bug#47846: Feature Request: Add ability to disable having cache or generations

[Leo Prikler <leo.prikler@student.tugraz.at>]

Hi,
Am Samstag, den 17.04.2021, 18:29 +0000 schrieb bo0od:
> Hi There,
> 
> Current situation with the guix distro upgrade is:(as i understand)
> 
> A) User Packages: whenever there is an upgrade to package A version 1
> to 
> new Version lets call it A version 2 , So the process is ADD A2 →
> SWITCH 
> to A2 → Cache A1 and so on.
> 
> B) System Packages: Same process but it will be saved through
> generations
There is no active caching going on.  Besides potentially building
software, the process of "upgrading" one generation of your Guix
profile or system is simply the act of letting a symbolic link point
elsewhere.  Nothing more, nothing less.  Each generation is itself a
"root" in GC terms from the moment it is built.

> This causes unpleasant actions to some users:
> 
> - Bloating the disk size
That's debatable.  Now, yes, it is no secret, that Guix uses more disk
space than your traditional software, as keeps copies of your old data
around, but on a desktop with 500MB storage, you can keep several
months of that around if you want to.  Things might be a bit different
on smartphones and embedded systems, which may want to GC more often,
but it's not like minimal setups are impossible.
> - Having old unnecessary files/packages
Which is bad how?
> - Questionable security of the saved old versions. As it depend if
> they 
> have access to suid or not (i didnt investigate this, but if they
> have 
> then thats big problem but this is not the ticket to discuss it)
You would have to explicitly run those old, insecure versions, for them
to be an attack surface, which I'd hazard you won't unless you're still
actively using them anyway.  Note that for the case, that the mere
existence of those is a threat, you must assume your attacker to have
arbitrary shell code execution already.

> I know someone would jump in and say but roll back is great feature
> and 
> its useful and....i know that but like i said might be not suiting
> all 
> users (specially with limited space).
Because it is.  There are things larger than package generations.  My
current profile weighs 8.5GB according to du, much of which can be
shared between generations.  A typical anime episode encoded with x264
at 1080p weighs 1GB or more.  So one season of your favourite show is
literally more data than all of your software.

> Current manual solution is to delete this extra mess using 2
> commands:
> 
> guix gc -d 1s && sudo guix system delete-generation
> 
> This should be run whenever there is no space left, Or to get rid of
> the 
> old stuff
Just FYI deleting all that so often only puts unnecessary stress on
your disk, because native inputs will have to be redownloaded and
you're not even freeing up that much space.

> My suggestion is to have the ability to make Guix automatically just 
> having the latest up to date packages without extra consumed storage
> (no 
> cache no generation no nothing more than having the latest packages 
> available in the distro).
That's not very functional.  Again, you're putting more stress on your
hardware by actively asking it to remove stuff.

Regards,
Leo