bug#60852: git-authenticate edge case for certain key setup.

2023-01-25 Thread Hilton Chain via Bug reports for GNU Guix 
On Tue, 17 Jan 2023 23:18:13 +0800,
Ludovic Courtès wrote:
> 
> Hi,
> 
> Hilton Chain  skribis:
> 
> > I encountered the issue when adding a new key to my Guix channel.  Though I
> > haven't figured out what happened exactly, I'm currently able to reproduce 
> > the
> > issue with the following steps.
> 
> Fishy.  Would you be able to write a script to reproduce the whole
> scenario?  That’d make it easier to test and we’d be sure we’re talking
> about the same thing.
> 
> Thanks for reporting it!
> 
> Ludo’.

I created a git repository and uploaded it to GitHub:


Outputs:
: gpg: key 8FDEAEDC3B8C0109: public key "Key One" imported
: gpg: key 8FDEAEDC3B8C0109: secret key imported
: gpg: Total number processed: 1
: gpg:   imported: 1
: gpg:   secret keys read: 1
: gpg:   secret keys imported: 1
: gpg: key FC92800E84F3F3B6: public key "Key Two" imported
: gpg: key FC92800E84F3F3B6: secret key imported
: gpg: Total number processed: 1
: gpg:   imported: 1
: gpg:   secret keys read: 1
: gpg:   secret keys imported: 1
: [trunk 083b7ef] Authorize Key One.
:  1 file changed, 4 insertions(+)
:  create mode 100644 .guix-authorizations
: [trunk 1602009] Authorize Key Two.
:  1 file changed, 3 insertions(+), 1 deletion(-)
: [trunk 732579e] Test.
:  1 file changed, 1 insertion(+)
:  create mode 100644 dummy
: Authenticating commits 083b7ef to 732579e (2 new commits)...
: [###  
 ]guix git: error: commit 732579e0f0dc6d15dbd2ea6826e01ae3aaf999a4 not signed 
by an authorized key: E1B1 7BEA 095F 5B25 4135  F6D1 F820 25E7 800B 3CCF
: HEAD is now at 083b7ef Authorize Key One.
: [trunk af4fae1] Authorize Key Two.
:  1 file changed, 2 insertions(+)
: [trunk 4b90546] Test.
:  1 file changed, 1 insertion(+)
:  create mode 100644 dummy
: Authenticating commits 083b7ef to 4b90546 (2 new commits)...
: HEAD is now at 0ba5461 Add start.sh.

bug#61044: Acknowledgement (libxml2-parent-pointers.patch: patch not found)

2023-01-25 Thread George Chriss 
The following is a workaround and only needs to be done once per user:

export
GUILE_LOAD_PATH=/home/user/.cache/guix/checkouts/HASH/gnu/packages/patches:$GUILE_LOAD_PATH
guix pull
guix install ...

bug#61055: file-needed/recurive does not canonicalize paths

2023-01-25 Thread Lars-Dominik Braun 
Hi,

(CC-ing Ludo, who wrote the code according to git logs)

during testing of wip-haskell I observed the make-dynamic-linker-cache
phase is taking alot of time (up to two minutes on a fast machine with
SSD). Looking at ghc-hindent for example [1]:

starting phase `make-dynamic-linker-cache'
created 
'/gnu/store/2nrzbaxmqs2rq9yv52bpyn2azb3qj6h1-ghc-hindent-5.3.4/etc/ld.so.cache' 
from 10085 library search path entries
phase `make-dynamic-linker-cache' succeeded after 119.5 seconds

And while Haskell packages link to a pretty large number of dynamic
libraries (116 in this case), 1 search path entries seems wrong. Running 
just

(file-needed/recursive 
"/gnu/store/2nrzbaxmqs2rq9yv52bpyn2azb3qj6h1-ghc-hindent-5.3.4/bin/hindent")

takes a long time and reveals entries like
/gnu/store/1cyk8j2nd6r0cvm6kx1408kd763yf8h5-ghc-9.2.5/lib/ghc-9.2.5/Cabal-3.6.3.0/../directory-1.3.6.2/../unix-2.7.2.2/../bytestring-0.11.3.1/../template-haskell-2.18.0.0/../pretty-1.1.3.6/../array-0.5.4.0/../base-4.16.4.0/../ghc-bignum-1.2/../ghc-prim-0.8.0/libHSghc-prim-0.8.0-ghc9.2.5.so
so it looks like it deduplicates values, but does not canonicalize
paths. A relatively straight-forward fix could be the following change,
but I don’t know if that would cause any issues, since canonicalize-path
throws an exception if the resulting path does not exist. It’s also
a world rebuild since pretty much any package uses this phase (and the
reason and I cannot test it on a larger scale).

---snip---
diff --git a/guix/build/gremlin.scm b/guix/build/gremlin.scm
index 2a74d51dd9..6eb8f688ea 100644
--- a/guix/build/gremlin.scm
+++ b/guix/build/gremlin.scm
@@ -285,8 +285,8 @@ (define (file-needed/recursive file)
 (if (and runpath needed)
 (let* ((runpath  (map (cute expand-origin <> (dirname file))
   runpath))
-   (resolved (map (cut search-path runpath <>)
-  needed))
+   (resolved (map (lambda (x) (and=> x canonicalize-path)) 
(map (cut search-path runpath <>)
+  needed)))
(failed   (filter-map (lambda (needed resolved)
(and (not resolved)
 (not (libc-library? 
needed))
---snap---

Cheers,
Lars

[1] https://ci.guix.gnu.org/build/366156/log/raw