GNU bug report logs -
#55231
[PATCH v1] initrd: Allow extra search paths with ‘initrd-extra-module-paths’
Previous Next
Full log
View this message in rfc822 format
This commit changes the conditions under which derivations, as constructed by the `derivation` function, are made substitutable, to prevent potential copyright violations related to the construction of substitutable initrds including non-substitutable derivations (in particular, ZFS).
This change prevents such copyright violations by only marking a derivation as substitutable if it is marked substitutable and all of its inputs are marked as substitutable. This means that non-substitutable derivations have a "poisoning" effect, preventing derivations which take them as input from being substitutable.
Change-Id: I80ba4a371ee0c55a1294aff311d4e7b151055fac
---
guix/derivations.scm | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/guix/derivations.scm b/guix/derivations.scm
index bef98cd26a..789e235eb8 100644
--- a/guix/derivations.scm
+++ b/guix/derivations.scm
@@ -868,6 +868,9 @@ (define* (derivation store name builder args
env-vars)
#f)))))
+ (define inputs-substitutable? (every substitutable-derivation?
+ (map derivation-input-derivation inputs)))
+
(define (user+system-env-vars)
;; Some options are passed to the build daemon via the env. vars of
;; derivations (urgh!). We hide that from our API, but here is the place
@@ -875,7 +878,7 @@ (define* (derivation store name builder args
(let ((env-vars `(,@(if local-build?
`(("preferLocalBuild" . "1"))
'())
- ,@(if (not substitutable?)
+ ,@(if (not (and substitutable? inputs-substitutable?)))
`(("allowSubstitutes" . "0"))
'())
,@(if allowed-references
--
2.47.1
This bug report was last modified 12 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.