Maybe the point is that you cannot demand that the whole world knows the same set of concepts as you do. Otherwise just learn to remove cancer by yourself instead of forcing a person that studied decades to get down their trone and do their job

Would be pretty useful, as far as I know there is no way to change /etc/{subuid,subgid} in the system configuration without manually editing.

Well I had to make one :) it is being tracked on https://issues.guix.gnu.org/72337 . You can define subuid and subgid ranges like so:

(use-modules (gnu system shadow)      ;for 'subids-service-type'
                         (gnu system accounts))   ;for 'subid-range'

(operating-system
  (services
    (list
      (simple-service 'alice-bob-subids
                      subids-service-type
                      (subids-extension
                        (subgids
                         (list
                          (subid-range (name "alice"))))
                        (subuids
                         (list
                          (subid-range (name "alice"))
                          (subid-range (name "bob")
                                       (start 100700)))))))))

which would yield

# cat /etc/subgid
root:100000:65536
alice:165536:65536


# cat /etc/subuid
root:100000:700
bob:100700:65536
alice:166236:65536

Another annoyance with podman on guix is making / a shared mount doesn’t work so changes in mounts aren’t propagated.

I think I solved that by using a Shepherd service run on boot calling mount --make-shared / . I didn’t do extensive testing of mounts but I’m currently using this on my systems as it’s set up in my personal channel. By adding the following to my own system config

(use-modules (small-guix system accounts)
                         (small-guix services containers))

(service iptables-service-type)
(service rootless-podman-service-type
               (rootless-podman-configuration
                (subgids
                 (list (subid-range (name "alice"))))
                (subuids
                 (list (subid-range (name "alice"))))))

I’m able to run the following rootless Podman hello world

$ podman run -it --rm docker.io/alpine cat /etc/*release*
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.20.2
PRETTY_NAME="Alpine Linux v3.20"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"

and with guix shell podman-compose I’m able to run this Podman compose hello world:

$ mkdir data
$ echo hello world > data/index.html
$ podman compose up -d

...

exit code: 0
$ curl localhost:8080
hello world

So some kind of mount appears to work. Thank you for your feedback and feel free to try the service from my own channel if you are interested in providing more or in trying rootless podman on the Guix System.

A little too pitchy imho. It is just a regular linux distro with each system update creating a new fs snapshots .

Just use Nix/Guix lmao

I wouldn’t go the manual way if you are not forced. If you use NetworkManager you can import the configuration either grafically or with nmcli.

It should be sufficiente to modify the network manager service provided by Guix:

(modify-services %desktop-services
 [...]
 (network-manager-service-type config =>
 		               (network-manager-configuration
			        (inherit config)
			        (vpn-plugins (list network-manager-openvpn))))

reconfiguring your system, rebooting and then importing the configuration and set your credentials

It is quite basic still and historically had some problems with reboots, but lately it has gained a lot of attention and bug fixes. I have no experience of runnit, compared to systemd is leaner but in my experience there’s no big feature lacking