After I booted to a Guix install USB, chrooted as described on the Arch wiki and started a Guix daemon, I could reconfigure as before. There was no need to fiddle with grub-install.
After multiple reconfigures, it happened again, my /etc/shadow has ! again in the password field. My recently changed root password became empty as well, like 35902. I did not even run sudo concurrently. The password just got locked. The /etc from the “populating from /gnu/store/*-etc” messages has no significant differences either. On Sat, Jun 01, 2019 at 11:37:51PM +0200, Ludovic Courtès wrote: > "pelzflorian (Florian Pelz)" <pelzflor...@pelzflorian.de> skribis: > > AccountsService appears to only be usable for reading /etc/shadow, not > > for writing it, contrary to what the Guix manual claims (??). > > That might be a bug. > AccountsService obviously can change passwords. No bug here. Sorry. I was confused. > > For writing passwords, gnome-control-center does not use > > AccountsService, it calls /usr/bin/passwd directly in its source code > > in panels/user-accounts/run-passwd.c. > > That’s definitely a bug to fix: it should invoke > /run/setuid-programs/passwd instead. > Find attached two patches that fix GNOME password changing. Both are required. Regards, Florian
>From 1eb7699d5036062993a080393bfb4a46d2dc1bea Mon Sep 17 00:00:00 2001 From: Florian Pelz <pelzflor...@pelzflorian.de> Date: Mon, 3 Jun 2019 07:19:20 +0200 Subject: [PATCH 1/2] =?UTF-8?q?Add=20cracklib=E2=80=99s=20password=20dicti?= =?UTF-8?q?onary=20to=20cracklib=E2=80=99s=20default=20output.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * gnu/packages/password-utils.scm (cracklib): Use `make dict`. --- gnu/packages/password-utils.scm | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/gnu/packages/password-utils.scm b/gnu/packages/password-utils.scm index 2b844c9a1c..88f933e43e 100644 --- a/gnu/packages/password-utils.scm +++ b/gnu/packages/password-utils.scm @@ -310,6 +310,15 @@ and vice versa.") (sha256 (base32 "1rimpjsdnmw8f5b7k558cic41p2qy2n2yrlqp5vh7mp4162hk0py")))) (build-system gnu-build-system) + (arguments + `(#:phases + (modify-phases %standard-phases + (add-after 'install 'install-dict + (lambda* (#:key make-flags #:allow-other-keys) + (begin + (chmod (string-append "util/cracklib-format") #o755) + (apply invoke "make" "dict" make-flags) + #t)))))) (synopsis "Password checking library") (home-page "https://github.com/cracklib/cracklib") (description -- 2.21.0
>From c7c016adc34c591febd0d3630f32dbecdd20ad7c Mon Sep 17 00:00:00 2001 From: Florian Pelz <pelzflor...@pelzflorian.de> Date: Sun, 2 Jun 2019 20:01:23 +0200 Subject: [PATCH 2/2] Make gnome-control-center find passwd binary. * gnu/packages/gnome.scm (gnome-control-center): Substitute correct path to passwd. --- gnu/packages/gnome.scm | 3 +++ 1 file changed, 3 insertions(+) diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index 6a2a683f58..2917107d18 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -5879,6 +5879,9 @@ devices using the GNOME desktop.") (("\"nm-connection-editor") (string-append "\"" nm-applet "/bin/nm-connection-editor"))) + (substitute* '("panels/user-accounts/run-passwd.c") + (("/usr/bin/passwd") + "/run/setuid-programs/passwd")) #t)))))) (native-inputs `(("glib:bin" ,glib "bin") ; for glib-mkenums, etc. -- 2.21.0