GNU bug report logs - #73306
guix deploy fails with dropbear ssh server

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 73306 in the body.
You can then email your comments to 73306 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Attila Lendvai <attila <at> lendvai.name>
To: "bug-guix <at> gnu.org" <bug-guix <at> gnu.org>
Subject: guix deploy fails with dropbear ssh server
Date: Mon, 16 Sep 2024 21:23:22 +0000

should `guix deploy` work with dropbear?

on one of my servers i have replaced openssh with dropbear.

(service dropbear-service-type
         (dropbear-configuration
          (port-number 22)
          (password-authentication? #false)
          ;; To allow `guix deploy` to connect as root.
          (root-login? #true)))

i `guix deploy`ed the config, even rebooted the machine. all works fine, except when i want to `guix deploy` once again:

$ guix deploy x.scm
The following 1 machine will be deployed:
  lendvai

guix deploy: deploying to lendvai...
;;; [2024/09/16 23:10:53.550882, 0] [GSSH ERROR] : #<input-output: channel (closed by the remote side) 7fccff89d080>
Backtrace:
In ice-9/boot-9.scm:
  1752:10 19 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
In guix/status.scm:
    839:4 18 (call-with-status-report _ _)
In ice-9/boot-9.scm:
  1752:10 17 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
In guix/store.scm:
   689:37 16 (thunk)
   1330:8 15 (call-with-build-handler #<procedure 7fccf6b996c0 at guix/ui.scm:1240:2 (continue store things mode)> _)
In guix/scripts/deploy.scm:
   284:23 14 (_)
In guix/store.scm:
  1412:11 13 (map/accumulate-builds #<store-connection 256.100 7fccf0dc30a0> #<procedure 7fccff88e540 at guix/scripts/deploy.scm:285:45 (t-1e3fba6565d6004…> …)
   1330:8 12 (call-with-build-handler #<procedure 7fccf6ba0b10 at guix/store.scm:1365:2 (continue store things mode)> _)
In ice-9/boot-9.scm:
  1752:10 11 (with-exception-handler _ _ #:unwind? _ #:unwind-for-type _)
In guix/scripts/deploy.scm:
   166:29 10 (_)
In gnu/machine/ssh.scm:
   513:25  9 (deploy-managed-host #<<machine> operating-system: #<<operating-system> kernel: #<package linux-libre <at> 6.10.9 gnu/packages/linux.scm:974 7fccf4…>)
    397:2  8 (check-deployment-sanity #<<machine> operating-system: #<<operating-system> kernel: #<package linux-libre <at> 6.10.9 gnu/packages/linux.scm:974 7f…>)
   365:17  7 (machine-check-building-for-appropriate-system _)
In guix/ssh.scm:
   204:18  6 (remote-system _)
   191:15  5 (remote-inferior _ _)
In ssh/popen.scm:
     64:4  4 (open-remote-pipe* #<session root <at> lendvai.name:22 (connected) 7fccfd6fafe0> "r+" _ . _)
In unknown file:
           3 (channel-open-session #<input-output: channel (closed by the remote side) 7fccff89d080>)
In ice-9/boot-9.scm:
  1685:16  2 (raise-exception _ #:continuable? _)
  1685:16  1 (raise-exception _ #:continuable? _)
  1685:16  0 (raise-exception _ #:continuable? _)

ice-9/boot-9.scm:1685:16: In procedure raise-exception:
Throw to key `guile-ssh-error' with args `("channel-open-session" "" #<input-output: channel (closed by the remote side) 7fccff89d080> #f)'.



the ssh login part seems to have worked fine according to /var/log/secure:

Sep 16 23:10:52 localhost dropbear[489]: Pubkey auth succeeded for 'root' with ssh-ed25519 key SHA256:[...] from [...]
Sep 16 23:10:53 localhost dropbear[489]: Exit (root) from <...>: Exited normally

-- 
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“Let him who would move the world, first move himself.”
	— Socrates (c. 470–399 BC, tried and executed)

Message #8 received at 73306 <at> debbugs.gnu.org (full text, mbox):

From: Attila Lendvai <attila.lendvai <at> gmail.com>
To: bug#73306 <73306 <at> debbugs.gnu.org>
Subject: Re: bug#73306: guix deploy fails with dropbear ssh server
Date: Mon, 30 Sep 2024 11:54:09 +0200

this seems to be an upstream regression:

https://github.com/mkj/dropbear/issues/321

i can see the same failing assert in my server's /var/log/secure when i
try to `guix deploy` to it:

Failed assertion (src/common-channel.c:705): `!channel->sent_close'

<#secure method=pgpmime mode=sign>
-- 
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“Many abused children cling to the hope that growing up will bring escape and freedom.
But the personality formed in the environment of coercive control is not well adapted to adult life. The survivor is left with fundamental problems in basic trust, autonomy, and initiative. She approaches the task of early adulthood―establishing independence and intimacy―burdened by major impairments in self-care, in cognition and in memory, in identity, and in the capacity to form stable relationships.
She is still a prisoner of her childhood; attempting to create a new life, she reencounters the trauma.”
	— Judith Lewis Herman (1942–)

Message #13 received at 73306-done <at> debbugs.gnu.org (full text, mbox):

From: Attila Lendvai <attila.lendvai <at> gmail.com>
To: 73306-done <at> debbugs.gnu.org
Cc: Attila Lendvai <attila <at> lendvai.name>,
 Attila Lendvai <attila.lendvai <at> gmail.com>
Subject: Re: guix deploy fails with dropbear ssh server
Date: Tue, 12 Nov 2024 11:47:41 +0100

> this seems to be an upstream regression:
> 
> https://github.com/mkj/dropbear/issues/321

this has been fixed upstream.

<#secure method=pgpmime mode=sign>
-- 
• attila lendvai
• PGP: 963F 5D5F 45C7 DFCD 0A39
--
“Those who are able to see beyond the shadows and lies of their culture will never be understood, let alone believed, by the masses.”
	— Plato (c. 427–347 BC)

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.