Pierre-Henry Fröhring schreef op zo 06-02-2022 om 22:33 [+0100]:
> +guix environment guix --pure --ad-hoc fd
> +./bootstrap
> +guix_db_prefix=$(fd -p '.*/guix/db$' /)
> +guix_db_prefix=$@{guix_db_prefix%/guix/db@}

What's this 'fd' and guix_db_prefix about?
If this is necessary, shouldn't it be documented in the main manual.

> +./configure --localstatedir="$guix_db_prefix"
> +exit
> +make authenticate

This "make authenticate" gives a false sense of security -- the MITM
attacker could have changed the Makefile.am to let the 'authenticate'
target be a no-op.  Likewise, authentication must happen before
./bootstrap and ./configure otherwise it's too late.

Also, didn't this authentication already happen in

> +@node Authentication
> +@section Authentication
> +
> +@example
> +git fetch origin keyring:keyring
> +guix git authenticate 9edb3f66fd807b096b48283debdcddccfea34bad \
> +  "BBB0 2DDF 2CEA F6A8 0D1D  E643 A2A0 6DF2 A33A 54FA"

Greetings,
Maxime.