After I booted to a Guix install USB, chrooted as described on the
Arch wiki and started a Guix daemon, I could reconfigure as before.
There was no need to fiddle with grub-install.
After multiple reconfigures, it happened again, my /etc/shadow has !
again in the password field. My recently changed root password became
empty as well, like 35902. I did not even run sudo concurrently. The
password just got locked.
The /etc from the “populating from /gnu/store/*-etc” messages has no
significant differences either.
On Sat, Jun 01, 2019 at 11:37:51PM +0200, Ludovic Courtès wrote:
> "pelzflorian (Florian Pelz)" <pelzflor...@pelzflorian.de> skribis:
> > AccountsService appears to only be usable for reading /etc/shadow, not
> > for writing it, contrary to what the Guix manual claims (??).
>
> That might be a bug.
>
AccountsService obviously can change passwords. No bug here. Sorry.
I was confused.
> > For writing passwords, gnome-control-center does not use
> > AccountsService, it calls /usr/bin/passwd directly in its source code
> > in panels/user-accounts/run-passwd.c.
>
> That’s definitely a bug to fix: it should invoke
> /run/setuid-programs/passwd instead.
>
Find attached two patches that fix GNOME password changing. Both are
required.
Regards,
Florian
>From 1eb7699d5036062993a080393bfb4a46d2dc1bea Mon Sep 17 00:00:00 2001
From: Florian Pelz <pelzflor...@pelzflorian.de>
Date: Mon, 3 Jun 2019 07:19:20 +0200
Subject: [PATCH 1/2] =?UTF-8?q?Add=20cracklib=E2=80=99s=20password=20dicti?=
=?UTF-8?q?onary=20to=20cracklib=E2=80=99s=20default=20output.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* gnu/packages/password-utils.scm (cracklib): Use `make dict`.
---
gnu/packages/password-utils.scm | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm
index 2b844c9a1c..88f933e43e 100644
--- a/gnu/packages/password-utils.scm
+++ b/gnu/packages/password-utils.scm
@@ -310,6 +310,15 @@ and vice versa.")
(sha256
(base32 "1rimpjsdnmw8f5b7k558cic41p2qy2n2yrlqp5vh7mp4162hk0py"))))
(build-system gnu-build-system)
+ (arguments
+ `(#:phases
+ (modify-phases %standard-phases
+ (add-after 'install 'install-dict
+ (lambda* (#:key make-flags #:allow-other-keys)
+ (begin
+ (chmod (string-append "util/cracklib-format") #o755)
+ (apply invoke "make" "dict" make-flags)
+ #t))))))
(synopsis "Password checking library")
(home-page "https://github.com/cracklib/cracklib";)
(description
--
2.21.0
>From c7c016adc34c591febd0d3630f32dbecdd20ad7c Mon Sep 17 00:00:00 2001
From: Florian Pelz <pelzflor...@pelzflorian.de>
Date: Sun, 2 Jun 2019 20:01:23 +0200
Subject: [PATCH 2/2] Make gnome-control-center find passwd binary.
* gnu/packages/gnome.scm (gnome-control-center): Substitute correct path to
passwd.
---
gnu/packages/gnome.scm | 3 +++
1 file changed, 3 insertions(+)
diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm
index 6a2a683f58..2917107d18 100644
--- a/gnu/packages/gnome.scm
+++ b/gnu/packages/gnome.scm
@@ -5879,6 +5879,9 @@ devices using the GNOME desktop.")
(("\"nm-connection-editor")
(string-append "\"" nm-applet
"/bin/nm-connection-editor")))
+ (substitute* '("panels/user-accounts/run-passwd.c")
+ (("/usr/bin/passwd")
+ "/run/setuid-programs/passwd"))
#t))))))
(native-inputs
`(("glib:bin" ,glib "bin") ; for glib-mkenums, etc.
--
2.21.0
