"pelzflorian (Florian Pelz)" <pelzflor...@pelzflorian.de> skribis:
> On Sun, Jun 02, 2019 at 11:38:36AM +0200, Ludovic Courtès wrote: [...] >> Actually, another thing that could happen is that Guix reads an >> incomplete /etc/shadow because some other program is writing to it. >> >> In that case, suppose Guix reads a partial /etc/shadow where user >> “florian” is missing. It would then create a new /etc/shadow where the >> password for “florian” is uninitialized (or set to the initial value >> that appears in config.scm.) >> >> Could it be what happened to you? You’d have to be running ‘passwd’ or >> ‘usermod’ or whatever at exactly the same time as ‘guix system >> reconfigure’ (and you’d have to be “lucky”). >> > > No, I did not change my password in a very long time. > > Is there no proper cross-application locking mechanism for > /etc/passwd? elogind uses > > struct flock flock = { > .l_type = F_WRLCK, > .l_whence = SEEK_SET, > .l_start = 0, > .l_len = 0, > }; > […] > fd = open(path, O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0600); > […] > r = fcntl(fd, F_SETLKW, &flock; > > Should Guix adopt something similar for shadow/passwd/… database > reads? We could do that yes, that I’d lean towards using the same thing as libc and Shadow. The whole scenario just sounds very unlikely though. Thanks, Ludo’.