GNU bug report logs - #44623
[PATCH] archive: Warn about replacing an ACL symlink.

Previous Next

Package: guix-patches;

Reported by: Tobias Geerinckx-Rice <me <at> tobias.gr>

Date: Fri, 13 Nov 2020 20:22:02 UTC

Severity: normal

Tags: patch

Done: Tobias Geerinckx-Rice <me <at> tobias.gr>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 44623 <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Tobias Geerinckx-Rice <me <at> tobias.gr>
Cc: 44623 <at> debbugs.gnu.org
Subject: Re: [bug#44623] [PATCH] archive: Warn about replacing an ACL symlink.
Date: Sun, 15 Nov 2020 21:50:33 +0100

Tobias Geerinckx-Rice <me <at> tobias.gr> skribis:

> * guix/scripts/archive.scm (authorize-key): Warn when %ACL-FILE is a
> symbolic link and print an additional hint for Guix System users.

Oh, I was convinced that ‘guix archive --authorize’ would now fail on
Guix System, but indeed it doesn’t, due to the canonical rename trick.

> +  ;; Warn about potentially volatile ACLs, but continue: system reconfiguration
> +  ;; might not be possible without (newly-authorized) substitutes.
> +  (when (and (access? %acl-file F_OK)
> +             (eq? 'symlink (stat:type (lstat %acl-file))))

You can do both at once (thus avoiding a TOCTTOU race) with:

  (let ((stat (false-if-exception (lstat %acl-file))))
    (when (and stat …)
      …))

Otherwise LGTM (for ‘master’), thanks!

Ludo’.

This bug report was last modified 4 years and 251 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #44623 [PATCH] archive: Warn about replacing an ACL symlink.

GNU bug report logs - #44623
[PATCH] archive: Warn about replacing an ACL symlink.