if Guix should handle privilege escalation internally, rather than asking users to learn these arcane details of Unix. Systemd does that. For example, given an operation that requires privileges, if I attempt to run it without privileges, it will use polkit (I think) to escalate safely. It's optional and not all distros enable it by default. It looks like this: ------ $ systemctl restart guix-daemon=20 =3D=3D=3D=3D AUTHENTICATING FOR org.freedesktop.systemd1.manage-units =3D= =3D=3D Authentication is required to restart 'guix-daemon.service'. Authenticating as: leo,,, (leo) Password:=20 =3D=3D=3D=3D AUTHENTICATION COMPLETE =3D=3D=3D ------ --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl9C44sACgkQJkb6MLrK fwh9iA//c3lD8Q73bJ6+qMUdIzL9yTyqQKGP1ZamIvyvtNluJ73xQfSGu5n93BBm O5K/kCjeA7bBG08uSTXPULQV7wCnwmdeVusm9+39qFE2mr7w1XlLPULU66K0cTXq M2Ir1vNxknUsgJ1aLBeN87HbJcwhyy5IjWiBio52+vOrAcnpMD5dWox1iO1Sje/2 kZj6wdSXW7yLpFvpH3nl3A7CHNOFaWH2R0SMUHrsCZMDX3AA3t/pvGfYPTAyZxeO 24U87arxY7z4j1qbXl8LQgGy7YiWN/+85dWFemtnWIFOKjBfaIPD74hJ8ChCyoQc 8pSYPszcQ75SQnhlNX24qK1iZbunCLXTD3uqw6lkvJmr139Wgld87U8b8FMYdbcn 1dQEceE9AVHvrPuH0wWfRLWdkEvr3QCg9zqTIYDMXnbCwGBtHY38CDRb9gbcAgyK fw069+lnm8rwMRQdAtB88/s7EVUW3hOadsLPTegjJn9Cxy69xcEZrcNfY0za9L7U B8GZqPxSGGiF7xTavjfzDUuYc5DLnLRRzoYZOoD15CHQ6t1phhhHu5RZkHPphJl+ EoERdVJ8S7AX0ArkJrNjELmQPEHammAWaJDBE20cJ45BESeq8xCLoelyCIPA0Zi6 tXvynFOC5PX+0/G+7K6TW9ONw3JoW6/R7hfJWNGiOyoUxIqHMwM= =SM4L -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI--