GNU bug report logs -
#49369
Duplicated SSL_CERT_DIR value, and the cuirass service
Previous Next
To reply to this bug, email your comments to 49369 AT debbugs.gnu.org.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
bug-guix <at> gnu.org:
bug#49369; Package
guix.
(Sat, 03 Jul 2021 22:36:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Vivien Kraus <vivien <at> planete-kraus.eu>:
New bug report received and forwarded. Copy sent to
bug-guix <at> gnu.org.
(Sat, 03 Jul 2021 22:36:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Dear guix,
When I set up the cuirass service, my /run/current-
system/profile/etc/profile file goes from:
export SSL_CERT_DIR="${GUIX_PROFILE:-
/gnu/store/v7yks560hnm9zkjw1ynsavfdgwbvkq9w-
profile}/etc/ssl/certs${SSL_CERT_DIR:+:}$SSL_CERT_DIR"
to:
export SSL_CERT_DIR="${GUIX_PROFILE:-
/gnu/store/4zby6gn6kv92mn4mck4jw3jxcs82821p-profile}/etc/ssl/certs"
Notice how with cuirass, the variable is expanded to potentially
multiple values.
As a result (I don’t fully understand why), with the cuirass service in
place, my $SSL_CERT_DIR is set to:
/run/current-system/profile/etc/ssl/certs:/run/current-
system/profile/etc/ssl/certs
(notice the duplicated entry)
Due to that, the guile web client is broken because guile does not
support a colon-separated path in SSL_CERT_DIR.
Attributing the blame to this breakage is tricky, because guile is not
100% clean (it should support a path), it’s not clear to me why cuirass
needs to re-define SSL_CERT_DIR, but maybe guix should not consider
that cuirass is installed when it is used as a service.
Best regards,
Vivien
This bug report was last modified 3 years and 230 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.