bug-guix
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#37865: guix pull: error: You found a bug:


From: Efraim Flashner
Subject: bug#37865: guix pull: error: You found a bug:
Date: Wed, 23 Oct 2019 19:55:04 +0300
User-agent: Mutt/1.12.2 (2019-09-21)

On Wed, Oct 23, 2019 at 04:26:35PM +0200, Kai Mertens wrote:
> On Wed, 23 Oct 2019 11:50:44 +0200
> Ludovic Courtès <address@hidden> wrote:
> 
> > >> Did you enable substitutes from <https://ci.guix.gnu.org>?
> > >> See <https://guix.gnu.org/manual/en/html_node/Substitutes.html>.
> > >>   
> > >
> > > hmm, I did not enable substitutes explicitly in the command line, but
> > > as far as I remember, I allowed guix to use substitutes when I set it
> > > up some time ago. Is there a handy command that helps me to check the
> > > current configuration? Anyway, I was not using option --no-substitutes.  
> > 
> > If you installed it long ago, it could be that you authorized
> > substitutes from hydra.gnu.org (the former CI server, discontinued in
> > June¹) but not from ci.guix.gnu.org.
> > 
> 
> Yes indeed!
> 
> > So you would need to check:
> > 
> >   1. which substitute URL guix-daemon is using;
> 
> I tried the example as seen in “4.3.2 Substitute Server Authorization”:
> 
> $ guix build emacs --dry-run
> substitute: updating list of substitutes from 
> 'https://mirror.hydra.gnu.org'...  18.6%guix substitute: error: TLS error in 
> procedure 'read_from_session_record_port': The TLS connection was 
> non-properly terminated.
> guix build: error: substituter `substitute' died unexpectedly
> 
> So apparently, guix is using the obsolete hydra server.
> 
> > 
> >   2. which keys are authorized in /etc/guix/acl.
> > 
> 
> This file shows only one key, but that one is listed four times as like:
>  (entry 
>   (public-key 
>    (rsa 
>     (n 
>     
> #00DB1634E3D9DFAC97AE4734DAE968CCB15EE4815C82BDC254883DBB49FE1EF32268E82D4BBE0E35298C481C9DA15
>     
> 51642FAFF05AEC1A60712F1BB4BE7D25D7EFF7A4F89704A5A9AC232870CB9F2476C3B538A0E990A8825DEB73081D31
>     
> 7001FB8A188600F2FEF5F5F570E857F3EE4355077A3C3918ED72723A56BA55C466D400658974D7DAD1F6B7B63C192B
>     
> 9C2704D98BBFF1C3BD5B8EF11A8ADC83ACB8FD8E9F1E792FDAD262415D13F2DEE55F330908CFDA9C3C8C32B64F7DD0
>     
> 88457D34F445E2E2C83C6D680549DC9B6E6573B89496567204ED285E67A279F2F667080BA941D80D015CE87B0FB6A9
>     
> 1A99CECC7D91D2D210B00E4B6E611DA51DB008F1DFE3FCAC6B27393FA781D45F9A15FC7B8785A3E86BA6592B2916CA
>     
> 22CF1E40FC85F85CACA590461154F58F3580B16398908EF32076F411299C28727C94D88B6A618F84DD73AEBED8270B
>     
> CB6690928CB1BF250C35E1F6BF3B1B30D05BA246ECE8F69D9065DE26F4B3E0D814D70A9C27CB5B7B050C9090590D3A
>     
> 9EF83374F2643E5446FBD39DDB124DBF6DFDAA6D18E2560AD0CBFA11C959C9B7316BF19963A191967054E9FD97DC14
>     
> D71082B30B1C90A46E8996682474C3BCB51BA0882958897B6DD35E41B5174D0A6BCDE97B89043E95BD1B70DE61DA66
>     
> 6893B417196A180005466BC3A742FDF04E89B04460E3E6BC72E7F1B5FEA5B3092FEE551A3C447C12E104E65#)
>  (e 
>     #010001#) )
>    )
>   (tag 
>    (guix import)
>    )
>   )
> 
> > The above chapter of the manual has more info on this.
> > 
> > LMK how it goes!
> 
> Well, I am not sure how to proceed with my old version of guix.
> 
> I wonder if the listed key is as well valid for https://ci.guix.gnu.org
> just the same as it used to be valid for https://mirror.hydra.gnu.org.
> 

It's not. The long RSA key was only for hydra.

> If not, where can I get the new, correct one?

One option is from the git repo.
I don't see the key hosted online, but you likely already have it in
your store. It should be in
/gnu/store/...-guix-../share/guix/ci.guix.gnu.org.pub
Also if you've run 'guix pull' it should be in 
~/.cache/guix/pull/pjmkglp4t7znuugeurpurzikxq3tnlaywmisyr27shj7apsnalwq/etc/substitutes/ci.guix.gnu.org.pub

> 
> Once I have the keyfile, I am supposed to continue with section
>  “4.3.2 Substitute Server Authorization”,
> right?
> 
> Then I would try:
>  # guix-daemon --substitute-urls=https://ci.guix.gnu.org
>  # guix archive --authorize < my/path/to/ci.guix.gnu.org.pub
> 
> Is that correct?

If you're on Guix System then you'd want to do 'sudo herd restart
guix-daemon' after authorizing the key. If you're on a foreign system
then as long as you don't have '--substitute-urls' already in the
guix-daemon command then it'll default to ci.guix.gnu.org

> 
> Would that remove the obsolete substitute server information in the
> same go?

There's no need to remove it, but you could remove it by hand if you
want.

> 
> best regards
> Kai
> 

Hope that helps


-- 
Efraim Flashner   <address@hidden>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]