GNU bug report logs - #55231
[PATCH v1] initrd: Allow extra search paths with ‘initrd-extra-module-paths’

Previous Next

Package: guix-patches;

Reported by: Brian Cully <bjc <at> spork.org>

Date: Mon, 2 May 2022 19:55:02 UTC

Severity: normal

Tags: moreinfo, patch

Full log

Message #143 received at 55231 <at> debbugs.gnu.org (full text, mbox):

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Morgan Arnold <morgan.arnold <at> proton.me>
Cc: Ian Eure <ian <at> retrospec.tv>, "ludo <at> gnu.org" <ludo <at> gnu.org>,
 "maximedevos <at> telenet.be" <maximedevos <at> telenet.be>,
 "guix-devel <at> gnu.org" <guix-devel <at> gnu.org>, Andreas Enge <andreas <at> enge.fr>,
 "kaelyn.alexi <at> protonmail.com" <kaelyn.alexi <at> protonmail.com>,
 "john.kehayias <at> protonmail.com" <john.kehayias <at> protonmail.com>,
 "55231 <at> debbugs.gnu.org" <55231 <at> debbugs.gnu.org>
Subject: Re: bug#55231: [PATCH v1] initrd: Allow extra search paths with
 ‘initrd-extra-module-paths’
Date: Tue, 11 Feb 2025 22:09:46 +0900

Hi,

Morgan Arnold <morgan.arnold <at> proton.me> writes:

> Hi Andreas,
>
> Thanks for the clarification. If this is the case, and texlive is
> unlikely to be used as a native input, it seems reasonable to me that
> setting `allowSubstitutes = 0` if `(not (and substitutable? (every
> substitutable-derivation? inputs)))` would entirely eliminate the
> possibility of ZFS-based copyviols, as any derivation depending on it
> could not be substituted, and so neither Guix nor anyone using Guix
> could commit a copyviol. A user who wishes to use ZFS will then
> download the source code, compile the kernel module, and include it in
> their initrd, and this initrd will not accidentally be distributed. To
> the best of my non-lawyer understanding, this would not constitute any
> kind of copyviol.

I'm not sure exactly where in the daemon code this would be implemented?
Would you have a pseudo-code draft of where it'd be done?  Few of us are
knowledgeable about the daemon code base.

> This seems to me to implement a maximally conservative (in terms of
> avoiding possible copyviols) approach to incorporating ZFS into
> Guix. If this makes sense, I would be happy to include that change to
> `derivation` in this patch set.

The idea is logical to me, but the implementation, if it touches how a
derivation is computed/changes its result, IIUC, would invalidate all
past derivations ever computed by Nix/Guix, which would be highly
undesirable/disruptive.

-- 
Thanks,
Maxim
This bug report was last modified 13 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.