User accounts are shared between system generations

  • Open
  • quality assurance status badge
Details
2 participants
  • Ian Eure
  • Ludovic Courtès
Owner
unassigned
Submitted by
Ian Eure
Severity
normal

Debbugs page

I
I
Ian Eure wrote on 10 Mar 15:46 -0700
(address . bug-guix@gnu.org)
874j00o65m.fsf@retrospec.tv
Found this one on accident today and was surprised. To reproduce:

- Remove your user account from your system configuration on
accident.
- `sudo guix system reconfigure'
- Realize your mistake. Observe that neither `su' nor `sudo'
work, because you don’t exist.
- Reboot in a state of mild panic.
- Select any previous system generation from GRUB.

Expected result: previous generations should have the account
which was deleted, since it was declared in the configurations
which produced them.

Actual result: They don’t.

-- Ian
L
L
Ludovic Courtès wrote on 17 Mar 12:41 -0700
(name . Ian Eure)(address . ian@retrospec.tv)(address . 76928@debbugs.gnu.org)
87y0x3la0z.fsf@gnu.org
Hi,

Ian Eure <ian@retrospec.tv> skribis:

Toggle quote (16 lines)
> Found this one on accident today and was surprised. To reproduce:
>
> - Remove your user account from your system configuration on
> accident.
> - `sudo guix system reconfigure'
> - Realize your mistake. Observe that neither `su' nor `sudo' work,
> because you don’t exist.
> - Reboot in a state of mild panic.
> - Select any previous system generation from GRUB.
>
> Expected result: previous generations should have the account which
> was deleted, since it was declared in the configurations which
> produced them.
>
> Actual result: They don’t.

Are you sure? /etc/{shadow,passwd,group} are created at activation
time, meaning when booting or reconfiguring (see ‘account-activation’,
which returns code that calls ‘activate-users+groups’, the procedure
that creates those files).

Thanks,
Ludo’.
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 76928@patchwise.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 76928
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch