From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id gP4fNDJZD2G+ygAAgWs5BA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 08 Aug 2021 06:10:26 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id +OWmLzJZD2FMVQAAbx9fmQ
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 08 Aug 2021 04:10:26 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 30E14C3A6
	for <larch@yhetil.org>; Sun,  8 Aug 2021 06:10:26 +0200 (CEST)
Received: from localhost ([::1]:51708 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1mCa8m-0003Zy-5g
	for larch@yhetil.org; Sun, 08 Aug 2021 00:10:24 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:42900)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1mCa8S-0003YJ-0X
 for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:04 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:41896)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1mCa8Q-0004Vr-3K
 for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:03 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1mCa8P-0003ok-TZ
 for bug-guix@gnu.org; Sun, 08 Aug 2021 00:10:01 -0400
Subject: bug#31825: guix offload fails with guix-authenticate error
Resent-From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-To: bug-guix@gnu.org
Resent-Date: Sun, 08 Aug 2021 04:10:01 +0000
Resent-Message-ID: <handler.31825.D31825.162839577014627.done@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: cc-closed 31825
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
Mail-Followup-To: 31825@debbugs.gnu.org, maxim.cournoyer@gmail.com,
 maxim.cournoyer@gmail.com
Received: via spool by 31825-done@debbugs.gnu.org id=D31825.162839577014627
 (code D ref 31825); Sun, 08 Aug 2021 04:10:01 +0000
Received: (at 31825-done) by debbugs.gnu.org; 8 Aug 2021 04:09:30 +0000
Received: from localhost ([127.0.0.1]:53440 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1mCa7u-0003np-7H
 for submit@debbugs.gnu.org; Sun, 08 Aug 2021 00:09:30 -0400
Received: from mail-qt1-f174.google.com ([209.85.160.174]:42877)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <maxim.cournoyer@gmail.com>) id 1mCa7q-0003nc-VT
 for 31825-done@debbugs.gnu.org; Sun, 08 Aug 2021 00:09:28 -0400
Received: by mail-qt1-f174.google.com with SMTP id h27so9808186qtu.9
 for <31825-done@debbugs.gnu.org>; Sat, 07 Aug 2021 21:09:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; 
 h=from:to:cc:subject:references:date:in-reply-to:message-id
 :user-agent:mime-version;
 bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=;
 b=K6obEXDP0mj3ptzMQEN+hXHAYamN6PKViWAC5wi+UaL8vqYuKXhnI2gz55OPi+x4um
 bftvw8vA0VyN++Py6zingJfMI27LKFuYmArbdt/CNeHqfGCtd91VcKhG06v4ddgy5ePf
 6xYNv5WWDS0+zadty8nhoigJvKa/+obAqAWU4eMzrYlerI1n+mkORihjrgP1ljUuQtEq
 v8HkUzmQaZXZnEeSOI6dNfCaPrNeGsYa854px5qRg/2udOK49sNTnQIzZce2EjEBHr8D
 xlZdOjdGdhb9klUP1y+LHOWyTCpvOkEXpvTrMTv+PNbH9mB/A9VQvakd4TiITYtjy8pM
 Ol3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:date:in-reply-to
 :message-id:user-agent:mime-version;
 bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=;
 b=A1TsF3uY+ZHFIX0XgvbyCaglZIACtbFijc0Jzh+dnFyOcxu+DAFpQIyWsZSV9KR/eT
 4QFFe2yISyxPs3aJJGCfrdGL5cmafpQlDXIq+DKC9rc4RMKIjYpy3G8aUl39yyKik3NT
 BxmPECDOdNdcedwKmp9TA16/cmKB7RPQ79etoKKffMKGv4JDU+phFYxAaLXu3fEfIBlv
 QHoHpV0mjTYgVj/wJJsmR9ko1bWHfvFHSILszcwXHnyWQm8/GKaBCSjiN0Vb6epQBhkl
 TKt+l0KJALfghwq1+rgnJbC9TCyfhZb/cKhUOvAnjalUm9rUf3IKkBUeqG5S5kTCTAjX
 imyA==
X-Gm-Message-State: AOAM532GFi5DSzBSuaXl5DWt/oF09L+gfAkLhtTRFQlUZkURoiyWBx5u
 THMbJw869oaiRKvNqHIbvpxr2c3AOL323g==
X-Google-Smtp-Source: ABdhPJwLdekUSQt9fZi4H8CPLh98g5NOS6FD53aRHPgzZT2WChI8Ey8gjFeS4uh+WIuySBnGQ+ghfA==
X-Received: by 2002:ac8:429b:: with SMTP id o27mr14801259qtl.119.1628395761487; 
 Sat, 07 Aug 2021 21:09:21 -0700 (PDT)
Received: from hurd (dsl-10-131-144.b2b2c.ca. [72.10.131.144])
 by smtp.gmail.com with ESMTPSA id bl26sm7035996qkb.34.2021.08.07.21.09.20
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 07 Aug 2021 21:09:21 -0700 (PDT)
From: Maxim Cournoyer <maxim.cournoyer@gmail.com>
References: <87y3firpjs.fsf@gmail.com> <877en1xbpq.fsf@gnu.org>
 <87bmc87rlm.fsf@gmail.com> <87zhzswl4s.fsf@gnu.org>
 <87bmc75wqv.fsf@gmail.com> <8736xjqg5c.fsf@gnu.org>
 <871sd354mb.fsf@gmail.com> <871sd2u8zo.fsf@gnu.org>
 <87vaae40wh.fsf@gmail.com> <87fu1hsgbw.fsf@gnu.org>
 <87r1ynqjww.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me>
Date: Sun, 08 Aug 2021 00:09:20 -0400
In-Reply-To: <87r1ynqjww.fsf@apteryx.i-did-not-set--mail-host-address--so-tickle-me>
 (Maxim Cournoyer's message of "Sat, 22 Feb 2020 00:18:39 -0500")
Message-ID: <87lf5c37db.fsf@gmail.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Cc: 31825-done@debbugs.gnu.org
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1628395826;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:resent-to:resent-from:resent-sender:
	 resent-message-id:in-reply-to:in-reply-to:references:references:
	 list-id:list-help:list-unsubscribe:list-subscribe:list-post:
	 dkim-signature; bh=AQTi6atJZBWmoFnUpFvnckb2jqPk4jKl2KKeTBfRrPQ=;
	b=sjsl3GJEocvgS7h0K/qeBEkZq9jn72O9zz5zM5I34riGPSJHlXwfv5p4QvUKvPJzy2C6Hx
	SG5F8E5dnTU+kVZ9i2KSNkkbqXUrM6Cn/HzHYre+9vjk5oZhh9u6H9tPczk7aeU9vnLc2L
	7REVit6IaV7ixjCMm6NUwMzz4M+mySLdd1ADRnzcZVdcJ3hnL1LLe/i0iNTyei+LXPjCoz
	fD28v3turdiodGpT0f0kTw3gctBYdqXnuQ/5OW5kApZq2QdZPOEYdEkZ/0RzXSTpmpsEcl
	9LoaOLn0wHBq96aBCMq7sm4xLTDY87WH/cN7qdlwqLESpvFlYBufVDUCQhKZJQ==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1628395826; a=rsa-sha256; cv=none;
	b=sfNh6UzM0VWMhQPDQbCUpzGvGg8poglnH/zwHwFV7gZ4cJEqJIrtIIp7pedgqnhPxYrLE1
	frq4K8+6rAUyZHzuuZ7tTmrP0OjljFGc67nJj318tcabIFbCGiZvo3rUezsVgMlOk0oBA6
	DRyBaPS48vjhBew7km2z86jASMFOS6bhK5eMciKkRy0PWOrsmcWZn04eTjH6rHSQKfnbj8
	V5Lri1Kv+PbWkUI+1eWIZa5qmoFMt7EQiWeRcbgTwBG/L7ssrhHQLEFa/jq+DfG8AltSwD
	pN8vPft+Zjy+/p/dRwx/sX687/CRbibPpsf7g4f5D7LQ5zSIBnHHimiztErtOg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=K6obEXDP;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Spam-Score: 0.19
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=K6obEXDP;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Queue-Id: 30E14C3A6
X-Spam-Score: 0.19
X-Migadu-Scanner: scn0.migadu.com
X-TUID: 482od7KQSciQ

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> Just as a follow-up; I've managed to fall into this trap again,
> attempting to authorize the keys by adding them to the 'authorize-keys'
> field of guix-configuration record.
>
> On the local machine:
>
> guix offload test /etc/guix/machines.scm 127.0.0.1
> guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...
> guix offload: Guix is usable on '127.0.0.1' (test returned "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")
> guix offload: '127.0.0.1' is running GNU Guile 3.0.0
> sending 1 store item (0 MiB) to '127.0.0.1'...
> exporting path `/gnu/store/l9mph3k5l26nm8mb50imsklbsz0bji0b-export-test'
> guix offload: error: program `/gnu/store/amjsgks2n05k9lkck78z64nphad1dkqr-guix-1.0.1-13.50299ad/bin/guix' failed with exit code 1
>
>
> On the remote machine:
>
> sudo strace -p 15683 -p 15716 -f -s345 -o /tmp/log
>
> And found within /tmp/log:
>
> 16120 write(2, "guix authenticate: error: error: unauthorized public
> key: (public-key \n (ecc \n (curve Ed25519)\n (q #MY-PUBLIC-KEY#)\n
> )\n )\n", 176) = 176
>
> So, still actual :-)
>
> Maxim

I think many things have been improved in the diagnostics of guix
offload since the original report.  The last gotcha I had hit described
above appears to had been caused by the keys added to the
'authorized-keys' field of the 'guix-configuration' record not being
taken into account when a /etc/guix/acl file was already populated (it
used to not be declarative).

Closing this forgotten issue.

Thanks,

Maxim