Thanks! That does sound like it could become a problem but strangely I've never had an issue with it (yet).

What do you use instead of sudo -E for the specific case of guix system reconfigure? I believe the reason I started using it was because Guix wasn't finding something it needed until I dropped my user environment in with -E.

sudo guix system reconfigure ~/.config/guix/system.scm without the -E works just fine for me and I've been using it for some time now.

Was it maybe a sudo guix pull? Where you wanted your user's ~/.config/guix/channels.scm but got root's instead? That's the only command I can think of that would use $HOME directly. (And yikes this one seems to also fill ~/.cache and even ~/.config with root owned files).

AFAIK guix pull shouldn't really ever be needed to run as root. Just guix pull with the regular user and then sudo guix system reconfigure.

Yeah, I never use guix pull with sudo. I think the reason I was using sudo -E was to make sure that my own channel file was being used for reconfiguring the system instead of the root user's channel file. At the time I started using sudo -E, guix time-machine didn't exist, so I should probably use time-machine to consume my own channel file at this point.

IIRC from past discussions, the exact behaviour of sudo depends on the distribution you are using and for some the -E is the default or such.

Relevant comment from guix/scripts/pull.scm:

;; XXX: Ubuntu's 'sudo' preserves $HOME by default, and thus the second
;; condition below is always false when one runs "sudo guix pull". As a
;; workaround, skip this code when $SUDO_USER is set. See
;; https://bugs.gnu.org/36785.

@emixa-d I gotta agree with Ludovic Courtès there regarding it being a bug-like behavior from part of Ubuntu. IMO this patch/PR still applies, especially since the configuration in this repo is aimed at Guix System which uses unpatched sudo (unlike Ubuntu, which seems to be the only distro messing with sudo).