GNU bug report logs -
#67707
Fresh installation leaks details about ISO build environment
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Tue, 06 May 2025 00:23:07 +0200
with message-id <87a57q3df8.fsf <at> gnu.org>
and subject line Re: bug#67707: Fresh installation leaks details about ISO build environment
has caused the debbugs.gnu.org bug report #67707,
regarding Fresh installation leaks details about ISO build environment
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
67707: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=67707
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
On a fresh installation of 1.4.0, we get:
--8<---------------cut here---------------start------------->8---
# guix system describe
Génération 1 08 déc. 2023 10:39:47 (actuelle)
nom de fichier : /var/guix/profiles/system-1-link
nom de fichier canonique : /gnu/store/d8g35zgpcg0k42jlxi3pda59nx3cgmhl-system
étiquette : GNU with Linux-Libre 6.0.10
chargeur de démarrage : grub
périphérique racine : UUID : d17c4651-b142-4802-9d70-b018ee72c58e
noyau : /gnu/store/3qdad0k7wvwl09wah246q7fvsb1hbr0x-linux-libre-6.0.10/bzImage
canaux :
guix:
URL du dépôt : /home/ludo/src/guix/+version-1.4.0/
branche : version-1.4.0
commit : 989a3916dc8967bcb7275f10452f89bc6c3389cc
fichier de configuration : /gnu/store/ram19r21j1rp0pfkdadmi3a6jp24fy36-configuration.scm
--8<---------------cut here---------------end--------------->8---
Oops!
That the URL is wrong doesn’t have any impact because it’s not used by
‘guix pull’ or anything, but it’s obviously not great.
Ludo’.
[Message part 3 (message/rfc822, inline)]
Hello,
Rutherther via Bug reports for GNU Guix <bug-guix <at> gnu.org> writes:
> Ludovic Courtès <ludovic.courtes <at> inria.fr> writes:
[...]
>> Oh right, it’s probably best to change it there. Something like this?
>
> Yes, that is exactly what I had in mind.
OK, pushed as 94c9e53fa4b45e85c1664a9bab6aea0d5c3ac123.
I checked in ‘guix system vm gnu/system/install.scm’ that ‘guix
describe’ reports the right URL.
> Btw I am wondering, is there a policy on (not) updating the released
> iso?
Release artifacts in general are immutable. But of course, we should
make a new release, that’s consensual. :-)
>> I’m not sure I follow: even if one uses a mirror of Savannah, downgrade
>> prevention works fine. Or are you referring to some other motivation?
>
> I agree that the prevention works fine even with a mirror. What I wanted
> to say is that sometimes it can't work. Like if a repository hosting is
> down or you don't have internet connection. That is, if the checkout
> (usually the one of root) doesn't contain the commit. Lately, it shows
> because savannah is down very often. So one pulls successfully, but then
> can't reconfigure, because savannah is down again. This is because root
> has a separate checkout.
Oh right, got it. Hopefully this particular issue will vanish if we
decide to move to Codeberg (GCD 002).
> Even if it didn't, if the checkouts are removed, the user can't
> reconfigure if repo hosting is down. This just feels like an
> unnecessary limitation - why not allow the user to say: yes, this is a
> forward update, don't check, ie. --disable-forward-update-check.
I was going to say that it’s called ‘--allow-downgrades’, but in fact
no, because that still clones/pulls to perform the check and emit a
warning (instead of an error). Still, maybe it could catch clone/pull
errors?
Anyway, that’s for another bug report. :-)
Thanks,
Ludo’.
This bug report was last modified 53 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.