From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#22459: guix daemon writes acl to /etc/nix/acl not /etc/guix Date: Tue, 26 Jan 2016 11:00:18 +0100 Message-ID: <87zivsvex9.fsf@gnu.org> References: <8760yixzl8.fsf@nevada.int.iggy.bz> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:56463) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aO0Qu-0008O8-Pq for bug-guix@gnu.org; Tue, 26 Jan 2016 05:01:16 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aO0Qo-0006Qd-TD for bug-guix@gnu.org; Tue, 26 Jan 2016 05:01:08 -0500 Received: from debbugs.gnu.org ([208.118.235.43]:48388) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aO0Qo-0006QZ-Pg for bug-guix@gnu.org; Tue, 26 Jan 2016 05:01:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84) (envelope-from ) id 1aO0Qo-0008HI-Gq for bug-guix@gnu.org; Tue, 26 Jan 2016 05:01:02 -0500 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: <8760yixzl8.fsf@nevada.int.iggy.bz> (Jeff Mickey's message of "Sun, 24 Jan 2016 16:38:43 -0800") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org To: Jeff Mickey Cc: 22459@debbugs.gnu.org Jeff Mickey skribis: > On NixOS when I follow the binary installation instructions as of 0.9.0, > it places the acl in the wrong place. > > guix archive --authorize < hydra.gnu.org.pub > > This puts the file in /etc/nix/acl, not /etc/guix acl. This means the > guix daemon can't find the acl, and you build everything from scratch. (guix pki) has: --8<---------------cut here---------------start------------->8--- (define %acl-file (string-append %config-directory "/acl")) --8<---------------cut here---------------end--------------->8--- where (guix config) does: --8<---------------cut here---------------start------------->8--- (define %config-directory ;; This must match `NIX_CONF_DIR' as defined in `daemon.am'. (or (getenv "NIX_CONF_DIR") "@guix_sysconfdir@/guix")) --8<---------------cut here---------------end--------------->8--- So most likely the =E2=80=98NIX_CONF_DIR=E2=80=99 environment variable is d= efined on your system, and =E2=80=98guix archive=E2=80=99 simply honors that. Can you confirm? Now, we=E2=80=99ve honored those =E2=80=98NIX_=E2=80=99 variables mostly be= cause the daemon code, which comes from Nix, uses them, and I initially didn=E2=80=99t want = to diverge. Nowadays it would probably make sense to rename them. > Also, /gnu/store is set to only have 1770 permissions instead of 1774, That=E2=80=99s not what I see: --8<---------------cut here---------------start------------->8--- $ tar tvf guix-binary-0.9.0.x86_64-linux.tar.xz |grep /gnu/store/$ drwxrwxr-t root/root 0 1970-01-01 01:00 ./gnu/store/ --8<---------------cut here---------------end--------------->8--- Which installation method did you use? > which means you can't use any of your guix symlinks with 0.9.0 :/ What do you mean by =E2=80=9Cyour guix symlinks=E2=80=9D? Thanks, Ludo=E2=80=99.