From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:470:142:3::10]:52765) by lists.gnu.org with esmtp (Exim 4.86_2) (envelope-from ) id 1hw7CR-0005Uq-73 for guix-patches@gnu.org; Fri, 09 Aug 2019 11:53:04 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1hw7CQ-00072h-7I for guix-patches@gnu.org; Fri, 09 Aug 2019 11:53:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:34328) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1hw7CQ-00072Y-3q for guix-patches@gnu.org; Fri, 09 Aug 2019 11:53:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1hw7CP-0006Wb-WF for guix-patches@gnu.org; Fri, 09 Aug 2019 11:53:02 -0400 Subject: [bug#36956] [PATCH] machine: Automatically authorize the coordinator's signing key. Resent-Message-ID: From: zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) References: <87ef1x4015.fsf@sdf.lonestar.org> <874l2sydbs.fsf@elephly.net> <87zhkkk8a6.fsf@sdf.lonestar.org> Date: Fri, 09 Aug 2019 11:52:26 -0400 In-Reply-To: <87zhkkk8a6.fsf@sdf.lonestar.org> (Jakob L. Kreuze's message of "Wed, 07 Aug 2019 16:52:33 -0400") Message-ID: <87ftmanxol.fsf@sdf.lonestar.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org Sender: "Guix-patches" To: Christopher Lemmer Webber Cc: 36956@debbugs.gnu.org --=-=-= Content-Type: text/plain zerodaysfordays@sdf.lonestar.org (Jakob L. Kreuze) writes: > Hi Chris and Ricardo, > > Christopher Lemmer Webber writes: > >> This seems like a good usability improvement. For clarity, I assume >> that it's still configurable, however? Would be important if pushing >> builds to a different machine. > > No, but you raise a good point :) I'll update this patch to make it > configurable. > > Ricardo Wurmus writes: > >> This will overwrite an existing acl file on the remote with a copy >> that differs only in the newly added key. >> >> Is there a chance for corruption, e.g. if acl->public-keys returns >> something unexpected? > > I suppose it's possible. 'guix archive --authorize' doesn't seem to do > any specific handling for it, but it doesn't hurt to be paranoid -- we > "atomically" overwrite the GC root for the bootloader configuration, for > example, and we could do something similar here. I'll include it in the > updated patch. > > Regards, > Jakob > I didn't think this all the way through when I wrote this response. We're already using 'with-atomic-file-output', so we're already "atomically" overwriting the ACL. Also, it wouldn't solve the issue of 'acl->public-keys' returning something unexpected. I'm not sure I have a good solution for this at the moment. Regards, Jakob --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEa1VJLOiXAjQ2BGSm9Qb9Fp2P2VoFAl1NlroACgkQ9Qb9Fp2P 2VpCNA//abCG+W8GMq71/q4wjxkmX3KQcmZSINPMTLPFw68DLDAJpOn2ZATFoK39 KMOTanQ0/DVx8k2LMI1EIPypmOo7KvXW0tIWXNxNUnBWJ5eIjPhdFPq2kLaL9Tdp h1g/tZ/BbS7ytS8z8Gb+jLipeVcGUflyCEGUEbQFf7Tzv/iNObD0j1E933c7CFMb lJiTtGiB/J01tDhhxedFjEp8mdPRzBxVvcr6Jr9KElsZTC4JK1CHCkbeVBoHULsr 0vcvdXeZeufbZUvRJeQ8oD2kpPxPHwCZQKXIWMaB2en3zvOrFDC6QKf9cHVjyZBO j+dwL/oBuNVjF4aqSWUaVcf6DEpU9qjgctmEdgHOO8pVPBIS1S/UwxJeoUR0gevG RGtrkj9IEI9o6WbsjPD4huk5J19ovsA199PTf9dGk1y38TE+d1omJ7zKw4tlhn7t 4Nf3clzbz0kBzix4pcm95y4ny5bMV7mMgi7l0uVPiSclvKP0QmkmkXcz4EVbGeeS UALQGkYoaQbX9tKKKjHFdHwRN4z6RWP9tPBaE1TsyQTeziDWPzI4TcC1tEnr4+VP dbDn+PfmO50EFG3cQ7RUDQiCckUVU1846IXh2zlwE2Vbj1/V9UE1rgip1xzT4hwU Oj00kcR/LnckKiXb9plGvzitdjZIAKPYQrGxpOLONu7zTkLPPE8= =xHvn -----END PGP SIGNATURE----- --=-=-=--