[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#69755: Issue trying to guix pull
|
From: |
Michael Ford |
|
Subject: |
bug#69755: Issue trying to guix pull |
|
Date: |
Tue, 12 Mar 2024 19:33:00 +0000 |
> A probable fix was pushed by Ludovic recently.
> Does it work? Can this issue be closed?
The commit I'm building in the issue report (447e9c9) is more recent
than ff1251de0bc327ec478fc66a562430fbf35aef42. The issue
still exists as of now.
On Tue, 12 Mar 2024 at 19:23, pelzflorian (Florian Pelz)
<pelzflorian@pelzflorian.de> wrote:
>
> Hello Michael.
>
> Michael Ford <fanquake@gmail.com> writes:
> > building
> > /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv...
> > -suspicious ownership or permission on
> > `/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout';
> > rejecting this build output
> > Backtrace:
>
> A probable fix was pushed by Ludovic recently.
> Does it work? Can this issue be closed?
>
> commit ff1251de0bc327ec478fc66a562430fbf35aef42
> Author: Ludovic Courtès <ludo@gnu.org>
> Date: Tue Mar 12 11:53:35 2024 +0100
>
> daemon: Address shortcoming in previous security fix for CVE-2024-27297.
>
> This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.
>
> Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
> ways: (1) it didn’t have any effet for fixed-output derivations
> performed in a chroot, which is the case for all of them except those
> using “builtin:download” and “builtin:git-download”, and (2) it did not
> preserve ownership when copying, leading to “suspicious ownership or
> permission […] rejecting this build output” errors.
>
> Regards,
> Florian