Hello Michael. Michael Ford <fanqu...@gmail.com> writes: > building > /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv... > -suspicious ownership or permission on > `/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout'; > rejecting this build output > Backtrace:
A probable fix was pushed by Ludovic recently. Does it work? Can this issue be closed? commit ff1251de0bc327ec478fc66a562430fbf35aef42 Author: Ludovic Courtès <l...@gnu.org> Date: Tue Mar 12 11:53:35 2024 +0100 daemon: Address shortcoming in previous security fix for CVE-2024-27297. This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143. Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two ways: (1) it didn’t have any effet for fixed-output derivations performed in a chroot, which is the case for all of them except those using “builtin:download” and “builtin:git-download”, and (2) it did not preserve ownership when copying, leading to “suspicious ownership or permission […] rejecting this build output” errors. Regards, Florian