From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id gP4fNDJZD2G+ygAAgWs5BA (envelope-from ) for ; Sun, 08 Aug 2021 06:10:26 +0200 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id +OWmLzJZD2FMVQAAbx9fmQ (envelope-from ) for ; Sun, 08 Aug 2021 04:10:26 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 30E14C3A6 for ; Sun, 8 Aug 2021 06:10:26 +0200 (CEST) Received: from localhost ([::1]:51708 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mCa8m-0003Zy-5g for larch@yhetil.org; Sun, 08 Aug 2021 00:10:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:42900) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mCa8S-0003YJ-0X for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:41896) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mCa8Q-0004Vr-3K for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mCa8P-0003ok-TZ for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:01 -0400 Subject: bug#31825: guix offload fails with guix-authenticate error Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-To: bug-guix@gnu.org Resent-Date: Sun, 08 Aug 2021 04:10:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: cc-closed 31825 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Mail-Followup-To: 31825@debbugs.gnu.org, maxim.cournoyer@gmail.com, maxim.cournoyer@gmail.com Received: via spool by 31825-done@debbugs.gnu.org id=D31825.162839577014627 (code D ref 31825); Sun, 08 Aug 2021 04:10:01 +0000 Received: (at 31825-done) by debbugs.gnu.org; 8 Aug 2021 04:09:30 +0000 Received: from localhost ([127.0.0.1]:53440 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mCa7u-0003np-7H for submit@debbugs.gnu.org; Sun, 08 Aug 2021 00:09:30 -0400 Received: from mail-qt1-f174.google.com ([209.85.160.174]:42877) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mCa7q-0003nc-VT for 31825-done@debbugs.gnu.org; Sun, 08 Aug 2021 00:09:28 -0400 Received: by mail-qt1-f174.google.com with SMTP id h27so9808186qtu.9 for <31825-done@debbugs.gnu.org>; Sat, 07 Aug 2021 21:09:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version; bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=; b=K6obEXDP0mj3ptzMQEN+hXHAYamN6PKViWAC5wi+UaL8vqYuKXhnI2gz55OPi+x4um bftvw8vA0VyN++Py6zingJfMI27LKFuYmArbdt/CNeHqfGCtd91VcKhG06v4ddgy5ePf 6xYNv5WWDS0+zadty8nhoigJvKa/+obAqAWU4eMzrYlerI1n+mkORihjrgP1ljUuQtEq v8HkUzmQaZXZnEeSOI6dNfCaPrNeGsYa854px5qRg/2udOK49sNTnQIzZce2EjEBHr8D xlZdOjdGdhb9klUP1y+LHOWyTCpvOkEXpvTrMTv+PNbH9mB/A9VQvakd4TiITYtjy8pM Ol3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to :message-id:user-agent:mime-version; bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=; b=A1TsF3uY+ZHFIX0XgvbyCaglZIACtbFijc0Jzh+dnFyOcxu+DAFpQIyWsZSV9KR/eT 4QFFe2yISyxPs3aJJGCfrdGL5cmafpQlDXIq+DKC9rc4RMKIjYpy3G8aUl39yyKik3NT BxmPECDOdNdcedwKmp9TA16/cmKB7RPQ79etoKKffMKGv4JDU+phFYxAaLXu3fEfIBlv QHoHpV0mjTYgVj/wJJsmR9ko1bWHfvFHSILszcwXHnyWQm8/GKaBCSjiN0Vb6epQBhkl TKt+l0KJALfghwq1+rgnJbC9TCyfhZb/cKhUOvAnjalUm9rUf3IKkBUeqG5S5kTCTAjX imyA== X-Gm-Message-State: AOAM532GFi5DSzBSuaXl5DWt/oF09L+gfAkLhtTRFQlUZkURoiyWBx5u THMbJw869oaiRKvNqHIbvpxr2c3AOL323g== X-Google-Smtp-Source: ABdhPJwLdekUSQt9fZi4H8CPLh98g5NOS6FD53aRHPgzZT2WChI8Ey8gjFeS4uh+WIuySBnGQ+ghfA== X-Received: by 2002:ac8:429b:: with SMTP id o27mr14801259qtl.119.1628395761487; Sat, 07 Aug 2021 21:09:21 -0700 (PDT) Received: from hurd (dsl-10-131-144.b2b2c.ca. [72.10.131.144]) by smtp.gmail.com with ESMTPSA id bl26sm7035996qkb.34.2021.08.07.21.09.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 07 Aug 2021 21:09:21 -0700 (PDT) From: Maxim Cournoyer References: <87y3firpjs.fsf@gmail.com> <877en1xbpq.fsf@gnu.org> <87bmc87rlm.fsf@gmail.com> <87zhzswl4s.fsf@gnu.org> <87bmc75wqv.fsf@gmail.com> <8736xjqg5c.fsf@gnu.org> <871sd354mb.fsf@gmail.com> <871sd2u8zo.fsf@gnu.org> <87vaae40wh.fsf@gmail.com> <87fu1hsgbw.fsf@gnu.org> <87r1ynqjww.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me> Date: Sun, 08 Aug 2021 00:09:20 -0400 In-Reply-To: <87r1ynqjww.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me> (Maxim Cournoyer's message of "Sat, 22 Feb 2020 00:18:39 -0500") Message-ID: <87lf5c37db.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: 31825-done@debbugs.gnu.org Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1628395826; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-to:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=; b=sjsl3GJEocvgS7h0K/qeBEkZq9jn72O9zz5zM5I34riGPSJHlXwfv5p4QvUKvPJzy2C6Hx SG5F8E5dnTU+kVZ9i2KSNkkbqXUrM6Cn/HzHYre+9vjk5oZhh9u6H9tPczk7aeU9vnLc2L 7REVit6IaV7ixjCMm6NUwMzz4M+mySLdd1ADRnzcZVdcJ3hnL1LLe/i0iNTyei+LXPjCoz fD28v3turdiodGpT0f0kTw3gctBYdqXnuQ/5OW5kApZq2QdZPOEYdEkZ/0RzXSTpmpsEcl 9LoaOLn0wHBq96aBCMq7sm4xLTDY87WH/cN7qdlwqLESpvFlYBufVDUCQhKZJQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1628395826; a=rsa-sha256; cv=none; b=sfNh6UzM0VWMhQPDQbCUpzGvGg8poglnH/zwHwFV7gZ4cJEqJIrtIIp7pedgqnhPxYrLE1 frq4K8+6rAUyZHzuuZ7tTmrP0OjljFGc67nJj318tcabIFbCGiZvo3rUezsVgMlOk0oBA6 DRyBaPS48vjhBew7km2z86jASMFOS6bhK5eMciKkRy0PWOrsmcWZn04eTjH6rHSQKfnbj8 V5Lri1Kv+PbWkUI+1eWIZa5qmoFMt7EQiWeRcbgTwBG/L7ssrhHQLEFa/jq+DfG8AltSwD pN8vPft+Zjy+/p/dRwx/sX687/CRbibPpsf7g4f5D7LQ5zSIBnHHimiztErtOg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=K6obEXDP; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: 0.19 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=K6obEXDP; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: 30E14C3A6 X-Spam-Score: 0.19 X-Migadu-Scanner: scn0.migadu.com X-TUID: 482od7KQSciQ Hi, Maxim Cournoyer writes: > Just as a follow-up; I've managed to fall into this trap again, > attempting to authorize the keys by adding them to the 'authorize-keys' > field of guix-configuration record. > > On the local machine: > > guix offload test /etc/guix/machines.scm 127.0.0.1 > guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'... > guix offload: Guix is usable on '127.0.0.1' (test returned "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test") > guix offload: '127.0.0.1' is running GNU Guile 3.0.0 > sending 1 store item (0 MiB) to '127.0.0.1'... > exporting path `/gnu/store/l9mph3k5l26nm8mb50imsklbsz0bji0b-export-test' > guix offload: error: program `/gnu/store/amjsgks2n05k9lkck78z64nphad1dkqr-guix-1.0.1-13.50299ad/bin/guix' failed with exit code 1 > > > On the remote machine: > > sudo strace -p 15683 -p 15716 -f -s345 -o /tmp/log > > And found within /tmp/log: > > 16120 write(2, "guix authenticate: error: error: unauthorized public > key: (public-key \n (ecc \n (curve Ed25519)\n (q #MY-PUBLIC-KEY#)\n > )\n )\n", 176) = 176 > > So, still actual :-) > > Maxim I think many things have been improved in the diagnostics of guix offload since the original report. The last gotcha I had hit described above appears to had been caused by the keys added to the 'authorized-keys' field of the 'guix-configuration' record not being taken into account when a /etc/guix/acl file was already populated (it used to not be declarative). Closing this forgotten issue. Thanks, Maxim