[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#63972: specifying a substitute server without adding its PGP key sil
|
From: |
Ludovic Courtès |
|
Subject: |
bug#63972: specifying a substitute server without adding its PGP key silently ignores it |
|
Date: |
Fri, 09 Jun 2023 16:20:00 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) |
Hi,
Attila Lendvai <attila@lendvai.name> skribis:
> i've installed a new guix, and at the first `guix system reconfigure` i
> specified a substitute server using --substitute-urls for That Other Channel.
> i had to do this, because the config.scm that contains the substitute
> specification is yet to be applied.
>
> it didn't work. it prints everything as usual, including the 100% message for
> that substitute server, but it starts to build packages locally for which
> substitutes are available. i haven't noticed any indication that there's a
> problem with any of the substitute servers.
>
> once i've downloaded the .pub and i finally did the right incantation (sudo
> guix archive --authorize < signing-key.pub), then it started to download the
> substitutes as i expected.
>
> i would much prefer a behavior where a "cryptyc" exception and backtrace is
> printed by a toplevel error handler. it has cost me about an hour of my life.
I agree we should print a message when stumbling upon unauthorized
substitutes (it’s not OpenPGP, BTW).
Note that it’s not completely trivial: you might download substitutes
not signed by one of the keys in the ACL if they happen to match
substitutes that *are* signed by one of the authorized keys.
Also, when discovery is enabled, it’s preferable to silently ignore
neighboring servers that the user did not explicitly specify via
‘--substitute-urls’.
Ludo’.