From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#22990: Grafts leads to inefficient substitute info retrieval Date: Tue, 15 Mar 2016 22:50:05 +0100 Message-ID: <87twk7qulu.fsf@gnu.org> References: <8737rxx8gk.fsf@gnu.org> <87a8m4123s.fsf@gmail.com> <874mcazifb.fsf@gnu.org> <8737rrmv8s.fsf@netris.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:39365) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1afwrp-0002uz-Ib for bug-guix@gnu.org; Tue, 15 Mar 2016 17:51:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1afwrm-0002Yq-CL for bug-guix@gnu.org; Tue, 15 Mar 2016 17:51:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:52363) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1afwrm-0002Yd-8u for bug-guix@gnu.org; Tue, 15 Mar 2016 17:51:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1afwrl-0006RI-JI for bug-guix@gnu.org; Tue, 15 Mar 2016 17:51:02 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <8737rrmv8s.fsf@netris.org> (Mark H. Weaver's message of "Tue, 15 Mar 2016 14:49:55 -0400") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org To: Mark H Weaver Cc: Alex Kost , 22990@debbugs.gnu.org Mark H Weaver skribis: > ludo@gnu.org (Ludovic Court=C3=A8s) writes: > >> Alex Kost skribis: >> >>> Ludovic Court=C3=A8s (2016-03-11 19:52 +0300) wrote: >>> >>>> As of right now (v0.9.0-2007-g66a30a3), =E2=80=98graft-derivation=E2= =80=99 works either by: >>>> >>>> 1. Fetching substitute info about the things being built so that it >>>> can determine its references, which in turns allows it to determi= ne >>>> whether they need to be grafted. >>>> >>>> 2. Building stuff, as a last resort, so that it can determine its >>>> references. >>> >>> I noticed that #1 is happening even with --no-substitutes option. Is it >>> intended? >> >> Not really, but I see this is because =E2=80=98substitutable-path-info= =E2=80=99 (called >> from =E2=80=98references/substitutes=E2=80=99, called from =E2=80=98graf= t-derivation=E2=80=99) works >> regardless of whether substitutes are enabled: >> >> scheme@(guile-user)> ,use(guix) >> scheme@(guile-user)> (define s (open-connection)) >> scheme@(guile-user)> (set-build-options s #:use-substitutes? #f) >> $2 =3D #t >> scheme@(guile-user)> (valid-path? s "/gnu/store/qf2lm7jpiiyygxz8zq0r1ca1= fazv6smn-mutt-1.5.24") >> $3 =3D #f >> scheme@(guile-user)> (substitutable-path-info s '("/gnu/store/qf2lm7jpii= yygxz8zq0r1ca1fazv6smn-mutt-1.5.24")) >> $4 =3D (#< path: "/gnu/store/qf2lm7jpiiyygxz8zq0r1ca1fazv= 6smn-mutt-1.5.24" deriver: "/gnu/store/jcl9c3w463xa2g963q5a60rrd97y1g28-mut= t-1.5.24.drv" refs: ("/gnu/store/3gmzl5jpk700hqyr8p3kfg0vgcnw8d97-libassuan= -2.4.2" "/gnu/store/b02lmk67jq1vcflk2m2bwzc8gmwmndqp-ncurses-6.0" "/gnu/sto= re/d3xdc2w87yw3raafwb9q34gxx4xqci8k-cyrus-sasl-2.1.26" "/gnu/store/pkasxags= a4z4viscfpl6sjszmdmwncl1-gcc-4.9.3-lib" "/gnu/store/qf2lm7jpiiyygxz8zq0r1ca= 1fazv6smn-mutt-1.5.24" "/gnu/store/qvx4q6lbwi4s3cwr8wqaa7kcva0a5c4b-openssl= -1.0.2f" "/gnu/store/sb40mddkia0brc814xkbnhxccfm32q3a-gpgme-1.6.0" "/gnu/st= ore/sgzfawy95pfn7nsw3xvmca58llm5zzbc-glibc-2.22" "/gnu/store/x2p2biyybcb2wa= c77qz9468asc5fm48i-perl-5.22.1" "/gnu/store/x8dmdlrn5qn0wrbcnngj55y3ab73h0p= p-bash-4.3.42" "/gnu/store/zpxg45dq67psrn4wmfk4l635h0si8q63-libgpg-error-1.= 21") dl-size: 0 nar-size: 6661016>) > > Is the information from the substitute server authenticated by checking > hydra's signature against the list of keys in /etc/guix/acls? Yes. >> However, substitutes are not downloaded, so in this regard >> --no-substitutes is honored. > > It depends on the intent of --no-substitutes. If the intent is to avoid > trusting the substitute server, then by relying on the accuracy of the > runtime dependency data from Hydra, we are failing to honor that intent. > > That said, I think it's okay to document that --no-substitutes alone is > not sufficient to avoid trusting a substitute server, and that the > proper way to accomplish that is to make sure its key is not in > /etc/guix/acls. The sysadmin gets to choose which principals are trusted; unprivileged users can only shrink this set. The weird thing is that in this case, passing --substitute-urls=3D'' on the client side would effectively disable substitutes entirely. > What do you think? We could augment the doc for --no-substitutes, I guess we should first document that grafting relies on server-provided info. Ludo=E2=80=99.