From mboxrd@z Thu Jan 1 00:00:00 1970 From: Mark H Weaver Subject: Re: guix gc, any way to delete only packages that aren't required to build anything? Date: Sun, 02 Dec 2018 21:16:14 -0500 Message-ID: <87k1krmk1i.fsf@netris.org> References: <20181129210707.3dbf5f5a@mailbox.org> <878t1b2lj1.fsf@elephly.net> <87a7lrgd30.fsf@ambrevar.xyz> <87mupqnwap.fsf@netris.org> <875zwdl5lp.fsf@fastmail.com> Mime-Version: 1.0 Content-Type: text/plain Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:44711) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gTdrZ-0001t2-Qa for help-guix@gnu.org; Sun, 02 Dec 2018 21:21:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gTdnB-0002vF-AF for help-guix@gnu.org; Sun, 02 Dec 2018 21:17:04 -0500 Received: from world.peace.net ([64.112.178.59]:57204) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gTdnB-0002ut-6h for help-guix@gnu.org; Sun, 02 Dec 2018 21:17:01 -0500 In-Reply-To: <875zwdl5lp.fsf@fastmail.com> (Joshua Branson's message of "Sat, 01 Dec 2018 08:49:22 -0500") List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org Sender: "Help-Guix" To: Joshua Branson Cc: help-guix@gnu.org Hi Joshua, Joshua Branson writes: > Mark H Weaver writes: > >> Pierre Neidhardt writes: >> >> On my GuixSD system where substitutes are completely disabled and I >> build everything locally, I've been running my Guix daemon with both >> --gc-keep-derivations=yes and --gc-keep-outputs=yes for years. Here's >> the relevant excerpt of my OS config: >> > > May I ask why you choose not to use substitutes? It's part of a (likely futile) effort to protect the integrity of my laptops from powerful adversaries, to prevent my private cryptographic keys from being stolen, and to try to prevent my machine from being used to insert vulnerabilities into the source code of projects that I contribute to. I also keep my laptops with me at all times. Unfortunately, the US government claims the authority to secretly demand physical access to servers, and to forbid those coerced from telling anyone what happened. See: https://en.wikipedia.org/wiki/National_security_letter I'm not sure about the policies of other governments, but even without such policies, there are probably windows of time where the physical security of colocated servers could be breached by bribing employees at the hosting site. I doubt there is much restraint in the use of these methods today, besides a desire to avoid detection. As a result, any traditional build farm based on colocated servers is vulnerable to compromise by powerful adversaries. There are some additional benefits to building everything locally and passing using the 'guix-daemon' options above. It means that my /gnu/store always contains the complete source code of everything on my system, including everything needed the bootstrap from the bootstrap binaries. It also means that I always have a complete set of build logs for everything on my system. Mark