bug#69755: Issue trying to guix pull

unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed

* bug#69755: Issue trying to guix pull
@ 2024-03-12 16:55 Michael Ford
  2024-03-12 19:23 ` pelzflorian (Florian Pelz)
  0 siblings, 1 reply; 6+ messages in thread
From: Michael Ford @ 2024-03-12 16:55 UTC (permalink / raw)
  To: 69755

If I currently try and do a "guix pull" on a Fedora aarch64 machine, I
currently see:

guix pull
Updating channel 'guix' from Git repository at
'https://git.savannah.gnu.org/git/guix.git'...
Building from this channel:
  guix      https://git.savannah.gnu.org/git/guix.git    447e9c9
 openssl-1.1.1u-doc  2.2MiB


                     18.5MiB/s 00:00 ▕██████████████████▏ 100.0%
 openssl-1.1.1u  1.7MiB


                      2.1MiB/s 00:01 ▕██████████████████▏ 100.0%
building /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv...
-suspicious ownership or permission on
`/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout';
rejecting this build output
Backtrace:
          14 (primitive-load
"/gnu/store/6wkj5bhjiqgappk2b1h8pb2snjmx835q-compute-guix-derivation")
In ice-9/eval.scm:
    155:9 13 (_ _)
    159:9 12 (_ #(#(#(#(#(#(#(#(#(#(#(#(#(#(#(#(#<directory (guile-u?>
?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?) ?))
In ice-9/boot-9.scm:
    152:2 11 (with-fluid* _ _ _)
    152:2 10 (with-fluid* _ _ _)
In ./guix/store.scm:
  2180:24  9 (run-with-store #<store-connection 256.100 ffff9ae5aeb0>
#<procedure ffff7acc4d70 at ./guix/self.scm:1?> ?)
   2008:8  8 (_ #<store-connection 256.100 ffff9ae5aeb0>)
In ./guix/gexp.scm:
   299:22  7 (_ #<store-connection 256.100 ffff9ae5aeb0>)
   1201:2  6 (_ #<store-connection 256.100 ffff9ae5aeb0>)
   1068:2  5 (_ #<store-connection 256.100 ffff9ae5aeb0>)
    909:4  4 (_ #<store-connection 256.100 ffff9ae5aeb0>)
In ./guix/store.scm:
  2065:12  3 (_ #<store-connection 256.100 ffff9ae5aeb0>)
   1403:5  2 (map/accumulate-builds #<store-connection 256.100
ffff9ae5aeb0> #<procedure ffff79981ea0 at ./guix/sto?> ?)
  1419:15  1 (_ #<store-connection 256.100 ffff9ae5aeb0>
("/gnu/store/lg4cmmjzqxwdl8px3fpnzaqliwz6xwkw-guix-daem?" ?) ?)
  1419:15  0 (loop #f)

./guix/store.scm:1419:15: In procedure loop:
ERROR:
  1. &store-protocol-error:
      message: "build of
`/gnu/store/lg4cmmjzqxwdl8px3fpnzaqliwz6xwkw-guix-daemon-1.4.0-18.4c94b9e.drv'
failed"
      status: 1
guix pull: error: You found a bug: the program
'/gnu/store/6wkj5bhjiqgappk2b1h8pb2snjmx835q-compute-guix-derivation'
failed to compute the derivation for Guix (version:
"447e9c96259e8fa15a828de9b2dd3400e2ffafe6"; system: "aarch64-linux";
host version: "0547fe862cfdb53d408e777e6137d9222100cb50"; pull-version: 1).
Please report the COMPLETE output above by email to <bug-guix@gnu.org>.

guix --version is:
guix (GNU Guix) 0547fe862cfdb53d408e777e6137d9222100cb50
Copyright (C) 2024 the Guix authors
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#69755: Issue trying to guix pull
  2024-03-12 16:55 bug#69755: Issue trying to guix pull Michael Ford
@ 2024-03-12 19:23 ` pelzflorian (Florian Pelz)
  2024-03-12 19:33   ` Michael Ford
  2024-03-12 19:33   ` pelzflorian (Florian Pelz)
  0 siblings, 2 replies; 6+ messages in thread
From: pelzflorian (Florian Pelz) @ 2024-03-12 19:23 UTC (permalink / raw)
  To: Michael Ford; +Cc: 69755

Hello Michael.

Michael Ford <fanquake@gmail.com> writes:
> building /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv...
> -suspicious ownership or permission on
> `/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout';
> rejecting this build output
> Backtrace:

A probable fix was pushed by Ludovic recently.
Does it work?  Can this issue be closed?

commit ff1251de0bc327ec478fc66a562430fbf35aef42
Author: Ludovic Courtès <ludo@gnu.org>
Date:   Tue Mar 12 11:53:35 2024 +0100

    daemon: Address shortcoming in previous security fix for CVE-2024-27297.
    
    This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.
    
    Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
    ways: (1) it didn’t have any effet for fixed-output derivations
    performed in a chroot, which is the case for all of them except those
    using “builtin:download” and “builtin:git-download”, and (2) it did not
    preserve ownership when copying, leading to “suspicious ownership or
    permission […] rejecting this build output” errors.

Regards,
Florian




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#69755: Issue trying to guix pull
  2024-03-12 19:23 ` pelzflorian (Florian Pelz)
@ 2024-03-12 19:33   ` Michael Ford
  2024-03-12 19:33   ` pelzflorian (Florian Pelz)
  1 sibling, 0 replies; 6+ messages in thread
From: Michael Ford @ 2024-03-12 19:33 UTC (permalink / raw)
  To: pelzflorian (Florian Pelz); +Cc: 69755

> A probable fix was pushed by Ludovic recently.
> Does it work?  Can this issue be closed?

The commit I'm building in the issue report (447e9c9) is more recent
than ff1251de0bc327ec478fc66a562430fbf35aef42. The issue
still exists as of now.


On Tue, 12 Mar 2024 at 19:23, pelzflorian (Florian Pelz)
<pelzflorian@pelzflorian.de> wrote:
>
> Hello Michael.
>
> Michael Ford <fanquake@gmail.com> writes:
> > building /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv...
> > -suspicious ownership or permission on
> > `/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout';
> > rejecting this build output
> > Backtrace:
>
> A probable fix was pushed by Ludovic recently.
> Does it work?  Can this issue be closed?
>
> commit ff1251de0bc327ec478fc66a562430fbf35aef42
> Author: Ludovic Courtès <ludo@gnu.org>
> Date:   Tue Mar 12 11:53:35 2024 +0100
>
>     daemon: Address shortcoming in previous security fix for CVE-2024-27297.
>
>     This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.
>
>     Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
>     ways: (1) it didn’t have any effet for fixed-output derivations
>     performed in a chroot, which is the case for all of them except those
>     using “builtin:download” and “builtin:git-download”, and (2) it did not
>     preserve ownership when copying, leading to “suspicious ownership or
>     permission […] rejecting this build output” errors.
>
> Regards,
> Florian




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#69755: Issue trying to guix pull
  2024-03-12 19:23 ` pelzflorian (Florian Pelz)
  2024-03-12 19:33   ` Michael Ford
@ 2024-03-12 19:33   ` pelzflorian (Florian Pelz)
  2024-03-13 10:11     ` Michael Ford
  1 sibling, 1 reply; 6+ messages in thread
From: pelzflorian (Florian Pelz) @ 2024-03-12 19:33 UTC (permalink / raw)
  To: Michael Ford; +Cc: 69755

Sorry, I forgot, you might need to roll back first, if you had pulled
the broken in-between Guix revision.

guix pull --roll-back

I believe the in-between Guixes cannot be fixed.
Thank you for reporting.

Regards,
Florian




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#69755: Issue trying to guix pull
  2024-03-12 19:33   ` pelzflorian (Florian Pelz)
@ 2024-03-13 10:11     ` Michael Ford
  2024-03-13 11:24       ` pelzflorian (Florian Pelz)
  0 siblings, 1 reply; 6+ messages in thread
From: Michael Ford @ 2024-03-13 10:11 UTC (permalink / raw)
  To: pelzflorian (Florian Pelz); +Cc: 69755

> Sorry, I forgot, you might need to roll back first, if you had pulled
the broken in-between Guix revision.

Thanks for the followup.
It looks like rolling-back has resolved the problem now.
So this issue can be closed.

On Tue, 12 Mar 2024 at 19:33, pelzflorian (Florian Pelz)
<pelzflorian@pelzflorian.de> wrote:
>
> Sorry, I forgot, you might need to roll back first, if you had pulled
> the broken in-between Guix revision.
>
> guix pull --roll-back
>
> I believe the in-between Guixes cannot be fixed.
> Thank you for reporting.
>
> Regards,
> Florian




^ permalink raw reply	[flat|nested] 6+ messages in thread

* bug#69755: Issue trying to guix pull
  2024-03-13 10:11     ` Michael Ford
@ 2024-03-13 11:24       ` pelzflorian (Florian Pelz)
  0 siblings, 0 replies; 6+ messages in thread
From: pelzflorian (Florian Pelz) @ 2024-03-13 11:24 UTC (permalink / raw)
  To: Michael Ford; +Cc: 69755-done

Michael Ford <fanquake@gmail.com> writes:
> It looks like rolling-back has resolved the problem now.
> So this issue can be closed.

Closing.  Thank you!

Regards,
Florian




^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2024-03-13 11:25 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-03-12 16:55 bug#69755: Issue trying to guix pull Michael Ford
2024-03-12 19:23 ` pelzflorian (Florian Pelz)
2024-03-12 19:33   ` Michael Ford
2024-03-12 19:33   ` pelzflorian (Florian Pelz)
2024-03-13 10:11     ` Michael Ford
2024-03-13 11:24       ` pelzflorian (Florian Pelz)

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).