GNU bug report logs - #39819
guix-service-type authorized keys are not honored when /etc/guix/acl exists

Previous Next

Package: guix;

Reported by: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Date: Fri, 28 Feb 2020 04:31:02 UTC

Severity: important

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

Full log

Message #17 received at 39819 <at> debbugs.gnu.org (full text, mbox):

From: Jan Nieuwenhuizen <janneke <at> gnu.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: guix-devel <at> gnu.org, 39819 <at> debbugs.gnu.org
Subject: Re: Declarative /etc/guix/acl?
Date: Sun, 11 Oct 2020 13:07:29 +0200

Ludovic Courtès writes:

Hello!

> For some reason, /etc/guix/acl is not declarative on Guix System: we let
> users modify it and assume it’s stateful, which can surprise users as in
> <https://issues.guix.gnu.org/39819>.
>
> Should we make it declarative, just like most of /etc?  I think so.

Yes, I think so too.  However, if you have your own substitute server,
you now can run guix archive --authorize < ..., e.g. at
bootstrap/install time.  For such cases, IWBN to have a --authorized-key
argument to guix build / guix system.

Greetings,
Janneke

-- 
Jan Nieuwenhuizen <janneke <at> gnu.org> | GNU LilyPond http://lilypond.org
Freelance IT http://JoyofSource.com | Avatar® http://AvatarAcademy.com

This bug report was last modified 4 years and 212 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #39819 guix-service-type authorized keys are not honored when /etc/guix/acl exists

GNU bug report logs - #39819
guix-service-type authorized keys are not honored when /etc/guix/acl exists