[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Putting a file into system image ~user/ but not on reconfigure

From: Hartmut Goebel
Subject: Re: Putting a file into system image ~user/ but not on reconfigure
Date: Thu, 10 Aug 2023 14:38:24 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.12.0

Am 10.08.23 um 14:12 schrieb wolf:

I guess you could have a script that would use the existence of the key itself
as a marker.  In that case you would likely want to recreate it if the marker
(key) got deleted,

No! The key must not be recreated. The key is expected to be replaced by a new one when the box will become a machine. Thus, using the key as a marker is not possible, as the would recreate the insecure key on next reboot. The key must never ever be put into back into place.

I do not have much experience with Vagrant, but I assumed the general idea for
these kind of systems declarative systems is to just recreate the when updates
are required.  Is it expected to actually run guix reconfigure inside the VM?

This depends on how one uses the virtual machines :-)

And even if it is not expected to run guix reconfigure on it: If one does, this but open a front door to the system - which is not what one wants.

Anyhow, thanks for sharing thoughts,

Hartmut Goebel

| Hartmut Goebel          |               |
| | compilers which you thought are impossible |

reply via email to

[Prev in Thread] Current Thread [Next in Thread]