diff options
author | Ludovic Courtès <ludo@gnu.org> | 2020-06-08 23:22:17 +0200 |
---|---|---|
committer | Ludovic Courtès <ludo@gnu.org> | 2020-06-16 16:10:47 +0200 |
commit | a9eeeaa6aeeafb817df3aad22a4b85205ac3ec13 (patch) | |
tree | 3b95e57daa70ee60c750025d3eeb008b9d90cd11 | |
parent | c3f6f564e909ebefe752d24b325871a4e3a02d40 (diff) | |
download | guix-a9eeeaa6aeeafb817df3aad22a4b85205ac3ec13.tar guix-a9eeeaa6aeeafb817df3aad22a4b85205ac3ec13.tar.gz |
pull: Add '--disable-authentication'.
* guix/channels.scm (latest-channel-instance): Add #:authenticate? and
honor it.
(latest-channel-instances): Likewise.
* guix/scripts/pull.scm (%default-options): Add 'authenticate-channels?'.
(show-help, %options): Add '--disable-authentication'.
(guix-pull): Pass #:authenticate? to 'latest-channel-instances'.
* doc/guix.texi (Invoking guix pull): Document it.
-rw-r--r-- | doc/guix.texi | 14 | ||||
-rw-r--r-- | guix/channels.scm | 25 | ||||
-rw-r--r-- | guix/scripts/pull.scm | 14 |
3 files changed, 43 insertions, 10 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index dd626816d0..6c59db3393 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -3929,6 +3929,20 @@ Make sure you understand its security implications before using @option{--allow-downgrades}. @end quotation +@item --disable-authentication +Allow pulling channel code without authenticating it. + +@cindex authentication, of channel code +By default, @command{guix pull} authenticates code downloaded from +channels by verifying that its commits are signed by authorized +developers, and raises an error if this is not the case. This option +instructs it to not perform any such verification. + +@quotation Note +Make sure you understand its security implications before using +@option{--disable-authentication}. +@end quotation + @item --system=@var{system} @itemx -s @var{system} Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of diff --git a/guix/channels.scm b/guix/channels.scm index a82bd340e2..5a83d83427 100644 --- a/guix/channels.scm +++ b/guix/channels.scm @@ -390,11 +390,12 @@ commits ~a to ~a (~h new commits)...~%") (define* (latest-channel-instance store channel #:key (patches %patches) starting-commit + (authenticate? #f) (validate-pull ensure-forward-channel-update)) "Return the latest channel instance for CHANNEL. When STARTING-COMMIT is true, call VALIDATE-PULL with CHANNEL, STARTING-COMMIT, the target commit, and -their relation." +their relation. When AUTHENTICATE? is false, CHANNEL is not authenticated." (define (dot-git? file stat) (and (string=? (basename file) ".git") (eq? 'directory (stat:type stat)))) @@ -408,14 +409,16 @@ their relation." (when relation (validate-pull channel starting-commit commit relation)) - (if (channel-introduction channel) - (authenticate-channel channel checkout commit) - ;; TODO: Warn for all the channels once the authentication interface - ;; is public. - (when (guix-channel? channel) - (warning (G_ "channel '~a' lacks an introduction and \ + (if authenticate? + (if (channel-introduction channel) + (authenticate-channel channel checkout commit) + ;; TODO: Warn for all the channels once the authentication interface + ;; is public. + (when (guix-channel? channel) + (warning (G_ "channel '~a' lacks an introduction and \ cannot be authenticated~%") - (channel-name channel)))) + (channel-name channel)))) + (warning (G_ "channel authentication disabled~%"))) (when (guix-channel? channel) ;; Apply the relevant subset of PATCHES directly in CHECKOUT. This is @@ -463,11 +466,15 @@ allow non-forward updates.")))))))))) (define* (latest-channel-instances store channels #:key (current-channels '()) + (authenticate? #t) (validate-pull ensure-forward-channel-update)) "Return a list of channel instances corresponding to the latest checkouts of CHANNELS and the channels on which they depend. +When AUTHENTICATE? is true, authenticate the subset of CHANNELS that has a +\"channel introduction\". + CURRENT-CHANNELS is the list of currently used channels. It is compared against the newly-fetched instances of CHANNELS, and VALIDATE-PULL is called for each channel update and can choose to emit warnings or raise an error, @@ -505,6 +512,8 @@ depending on the policy it implements." (let* ((current (current-commit (channel-name channel))) (instance (latest-channel-instance store channel + #:authenticate? + authenticate? #:validate-pull validate-pull #:starting-commit diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm index d3d0d2bd64..f953957161 100644 --- a/guix/scripts/pull.scm +++ b/guix/scripts/pull.scm @@ -82,6 +82,7 @@ (graft? . #t) (debug . 0) (verbosity . 1) + (authenticate-channels? . #t) (validate-pull . ,ensure-forward-channel-update))) (define (show-help) @@ -98,6 +99,9 @@ Download and deploy the latest version of Guix.\n")) (display (G_ " --allow-downgrades allow downgrades to earlier channel revisions")) (display (G_ " + --disable-authentication + disable channel authentication")) + (display (G_ " -N, --news display news compared to the previous generation")) (display (G_ " -l, --list-generations[=PATTERN] @@ -165,6 +169,9 @@ Download and deploy the latest version of Guix.\n")) (lambda (opt name arg result) (alist-cons 'validate-pull warn-about-backward-updates result))) + (option '("disable-authentication") #f #f + (lambda (opt name arg result) + (alist-cons 'authenticate-channels? #f result))) (option '(#\p "profile") #t #f (lambda (opt name arg result) (alist-cons 'profile (canonicalize-profile arg) @@ -771,7 +778,8 @@ Use '~/.config/guix/channels.scm' instead.")) (channels (channel-list opts)) (profile (or (assoc-ref opts 'profile) %current-profile)) (current-channels (profile-channels profile)) - (validate-pull (assoc-ref opts 'validate-pull))) + (validate-pull (assoc-ref opts 'validate-pull)) + (authenticate? (assoc-ref opts 'authenticate-channels?))) (cond ((assoc-ref opts 'query) (process-query opts profile)) ((assoc-ref opts 'generation) @@ -793,7 +801,9 @@ Use '~/.config/guix/channels.scm' instead.")) #:current-channels current-channels #:validate-pull - validate-pull))) + validate-pull + #:authenticate? + authenticate?))) (format (current-error-port) (N_ "Building from this channel:~%" "Building from these channels:~%" |