Received: (at 77201-done) by debbugs.gnu.org; 5 May 2025 15:35:04 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon May 05 11:35:04 2025 Received: from localhost ([127.0.0.1]:41761 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uBxqR-0005lI-Lp for submit <at> debbugs.gnu.org; Mon, 05 May 2025 11:35:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45498) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1uBxqH-0005iy-FF for 77201-done <at> debbugs.gnu.org; Mon, 05 May 2025 11:34:53 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from <ludo@HIDDEN>) id 1uBxqB-0001pm-Pe; Mon, 05 May 2025 11:34:47 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org; s=fencepost-gnu-org; h=MIME-Version:Date:References:In-Reply-To:Subject:To: From; bh=L3WUtxHQ1lwcSyBkzM5OCYcMYjZWST5/Rtqba+0JRM8=; b=KPMrTc+j+ahI0qFgVB5U gl2uELJKffgVrGTjfW0sz0QgT6UkCDxytTpt9VDb9MNkwwVQCh1MaEv4X8lktzIlvSK+K0hLwNwTm MaZbf2mpxoB49Y+wvrgA/Za3I9QQvOuKt/LtfaOmTFcVHujxc7O6laTM01Eo17ghtPRTFC9YVjtPd 27U5nOTN6IodwF50CCMNkf6hUO2aegTywAFqzdDypG1jcT39mKUfyvstIhP2UU/phoNBdMwavfNes Tq2rIkXJggGN7aBu2xPY7kDdm+VuCDEu80KedIK5RpQN3Y9zW8jvAlpRmPYtasW8uX5P0GPuDf7dQ p5JKN7qtA73N/A==; From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN> To: Rutherther <rutherther@HIDDEN> Subject: Re: bug#77201: [PATCH] guix: substitute-key-authorization: Fix case when acl symlink is broken In-Reply-To: <bb8060e580fe7e60e3f7edd067d0f35648576e71.1745827664.git.rutherther@HIDDEN> (rutherther@HIDDEN's message of "Mon, 28 Apr 2025 10:07:53 +0200") References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN> <bb8060e580fe7e60e3f7edd067d0f35648576e71.1745827664.git.rutherther@HIDDEN> Date: Mon, 05 May 2025 12:19:21 +0200 Message-ID: <87jz6v5phy.fsf_-_@HIDDEN> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.8 (/) X-Debbugs-Envelope-To: 77201-done Cc: 77201-done <at> debbugs.gnu.org, Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: -0.2 (/) Hi, Rutherther <rutherther@HIDDEN> writes: > One possible solution for an issue when /etc/guix/acl file exists, but po= ints > to a non-existent location. This can for example happen if one is > reinitializing the system, and remove only /gnu/store and /var/guix, keep= the > rest okay. This is a major advantage of guix as compared to other distros= that > usually need you to reinitialize the whole root partition. But this will = leave > the user with acl file pointing to non-existent location. The file-exists? > procedure will return #f for broken symbolic links. > > I think that another reason one would get this issue is, if one was boote= d in > a live iso, chrooted, fixing their system. They would switch generations = to > one with different acl file, delete other generations gc rooting the orig= inal > acl file and then gc. One could do this approach for example when recover= ing > from file corruptions in the store, to get rid of the unsubstitutable pat= hs > that can't be repaired with guix gc --verify. > > This fixes the issue by looking for type of a file through lstat, instead= of > relying on file-exists?. If the symlink is a broken symlink, it is > removed. Other than that the old behavior is kept: > - If regular file, back it up > - If symlink pointing to the store, remove it > - If symlink not pointing to the store, back it up > > * gnu/services/base.scm (substitute-key-authorization): Check if acl file= is a > (broken) symbolic link > > Change-Id: I2f8170606b2f4afeea48f04acfd738b04cafc7cf Applied after changing the terminology from =E2=80=9Cbroken symlink=E2=80= =9D to =E2=80=9Cdangling symlink=E2=80=9D, which I think is more widely used (and = easier to find while grepping!). Thanks, Ludo=E2=80=99.
Rutherther <rutherther@HIDDEN>:Ludovic Courtès <ludo@HIDDEN>:Received: (at 77201) by debbugs.gnu.org; 2 May 2025 18:34:04 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Fri May 02 14:34:04 2025 Received: from localhost ([127.0.0.1]:33199 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1uAvD2-0003FX-8J for submit <at> debbugs.gnu.org; Fri, 02 May 2025 14:34:04 -0400 Received: from ditigal.xyz ([78.46.201.50]:52254 helo=mail.ditigal.xyz) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <rutherther@HIDDEN>) id 1uAvCx-0003Ej-P5 for 77201 <at> debbugs.gnu.org; Fri, 02 May 2025 14:34:00 -0400 Received: by cerebrum (OpenSMTPD) with ESMTPSA id 709dc6a7 (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Fri, 2 May 2025 18:33:50 +0000 (UTC) From: Rutherther <rutherther@HIDDEN> To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix case when acl symlink is broken In-Reply-To: <8734dsog80.fsf@HIDDEN> References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN> <87jz87darf.fsf@HIDDEN> <877c3lhdbn.fsf@HIDDEN> <871ptt8eno.fsf@HIDDEN> <877c3kb3hk.fsf@HIDDEN> <878qnvyvze.fsf@HIDDEN> <8734dsog80.fsf@HIDDEN> Date: Fri, 02 May 2025 20:33:48 +0200 Message-ID: <871pt6lv5f.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz; i=@ditigal.xyz; q=dns/txt; s=20240917; t=1746210830; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=RETzxftaP1qja3CI1brDOXk/dpuQk456jLjHy/XoCI0=; b=oXP9b51me/28jm0dLtssaOWyyrYpYSZ0ku5UBzzS8n7vO/ffYJMuJvLQX8X3W9MC35Spd O4iGmsReMcg4W5eOxJlPD4FgmX6vbnKats+Oln1871vhSKnHtO5mfRJd52SfjdJR0zNW7RT 4IjM6twDkvYI76ZRvkktOHUbpo3rbK0= X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 77201 Cc: 77201 <at> debbugs.gnu.org, Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.5 (/) I was skimming through the code and I found out install-channels-file has the same issue as substitute-key-authorization has with this symlinking. I suppose I will make this into a generic function after all, so that it can be used in both of those functions. Just wondering if I should make it a gexp or put it to some of the guix/build/ files (or a new one?) "Rutherther" <rutherther@HIDDEN> writes: > Apologies for the delay, I somehow didn't get to testing in a VM last > week, today I finally tested it, found a few issues, fixed them, and it > seems to be working fine for me. I tried to test all possible cases: > > - No acl file > - Regular file > - Symlink to store > - Symlink out of store > - Broken symlink > > - .bak (not) existing > > I've kept it directly in this function upon Ludo's comment about > rebuilding the whole world if it was added to guix/build/utils, I can > create a new guix/build file if you think it makes sense to have it > reusable, or put it to another one(?). > > Since this is activation logic, I think it's important to thoroughly > test it - should a new VM tests be added for this, or is it unnecesasry > and the current tests suffice? If something went wrong, the tests would > fail to boot (I haven't tried using system tests defined in guix yet, I > will try to run them). > Will QA run them for this commit or is it ran only for defined branches? > > Submitted v2. > > Regards, > Rutherther
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.Received: (at 77201) by debbugs.gnu.org; 28 Apr 2025 08:14:33 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Mon Apr 28 04:14:33 2025 Received: from localhost ([127.0.0.1]:52777 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1u9JdJ-0006sq-8S for submit <at> debbugs.gnu.org; Mon, 28 Apr 2025 04:14:33 -0400 Received: from ditigal.xyz ([2a01:4f8:1c1b:6a1c::]:47578 helo=mail.ditigal.xyz) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <rutherther@HIDDEN>) id 1u9JdG-0006rm-Mq for 77201 <at> debbugs.gnu.org; Mon, 28 Apr 2025 04:14:31 -0400 Received: by cerebrum (OpenSMTPD) with ESMTPSA id 52441ccc (TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO); Mon, 28 Apr 2025 08:14:24 +0000 (UTC) From: Rutherther <rutherther@HIDDEN> To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN> Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix case when acl symlink is broken In-Reply-To: <878qnvyvze.fsf@HIDDEN> References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN> <87jz87darf.fsf@HIDDEN> <877c3lhdbn.fsf@HIDDEN> <871ptt8eno.fsf@HIDDEN> <877c3kb3hk.fsf@HIDDEN> <878qnvyvze.fsf@HIDDEN> Date: Mon, 28 Apr 2025 10:14:23 +0200 Message-ID: <8734dsog80.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz; i=@ditigal.xyz; q=dns/txt; s=20240917; t=1745828064; h=from : to : cc : subject : in-reply-to : references : date : message-id : mime-version : content-type : from; bh=zrZS9SIqeWuCTMsAgv7S6xdhMlkkJAEHthI0rmufCAg=; b=ibMfBmd8GieaDXItkCK68+MObclusG40gm0flZgAtARpPr23B3I6y0rlUL/ilpsg5ZImj 084h/nhzpgiYdDlUx1k5rZl9VCQ9Z8GwbKjX4MmhSU1Ramu+HVWO5k4r8zeJOsGfL9Lxp80 l6uVXYFNoccPHvDG8c284EbKl/Nl4Jo= X-Spam-Score: 0.5 (/) X-Debbugs-Envelope-To: 77201 Cc: 77201 <at> debbugs.gnu.org, Ian Eure <ian@HIDDEN> X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.5 (/) Apologies for the delay, I somehow didn't get to testing in a VM last week, today I finally tested it, found a few issues, fixed them, and it seems to be working fine for me. I tried to test all possible cases: - No acl file - Regular file - Symlink to store - Symlink out of store - Broken symlink - .bak (not) existing I've kept it directly in this function upon Ludo's comment about rebuilding the whole world if it was added to guix/build/utils, I can create a new guix/build file if you think it makes sense to have it reusable, or put it to another one(?). Since this is activation logic, I think it's important to thoroughly test it - should a new VM tests be added for this, or is it unnecesasry and the current tests suffice? If something went wrong, the tests would fail to boot (I haven't tried using system tests defined in guix yet, I will try to run them). Will QA run them for this commit or is it ran only for defined branches? Submitted v2. Regards, Rutherther
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at 77201) by debbugs.gnu.org; 28 Apr 2025 08:08:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Apr 28 04:08:19 2025
Received: from localhost ([127.0.0.1]:52696 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u9JXH-00063o-47
for submit <at> debbugs.gnu.org; Mon, 28 Apr 2025 04:08:19 -0400
Received: from ditigal.xyz ([2a01:4f8:1c1b:6a1c::]:34208 helo=mail.ditigal.xyz)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <rutherther@HIDDEN>)
id 1u9JXB-00062U-Ur
for 77201 <at> debbugs.gnu.org; Mon, 28 Apr 2025 04:08:16 -0400
Received: by cerebrum (OpenSMTPD) with ESMTPSA id 9bea1cc5
(TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO);
Mon, 28 Apr 2025 08:08:06 +0000 (UTC)
From: Rutherther <rutherther@HIDDEN>
To: 77201 <at> debbugs.gnu.org
Subject: [PATCH v2] guix: substitute-key-authorization: Fix case when acl
symlink is broken
Date: Mon, 28 Apr 2025 10:07:53 +0200
Message-ID: <bb8060e580fe7e60e3f7edd067d0f35648576e71.1745827664.git.rutherther@HIDDEN>
X-Mailer: git-send-email 2.49.0
MIME-Version: 1.0
X-Debbugs-Cc: =?utf-8?q?Rutherther_=3Crutherther=40ditigal=2Exyz=3E=2C_Ian_Eure_=3Cian=40retrospec=2Etv=3E=2C_Ludovic_Court=C3=83=C2=A8s_=3Cludo=40chbouib=2Eorg=3E?=
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz;
i=@ditigal.xyz; q=dns/txt; s=20240917; t=1745827686; h=from : to : cc
: subject : date : message-id : mime-version :
content-transfer-encoding : from;
bh=rmyaZ01ntaACyP8FI21JArTjVtDrmB71KhaZFFFrJKo=;
b=Zvqq4YHrO50dTQfXHvv5DKJYtuQPU2ER5bF62X54mlQF/xUWE38XPVbmmRxeT09a4vh78
ah0CQpmJhUGCa/cHGMy1eJJzgCBn5eZf55e/lnZPagaCBOmkQuv3bTQ5bMzrR1ERcYwwwtY
7vMW/fA1SyolQHE5gkUczEwaNt8oAIU=
X-Spam-Score: 2.5 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: One possible solution for an issue when /etc/guix/acl file
exists, but points to a non-existent location. This can for example happen
if one is reinitializing the system, and remove only /gnu/store an [...]
Content analysis details: (2.5 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
2.0 FROM_SUSPICIOUS_NTLD_FP From abused NTLD
X-Debbugs-Envelope-To: 77201
Cc: Rutherther <rutherther@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.5 (/)
One possible solution for an issue when /etc/guix/acl file exists, but points
to a non-existent location. This can for example happen if one is
reinitializing the system, and remove only /gnu/store and /var/guix, keep the
rest okay. This is a major advantage of guix as compared to other distros that
usually need you to reinitialize the whole root partition. But this will leave
the user with acl file pointing to non-existent location. The file-exists?
procedure will return #f for broken symbolic links.
I think that another reason one would get this issue is, if one was booted in
a live iso, chrooted, fixing their system. They would switch generations to
one with different acl file, delete other generations gc rooting the original
acl file and then gc. One could do this approach for example when recovering
from file corruptions in the store, to get rid of the unsubstitutable paths
that can't be repaired with guix gc --verify.
This fixes the issue by looking for type of a file through lstat, instead of
relying on file-exists?. If the symlink is a broken symlink, it is
removed. Other than that the old behavior is kept:
- If regular file, back it up
- If symlink pointing to the store, remove it
- If symlink not pointing to the store, back it up
* gnu/services/base.scm (substitute-key-authorization): Check if acl file is a
(broken) symbolic link
Change-Id: I2f8170606b2f4afeea48f04acfd738b04cafc7cf
---
gnu/services/base.scm | 19 ++++++++++++-------
1 file changed, 12 insertions(+), 7 deletions(-)
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 8c6563c99d..02b4274e9d 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1841,17 +1841,22 @@ (define (substitute-key-authorization keys guix)
(with-imported-modules '((guix build utils))
#~(begin
- (use-modules (guix build utils))
+ (use-modules (guix build utils)
+ (ice-9 match))
(define acl-file #$%acl-file)
;; If the ACL already exists, move it out of the way. Create a backup
;; if it's a regular file: it's likely that the user manually updated
;; it with 'guix archive --authorize'.
- (if (file-exists? acl-file)
- (if (and (symbolic-link? acl-file)
- (store-file-name? (readlink acl-file)))
- (delete-file acl-file)
- (rename-file acl-file (string-append acl-file ".bak")))
- (mkdir-p (dirname acl-file)))
+ (match (and=> (false-if-exception (lstat acl-file)) stat:type)
+ (#f #f) ;file doesn't exist
+ ('symlink ;delete symlink pointing to store; backup otherwise.
+ (if (or (store-file-name? (readlink acl-file)) ;store symlink
+ (not (file-exists? acl-file))) ;broken symlink
+ (delete-file acl-file)
+ (rename-file acl-file (string-append acl-file ".bak"))))
+ (_ ;backup
+ (rename-file acl-file (string-append acl-file ".bak"))))
+ (mkdir-p (dirname acl-file))
;; Installed the declared ACL.
(symlink #+default-acl acl-file))))
base-commit: 56999614a45449c4b93c8614540210b609c2b356
--
2.49.0
rutherther@HIDDEN, ian@HIDDEN, ludo@HIDDEN, guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at 77201) by debbugs.gnu.org; 20 Apr 2025 10:21:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Apr 20 06:21:24 2025
Received: from localhost ([127.0.0.1]:45537 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u6Rnf-0008Cc-7Z
for submit <at> debbugs.gnu.org; Sun, 20 Apr 2025 06:21:24 -0400
Received: from ditigal.xyz ([2a01:4f8:1c1b:6a1c::]:56950 helo=mail.ditigal.xyz)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <rutherther@HIDDEN>)
id 1u6Rnb-0008BL-7u
for 77201 <at> debbugs.gnu.org; Sun, 20 Apr 2025 06:21:20 -0400
Received: by cerebrum (OpenSMTPD) with ESMTPSA id be6fe1df
(TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO);
Sun, 20 Apr 2025 10:21:11 +0000 (UTC)
From: Rutherther <rutherther@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>
Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix
case when acl symlink is broken
In-Reply-To: <877c3kb3hk.fsf@HIDDEN>
References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN>
<87jz87darf.fsf@HIDDEN> <877c3lhdbn.fsf@HIDDEN>
<871ptt8eno.fsf@HIDDEN> <877c3kb3hk.fsf@HIDDEN>
Date: Sun, 20 Apr 2025 12:21:09 +0200
Message-ID: <878qnvyvze.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz;
i=@ditigal.xyz; q=dns/txt; s=20240917; t=1745144471; h=from : to : cc
: subject : in-reply-to : references : date : message-id :
mime-version : content-type : content-transfer-encoding : from;
bh=6cMze4HOStEU66hcL3mF7btGeAvfZIShH3VbLdrhqAg=;
b=lOnSX/0YgmWNdk0ircP3KFJ64RfHa7eio6Hrigc/fKvbzMfk7JLp6uolHihbZKGw6kLzl
8Ygk6blQWf6FqoTKbI6lcqAYOb19ikG/gtBPm6urNRI/VVhMSrsHLMmS41wgRTCsnsxqX/V
XCYSy1JQxrm+/LfpeN7Rc3TKkoYKdh8=
X-Spam-Score: 2.5 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hello Ludo, Ludovic Courtès <ludo@HIDDEN> writes: >
Hi, > > Rutherther <rutherther@HIDDEN> writes: >
Content analysis details: (2.5 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
X-Debbugs-Envelope-To: 77201
Cc: 77201 <at> debbugs.gnu.org, Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 2.5 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hello Ludo, Ludovic Courtès <ludo@HIDDEN> writes: >
Hi, > > Rutherther <rutherther@HIDDEN> writes: >
Content analysis details: (2.5 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
1.0 BULK_RE_SUSP_NTLD Precedence bulk and RE: from a suspicious TLD
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
Hello Ludo,
Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
> Hi,
>
> Rutherther <rutherther@HIDDEN> writes:
>
> Indentation is off (see above.)
Oh yeah, I didn't take much care with pasting it to an e-mail and it
became off somehow even though in code I have proper indentation.
> Also (I=E2=80=99m nitpicking!), margin comment
> should not be a full sentence, so rather:
>
> (#f #f) ;file doesn't exist
Oh, okay, I wasn't aware of these rules or even what 'margin' comments
are. But to be clear, you also agree the comments make sense here? It
seemed to me it's a bit hard to follow the reasoning here from the code its=
elf.
>
> Should be good!
I am going testing now in a VM, then I will submit a patch later.
>
>> I will probably also make this into a reusable function in guix utils
>> build,
>
> Maybe not: (guix build utils) is rarely updated because it entails world
> rebuilds, which also means that it=E2=80=99s interfaces must be very gene=
ric and
> bullet-proof. So I would keep it local for now.
Good point, I haven't thought of that.
Thank you,
Rutherther
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at 77201) by debbugs.gnu.org; 16 Apr 2025 14:19:19 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Wed Apr 16 10:19:19 2025
Received: from localhost ([127.0.0.1]:39628 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u53bi-0000Zf-KD
for submit <at> debbugs.gnu.org; Wed, 16 Apr 2025 10:19:19 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:49078)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1u53bV-0000We-CC
for 77201 <at> debbugs.gnu.org; Wed, 16 Apr 2025 10:19:05 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <ludo@HIDDEN>)
id 1u53bP-0003eL-UM; Wed, 16 Apr 2025 10:18:59 -0400
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Rutherther <rutherther@HIDDEN>
Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix
case when acl symlink is broken
In-Reply-To: <871ptt8eno.fsf@HIDDEN> (rutherther@HIDDEN's message of
"Tue, 15 Apr 2025 20:26:19 +0200")
References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN>
<87jz87darf.fsf@HIDDEN> <877c3lhdbn.fsf@HIDDEN>
<871ptt8eno.fsf@HIDDEN>
User-Agent: mu4e 1.12.9; emacs 29.4
X-URL: https://people.bordeaux.inria.fr/lcourtes/
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-pc-linux-gnu
X-Revolutionary-Date: Septidi 27 Germinal an 233 de la =?utf-8?Q?R=C3=A9vo?=
=?utf-8?Q?lution=2C?= jour de =?utf-8?Q?l'An=C3=A9mone?=
Date: Wed, 16 Apr 2025 16:11:35 +0200
Message-ID: <877c3kb3hk.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.3 (/)
X-Debbugs-Envelope-To: 77201
Cc: 77201 <at> debbugs.gnu.org, Ian Eure <ian@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -1.3 (-)
Hi,
Rutherther <rutherther@HIDDEN> writes:
>> (match (and=3D> (false-if-exception (lstat acl-file)) stat:type)
>> (#f ;file does not exist
>> =E2=80=A6)
>> ('symlink
>> =E2=80=A6)
>> (_
>> =E2=80=A6))
>
> This definitely helps, thanks, I am still not that skilled in Scheme, so
> I wouldn't think about false-if-exception, and using match would also be
> hard for me to figure out.
>
> I have this now (untested for now)
> ```
> (match (and=3D> (false-if-exception (lstat acl-file)) stat:type)
> (#f #f) ; File doesn't exist
Indentation is off (see above.) Also (I=E2=80=99m nitpicking!), margin com=
ment
should not be a full sentence, so rather:
(#f #f) ;file doesn't exist
> ('symlink ; Delete symlink pointing to store; backup otherwise.
> (if (or (store-file-name? (readlink acl-file)) ; Store symlink
> (not (file-exists? acl-file))) ; Broken symlink
> (delete-file acl-file)
> (rename-file acl-file (string-append acl-file ".bak"))))
> (_ ; Backup
> (rename-file acl-file (string-append acl-file ".bak"))))
Should be good!
> I will probably also make this into a reusable function in guix utils
> build,
Maybe not: (guix build utils) is rarely updated because it entails world
rebuilds, which also means that it=E2=80=99s interfaces must be very generi=
c and
bullet-proof. So I would keep it local for now.
Thanks,
Ludo=E2=80=99.
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at 77201) by debbugs.gnu.org; 15 Apr 2025 18:26:33 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Apr 15 14:26:33 2025
Received: from localhost ([127.0.0.1]:55413 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u4kzR-0008NU-2Y
for submit <at> debbugs.gnu.org; Tue, 15 Apr 2025 14:26:33 -0400
Received: from ditigal.xyz ([2a01:4f8:1c1b:6a1c::]:41254 helo=mail.ditigal.xyz)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <rutherther@HIDDEN>)
id 1u4kzN-0008N7-B5
for 77201 <at> debbugs.gnu.org; Tue, 15 Apr 2025 14:26:30 -0400
Received: by cerebrum (OpenSMTPD) with ESMTPSA id 43bceb4c
(TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO);
Tue, 15 Apr 2025 18:26:21 +0000 (UTC)
From: Rutherther <rutherther@HIDDEN>
To: Ludovic =?utf-8?Q?Court=C3=A8s?= <ludo@HIDDEN>, Ian Eure
<ian@HIDDEN>
Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix
case when acl symlink is broken
In-Reply-To: <877c3lhdbn.fsf@HIDDEN>
References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN>
<87jz87darf.fsf@HIDDEN> <877c3lhdbn.fsf@HIDDEN>
Date: Tue, 15 Apr 2025 20:26:19 +0200
Message-ID: <871ptt8eno.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz;
i=@ditigal.xyz; q=dns/txt; s=20240917; t=1744741581; h=from : to : cc
: subject : in-reply-to : references : date : message-id :
mime-version : content-type : content-transfer-encoding : from;
bh=XS9V5RV8GZb4Pvv1MZW3MgjYUSQx2OhXSBNm07sTTTY=;
b=YTZsJjfTtjidVcivmKGH5C1ghnhaC/rpzxbA8VhU4gZE+nmIVGpJVSZVyWZugCJmwyx+z
k5AxK7ojWpH4AG8jAEVzPsgJ8w8yg65uREnIsrpbPcgSvCd4hnXWJ+LVFhG1S+jcPDoMV/F
xUK8N5vTfme9RV2RrQCoVjySsd7v3Qw=
X-Spam-Score: 2.5 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hi Ludo, Ludovic Courtès <ludo@HIDDEN> writes: > Hello,
> > Ian Eure <ian@HIDDEN> writes: > >>> - (if (file-exists? acl-file)
>>> + (if (or (file-exists? acl-file) (symbolic-link? acl-file)) >> >> Guile
semantics are unhelpful here: `file-ex [...]
Content analysis details: (2.5 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
-0.0 SPF_PASS SPF: sender matches SPF record
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
X-Debbugs-Envelope-To: 77201
Cc: 77201 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 2.5 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: Hi Ludo, Ludovic Courtès <ludo@HIDDEN> writes: > Hello,
> > Ian Eure <ian@HIDDEN> writes: > >>> - (if (file-exists? acl-file)
>>> + (if (or (file-exists? acl-file) (symbolic-link? acl-file)) >> >> Guile
semantics are unhelpful here: `file-ex [...]
Content analysis details: (2.5 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record
2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 BULK_RE_SUSP_NTLD Precedence bulk and RE: from a suspicious TLD
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
Hi Ludo,
Ludovic Court=C3=A8s <ludo@HIDDEN> writes:
> Hello,
>
> Ian Eure <ian@HIDDEN> writes:
>
>>> - (if (file-exists? acl-file)
>>> + (if (or (file-exists? acl-file) (symbolic-link? acl-file))
>>
>> Guile semantics are unhelpful here: `file-exists?' returns #f for a
>> broken symlink, but `symbolic-link?' raises an exception if given a
>> nonexistent path.
>
> I would go back to the fundamentals:
>
> (match (and=3D> (false-if-exception (lstat acl-file)) stat:type)
> (#f ;file does not exist
> =E2=80=A6)
> ('symlink
> =E2=80=A6)
> (_
> =E2=80=A6))
This definitely helps, thanks, I am still not that skilled in Scheme, so
I wouldn't think about false-if-exception, and using match would also be
hard for me to figure out.
I have this now (untested for now)
```
(match (and=3D> (false-if-exception (lstat acl-file)) stat:type)
(#f #f) ; File doesn't exist
('symlink ; Delete symlink pointing to store; backup otherwise.
(if (or (store-file-name? (readlink acl-file)) ; Store symlink
(not (file-exists? acl-file))) ; Broken symlink
(delete-file acl-file)
(rename-file acl-file (string-append acl-file ".bak"))))
(_ ; Backup
(rename-file acl-file (string-append acl-file ".bak"))))
```
I will probably also make this into a reusable function in guix utils
build, but I have been thinking about a good name and couldn't come up with
one for a week! Programmers problems, I guess.
WDYT
Thanks,
Rutherther
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at 77201) by debbugs.gnu.org; 15 Apr 2025 11:35:06 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Apr 15 07:35:06 2025
Received: from localhost ([127.0.0.1]:50969 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1u4eZF-0005jf-Vs
for submit <at> debbugs.gnu.org; Tue, 15 Apr 2025 07:35:06 -0400
Received: from hera.aquilenet.fr ([185.233.100.1]:33970)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <ludo@HIDDEN>) id 1u4eZC-0005is-Ie
for 77201 <at> debbugs.gnu.org; Tue, 15 Apr 2025 07:35:03 -0400
Received: from localhost (localhost [127.0.0.1])
by hera.aquilenet.fr (Postfix) with ESMTP id EB91D449;
Tue, 15 Apr 2025 13:34:55 +0200 (CEST)
Authentication-Results: hera.aquilenet.fr;
none
X-Virus-Scanned: Debian amavis at hera.aquilenet.fr
Received: from hera.aquilenet.fr ([127.0.0.1])
by localhost (hera.aquilenet.fr [127.0.0.1]) (amavis, port 10024) with ESMTP
id HDAECDmRYJ2W; Tue, 15 Apr 2025 13:34:55 +0200 (CEST)
Received: from ribbon (nat-eduroam-36-gw-01-bso.bordeaux.inria.fr
[194.199.1.36])
by hera.aquilenet.fr (Postfix) with ESMTPSA id 66A373AA;
Tue, 15 Apr 2025 13:34:55 +0200 (CEST)
From: =?utf-8?Q?Ludovic_Court=C3=A8s?= <ludo@HIDDEN>
To: Ian Eure <ian@HIDDEN>
Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix
case when acl symlink is broken
In-Reply-To: <87jz87darf.fsf@HIDDEN> (Ian Eure's message of "Sat, 29 Mar
2025 10:09:24 -0700")
References: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN>
<87jz87darf.fsf@HIDDEN>
Date: Tue, 15 Apr 2025 13:30:20 +0200
Message-ID: <877c3lhdbn.fsf@HIDDEN>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: EB91D449
X-Spamd-Result: default: False [-6.07 / 15.00]; BAYES_HAM(-3.00)[99.99%];
NEURAL_HAM(-2.97)[-0.991]; MIME_GOOD(-0.10)[text/plain];
FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
RCVD_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[];
TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_SOME(0.00)[];
RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_TLS_ALL(0.00)[];
FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3];
MID_RHS_MATCH_FROM(0.00)[]
X-Rspamd-Action: no action
X-Spamd-Bar: ------
X-Rspamd-Server: hera
X-Spam-Score: 0.7 (/)
X-Debbugs-Envelope-To: 77201
Cc: Rutherther <rutherther@HIDDEN>, 77201 <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.3 (/)
Hello,
Ian Eure <ian@HIDDEN> writes:
>> - (if (file-exists? acl-file)
>> + (if (or (file-exists? acl-file) (symbolic-link? acl-file))
>
> Guile semantics are unhelpful here: `file-exists?' returns #f for a
> broken symlink, but `symbolic-link?' raises an exception if given a
> nonexistent path.
I would go back to the fundamentals:
(match (and=3D> (false-if-exception (lstat acl-file)) stat:type)
(#f ;file does not exist
=E2=80=A6)
('symlink
=E2=80=A6)
(_
=E2=80=A6))
HTH!
Ludo=E2=80=99.
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.Received: (at 77201) by debbugs.gnu.org; 29 Mar 2025 17:09:40 +0000 From debbugs-submit-bounces <at> debbugs.gnu.org Sat Mar 29 13:09:40 2025 Received: from localhost ([127.0.0.1]:32886 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>) id 1tyZgh-0002Rx-Fa for submit <at> debbugs.gnu.org; Sat, 29 Mar 2025 13:09:39 -0400 Received: from fhigh-b6-smtp.messagingengine.com ([202.12.124.157]:42043) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <ian@HIDDEN>) id 1tyZgd-0002RY-1m for 77201 <at> debbugs.gnu.org; Sat, 29 Mar 2025 13:09:36 -0400 Received: from phl-compute-01.internal (phl-compute-01.phl.internal [10.202.2.41]) by mailfhigh.stl.internal (Postfix) with ESMTP id 520972540197; Sat, 29 Mar 2025 13:09:27 -0400 (EDT) Received: from phl-mailfrontend-01 ([10.202.2.162]) by phl-compute-01.internal (MEProxy); Sat, 29 Mar 2025 13:09:27 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=retrospec.tv; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:message-id:mime-version:reply-to :subject:subject:to:to; s=fm1; t=1743268167; x=1743354567; bh=J7 cPXHsFc39xOrcNpdkzkHY/q+k5IRX8qvnYfs3m0i4=; b=mXJ79sVUHWLLL8QInS bIkVEPEC41Yn0+HIfPqpX9RShd6XK8apvLTNcgD4wBq20n4A6CPYe7lyaTkjCAhw X6MAaHntWJc5epPXD2pGFzrRwh/H3Um+omLMomypMO/1y67Jqbgm8RjPT/UDVNi6 WNylZRcTK/JYn0whpzrQ9BNCM0v1iCFYDxkWDfV9ScALHATo6v2RxjpzsMTHjIL/ giOOy697SEiAUsIajQqsCP/q2Ju9TUlV6L7Rr2qrLXreMVnnlbGJ+W9UDhpFYkAc C9QdUuzSIoE+gg3kjcZM61DxpenNiHsj7qjomsL93csibc1eGbkgDAqBt1uAwnLj 9IcQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:message-id:mime-version:reply-to:subject :subject:to:to:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; t=1743268167; x=1743354567; bh=J7cPXHsFc39xOrcNpdkzkHY/q+k5 IRX8qvnYfs3m0i4=; b=WY7ke7QfmPgKw74SqfLOzEUOKt0VrU8t0ukx9WrvhY74 DWIj+lS4VBdGPuanaHm/iKeudWKh+xf2GyTnSzeJndzqU9a0SLWmgZEfpMMee0bF bEYqWm9Ho3cK9HGOeQ5fWpcNF95pLYS9FPKfP8qiC8mnOpUmYgHGeawe86CpAPQj eeRsVbG9N/miKlw5JZRBuusqsZWCC2fLNGBbZIKJcXRXofljbDBpkzudMayZsU7b gImruyv/jzxTU6omVuk4xA256k7EGptTiVAAfJXONfxKvGF9i+bYdGfJhjugm0TX sX+w1ICdmUgH26RWvkoOI7/0ApEFmwRUdNFCqBVDLg== X-ME-Sender: <xms:RinoZ91UGx00X3uIGFy2GTTIlIjbNVGg18xN5iIhyb0WopJh7IEeIw> <xme:RinoZ0HMkxyPt51FLjr1htq4506KMR9e6oYzmkRw-k8kPZNO8Sd2N3iuisk_yXc_5 dnyz9fmIbgkXb1Jsw> X-ME-Received: <xmr:RinoZ961vJWvLZ-u6Gk-BDrQY7EUMzD65d2xJ1BhIODVPSlE9IFaXLVfAUN_Fk5XKduu8fCdVRk1-hzlCPRzWPOJN8Ucsg21hf2UhUxF7A> X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefvddrtddtgddujeegjeefucetufdoteggodetrf dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdggtfgfnhhsuhgsshgtrhhisggv pdfurfetoffkrfgpnffqhgenuceurghilhhouhhtmecufedttdenucenucfjughrpefhvf evufgffffkgggtgfesthhqredttderjeenucfhrhhomhepkfgrnhcugfhurhgvuceoihgr nhesrhgvthhrohhsphgvtgdrthhvqeenucggtffrrghtthgvrhhnpedtteekfffffeeihf eukedvieeugeeigefftdfhleevlefgtddvhfdtudehffeuvdenucevlhhushhtvghrufhi iigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehirghnsehrvghtrhhoshhpvggtrd htvhdpnhgspghrtghpthhtohepvddpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohep jeejvddtudesuggvsggsuhhgshdrghhnuhdrohhrghdprhgtphhtthhopehruhhthhgvrh hthhgvrhesughithhighgrlhdrgiihii X-ME-Proxy: <xmx:RinoZ61PSr5AxivJZUzIP6jn3qdHSq7iQLyzOOCVjRBfBJS5B7ZAhg> <xmx:RinoZwEf-X5-VanDP43GDnBCYTEx9Gp6lFvcisvGl8wd0958Y5Fiyg> <xmx:RinoZ7-1v9VLAnTrzltEYpEJdhaudaTtDwPEOlBfv9WNd6dA2Ksqzg> <xmx:RinoZ9mNm-C1qipQLJ5D7GwvV8DnvGHLLLjYWvxeF-c9mqPTO3LtKA> <xmx:RynoZ1SrTu9OEcehwb5qb9L7e8qZMQK9pVkWApLqVvX7FoOWDiKb1gEM> Feedback-ID: id9014242:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat, 29 Mar 2025 13:09:26 -0400 (EDT) From: Ian Eure <ian@HIDDEN> To: Rutherther <rutherther@HIDDEN> Subject: Re: [bug#77201] [PATCH] guix: substitute-key-authorization: Fix case when acl symlink is broken User-Agent: mu4e 1.12.9; emacs 29.4 Date: Sat, 29 Mar 2025 10:09:24 -0700 Message-ID: <87jz87darf.fsf@HIDDEN> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Hi Rutherther, Rutherther <rutherther@HIDDEN> writes: > One possible solution for an issue when /etc/guix/acl file > exists, but points > to a non-existent location. This can for example happen if one > is > reinitializing the system, and remove only /gn [...] Content analysis details: (1.3 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 2.0 PDS_OTHER_BAD_TLD Untrustworthy TLDs [URI: ditigal.xyz (xyz)] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [202.12.124.157 listed in sa-trusted.bondedsender.org] 0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [202.12.124.157 listed in bl.score.senderscore.com] -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [202.12.124.157 listed in list.dnswl.org] X-Debbugs-Envelope-To: 77201 Cc: 77201 <at> debbugs.gnu.org X-BeenThere: debbugs-submit <at> debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: <debbugs-submit.debbugs.gnu.org> List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe> List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/> List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org> List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help> List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe> Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org> X-Spam-Score: 0.3 (/) Hi Rutherther, Rutherther <rutherther@HIDDEN> writes: > One possible solution for an issue when /etc/guix/acl file=20 > exists, but points > to a non-existent location. This can for example happen if one=20 > is > reinitializing the system, and remove only /gnu/store and=20 > /var/guix, keep the > rest okay. This is a major advantage of guix as compared to=20 > other distros that > usually need you to reinitialize the whole root partition. But=20 > this will leave > the user with acl file pointing to non-existent location. The=20 > file-exists? > procedure will return #f for broken symbolic links. > > I think that another reason one would get this issue is, if one=20 > was booted in > a live iso, chrooted, fixing their system. They would switch=20 > generations to > one with different acl file, delete other generations gc rooting=20 > the original > acl file and then gc. One could do this approach for example=20 > when recovering > from file corruptions in the store, to get rid of the=20 > unsubstitutable paths > that can't be repaired with guix gc --verify. > > I don't know if there is a better way as I am not that=20 > proficient in guile, > but I definitely think this should be fixed and it should be=20 > checked if > anything exists in that place, not that the link points to a=20 > known location. > Does Guile have a procedure for that that I am missing? If not,=20 > shouldn't > we create one in Guix? I can imagine this being a common=20 > mistake, where we > want to check if something exists at place 'x', without caring=20 > if it's > actually an accessible file. I was looking online and someone=20 > made themselves > a function 'file-exists??' that checked basically this what I=20 > did here - that > it's either a valid file on the disk, or a broken symlink. > > During debugging this issue I also noticed similar issue can=20 > occur in special > files and /run/current-system with the .new files that are=20 > created with > symlink procedure without checking for their existence. While=20 > it's not likely > (especially because the symlink is moved the second it's=20 > created) > the user would have /run/current-system.new nor /bin/sh.new=20 > etc., I still > think it would be worth fixing to make sure the system can boot=20 > even in cases > where something goes horribly wrong. Thanks for the explanation. > * gnu/services/base.scm (substitute-key-authorization): Check if=20 > acl file is a > (broken) symbolic link > > Change-Id: I2f8170606b2f4afeea48f04acfd738b04cafc7cf > --- > gnu/services/base.scm | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/gnu/services/base.scm b/gnu/services/base.scm > index 0d2bb31190..e419d043ae 100644 > --- a/gnu/services/base.scm > +++ b/gnu/services/base.scm > @@ -1845,7 +1845,7 @@ (define (substitute-key-authorization keys=20 > guix) > ;; If the ACL already exists, move it out of the way.=20 > Create a backup > ;; if it's a regular file: it's likely that the user=20 > manually updated > ;; it with 'guix archive --authorize'. > - (if (file-exists? acl-file) > + (if (or (file-exists? acl-file) (symbolic-link?=20 > acl-file)) Guile semantics are unhelpful here: `file-exists?' returns #f for=20 a broken symlink, but `symbolic-link?' raises an exception if=20 given a nonexistent path. The means that if /etc/guix/acl doesn=E2=80=99t= =20 exist, an exception will be raised. There doesn=E2=80=99t appear to be a=20 simple way to determine if a file exists which doesn=E2=80=99t resolve=20 symlinks, which I think is a Guile bug. Thinking through the possible situations here: If /etc/guix/acl is a good symlink pointing into /gnu/store ->=20 delete it. If /etc/guix/acl is a broken symlink pointing anywhere -> delete=20 it. If /etc/guix/acl is a file -> rename it to ".bak" else /etc/guix/acl must be missing -> mkdir-p /etc/acl. ...then populate /etc/guix/acl. I think the right move here is to refactor the nested `if's into a=20 cond to simplify the logic, and wrap `symbolic-link?' in=20 `with-exception-handler' (possibly `let=E2=80=99-binding its result, since= =20 multiple things need it). Thanks, -- Ian
guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
Received: (at submit) by debbugs.gnu.org; 23 Mar 2025 09:48:50 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Sun Mar 23 05:48:50 2025
Received: from localhost ([127.0.0.1]:47703 helo=debbugs.gnu.org)
by debbugs.gnu.org with esmtp (Exim 4.84_2)
(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
id 1twHwn-0000dj-I0
for submit <at> debbugs.gnu.org; Sun, 23 Mar 2025 05:48:50 -0400
Received: from lists.gnu.org ([2001:470:142::17]:52716)
by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.84_2) (envelope-from <rutherther@HIDDEN>)
id 1twHwk-0000ck-6L
for submit <at> debbugs.gnu.org; Sun, 23 Mar 2025 05:48:47 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
(Exim 4.90_1) (envelope-from <rutherther@HIDDEN>)
id 1twHwd-0004Nb-O6
for guix-patches@HIDDEN; Sun, 23 Mar 2025 05:48:39 -0400
Received: from ditigal.xyz ([2a01:4f8:1c1b:6a1c::] helo=mail.ditigal.xyz)
by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256)
(Exim 4.90_1) (envelope-from <rutherther@HIDDEN>)
id 1twHwb-00060R-Qx
for guix-patches@HIDDEN; Sun, 23 Mar 2025 05:48:39 -0400
Received: by cerebrum (OpenSMTPD) with ESMTPSA id 028405d7
(TLSv1.3:TLS_CHACHA20_POLY1305_SHA256:256:NO);
Sun, 23 Mar 2025 09:48:35 +0000 (UTC)
From: Rutherther <rutherther@HIDDEN>
To: guix-patches@HIDDEN
Subject: [PATCH] guix: substitute-key-authorization: Fix case when acl symlink
is broken
Date: Sun, 23 Mar 2025 10:48:28 +0100
Message-ID: <f56c393fa6872cb0142564061ee17e5e7f8131cc.1742723299.git.rutherther@HIDDEN>
X-Mailer: git-send-email 2.48.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ditigal.xyz;
i=@ditigal.xyz; q=dns/txt; s=20240917; t=1742723315; h=from : to : cc
: subject : date : message-id : mime-version :
content-transfer-encoding : from;
bh=SnfH/9YlJIz/7LFQOM+sSgPS5cEE/0qCd8lCiESVlQg=;
b=skWeXuNLGd3AGLqFzxZMwiF/C5qKJ4cuRO5ljF4falg369g+J2XtdU3MtPVJ+l1cEVwmU
4cVcgdlv+VBz32+DL+bn067Cfbzxs/CqBB36ZORnxuRbPbYLiv6kF9r3pVTZGTua1DWTKVT
QFwkwKanM1B5w1cfyh8dZFmYDMOp+x0=
Received-SPF: pass client-ip=2a01:4f8:1c1b:6a1c::;
envelope-from=rutherther@HIDDEN; helo=mail.ditigal.xyz
X-Spam_score_int: 19
X-Spam_score: 1.9
X-Spam_bar: +
X-Spam_report: (1.9 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FROM_SUSPICIOUS_NTLD=0.499,
FROM_SUSPICIOUS_NTLD_FP=2, PDS_OTHER_BAD_TLD=1.474, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001 autolearn=no autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 4.9 (++++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: One possible solution for an issue when /etc/guix/acl file
exists, but points to a non-existent location. This can for example happen
if one is reinitializing the system, and remove only /gnu/store an [...]
Content analysis details: (4.9 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust [2001:470:142:0:0:0:0:17 listed in] [list.dnswl.org]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.5 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;
id=rutherther%40ditigal.xyz; ip=2001%3A470%3A142%3A%3A17; r=debbugs.gnu.org]
2.0 FROM_SUSPICIOUS_NTLD_FP From abused NTLD
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
X-Debbugs-Envelope-To: submit
Cc: Rutherther <rutherther@HIDDEN>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>,
<mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: 1.9 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
has NOT identified this incoming email as spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
the administrator of that system for details.
Content preview: One possible solution for an issue when /etc/guix/acl file
exists, but points to a non-existent location. This can for example happen
if one is reinitializing the system, and remove only /gnu/store an [...]
Content analysis details: (1.9 points, 10.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/,
no trust
[2001:470:142:0:0:0:0:17 listed in]
[list.dnswl.org]
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
1.5 PDS_OTHER_BAD_TLD Untrustworthy TLDs
[URI: ditigal.xyz (xyz)]
0.9 SPF_FAIL SPF: sender does not match SPF record (fail)
[SPF failed: Please see http://www.openspf.org/Why?s=mfrom;id=rutherther%40ditigal.xyz;ip=2001%3A470%3A142%3A%3A17;r=debbugs.gnu.org]
0.5 FROM_SUSPICIOUS_NTLD From abused NTLD
-1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list
manager
One possible solution for an issue when /etc/guix/acl file exists, but points
to a non-existent location. This can for example happen if one is
reinitializing the system, and remove only /gnu/store and /var/guix, keep the
rest okay. This is a major advantage of guix as compared to other distros that
usually need you to reinitialize the whole root partition. But this will leave
the user with acl file pointing to non-existent location. The file-exists?
procedure will return #f for broken symbolic links.
I think that another reason one would get this issue is, if one was booted in
a live iso, chrooted, fixing their system. They would switch generations to
one with different acl file, delete other generations gc rooting the original
acl file and then gc. One could do this approach for example when recovering
from file corruptions in the store, to get rid of the unsubstitutable paths
that can't be repaired with guix gc --verify.
I don't know if there is a better way as I am not that proficient in guile,
but I definitely think this should be fixed and it should be checked if
anything exists in that place, not that the link points to a known location.
Does Guile have a procedure for that that I am missing? If not, shouldn't
we create one in Guix? I can imagine this being a common mistake, where we
want to check if something exists at place 'x', without caring if it's
actually an accessible file. I was looking online and someone made themselves
a function 'file-exists??' that checked basically this what I did here - that
it's either a valid file on the disk, or a broken symlink.
During debugging this issue I also noticed similar issue can occur in special
files and /run/current-system with the .new files that are created with
symlink procedure without checking for their existence. While it's not likely
(especially because the symlink is moved the second it's created)
the user would have /run/current-system.new nor /bin/sh.new etc., I still
think it would be worth fixing to make sure the system can boot even in cases
where something goes horribly wrong.
* gnu/services/base.scm (substitute-key-authorization): Check if acl file is a
(broken) symbolic link
Change-Id: I2f8170606b2f4afeea48f04acfd738b04cafc7cf
---
gnu/services/base.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 0d2bb31190..e419d043ae 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1845,7 +1845,7 @@ (define (substitute-key-authorization keys guix)
;; If the ACL already exists, move it out of the way. Create a backup
;; if it's a regular file: it's likely that the user manually updated
;; it with 'guix archive --authorize'.
- (if (file-exists? acl-file)
+ (if (or (file-exists? acl-file) (symbolic-link? acl-file))
(if (and (symbolic-link? acl-file)
(store-file-name? (readlink acl-file)))
(delete-file acl-file)
base-commit: fbfd2b93831978aadbb96f32cafdab997b04c6c6
prerequisite-patch-id: cf473eb15513404ca1d287f5b7eca109c848203c
prerequisite-patch-id: a46e75bdd193acb5e276e0aa31c77197a3254699
prerequisite-patch-id: a2b4aa0a33d89ee3f6c483aeb71a783cb0e63aa9
--
2.49.0
Rutherther <rutherther@HIDDEN>:guix-patches@HIDDEN.
Full text available.guix-patches@HIDDEN:bug#77201; Package guix-patches.
Full text available.
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd,
1994-97 Ian Jackson.