From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp10.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id aGJpOmQvhWJhgwAAbAwnHQ (envelope-from ) for ; Wed, 18 May 2022 19:39:49 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp10.migadu.com with LMTPS id iD9tOWQvhWKn0wAAG6o9tA (envelope-from ) for ; Wed, 18 May 2022 19:39:48 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 3FB272CE55 for ; Wed, 18 May 2022 19:39:48 +0200 (CEST) Received: from localhost ([::1]:53840 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1nrNeE-0006Pk-VT for larch@yhetil.org; Wed, 18 May 2022 13:39:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:38540) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1nrNdd-0006PW-2V for bug-guix@gnu.org; Wed, 18 May 2022 13:39:09 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:39539) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1nrNdW-0008NF-0V for bug-guix@gnu.org; Wed, 18 May 2022 13:39:07 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1nrNdV-0005Pz-Uk for bug-guix@gnu.org; Wed, 18 May 2022 13:39:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#55399: Temporary fix Resent-From: =?UTF-8?Q?Andr=C3=A9?= Batista Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Wed, 18 May 2022 17:39:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 55399 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: Maxime Devos Cc: 55399@debbugs.gnu.org Received: via spool by 55399-submit@debbugs.gnu.org id=B55399.165289553620816 (code B ref 55399); Wed, 18 May 2022 17:39:01 +0000 Received: (at 55399) by debbugs.gnu.org; 18 May 2022 17:38:56 +0000 Received: from localhost ([127.0.0.1]:33436 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nrNdQ-0005Pf-75 for submit@debbugs.gnu.org; Wed, 18 May 2022 13:38:56 -0400 Received: from mx0.riseup.net ([198.252.153.6]:34478) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1nrNdN-0005PN-No for 55399@debbugs.gnu.org; Wed, 18 May 2022 13:38:54 -0400 Received: from fews2.riseup.net (fews2-pn.riseup.net [10.0.1.84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.riseup.net", Issuer "R3" (not verified)) by mx0.riseup.net (Postfix) with ESMTPS id 4L3KwR61yvz9s7d; Wed, 18 May 2022 10:38:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1652895527; bh=fSs5/fwayNjAHvWegiXT7W2GPI3W/VykORODsKHsfuw=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=AgqJUJj2LW8jqZirSFlXeo82OYOIQb+mRwbWUjje1wO6OQU40hP7LP+oUTF+Ngeqv E/dej6v6zQcvJoL28ZmKp85yqc/oeMmPsxSC5EiorExsfAwMirLEStzujFOueEZjII zrsSQoMDm5RWbVgyaJAZsbrJJGnJ97Up+zmmFsEk= X-Riseup-User-ID: 002575DF375A5763B8CA8BF8DC280711774570187A6E4E21A089A840382E0E5F Received: from [127.0.0.1] (localhost [127.0.0.1]) by fews2.riseup.net (Postfix) with ESMTPSA id 4L3KwQ5Q91z1xph; Wed, 18 May 2022 10:38:46 -0700 (PDT) Date: Wed, 18 May 2022 14:38:36 -0300 From: =?UTF-8?Q?Andr=C3=A9?= Batista Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="BW/eXf9dR20dld1M" Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1652895588; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=dUDypUamqFW1EV7XHq62Jzuzf4wOitydaOOkBQjT+r4=; b=BB3gU71ZZ7Q4waHObJUxCD5pXYAFbxleM4nrUCzwlf8hqAcqwdzkR2y1s1G4LfhYvYCxc4 S2xc061rF4rNRV8D67DlCP3AeTKWyrBmGhjI4zR04nYJUIRpEp9lci3qboJ10k7b2Nczr4 VyyAxbU6eh0zWrWCxFo5jOeBJOfaiNSI+iI/lXOUUW6xyyxATJQheO228kaGNpDGhw+WWf hAgE/6ACiMx8leUwTpeeET/2+2OqQLx4vAr6rVT+LZOLwrdYzSFphJ0viFKzrw5UjaZ0A3 pxJ/xGyjbaiWCrsEfaULsRv9vYULljWKKitFyXPHkSMBjGp/kL48BZOOavm1pg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1652895588; a=rsa-sha256; cv=none; b=G6ustN0xOawH9pSekm04lPMGuTYD8yfmAe8CfC6lGAacEu8Bwi2kt+F/oE6BCR3V14etWn QZB+Q8KqrJWzK/qjenNr1xqJDgGk1PIA4DO4Qj3Sbe5AoDXQNdK9858tqJpO2tRrWODzjz L/bUiqHoUcipt81WFH8YQ8+TYb2di6+Z6gM13kTjfOZZfQxcGRsVXE16UMgUHoxqZ17/5Q pcETSvCH8bRTKXfd09+viuPg3FqPQ2CkcEQLYI1sZi8zSqlZVr9bY8tB6ZXy42HioF5js+ zwVbWHZEUPmq6GPr7K60lYVKLk9rrX3nsQ4cCKY058vXXZRGdm6L1v07zTItFg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=AgqJUJj2; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 7.46 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=riseup.net header.s=squak header.b=AgqJUJj2; dmarc=fail reason="SPF not aligned (relaxed)" header.from=riseup.net (policy=none); spf=pass (aspmx1.migadu.com: domain of "bug-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="bug-guix-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 3FB272CE55 X-Spam-Score: 7.46 X-Migadu-Scanner: scn0.migadu.com X-TUID: zQ8ERSJ3mqvP --BW/eXf9dR20dld1M Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit Hi Maxime! sex 13 mai 2022 às 17:28:29 (1652473709), maximedevos@telenet.be enviou: > André Batista schreef op vr 13-05-2022 om 12:21 [-0300]: > > Any thoughts? > > According to > , > the ownership check can be relaxed by setting an option. The guile- > git library would need to be adjusted to support the option though. Thanks for your pointers. I've only had a substitute* hammer and this certainly seemed like a loose nail, so I've hammered my way through. The patch bellow addresses the issue on guix side only and it was applied/tested locally before b6bfe9ea6a1b19159455b34f1af4ac00ef9b94ab So this later commit would need to be reverted, otherwise guix will not use the new libgit2 v1.4.3 anyway. Anyway, the proper think to do is to update guile-git, so I'll be opening an issue there. Happy hacking! --BW/eXf9dR20dld1M Content-Type: text/plain; charset=us-ascii Content-Disposition: inline; filename="guile-git.patch" >From 370bf9bec714747244da00a7fd793da04c49c523 Mon Sep 17 00:00:00 2001 In-Reply-To: References: From: =?UTF-8?q?Andr=C3=A9=20Batista?= Date: Tue, 17 May 2022 19:18:49 -0300 Subject: [PATCH] guix/git: Disable owner validation when updating cache. To: 55399@debbugs.gnu.org Cc: maximedevos@telenet.be --- gnu/packages/guile.scm | 40 +++++++++++++++++++++++++++++++++++++++- guix/git.scm | 3 +++ 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/gnu/packages/guile.scm b/gnu/packages/guile.scm index 9d58c8d4cd..b120f3eefe 100644 --- a/gnu/packages/guile.scm +++ b/gnu/packages/guile.scm @@ -816,6 +816,44 @@ (define-public guile-git (sha256 (base32 "11a51acibwi2hpaygmrpn6nwbr4lqalc87ihrgj3mhz6swbsk9n7")) + (modules '((guix build utils))) + (snippet + '(begin + (substitute* "git/settings.scm" + (("set-user-agent!))") + (string-append "set-user-agent!\n" + " set-owner-validation!))")) + (("GIT_OPT_ENABLE_STRICT_OBJECT_CREATION 14)" m) + (string-append m "\n" "(define GIT_OPT_ENABLE_STRICT_SYMBOLIC_REF_CREATION 15)")) + + (("(GIT_OPT_SET_SSL_CIPHERS).*" _ m) + (string-append m " 16)\n")) + + (("(GIT_OPT_GET_USER_AGENT).*" _ m) + (string-append m " 17)\n" + "(define GIT_OPT_ENABLE_OFS_DELTA 18)\n" + "(define GIT_OPT_ENABLE_FSYNC_GITDIR 19)\n" + "(define GIT_OPT_GET_WINDOWS_SHAREMODE 20)\n" + "(define GIT_OPT_SET_WINDOWS_SHAREMODE 21)\n" + "(define GIT_OPT_ENABLE_STRICT_HASH_VERIFICATION 22)\n" + "(define GIT_OPT_SET_ALLOCATOR 23)\n" + "(define GIT_OPT_ENABLE_UNSAVED_INDEX_SAFETY 24)\n" + "(define GIT_OPT_GET_PACK_MAX_OBJECTS 25)\n" + "(define GIT_OPT_SET_PACK_MAX_OBJECTS 26)\n" + "(define GIT_OPT_DISABLE_PACK_KEEP_FILE_CHECKS 27)\n" + "(define GIT_OPT_ENABLE_HTTP_EXPECT_CONTINUE 28)\n" + "(define GIT_OPT_GET_MWINDOW_FILE_LIMIT 29)\n" + "(define GIT_OPT_SET_MWINDOW_FILE_LIMIT 30)\n" + "(define GIT_OPT_SET_ODB_PACKED_PRIORITY 31)\n" + "(define GIT_OPT_SET_ODB_LOOSE_PRIORITY 32)\n" + "(define GIT_OPT_GET_EXTENSIONS 33)\n" + "(define GIT_OPT_SET_EXTENSIONS 34)\n" + "(define GIT_OPT_GET_OWNER_VALIDATION 35)\n" + "(define GIT_OPT_SET_OWNER_VALIDATION 36)\n\n" + "(define set-owner-validation!\n" + " (let ((proc (libgit2->procedure* \"git_libgit2_opts\" (list int int))))\n" + " (lambda* (owner-validation)\n" + " (proc GIT_OPT_SET_OWNER_VALIDATION owner-validation))))\n"))))) (patches (search-patches "guile-git-adjust-for-libgit2-1.2.0.patch")))) (build-system gnu-build-system) diff --git a/guix/git.scm b/guix/git.scm index 53e7219c8c..ced6a9c62c 100644 --- a/guix/git.scm +++ b/guix/git.scm @@ -23,6 +23,7 @@ (define-module (guix git) #:use-module (git) #:use-module (git object) + #:use-module (git settings) #:use-module (git submodule) #:use-module (guix i18n) #:use-module (guix base32) @@ -463,6 +464,8 @@ (define canonical-ref (repository (if cache-exists? (repository-open cache-directory) (clone/swh-fallback url ref cache-directory)))) + ;; Disable owner validation for local repos see #55399 + (set-owner-validation! 0) ;; Only fetch remote if it has not been cloned just before. (when (and cache-exists? (not (reference-available? repository ref))) --BW/eXf9dR20dld1M--