GNU bug report logs - #44623
[PATCH] archive: Warn about replacing an ACL symlink.

Previous Next

Package: guix-patches;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Fri, 13 Nov 2020 20:22:02 UTC

Severity: normal

Tags: patch

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 44623 in the body.
You can then email your comments to 44623 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#44623; Package guix-patches. (Fri, 13 Nov 2020 20:22:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Tobias Geerinckx-Rice <me <at> tobias.gr>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Fri, 13 Nov 2020 20:22:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: guix-patches <at> gnu.org
Subject: [PATCH] archive: Warn about replacing an ACL symlink.
Date: Fri, 13 Nov 2020 21:20:41 +0100

* guix/scripts/archive.scm (authorize-key): Warn when %ACL-FILE is a
symbolic link and print an additional hint for Guix System users.
---
 guix/scripts/archive.scm | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/guix/scripts/archive.scm b/guix/scripts/archive.scm
index 02557ce454..d284196f41 100644
--- a/guix/scripts/archive.scm
+++ b/guix/scripts/archive.scm
@@ -1,5 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo <at> gnu.org>
+;;; Copyright © 2020 Tobias Geerinckx-Rice <me <at> tobias.gr>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -310,6 +311,16 @@ the input port."
         (leave (G_ "failed to read public key: ~a: ~a~%")
                (error-source err) (error-string err)))))
 
+  ;; Warn about potentially volatile ACLs, but continue: system reconfiguration
+  ;; might not be possible without (newly-authorized) substitutes.
+  (when (and (access? %acl-file F_OK)
+             (eq? 'symlink (stat:type (lstat %acl-file))))
+    (warning (G_ "replacing symbolic link ~a with a regular file~%")
+             %acl-file)
+    (when (string-prefix? (%store-prefix) (readlink %acl-file))
+      (display-hint (G_ "On Guix System, add public keys to the
+@code{authorized-keys} field of your @code{operating-system} instead."))))
+
   (let ((key (read-key))
         (acl (current-acl)))
     (unless (eq? 'public-key (canonical-sexp-nth-data key 0))
-- 
2.29.2
Information forwarded to guix-patches <at> gnu.org:
bug#44623; Package guix-patches. (Sun, 15 Nov 2020 20:51:02 GMT) Full text and rfc822 format available.

Message #8 received at 44623 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Tobias Geerinckx-Rice <me <at> tobias.gr>
Cc: 44623 <at> debbugs.gnu.org
Subject: Re: [bug#44623] [PATCH] archive: Warn about replacing an ACL symlink.
Date: Sun, 15 Nov 2020 21:50:33 +0100

Tobias Geerinckx-Rice <me <at> tobias.gr> skribis:

> * guix/scripts/archive.scm (authorize-key): Warn when %ACL-FILE is a
> symbolic link and print an additional hint for Guix System users.

Oh, I was convinced that ‘guix archive --authorize’ would now fail on
Guix System, but indeed it doesn’t, due to the canonical rename trick.

> +  ;; Warn about potentially volatile ACLs, but continue: system reconfiguration
> +  ;; might not be possible without (newly-authorized) substitutes.
> +  (when (and (access? %acl-file F_OK)
> +             (eq? 'symlink (stat:type (lstat %acl-file))))

You can do both at once (thus avoiding a TOCTTOU race) with:

  (let ((stat (false-if-exception (lstat %acl-file))))
    (when (and stat …)
      …))

Otherwise LGTM (for ‘master’), thanks!

Ludo’.
Reply sent to Tobias Geerinckx-Rice <me <at> tobias.gr>:
You have taken responsibility. (Sun, 15 Nov 2020 22:07:02 GMT) Full text and rfc822 format available.
Notification sent to Tobias Geerinckx-Rice <me <at> tobias.gr>:
bug acknowledged by developer. (Sun, 15 Nov 2020 22:07:02 GMT) Full text and rfc822 format available.

Message #13 received at 44623-done <at> debbugs.gnu.org (full text, mbox):

From: Tobias Geerinckx-Rice <me <at> tobias.gr>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 44623-done <at> debbugs.gnu.org
Subject: Re: [bug#44623] [PATCH] archive: Warn about replacing an ACL symlink.
Date: Sun, 15 Nov 2020 23:06:16 +0100

[Message part 1 (text/plain, inline)]
Ludovic Courtès 写道:
> Tobias Geerinckx-Rice <me <at> tobias.gr> skribis:
>
>> * guix/scripts/archive.scm (authorize-key): Warn when %ACL-FILE 
>> is a
>> symbolic link and print an additional hint for Guix System 
>> users.
>
> Oh, I was convinced that ‘guix archive --authorize’ would now 
> fail on
> Guix System, but indeed it doesn’t, due to the canonical rename 
> trick.

I don't want it to fail.

Just today I used ‘guix archive --authorize’ so ‘guix system 
reconfigure’ (to add the key!) wouldn't take all day.  Killer 
feature!

> You can do both at once (thus avoiding a TOCTTOU race) with:

That is significantly better.  Pushed as 
5d15733c426d232e98098d99a5bfe145586609a4.

Thank you!

T G-R

[signature.asc (application/pgp-signature, inline)]
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Mon, 14 Dec 2020 12:24:04 GMT) Full text and rfc822 format available.
This bug report was last modified 4 years and 249 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.