From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:8:6d80::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id IlqUItXTZGDYUQAAgWs5BA (envelope-from ) for ; Wed, 31 Mar 2021 21:56:05 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id ICVKG9XTZGDNFQAA1q6Kng (envelope-from ) for ; Wed, 31 Mar 2021 19:56:05 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id E4C4521440 for ; Wed, 31 Mar 2021 21:56:04 +0200 (CEST) Received: from localhost ([::1]:36360 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lRgwd-0000sq-N6 for larch@yhetil.org; Wed, 31 Mar 2021 15:56:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:55136) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lReEF-0000Gw-50 for bug-guix@gnu.org; Wed, 31 Mar 2021 13:02:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:43835) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lReEE-0002RH-PP for bug-guix@gnu.org; Wed, 31 Mar 2021 13:02:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lReEE-0002Oh-Mk for bug-guix@gnu.org; Wed, 31 Mar 2021 13:02:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#47525: docker layer DiffID incorrect Resent-From: Tom Hiller Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 31 Mar 2021 17:02:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 47525 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 47525@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16172100659132 (code B ref -1); Wed, 31 Mar 2021 17:02:02 +0000 Received: (at submit) by debbugs.gnu.org; 31 Mar 2021 17:01:05 +0000 Received: from localhost ([127.0.0.1]:55378 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lReDI-0002ND-TE for submit@debbugs.gnu.org; Wed, 31 Mar 2021 13:01:05 -0400 Received: from lists.gnu.org ([209.51.188.17]:60968) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lRe7m-0002D3-VE for submit@debbugs.gnu.org; Wed, 31 Mar 2021 12:55:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:53466) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lRe7m-0007Nv-IF for bug-guix@gnu.org; Wed, 31 Mar 2021 12:55:22 -0400 Received: from mail-qk1-x735.google.com ([2607:f8b0:4864:20::735]:42834) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lRe7k-00074K-SH for bug-guix@gnu.org; Wed, 31 Mar 2021 12:55:22 -0400 Received: by mail-qk1-x735.google.com with SMTP id y5so19996442qkl.9 for ; Wed, 31 Mar 2021 09:55:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:cc:from:subject:message-id:date:user-agent:mime-version :content-language; bh=FxGnz2s8/BKRT8REpJA+NdeEpGy6CLMe7b1Fkeh0cWw=; b=BVKTsy2UmBfyeZI4ssFrpf9OQruOVmkI5MD1WRo+RGp6DquYA/zkfxY44SRU7VFh5F 6lBksWBtw4W4akvVEW8oBOBGUAgRlCaAemC68zKVy1po4+uOtS7gR6sxF/q99BIHnNHx VWIOtnfCsc1T912zM2sCqu/p+W53u97iPxtARdrOcRUQArZvHjTwwIljeqXQS5zYAwSa aueXEKOmYEO3v/vmuj99hCCafQScUVo+mHI7dVMZCSwDdrkRT8t5VtFSSmQYEpQ+6VVX YmAhE9/uBsyZMtkw0H2K5piws04nHq1LncVRpOImVgoKqKDMRbbRRbxsZeFj9sPXYkW7 Ucng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:from:subject:message-id:date:user-agent :mime-version:content-language; bh=FxGnz2s8/BKRT8REpJA+NdeEpGy6CLMe7b1Fkeh0cWw=; b=j0svXvzM4wfPBwpeFvWLAGKEzWnEzMylJh3YefOA4YhsB0bvDF4MskASFkzVTdEd/E /V27j4b9GO1oanVXUBQySQ+Eb/izlmjIU7jy2N3QK/Al4fqqark67BEOnlcoE2LDjg4R NA36YlsqzPIdwlKW3tyM56BG9U8VfCIFv8lyT7CnlTgEL2LcmVmt4Hn/5MAy1wu2zdCe +wIoOHWTDk8xwqmRvMMvtHSEY9sX9biYBEJK+rGdjuSGq/g03iloUKdO35Qw4MfoEdBp ACOUKdlPu9dF6bhrB/TGnHMg5ghQPwDiQavQCULP6wyttYz7xdp/kuN1Um8rKMRjWHrO SSDg== X-Gm-Message-State: AOAM532qVOVnF+DyInCBW4S39T/x5USr11p7tcZRqDI2qmB40KYcAVxY fTK5Vccqn7iaOmwZNIE+chhLFs9UwsT0RA== X-Google-Smtp-Source: ABdhPJy/kjBH7Cw6mTM4llDOdvaeW6UCIAR0OO8mgqjFDaOFBJuQhZUh+HYcBW4H1fSQGLnr0ZRD+Q== X-Received: by 2002:a05:620a:2f8:: with SMTP id a24mr4210207qko.124.1617209719199; Wed, 31 Mar 2021 09:55:19 -0700 (PDT) Received: from [10.69.28.93] ([86.106.143.30]) by smtp.gmail.com with ESMTPSA id l17sm1641598qtk.60.2021.03.31.09.55.18 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 31 Mar 2021 09:55:18 -0700 (PDT) From: Tom Hiller Message-ID: <858efb67-1d3c-9dfc-361f-b19fefe6a1f0@gmail.com> Date: Wed, 31 Mar 2021 12:55:17 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.9.0 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="------------256126E01E7193F7616A29FB" Content-Language: en-US-large Received-SPF: pass client-ip=2607:f8b0:4864:20::735; envelope-from=thrilleratplay@gmail.com; helo=mail-qk1-x735.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Mailman-Approved-At: Wed, 31 Mar 2021 13:01:04 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Mailman-Approved-At: Wed, 31 Mar 2021 15:55:40 -0400 X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: piotr.krol@3mdeb.com Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1617220565; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe: list-post:dkim-signature; bh=FxGnz2s8/BKRT8REpJA+NdeEpGy6CLMe7b1Fkeh0cWw=; b=L2aDW2/nGm+5lPMjaWEyZHha+2xcBMEuvGcfriFibNnJmsiWyu6zuGFbO0R1PxTssZwm1A UvriWY/a7zNUosckMDiKVWryuhGTamJOcvHmCx2IyQXJQNnh2kL1mDXTfmdnKxRpcFYo3j XLRsY0/vGZwxlUavnFLJutJBe5lGHxNoTCIulq1kAdphpj0oJ2j/iAG+0i3Ocp0m7k4ANG ruJt7g0Tx60pRvfajIQhoA3pFGRA5aVXCFFiIDrSO7XAnw9zWYIFYvkjSFO6fEPm2w7vYK s2i6kcEV3jzBcAyWaAsXPgpk1R8dODXXEbVEs4Zr2v75xex8ZER/fcmPb2q9lA== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1617220565; a=rsa-sha256; cv=none; b=lGJRRf7y4b19eV1UmjsNr8F7qNTva8kMVq6ioiMxqEr5m1yoYvgGPlF8ZDUAuGu309E8VV Po9Mg++q/0uuD10Tfc1QERW6oMDcevJLG633LMkoox3w1iumL3ZLSFn/Zb5PNxakMFu/dP uIwlnLNK/gWAh4iCHiw858f1J6FE+sVp1mq/BoedpQrK0ifUep0o1alXlGzezRtHKsC4yg uO9Fqz2FBE7UgdwVRtGMrKVU5CBB28CKNd/hIU1llEGIwV20a1cqWAEu6t8U6gRxwtIxEy M/uZn7e96AzGwLWYdZDyguSia7VZEr7fJM0G5aKyHpJVa9gGYc8ZMr6Fk0SH2w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=BVKTsy2U; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -1.33 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=BVKTsy2U; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: E4C4521440 X-Spam-Score: -1.33 X-Migadu-Scanner: scn0.migadu.com X-TUID: u0bOcxRx2/zu This is a multi-part message in MIME format. --------------256126E01E7193F7616A29FB Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit The Docker image created using "guix pack -f Docker" generates the sha256 checksum of config.json as the layer diff id used in manifiest.json, repositories and the parent directory name of layer.tar.  When extracting the contents of the Docker image, the sha256 checksum of config.json does not match the used for the layer.  As Docker currently does not seem to verify this, the image will still work but may not always be the case. I am not familiar with Guile Scheme, but as best as I can determine in guix/gnu/services/docker.scm the checksum calculated in layer-diff-idis the of Scheme native. and not the ultimate JSON document.** --------------256126E01E7193F7616A29FB Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

The Docker image created using "guix pack -f Docker" generates the sha256 checksum of config.json as the layer diff id used in manifiest.json, repositories and the parent directory name of layer.tar.  When extracting the contents of the Docker image, the sha256 checksum of config.json does not match the used for the layer.  As Docker currently does not seem to verify this, the image will still work but may not always be the case.


I am not familiar with Guile Scheme, but as best as I can determine in guix/gnu/services/docker.scm the checksum calculated in layer-diff-id is the of Scheme native. and not the ultimate JSON document.

--------------256126E01E7193F7616A29FB--