bug#55399: Temporary fix - André Batista

unofficial mirror of bug-guix@gnu.org 
 help / color / mirror / code / Atom feed

From: "André Batista" <nandre@riseup.net>
To: Maxime Devos <maximedevos@telenet.be>
Cc: 55399@debbugs.gnu.org
Subject: bug#55399: Temporary fix
Date: Wed, 18 May 2022 14:38:36 -0300	[thread overview]
Message-ID: <YoUvHJ24iYDBrO9v@andel> (raw)
In-Reply-To: <c5a0381129feb0a20c4642ca97409e967471a537.camel@telenet.be>

[-- Attachment #1: Type: text/plain, Size: 915 bytes --]

Hi Maxime!

sex 13 mai 2022 às 17:28:29 (1652473709), maximedevos@telenet.be enviou:
> André Batista schreef op vr 13-05-2022 om 12:21 [-0300]:
> > Any thoughts?
> 
> According to
> <https://github.com/libgit2/libgit2/pull/6267/commits/574b5ee7bb112987443916cdedcfc8e274121e9d>,
>  the ownership check can be relaxed by setting an option.  The guile-
> git library would need to be adjusted to support the option though.

Thanks for your pointers. I've only had a substitute* hammer and this
certainly seemed like a loose nail, so I've hammered my way through.

The patch bellow addresses the issue on guix side only and it was
applied/tested locally before b6bfe9ea6a1b19159455b34f1af4ac00ef9b94ab
So this later commit would need to be reverted, otherwise guix will
not use the new libgit2 v1.4.3 anyway.

Anyway, the proper think to do is to update guile-git, so I'll be
opening an issue there.

Happy hacking!



[-- Attachment #2: guile-git.patch --]
[-- Type: text/plain, Size: 4245 bytes --]

From 370bf9bec714747244da00a7fd793da04c49c523 Mon Sep 17 00:00:00 2001
In-Reply-To: <c5a0381129feb0a20c4642ca97409e967471a537.camel@telenet.be>
References: <c5a0381129feb0a20c4642ca97409e967471a537.camel@telenet.be>
From: =?UTF-8?q?Andr=C3=A9=20Batista?= <nandre@riseup.net>
Date: Tue, 17 May 2022 19:18:49 -0300
Subject: [PATCH] guix/git: Disable owner validation when updating cache.
To: 55399@debbugs.gnu.org
Cc: maximedevos@telenet.be

---
 gnu/packages/guile.scm | 40 +++++++++++++++++++++++++++++++++++++++-
 guix/git.scm           |  3 +++
 2 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm
index 9d58c8d4cd..b120f3eefe 100644
--- a/gnu/packages/guile.scm
+++ b/gnu/packages/guile.scm
@@ -816,6 +816,44 @@ (define-public guile-git
               (sha256
                (base32
                 "11a51acibwi2hpaygmrpn6nwbr4lqalc87ihrgj3mhz6swbsk9n7"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  (substitute* "git/settings.scm"
+                    (("set-user-agent!))")
+                     (string-append "set-user-agent!\n"
+                                    "            set-owner-validation!))"))
+                    (("GIT_OPT_ENABLE_STRICT_OBJECT_CREATION 14)" m)
+                     (string-append m "\n" "(define GIT_OPT_ENABLE_STRICT_SYMBOLIC_REF_CREATION 15)"))
+
+                    (("(GIT_OPT_SET_SSL_CIPHERS).*" _ m)
+                     (string-append m " 16)\n"))
+
+                    (("(GIT_OPT_GET_USER_AGENT).*" _ m)
+                     (string-append m " 17)\n"
+                       "(define GIT_OPT_ENABLE_OFS_DELTA 18)\n"
+                       "(define GIT_OPT_ENABLE_FSYNC_GITDIR 19)\n"
+                       "(define GIT_OPT_GET_WINDOWS_SHAREMODE 20)\n"
+                       "(define GIT_OPT_SET_WINDOWS_SHAREMODE 21)\n"
+                       "(define GIT_OPT_ENABLE_STRICT_HASH_VERIFICATION 22)\n"
+                       "(define GIT_OPT_SET_ALLOCATOR 23)\n"
+                       "(define GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY 24)\n"
+                       "(define GIT_OPT_GET_PACK_MAX_OBJECTS 25)\n"
+                       "(define GIT_OPT_SET_PACK_MAX_OBJECTS 26)\n"
+                       "(define GIT_OPT_DISABLE_PACK_KEEP_FILE_CHECKS 27)\n"
+                       "(define GIT_OPT_ENABLE_HTTP_EXPECT_CONTINUE 28)\n"
+                       "(define GIT_OPT_GET_MWINDOW_FILE_LIMIT 29)\n"
+                       "(define GIT_OPT_SET_MWINDOW_FILE_LIMIT 30)\n"
+                       "(define GIT_OPT_SET_ODB_PACKED_PRIORITY 31)\n"
+                       "(define GIT_OPT_SET_ODB_LOOSE_PRIORITY 32)\n"
+                       "(define GIT_OPT_GET_EXTENSIONS 33)\n"
+                       "(define GIT_OPT_SET_EXTENSIONS 34)\n"
+                       "(define GIT_OPT_GET_OWNER_VALIDATION 35)\n"
+                       "(define GIT_OPT_SET_OWNER_VALIDATION 36)\n\n"
+                       "(define set-owner-validation!\n"
+                       "  (let  ((proc (libgit2->procedure* \"git_libgit2_opts\" (list int int))))\n"
+                       "    (lambda* (owner-validation)\n"
+                       "     (proc GIT_OPT_SET_OWNER_VALIDATION owner-validation))))\n")))))
               (patches (search-patches
                         "guile-git-adjust-for-libgit2-1.2.0.patch"))))
     (build-system gnu-build-system)
diff --git a/guix/git.scm b/guix/git.scm
index 53e7219c8c..ced6a9c62c 100644
--- a/guix/git.scm
+++ b/guix/git.scm
@@ -23,6 +23,7 @@
 (define-module (guix git)
   #:use-module (git)
   #:use-module (git object)
+  #:use-module (git settings)
   #:use-module (git submodule)
   #:use-module (guix i18n)
   #:use-module (guix base32)
@@ -463,6 +464,8 @@ (define canonical-ref
           (repository    (if cache-exists?
                              (repository-open cache-directory)
                              (clone/swh-fallback url ref cache-directory))))
+     ;; Disable owner validation for local repos see #55399
+     (set-owner-validation! 0)
      ;; Only fetch remote if it has not been cloned just before.
      (when (and cache-exists?
                 (not (reference-available? repository ref)))

next prev parent reply	other threads:[~2022-05-18 17:39 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-05-13 15:21 bug#55399: guix system reconfigure fails on channel validation André Batista
2022-05-13 15:26 ` Maxime Devos
2022-05-13 15:28 ` Maxime Devos
2022-05-18 17:38   ` André Batista [this message]
2022-05-23 14:18     ` Ludovic Courtès
2022-05-24  1:44       ` André Batista
2022-05-24 23:44       ` André Batista
2023-02-03  3:48         ` André Batista
2022-08-28 10:44 ` Maxime Devos
2022-08-28 10:58 ` bug#55399: [PATCH 1/2] guix: Disable owner validation Maxime Devos
2022-08-28 10:58   ` bug#55399: [PATCH 2/2] gnu: guile-git: Add patches to support owner validation, and use libgit2@1.4.3 Maxime Devos
2022-08-28 11:02   ` bug#55399: [PATCH 1/2] guix: Disable owner validation Maxime Devos

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:9d58c8d4c dfblob:53e7219c8 dfblob:b120f3eef dfblob:ced6a9c62
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YoUvHJ24iYDBrO9v@andel \
    --to=nandre@riseup.net \
    --cc=55399@debbugs.gnu.org \
    --cc=maximedevos@telenet.be \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).