Hi On June 20, 2018 5:01:02 AM GMT+02:00, Maxim Cournoyer wrote: >Hi! > >ludo@gnu.org (Ludovic Courtès) writes: > >> Maxim Cournoyer skribis: >> >>> Attached is the log for the offloading machine. >>> >>> From what I can see, the guix-daemon is trying to find the >authorized >>> key in /etc/guix/acl, but the key is added by Guix to >>> /usr/local/etc/guix/acl... >> >> Hmm you may be using two different ‘guix’ commands no? >> >>> 2. The error message should capture the complete error output to >ease >>> debugging: we can see the useful message "25056 write(2, "guix >>> authenticate: error: error: unauthorized public key: (public-key \n >(ecc >>> \n (curve Ed25519)\n (q >>> >#EEA139318243D36EB4C728DB96856AB15C47AB64C765FA134CCFB12444B82A7C#)\n >>> )\n )\n", 176) = 176" in strace. Had I seen this from the start, we >>> would have saved some debugging time :). >> >> I agree. >> >>> I could work around the issue by copying manually the authorized key >>> sexp to /etc/guix/acl; I now see: >>> >>> guix offload: testing 1 build machines defined in >'/etc/guix/machines.scm'... >>> guix offload: '192.168.1.105' is running guile (GNU Guile) 2.2.3 >>> guix offload: Guix is usable on '192.168.1.105' (test returned >"/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test") >>> sending 1 store item to '192.168.1.105'... >>> exporting path >`/gnu/store/np9jwqvxjvasz41nrrh6g3gyn4rpkscw-export-test' >>> guix offload: '192.168.1.105' successfully imported >'/gnu/store/np9jwqvxjvasz41nrrh6g3gyn4rpkscw-export-test' >>> retrieving 1 store item from '192.168.1.105'... >>> guix offload: error: build failed: implementation cannot deal with > >32-bit integers >> >> The log has this: >> >> 10529 write(4, "atad\0\0\0\0\0\200\0\0\0\0\0\0", 16) = 16 >> 10529 read(4, >"W\1\0\0\0\0\0\0\1\0\0\0\0\0\0\0\r\0\0\0\0\0\0\0nix-archive-1\0\0\0\1\0\0\0\0\0\0\0(\0\0\0\0\0\0\0\4\0\0\0\0\0\0\0type\0\0\0\0\7\0\0\0\0\0\0\0regular\0\10\0\0\0\0\0\0\0contents\23\0\0\0\0\0\0\000192.168.1.105-83353\0\0\0\0\0\1\0\0\0\0\0\0\0)\0\0\0\0\0\0\0NIXE\0\0\0\0007\0\0\0\0\0\0\0/gnu/store/wf774mzvfjpw306y5x06wid80d9k90qq-import-test\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\0\0\0\0(protocol-error >1 \"getting status of `/etc/guix/signing-key.sec': Aucun fichier ou >dossier de ce "..., 32768) = 352 >> >> Again the error should be reported… > >Yes, this error was totally wrong, thanks for pointing it out. The >actual error was the 192.168.1.105 offload machine not finding the key >at /etc/guix/singning-key.sec (since it using the prefix >/usr/local/etc/guix for some reason). > >I just did: > >--8<---------------cut here---------------start------------->8--- >sudo cp /usr/local/etc/guix/signing* /etc/guix/ >--8<---------------cut here---------------end--------------->8--- > >And it is now working. Ouf! > >Summarizing this adventure: > >0) Make sure your .bashrc doesn't exit early when it is executed in >non-interactive mode (as is the case in Ubuntu). > >1) Make sure the guix-authenticate program is available on the host as >well as the offload machines, by installing guix (guix package -i guix) >in the corresponding user profiles and sourcing >$HOME/guix.profile/etc/profile in the ~/.bashrc. > >2) Make sure all your guix-daemons are configured to use /etc/guix as >their sysconfdir, as Guix offload currently seems hardcoded to only >look >things under /etc/guix. > >3) Don't trust any errors output by guix offload ;) > >It'd be nice if this was as simple as setting up a Jenkins node... You >tell Guix which machine you want to use and give it SSH access, and it >does the required setup without having the user messing around with >keys >and what not. > >But I'm seeing far ahead. For now, we could start by adding some points >to the `guix offload` info manual. Then we can try to modify the code >to >better capture the error messages. > >I'll start with the documentation. > >Thank you, > >Maxim Good job hunting the bug. 😀 Are you going to report a new bug about incorrect or insufficient error messages? Thanks for the summary. -- Cheers Swedebugia