unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed
* was I hacked?
@ 2022-04-13  1:28 jgart
  2022-04-13  5:25 ` Thiago Jung Bauermann
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-13  1:28 UTC (permalink / raw)
  To: Guix Help

Hi Guixers,

Sorry for the clickbait title.

I got this error just now from the main guix channel:


```
 λ guix pull
Updating channel 'guixrus' from Git repository at 'https://git.sr.ht/~whereiseveryone/guixrus'...
Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: aborting update of channel 'guix' to commit 950f3e4f98add14f645dc4c9f8c512cac7b8a779, which is not a descendant of 42679e3f81a0fa61e225b1f6aa0e80e39625372f
hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest
updates.  If you think this is not the case, explicitly allow non-forward updates.
```

wdyt?

jgart

https://whereis.みんな/
gemini://whereis.みんな/



^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-13  1:28 was I hacked? jgart
@ 2022-04-13  5:25 ` Thiago Jung Bauermann
  2022-04-13 21:41   ` jgart
  0 siblings, 1 reply; 19+ messages in thread
From: Thiago Jung Bauermann @ 2022-04-13  5:25 UTC (permalink / raw)
  To: jgart; +Cc: help-guix


Hello,

jgart <jgart@dismail.de> writes:

> Hi Guixers,
>
> Sorry for the clickbait title.
>
> I got this error just now from the main guix channel:
>
>
> ```
>  λ guix pull
> Updating channel 'guixrus' from Git repository at
> 'https://git.sr.ht/~whereiseveryone/guixrus'...
> Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...
> Updating channel 'guix' from Git repository at
> 'https://git.savannah.gnu.org/git/guix.git'...
> guix pull: error: aborting update of channel 'guix' to commit
> 950f3e4f98add14f645dc4c9f8c512cac7b8a779, which is not a descendant of
> 42679e3f81a0fa61e225b1f6aa0e80e39625372f
> hint: This could indicate that the channel has been tampered with and is trying to force a
> roll-back, preventing you from getting the latest
> updates.  If you think this is not the case, explicitly allow non-forward updates.
> ```
>
> wdyt?

I don't understand why Guix thinks that. IIUC 950f3e… is a direct
descendant of 42679e…

-- 
Thanks
Thiago


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-13  5:25 ` Thiago Jung Bauermann
@ 2022-04-13 21:41   ` jgart
  2022-04-14  0:26     ` Feng Shu
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-13 21:41 UTC (permalink / raw)
  To: Thiago Jung Bauermann; +Cc: help-guix

On Wed, 13 Apr 2022 02:25:11 -0300 Thiago Jung Bauermann <bauermann@kolabnow.com> wrote:
> I don't understand why Guix thinks that. IIUC 950f3e… is a direct
> descendant of 42679e…

As of today now the has changed:

 ```
 λ guix pull
Updating channel 'guixrus' from Git repository at 'https://git.sr.ht/~whereiseveryone/guixrus'...
Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...
Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...
guix pull: error: aborting update of channel 'guix' to commit 5743d505834a8b13778da2c969ea4e15bb7a3a75, which is not a descendant of 42679e3f81a0fa61e225b1f6aa0e80e39625372f
hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest
updates.  If you think this is not the case, explicitly allow non-forward updates.
```

I haven't allowed downgrades yet.

Waiting to see if I get an answer first on why it's happening.

all best,

jgart



^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-13 21:41   ` jgart
@ 2022-04-14  0:26     ` Feng Shu
  2022-04-14  5:17       ` jgart
  0 siblings, 1 reply; 19+ messages in thread
From: Feng Shu @ 2022-04-14  0:26 UTC (permalink / raw)
  To: jgart; +Cc: help-guix

jgart <jgart@dismail.de> writes:

> On Wed, 13 Apr 2022 02:25:11 -0300 Thiago Jung Bauermann <bauermann@kolabnow.com> wrote:
>> I don't understand why Guix thinks that. IIUC 950f3e… is a direct
>> descendant of 42679e…
>
> As of today now the has changed:
>
>  ```
>  λ guix pull
> Updating channel 'guixrus' from Git repository at 'https://git.sr.ht/~whereiseveryone/guixrus'...Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...guix pull: error: aborting update of channel 'guix' to commit 5743d505834a8b13778da2c969ea4e15bb7a3a75, which is not a descendant of 42679e3f81a0fa61e225b1f6aa0e80e39625372f
> hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest
> updates.  If you think this is not the case, explicitly allow non-forward updates.
> ```
>
> I haven't allowed downgrades yet.
>
> Waiting to see if I get an answer first on why it's happening.

Why not roll-back to an older guix, then try guix pull again? 


>
> all best,
>
> jgart

-- 



^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14  0:26     ` Feng Shu
@ 2022-04-14  5:17       ` jgart
  2022-04-14 16:05         ` Vagrant Cascadian
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-14  5:17 UTC (permalink / raw)
  To: Feng Shu; +Cc: Thiago Jung Bauermann, help-guix

On Thu, 14 Apr 2022 08:26:39 +0800 Feng Shu <tumashu@163.com> wrote:
> jgart <jgart@dismail.de> writes:
> 
> > On Wed, 13 Apr 2022 02:25:11 -0300 Thiago Jung Bauermann <bauermann@kolabnow.com> wrote:
> >> I don't understand why Guix thinks that. IIUC 950f3e… is a direct
> >> descendant of 42679e…
> >
> > As of today now the has changed:
> >
> >  ```
> >  λ guix pull
> > Updating channel 'guixrus' from Git repository at 'https://git.sr.ht/~whereiseveryone/guixrus'...Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...guix pull: error: aborting update of channel 'guix' to commit 5743d505834a8b13778da2c969ea4e15bb7a3a75, which is not a descendant of 42679e3f81a0fa61e225b1f6aa0e80e39625372f
> > hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest
> > updates.  If you think this is not the case, explicitly allow non-forward updates.
> > ```
> >
> > I haven't allowed downgrades yet.
> >
> > Waiting to see if I get an answer first on why it's happening.
> 
> Why not roll-back to an older guix, then try guix pull again? 

Hi Feng,

Thanks! that worked!!!

I rolled back one generation and ran `guix pull`.

all best,

jgart


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14  5:17       ` jgart
@ 2022-04-14 16:05         ` Vagrant Cascadian
  2022-04-14 20:01           ` jgart
  0 siblings, 1 reply; 19+ messages in thread
From: Vagrant Cascadian @ 2022-04-14 16:05 UTC (permalink / raw)
  To: jgart, Feng Shu; +Cc: help-guix

[-- Attachment #1: Type: text/plain, Size: 2020 bytes --]

On 2022-04-14, jgart wrote:
> On Thu, 14 Apr 2022 08:26:39 +0800 Feng Shu <tumashu@163.com> wrote:
>> jgart <jgart@dismail.de> writes:
>> 
>> > On Wed, 13 Apr 2022 02:25:11 -0300 Thiago Jung Bauermann <bauermann@kolabnow.com> wrote:
>> >> I don't understand why Guix thinks that. IIUC 950f3e… is a direct
>> >> descendant of 42679e…
>> >
>> > As of today now the has changed:
>> >
>> >  ```
>> >  λ guix pull
>> > Updating channel 'guixrus' from Git repository at 'https://git.sr.ht/~whereiseveryone/guixrus'...Updating channel 'nonguix' from Git repository at 'https://gitlab.com/nonguix/nonguix'...Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'...guix pull: error: aborting update of channel 'guix' to commit 5743d505834a8b13778da2c969ea4e15bb7a3a75, which is not a descendant of 42679e3f81a0fa61e225b1f6aa0e80e39625372f
>> > hint: This could indicate that the channel has been tampered with and is trying to force a roll-back, preventing you from getting the latest
>> > updates.  If you think this is not the case, explicitly allow non-forward updates.
>> > ```
>> >
>> > I haven't allowed downgrades yet.
>> >
>> > Waiting to see if I get an answer first on why it's happening.
>> 
>> Why not roll-back to an older guix, then try guix pull again? 
>
> Hi Feng,
>
> Thanks! that worked!!!
>
> I rolled back one generation and ran `guix pull`.

That still does leave me wonder what the deal was...

Was the repository tampered with?

Rolling back to an older generation and then moving forward basically
would be a successfull (hopefully just accidental) attack changing the
commit history! Rolling back to an older generation isn't much different
than just blindly allowing to move forward to a different branch...

Is it possible that one of your channels actually had the exact same
commit in it, but then forked off in different directions?

It is rather unsettling to not know what happened...


live well,
  vagrant

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 227 bytes --]

^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14 16:05         ` Vagrant Cascadian
@ 2022-04-14 20:01           ` jgart
  2022-04-14 20:20             ` Christine Lemmer-Webber
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-14 20:01 UTC (permalink / raw)
  To: Vagrant Cascadian; +Cc: Feng Shu, Thiago Jung Bauermann, help-guix

On Thu, 14 Apr 2022 09:05:29 -0700 Vagrant Cascadian <vagrant@debian.org> wrote:
> Rolling back to an older generation and then moving forward basically
> would be a successfull (hopefully just accidental) attack changing the
> commit history! Rolling back to an older generation isn't much different
> than just blindly allowing to move forward to a different branch...

That's a very good point that I only just thought of now after doing it ;()

> Is it possible that one of your channels actually had the exact same
> commit in it, but then forked off in different directions?

I don't have any other channel that is mirroring GNU Guix upstream.

> It is rather unsettling to not know what happened...

Yes, it is. I agree.

Others have reported this issue on irc at #guix.

See the logs.

I think they just blindly used --allow-downgrades while I blindly rolled back and forward

Hopefully we find out what happened.

all best,

jgart


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14 20:01           ` jgart
@ 2022-04-14 20:20             ` Christine Lemmer-Webber
  2022-04-14 20:27               ` jgart
  0 siblings, 1 reply; 19+ messages in thread
From: Christine Lemmer-Webber @ 2022-04-14 20:20 UTC (permalink / raw)
  To: jgart; +Cc: Vagrant Cascadian, help-guix

jgart <jgart@dismail.de> writes:

> On Thu, 14 Apr 2022 09:05:29 -0700 Vagrant Cascadian <vagrant@debian.org> wrote:
>> Rolling back to an older generation and then moving forward basically
>> would be a successfull (hopefully just accidental) attack changing the
>> commit history! Rolling back to an older generation isn't much different
>> than just blindly allowing to move forward to a different branch...
>
> That's a very good point that I only just thought of now after doing it ;()
>
>> Is it possible that one of your channels actually had the exact same
>> commit in it, but then forked off in different directions?
>
> I don't have any other channel that is mirroring GNU Guix upstream.
>
>> It is rather unsettling to not know what happened...
>
> Yes, it is. I agree.
>
> Others have reported this issue on irc at #guix.
>
> See the logs.
>
> I think they just blindly used --allow-downgrades while I blindly rolled back and forward
>
> Hopefully we find out what happened.
>
> all best,
>
> jgart

It should be possible to use the git reflog to find out what your
previous git history state was.

It would be a good idea if you could push the "suspect" branch up
somewhere where it can be examined, I'd think?


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14 20:20             ` Christine Lemmer-Webber
@ 2022-04-14 20:27               ` jgart
  2022-04-15  1:11                 ` Christine Lemmer-Webber
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-14 20:27 UTC (permalink / raw)
  To: Christine Lemmer-Webber
  Cc: Vagrant Cascadian, Feng Shu, Thiago Jung Bauermann, help-guix

On Thu, 14 Apr 2022 16:20:05 -0400 Christine Lemmer-Webber <cwebber@dustycloud.org> wrote:
> It should be possible to use the git reflog to find out what your
> previous git history state was.
> 
> It would be a good idea if you could push the "suspect" branch up
> somewhere where it can be examined, I'd think?

Hi Christine,

Was that request for me?

If so, how would I push the suspect branch?

All I did was a `git pull`.

Unless you're implying that suspect branch is on my local machine somewhere?

all best,

jgart


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-14 20:27               ` jgart
@ 2022-04-15  1:11                 ` Christine Lemmer-Webber
  2022-04-15  3:08                   ` jgart
  0 siblings, 1 reply; 19+ messages in thread
From: Christine Lemmer-Webber @ 2022-04-15  1:11 UTC (permalink / raw)
  To: jgart; +Cc: Vagrant Cascadian, help-guix

jgart <jgart@dismail.de> writes:

> On Thu, 14 Apr 2022 16:20:05 -0400 Christine Lemmer-Webber <cwebber@dustycloud.org> wrote:
>> It should be possible to use the git reflog to find out what your
>> previous git history state was.
>> 
>> It would be a good idea if you could push the "suspect" branch up
>> somewhere where it can be examined, I'd think?
>
> Hi Christine,
>
> Was that request for me?
>
> If so, how would I push the suspect branch?
>
> All I did was a `git pull`.
>
> Unless you're implying that suspect branch is on my local machine somewhere?
>
> all best,
>
> jgart

It was for you.  Since guix pull operates via a git pull, I think it
should be possible to figure out what the state of the previous branch
was when the weirdness occured.

In terms of where to push, you can push to pretty much any forge out
there.  Notabug, Gitlab, etc etc etc.

Sorry I don't have time to say more.  Currently sitting in the passenger
seat on a road trip.  I'm not sure if others in the Guix project see
this as a priority, but if you say other users on IRC expereinced
something similar, it may be good to investigate.


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15  1:11                 ` Christine Lemmer-Webber
@ 2022-04-15  3:08                   ` jgart
  2022-04-15  3:31                     ` Jack Hill
  0 siblings, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-15  3:08 UTC (permalink / raw)
  To: Christine Lemmer-Webber
  Cc: Vagrant Cascadian, Feng Shu, Thiago Jung Bauermann, help-guix

On Thu, 14 Apr 2022 21:11:32 -0400 Christine Lemmer-Webber <cwebber@dustycloud.org> wrote:
> It was for you.  Since guix pull operates via a git pull, I think it
> should be possible to figure out what the state of the previous branch
> was when the weirdness occured.

Got it. Thanks

> In terms of where to push, you can push to pretty much any forge out
> there.  Notabug, Gitlab, etc etc etc.

What I not sure of is what path on my system to find the suspicious
branch/git repo pulled down by `git/guix pull` so I can push it somewhere.

In other words, where does `guix pull` clone the git repo to? 

If you know off the top of your head it would be helpful otherwise
I'll find some time to start digging around for it since I've never
explored where exactly guix pull clones the git repo.

I guess somewhere in the /gnu/store/...?



^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15  3:08                   ` jgart
@ 2022-04-15  3:31                     ` Jack Hill
  2022-04-15 14:05                       ` jgart
  2022-04-15 19:43                       ` Edouard Klein
  0 siblings, 2 replies; 19+ messages in thread
From: Jack Hill @ 2022-04-15  3:31 UTC (permalink / raw)
  To: jgart; +Cc: Vagrant Cascadian, help-guix

On Thu, 14 Apr 2022, jgart wrote:

> What I not sure of is what path on my system to find the suspicious
> branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
>
> In other words, where does `guix pull` clone the git repo to?

~/.cache/guix/checkouts

~/.cache/guix/authentication may be interesting as well.

(I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)

Sorry I don't have insight in to what went wrong.

Take care,
Jack


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15  3:31                     ` Jack Hill
@ 2022-04-15 14:05                       ` jgart
  2022-04-15 17:31                         ` jgart
  2022-04-15 19:43                       ` Edouard Klein
  1 sibling, 1 reply; 19+ messages in thread
From: jgart @ 2022-04-15 14:05 UTC (permalink / raw)
  To: Jack Hill
  Cc: Christine Lemmer-Webber, Vagrant Cascadian, Feng Shu,
	Thiago Jung Bauermann, help-guix

On Thu, 14 Apr 2022 23:31:14 -0400 Jack Hill <jackhill@jackhill.us> wrote:
> On Thu, 14 Apr 2022, jgart wrote:
> 
> > What I not sure of is what path on my system to find the suspicious
> > branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
> >
> > In other words, where does `guix pull` clone the git repo to?
> 
> ~/.cache/guix/checkouts
> 
> ~/.cache/guix/authentication may be interesting as well.
> 
> (I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)
> 
> Sorry I don't have insight in to what went wrong.

Hi Jack,

Thank you!

I'll push it soon.

all best,

jgart


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15 14:05                       ` jgart
@ 2022-04-15 17:31                         ` jgart
  0 siblings, 0 replies; 19+ messages in thread
From: jgart @ 2022-04-15 17:31 UTC (permalink / raw)
  To: Jack Hill
  Cc: Christine Lemmer-Webber, Vagrant Cascadian, Feng Shu,
	Thiago Jung Bauermann, help-guix

On Fri, 15 Apr 2022 10:05:09 -0400 jgart <jgart@dismail.de> wrote:
> On Thu, 14 Apr 2022 23:31:14 -0400 Jack Hill <jackhill@jackhill.us> wrote:
> > On Thu, 14 Apr 2022, jgart wrote:
> > 
> > > What I not sure of is what path on my system to find the suspicious
> > > branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
> > >
> > > In other words, where does `guix pull` clone the git repo to?
> > 
> > ~/.cache/guix/checkouts
> > 
> > ~/.cache/guix/authentication may be interesting as well.
> > 
> > (I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)
> > 
> > Sorry I don't have insight in to what went wrong.
> 
> Hi Jack,
> 
> Thank you!
> 
> I'll push it soon.


Here are the repos of interest:

https://git.sr.ht/~whereiseveryone/pjmkglp

https://git.sr.ht/~whereiseveryone/authentification-channels

wdyt?


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15 19:43                       ` Edouard Klein
@ 2022-04-15 18:56                         ` Christine Lemmer-Webber
  2022-04-22 16:47                           ` Edouard Klein
  0 siblings, 1 reply; 19+ messages in thread
From: Christine Lemmer-Webber @ 2022-04-15 18:56 UTC (permalink / raw)
  To: Edouard Klein; +Cc: help-guix

Well good news, jgart pushed them elsewhere in the thread:

jgart <jgart@dismail.de> writes:

> Here are the repos of interest:
>
> https://git.sr.ht/~whereiseveryone/pjmkglp
>
> https://git.sr.ht/~whereiseveryone/authentification-channels
>
> wdyt?


Edouard Klein <edou@rdklein.fr> writes:

> Hi,
>
> Sorry about the noise, but I'm curious about this as well, and I think
> if this is indeed an attack that it would be brilliant to see that guix
> protected against it. I would like to document it.
>
> @jgart I can open a git repo for you and lend a hand if you need help
> pushing the strange branch somewhere.
>
> Cheers,
>
> Edouard
>
> Jack Hill <jackhill@jackhill.us> writes:
>
>> On Thu, 14 Apr 2022, jgart wrote:
>>
>>> What I not sure of is what path on my system to find the suspicious
>>> branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
>>>
>>> In other words, where does `guix pull` clone the git repo to?
>>
>> ~/.cache/guix/checkouts
>>
>> ~/.cache/guix/authentication may be interesting as well.
>>
>> (I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)
>>
>> Sorry I don't have insight in to what went wrong.
>>
>> Take care,
>> Jack



^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15  3:31                     ` Jack Hill
  2022-04-15 14:05                       ` jgart
@ 2022-04-15 19:43                       ` Edouard Klein
  2022-04-15 18:56                         ` Christine Lemmer-Webber
  1 sibling, 1 reply; 19+ messages in thread
From: Edouard Klein @ 2022-04-15 19:43 UTC (permalink / raw)
  To: help-guix

Hi,

Sorry about the noise, but I'm curious about this as well, and I think
if this is indeed an attack that it would be brilliant to see that guix
protected against it. I would like to document it.

@jgart I can open a git repo for you and lend a hand if you need help
pushing the strange branch somewhere.

Cheers,

Edouard

Jack Hill <jackhill@jackhill.us> writes:

> On Thu, 14 Apr 2022, jgart wrote:
>
>> What I not sure of is what path on my system to find the suspicious
>> branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
>>
>> In other words, where does `guix pull` clone the git repo to?
>
> ~/.cache/guix/checkouts
>
> ~/.cache/guix/authentication may be interesting as well.
>
> (I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)
>
> Sorry I don't have insight in to what went wrong.
>
> Take care,
> Jack


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-15 18:56                         ` Christine Lemmer-Webber
@ 2022-04-22 16:47                           ` Edouard Klein
  2022-04-22 19:58                             ` Thiago Jung Bauermann
  0 siblings, 1 reply; 19+ messages in thread
From: Edouard Klein @ 2022-04-22 16:47 UTC (permalink / raw)
  To: help-guix

Hi,

I diffed the git log of both https://git.sr.ht/~whereiseveryone/pjmkglp
and guix official repo and could not find any difference (apart from the
most recent commits on the official repo of course). I also confirmed,
as had already been said, that commit 950f3e4f98 is indeed a descendant
of 42679e3f81, so the error message makes no sense :/

I have absolutely no idea what went wrong. I'm still very much
interested in the answer, but I've reached the edge of my ability to
investigate.

Let's hope that somebody can find out what went wrong.

Cheers,

Edouard.

Christine Lemmer-Webber <cwebber@dustycloud.org> writes:

> Well good news, jgart pushed them elsewhere in the thread:
>
> jgart <jgart@dismail.de> writes:
>
>> Here are the repos of interest:
>>
>> https://git.sr.ht/~whereiseveryone/pjmkglp
>>
>> https://git.sr.ht/~whereiseveryone/authentification-channels
>>
>> wdyt?
>
>
> Edouard Klein <edou@rdklein.fr> writes:
>
>> Hi,
>>
>> Sorry about the noise, but I'm curious about this as well, and I think
>> if this is indeed an attack that it would be brilliant to see that guix
>> protected against it. I would like to document it.
>>
>> @jgart I can open a git repo for you and lend a hand if you need help
>> pushing the strange branch somewhere.
>>
>> Cheers,
>>
>> Edouard
>>
>> Jack Hill <jackhill@jackhill.us> writes:
>>
>>> On Thu, 14 Apr 2022, jgart wrote:
>>>
>>>> What I not sure of is what path on my system to find the suspicious
>>>> branch/git repo pulled down by `git/guix pull` so I can push it somewhere.
>>>>
>>>> In other words, where does `guix pull` clone the git repo to?
>>>
>>> ~/.cache/guix/checkouts
>>>
>>> ~/.cache/guix/authentication may be interesting as well.
>>>
>>> (I bet (hope?) it's actually XDG_CACHE_DIR/guix but you get the idea)
>>>
>>> Sorry I don't have insight in to what went wrong.
>>>
>>> Take care,
>>> Jack


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-22 16:47                           ` Edouard Klein
@ 2022-04-22 19:58                             ` Thiago Jung Bauermann
  2022-04-23 15:56                               ` Dr. Arne Babenhauserheide
  0 siblings, 1 reply; 19+ messages in thread
From: Thiago Jung Bauermann @ 2022-04-22 19:58 UTC (permalink / raw)
  To: Edouard Klein; +Cc: help-guix


Edouard Klein <edou@rdklein.fr> writes:

> Hi,
>
> I diffed the git log of both https://git.sr.ht/~whereiseveryone/pjmkglp
> and guix official repo and could not find any difference (apart from the
> most recent commits on the official repo of course). I also confirmed,
> as had already been said, that commit 950f3e4f98 is indeed a descendant
> of 42679e3f81, so the error message makes no sense :/

Someone mentioned inspecting the reflog. IIUC (and maybe I don't UC) the
reflog is a local property to a git repo and can't be pushed/pulled.

Therefore, one additional piece of evidence would be if jgart could go
to ~/.cache/guix/checkouts/<hash of guix repo clone>/ and post the
output of the commands ‘git reflog origin/master’ and
‘git reflog master’.

-- 
Thanks
Thiago


^ permalink raw reply	[flat|nested] 19+ messages in thread

* Re: was I hacked?
  2022-04-22 19:58                             ` Thiago Jung Bauermann
@ 2022-04-23 15:56                               ` Dr. Arne Babenhauserheide
  0 siblings, 0 replies; 19+ messages in thread
From: Dr. Arne Babenhauserheide @ 2022-04-23 15:56 UTC (permalink / raw)
  To: Thiago Jung Bauermann; +Cc: Edouard Klein, help-guix

[-- Attachment #1: Type: text/plain, Size: 13324 bytes --]


Thiago Jung Bauermann <bauermann@kolabnow.com> writes:

> Edouard Klein <edou@rdklein.fr> writes:
>> I diffed the git log of both https://git.sr.ht/~whereiseveryone/pjmkglp
>> and guix official repo and could not find any difference (apart from the
>> most recent commits on the official repo of course). I also confirmed,
>> as had already been said, that commit 950f3e4f98 is indeed a descendant
>> of 42679e3f81, so the error message makes no sense :/
>
> Someone mentioned inspecting the reflog. IIUC (and maybe I don't UC) the
> reflog is a local property to a git repo and can't be pushed/pulled.
>
> Therefore, one additional piece of evidence would be if jgart could go
> to ~/.cache/guix/checkouts/<hash of guix repo clone>/ and post the
> output of the commands ‘git reflog origin/master’ and
> ‘git reflog master’.

I got the same warning, but with another commit:

guix pull: Fehler: Aktualisierung verweigert von Kanal „guix“ auf Commit 329908236084c5ab3e37779bfef4400fdea9476e, der kein Nachkomme von 42679e3f81a0fa61e225b1f6aa0e80e39625372f ist

But 329908236084c5ab3e37779bfef4400fdea9476e *is* a decendant of
42679e3f81a0fa61e225b1f6aa0e80e39625372f:

$ cd path/to/guix-repo; git log --graph 329908236084c5ab3e37779bfef4400fdea9476e | grep -C10  42679e3f81a0fa61e225b1f6aa0e80e39625372f
|     python-pyyaml with python-pyyaml-for-awscli.
| 
* commit 7fcb16e9d4a0fd7b169079ff9b737d12d5e06b17
| Author: Ricardo Wurmus <rekado@elephly.net>
| Date:   Tue Apr 12 23:06:47 2022 +0200
| 
|     gnu: Add python-pyyaml-for-awscli.
|     
|     * gnu/packages/python-xyz.scm (python-pyyaml-for-awscli): New variable.
| 
* commit 42679e3f81a0fa61e225b1f6aa0e80e39625372f
| Author: Liliana Marie Prikler <liliana.prikler@gmail.com>
| Date:   Sat Mar 26 09:57:18 2022 +0100
| 
|     services: Replace murmur-service-type with mumble-server-service-type.
|     
|     * gnu/services/telephony.scm (murmur-configuration, make-murmur-configuration)
|     (murmur-configuration?, murmur-configuration-package)
|     (murmur-configuration-user, murmur-configuration-group)
|     (murmur-configuration-port, murmur-configuration-welcome-text)
|     (murmur-configuration-server-password)



$ cd ~/.cache/guix/checkouts/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq/; git reflog origin/master | grep .
3299082360 refs/remotes/origin/master@{0}: 
5743d50583 refs/remotes/origin/master@{1}: 
b5e32d9620 refs/remotes/origin/master@{2}: 
42679e3f81 refs/remotes/origin/master@{3}: 
ec6a585ee2 refs/remotes/origin/master@{4}: 
f8deb50b6f refs/remotes/origin/master@{5}: 
191ff81556 refs/remotes/origin/master@{6}: 
0d14f8a870 refs/remotes/origin/master@{7}: 
f7bb161445 refs/remotes/origin/master@{8}: 
ce921f1cf6 refs/remotes/origin/master@{9}: 
508960f95a refs/remotes/origin/master@{10}: 
c6b407c923 refs/remotes/origin/master@{11}: 
239dc64c7d refs/remotes/origin/master@{12}: 
dbcf9a06c1 refs/remotes/origin/master@{13}: 
459d5187d9 refs/remotes/origin/master@{14}: 
537f4a1ef1 refs/remotes/origin/master@{15}: 
83abdc8371 refs/remotes/origin/master@{16}: 
98d93f9769 refs/remotes/origin/master@{17}: 
7022eb6ea0 refs/remotes/origin/master@{18}: 
ccd9d07de0 refs/remotes/origin/master@{19}: 
c9c7b0e127 refs/remotes/origin/master@{20}: 
17d7343df8 refs/remotes/origin/master@{21}: 
b891f8519d refs/remotes/origin/master@{22}: 
ef4c9abeba refs/remotes/origin/master@{23}: 
a29360ade9 refs/remotes/origin/master@{24}: 
258150fd6e refs/remotes/origin/master@{25}: 
e8c1562599 refs/remotes/origin/master@{26}: 
bdf74dad1a refs/remotes/origin/master@{27}: 
21219307fe refs/remotes/origin/master@{28}: 
2bbc3864c3 refs/remotes/origin/master@{29}: 
632bfda5bb refs/remotes/origin/master@{30}: 
7be1ea33ff refs/remotes/origin/master@{31}: 
9b24cd3b8e refs/remotes/origin/master@{32}: 
3d2e41adf2 refs/remotes/origin/master@{33}: 
290a7664b5 refs/remotes/origin/master@{34}: 
567c4f4495 refs/remotes/origin/master@{35}: 
1747bb4825 refs/remotes/origin/master@{36}: 
d579df680e refs/remotes/origin/master@{37}: 
6cbbd54e64 refs/remotes/origin/master@{38}: 
1011b1ce93 refs/remotes/origin/master@{39}: 
320c971f8e refs/remotes/origin/master@{40}: 
35aaf1fe10 refs/remotes/origin/master@{41}: 
0105f33a4d refs/remotes/origin/master@{42}: 
159b94cfb5 refs/remotes/origin/master@{43}: 
f1a3c11407 refs/remotes/origin/master@{44}: 
49922efb11 refs/remotes/origin/master@{45}: 
7158f8e4e9 refs/remotes/origin/master@{46}: 
06d34c703b refs/remotes/origin/master@{47}: 
da2bd0c184 refs/remotes/origin/master@{48}: 
5552104cd2 refs/remotes/origin/master@{49}: 
efde98a443 refs/remotes/origin/master@{50}: 
bf8ee37e73 refs/remotes/origin/master@{51}: 
1e16e1938c refs/remotes/origin/master@{52}: 
3832d66cfd refs/remotes/origin/master@{53}: 
d0cc63ccc5 refs/remotes/origin/master@{54}: 
c3c003be69 refs/remotes/origin/master@{55}: 
68ce40cad7 refs/remotes/origin/master@{56}: 
234b340ae2 refs/remotes/origin/master@{57}: 
a1c7537548 refs/remotes/origin/master@{58}: 
cfe79af7e6 refs/remotes/origin/master@{59}: 
c85edf2ca4 refs/remotes/origin/master@{60}: 
6086e6ed1a refs/remotes/origin/master@{61}: 
4ec964ec38 refs/remotes/origin/master@{62}: 
4ad3f818c9 refs/remotes/origin/master@{63}: 
014421ee27 refs/remotes/origin/master@{64}: 
fa4dae68c4 refs/remotes/origin/master@{65}: 
67ac4348d4 refs/remotes/origin/master@{66}: 
169cbd808a refs/remotes/origin/master@{67}: 
f161623913 refs/remotes/origin/master@{68}: 
1a06cafc07 refs/remotes/origin/master@{69}: 
a74de6c41d refs/remotes/origin/master@{70}: 
767c3df815 refs/remotes/origin/master@{71}: 
80c091e911 refs/remotes/origin/master@{72}: 
7acd3d3cae refs/remotes/origin/master@{73}: 
e5adaf6c2d refs/remotes/origin/master@{74}: 
13c4a377f5 refs/remotes/origin/master@{75}: 
df325dbafd refs/remotes/origin/master@{76}: 
0dda79405e refs/remotes/origin/master@{77}: 
1eb26d0e07 refs/remotes/origin/master@{78}: 
fef2f08bc6 refs/remotes/origin/master@{79}: 
0cfe02cf55 refs/remotes/origin/master@{80}: 
89af95313d refs/remotes/origin/master@{81}: 
84feaca488 refs/remotes/origin/master@{82}: clone: from https://git.savannah.gnu.org/git/guix.git

$ cd ~/.cache/guix/checkouts/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq/; git reflog master | grep .
3299082360 master@{0}: reset: moving to 329908236084c5ab3e37779bfef4400fdea9476e
5743d50583 master@{1}: reset: moving to 5743d505834a8b13778da2c969ea4e15bb7a3a75
b5e32d9620 master@{2}: reset: moving to b5e32d96202e58bb0e7d640fe54f728d0ca2b4b1
42679e3f81 master@{3}: reset: moving to 42679e3f81a0fa61e225b1f6aa0e80e39625372f
ec6a585ee2 master@{4}: reset: moving to ec6a585ee2fd91c857276479411eedd0756e0093
f8deb50b6f master@{5}: reset: moving to f8deb50b6f7d4ce0bd5462f6e0445ec9d0c56eb5
191ff81556 master@{6}: reset: moving to 191ff815566699ce33c77fc140404d8f73fa4ab0
0d14f8a870 master@{7}: reset: moving to 0d14f8a8702ec8016ac58e5778a754b3105ef418
f7bb161445 master@{8}: reset: moving to f7bb161445903c51d299307610403cb3de0fcc56
ce921f1cf6 master@{9}: reset: moving to ce921f1cf61fc38e7517706f0dd66bff5a0287b9
508960f95a master@{10}: reset: moving to 508960f95a3af0750a59005e2beb8ec5edf7fd5c
c6b407c923 master@{11}: reset: moving to c6b407c923253ac3e7ce8439b31f52ef94de7846
239dc64c7d master@{12}: reset: moving to 239dc64c7d206957e0fb3f064e1799e205bf74ed
dbcf9a06c1 master@{13}: reset: moving to dbcf9a06c12984db2ed7dfd9e95d9d529a101e81
459d5187d9 master@{14}: reset: moving to 459d5187d9e9aa91d155db1204f1830845b9fe6b
537f4a1ef1 master@{15}: reset: moving to 537f4a1ef1cc385526b0662b2a9a1754319e1020
83abdc8371 master@{16}: reset: moving to 83abdc8371d90b6d4591a69fae5585a2a99c1627
98d93f9769 master@{17}: reset: moving to 98d93f97696b503f5e0e414295ddaf4013df1d56
7022eb6ea0 master@{18}: reset: moving to 7022eb6ea0f3be2f0eb58617c607ce34dfbff90a
ccd9d07de0 master@{19}: reset: moving to ccd9d07de083a1b232a8b939959e27d4acac45bf
c9c7b0e127 master@{20}: reset: moving to c9c7b0e1277d378c4948c2db76f27f690ad36db9
17d7343df8 master@{21}: reset: moving to 17d7343df82f9865fad5035285976be3000131d4
b891f8519d master@{22}: reset: moving to b891f8519dbea5457d9ad154974b1ab1459b4b8b
ef4c9abeba master@{23}: reset: moving to ef4c9abeba4e043e6eaea4048f40f99831cb2e28
a29360ade9 master@{24}: reset: moving to a29360ade9779bc7d7dbb7251ced6e33d30e03a3
258150fd6e master@{25}: reset: moving to 258150fd6e762ce535a12281627c0010e431e719
e8c1562599 master@{26}: reset: moving to e8c1562599c7ebee8b7b228237fb0d75d4472a61
bdf74dad1a master@{27}: reset: moving to bdf74dad1a337c2745c80ca94c662e9de0e7b8bb
21219307fe master@{28}: reset: moving to 21219307febfd6a9ed6036fdf0d78194292a3e14
2bbc3864c3 master@{29}: reset: moving to 2bbc3864c3efd21e20d57f2c0e82bc53931bc15e
632bfda5bb master@{30}: reset: moving to 632bfda5bbd2c2a0595d1e895f9ad67e8c45a3a2
7be1ea33ff master@{31}: reset: moving to 7be1ea33ff52af49896464cf8457708c6a1be662
9b24cd3b8e master@{32}: reset: moving to 9b24cd3b8e36ecd5f9f72926de12597aac954238
3d2e41adf2 master@{33}: reset: moving to 3d2e41adf2d907311035d60557168696aaeeb381
290a7664b5 master@{34}: reset: moving to 290a7664b58d2a018096c6388ae3468eb4cd88ec
567c4f4495 master@{35}: reset: moving to 567c4f4495fd1681bc6bd1ca3e9d1a87e120ac61
1747bb4825 master@{36}: reset: moving to 1747bb482511dc70735fd5d657812a9d422b1ab2
d579df680e master@{37}: reset: moving to d579df680e38bde3ab94373ae1b293caa28015b9
6cbbd54e64 master@{38}: reset: moving to 6cbbd54e64ce588014c906d503bcaf31c9c7f09f
1011b1ce93 master@{39}: reset: moving to 1011b1ce93de183ecd48c2bb465d81428c39724c
320c971f8e master@{40}: reset: moving to 320c971f8e44abc65ed162f20cc93edbb07bd5f5
35aaf1fe10 master@{41}: reset: moving to 35aaf1fe10488ae9ed732fb2c383d09a70c109c0
0105f33a4d master@{42}: reset: moving to 0105f33a4ddd7d3ef3d66bd16e16595dd500d404
159b94cfb5 master@{43}: reset: moving to 159b94cfb526e8695ae159ae29edc608b7a29bef
f1a3c11407 master@{44}: reset: moving to f1a3c11407b52004e523ec5de20d326c5661681f
49922efb11 master@{45}: reset: moving to 49922efb11da0f0e9d4f5979d081de5ea8c99d25
7158f8e4e9 master@{46}: reset: moving to 7158f8e4e9f81dbe004789018dcf06a5fe87d602
06d34c703b master@{47}: reset: moving to 06d34c703b2e3af952055759977a3989ad6d68d2
da2bd0c184 master@{48}: reset: moving to da2bd0c1849b64184bcaf8604f0c177b7b1c2ce3
5552104cd2 master@{49}: reset: moving to 5552104cd2d24da7e415e63c54be4f2046fc8c32
efde98a443 master@{50}: reset: moving to efde98a4438c2dd733bdb64fd6be9d1d5ac3b897
bf8ee37e73 master@{51}: reset: moving to bf8ee37e73933682293c6fc8738d753feff88a38
1e16e1938c master@{52}: reset: moving to 1e16e1938c76090447850ed31d31b9e05e2c85bd
3832d66cfd master@{53}: reset: moving to 3832d66cfd25b29d0adac22f6029f96475a7d5f2
d0cc63ccc5 master@{54}: reset: moving to d0cc63ccc53cb2ad4d33d0a54f079089d5b6cd46
c3c003be69 master@{55}: reset: moving to c3c003be69319667b34b030fa52974e25aef0c9b
68ce40cad7 master@{56}: reset: moving to 68ce40cad7782e75d665283fbe67b330d9a6fdcd
234b340ae2 master@{57}: reset: moving to 234b340ae2ccdb147536b0bd941310724690eff4
a1c7537548 master@{58}: reset: moving to a1c7537548bdffa1bcb023311dfbce40914d6003
cfe79af7e6 master@{59}: reset: moving to cfe79af7e6798e26d4676cd0158ba37b80370665
c85edf2ca4 master@{60}: reset: moving to c85edf2ca47a10634faba15848cca7b4558a82ab
6086e6ed1a master@{61}: reset: moving to 6086e6ed1a038793e358becddded50d97593f691
4ec964ec38 master@{62}: reset: moving to 4ec964ec38d511ca203cd3c29b194d0cfb99667a
4ad3f818c9 master@{63}: reset: moving to 4ad3f818c9e2d200bf5c9cf0cf986b1a185d9d5b
014421ee27 master@{64}: reset: moving to 014421ee271f1790d81c9660d34ac26c4f2bf8b6
fa4dae68c4 master@{65}: reset: moving to fa4dae68c4560fafba0046433da425b055d5e1d0
67ac4348d4 master@{66}: reset: moving to 67ac4348d4f4631b65201f66e0ba56f54143ad1b
169cbd808a master@{67}: reset: moving to 169cbd808aa712a355173609fe309ef1b83140fa
f161623913 master@{68}: reset: moving to f16162391309d1fec2a3f508edd14fbaf957470e
1a06cafc07 master@{69}: reset: moving to 1a06cafc07b5ab6a46ea174937694fe8df7fd24a
a74de6c41d master@{70}: reset: moving to a74de6c41d0af7bfc8b81aac49d8bf1ae7a49cdb
767c3df815 master@{71}: reset: moving to 767c3df815ce086987e2a293415c8dece3fabc78
80c091e911 master@{72}: reset: moving to 80c091e911a14fef6177138ef1cab3e0404b2751
7acd3d3cae master@{73}: reset: moving to 7acd3d3cae93ef1d4f506927fbaa79677c63d90f
e5adaf6c2d master@{74}: reset: moving to e5adaf6c2de917f33f90e24b551a8991e55b3eb6
13c4a377f5 master@{75}: reset: moving to 13c4a377f5a2e1240790679f3d5643385b6d7635
df325dbafd master@{76}: reset: moving to df325dbafd569e3e5d23da1952003208a21e7d57
0dda79405e master@{77}: reset: moving to 0dda79405ef9e85c8180269d954a024fd152e9ef
1eb26d0e07 master@{78}: reset: moving to 1eb26d0e07ad439c935b324c1ed858f50e9dcccd
fef2f08bc6 master@{79}: reset: moving to fef2f08bc640f78cc0a86fc7be3eccbc07b5e98c
0cfe02cf55 master@{80}: reset: moving to 0cfe02cf55baf8ef1395bc8f108672159355f606
89af95313d master@{81}: reset: moving to 89af95313d031e1a8a57c6a10f20a636884872b5
84feaca488 master@{82}: clone: from https://git.savannah.gnu.org/git/guix.git


Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 1125 bytes --]

^ permalink raw reply	[flat|nested] 19+ messages in thread

end of thread, other threads:[~2022-04-23 16:05 UTC | newest]

Thread overview: 19+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-13  1:28 was I hacked? jgart
2022-04-13  5:25 ` Thiago Jung Bauermann
2022-04-13 21:41   ` jgart
2022-04-14  0:26     ` Feng Shu
2022-04-14  5:17       ` jgart
2022-04-14 16:05         ` Vagrant Cascadian
2022-04-14 20:01           ` jgart
2022-04-14 20:20             ` Christine Lemmer-Webber
2022-04-14 20:27               ` jgart
2022-04-15  1:11                 ` Christine Lemmer-Webber
2022-04-15  3:08                   ` jgart
2022-04-15  3:31                     ` Jack Hill
2022-04-15 14:05                       ` jgart
2022-04-15 17:31                         ` jgart
2022-04-15 19:43                       ` Edouard Klein
2022-04-15 18:56                         ` Christine Lemmer-Webber
2022-04-22 16:47                           ` Edouard Klein
2022-04-22 19:58                             ` Thiago Jung Bauermann
2022-04-23 15:56                               ` Dr. Arne Babenhauserheide

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).