On 2/12/22 15:15, coralgoat--- via wrote:
I could try booting an operating system in memory and then use a disk
encryption program to decrypt the hard drive with my passphrase and
then run `chattr -i /etc/resolv.conf`. What disk encryption program
should I use to decrypt the hard disk?
Guix uses dm-crypt so you should be able to use the cryptsetup tool
available in most distributions by default:
cryptsetup open /dev/sda2 guix
The above command creates decrypted representation of the /dev/sda2
partition at /dev/mapper/guix. You can mount this file like any other
partition. This should be enough to access the contents of the system in
case the boot process completely breaks.
However in this case Ricardo's advice may be enough to get it to work
from within Guix itself. I explained the above for future reference or
in case it doesn't work.
I resolved the domain name resolution errors by doing 2
things:
1) editing /etc/resolv.conf changing it to a single line that set a
specific nameserver
2) I ran this command `chattr +i /etc/resolv.conf`
If you want to avoid getting /etc/resolv.conf modified, instead of
adding the immutable attribute to the file (AKA changing the "state" of
the file) you should configure the responsible service so it doesn't
modify it in the first place.
This is especially important in a declarative system like Guix, where
the operating-system and its services should function no matter the
*state* of the files in it. Almost every system-level setting can be
configured with Guix's configuration system. And using it prevents
broken configurations like these from making the system completely
unbootable, as you would be able to boot to a previous generation from
the boot menu.
I'm assuming you're using a configuration based on the official example,
so the service that modifies this file should be NetworkManager coming
from %desktop-services. To disable its modification to /etc/resolv.conf
you can set the `dns` field to "none" in its
`network-manager-configuration`. You can modify it by using
`modify-services` on %desktop-services.
See these manual pages for the usage of modify-services and also
documentation of network-manager-configuration:
* https://guix.gnu.org/manual/en/html_node/Service-Reference.html
* https://guix.gnu.org/manual/en/html_node/Networking-Services.html
SeerLite