On 02/09/2017 at 17:36 Ludovic Courtès writes:
> Hi!
>
> myglc2 <myg...@gmail.com> skribis:
>
>> Hi Ludo, I have a couple questions. I autorized bayfront like so ...
>>
>> g1@g1 ~/src$ cat bayfront.guixsd.org.pub
>> (public-key
>> (ecc
>> (curve Ed25519)
>> (q #8D156F295D24B0D9A86FA5741A840FF2D24F60F7B6C4134814AD55625971B394#)))
>>
>> g1@g1 ~/src$ sudo guix archive --authorize < bayfront.guixsd.org.pub
>>
>> ... and I read this ...
>>
>> 3.7 Invoking ‘guix archive’
>> ===========================
>> [...]
>> The list of authorized keys is kept in the human-editable file
>> ‘/etc/guix/acl’. The file contains “advanced-format s-expressions”
>> (http://people.csail.mit.edu/rivest/Sexp.txt) and is structured as
>> an access-control list in the Simple Public-Key Infrastructure
>> (SPKI) (http://theworld.com/~cme/spki.txt).
>>
>> ... so I expected to find the bayfront key here ...
>
> [...]
>
>> ... but no. Where did it go?
>
> Could it be that the ‘guix archive’ you ran uses a configuration
> directory other than this one? What does:
>
> guile -c '(use-modules (guix config)) (pk %config-directory)'
>
> print?
Thanks Ludo ...
g1@g1 ~/src/guix [env]$ guile -c '(use-modules (guix config)) (pk
%config-directory)'
;;; ("/etc/guix")
I'm Running git checkout ...
g1@g1 ~/src/guix [env]$ git -C ~/.config/guix/latest log -n 1 --oneline
e1a65ae57 doc: Fix typos.
g1@g1 ~/src/guix [env]$ stat ~/.config/guix/latest | grep File
File: '/home/g1/.config/guix/latest' -> '../../src/guix'
>> Also you recommended ...
>>
>>> guix challenge gdk-pixbuf \
>>> --substitute-urls="https://mirror.hydra.gnu.org
>>> https://bayfront.guixsd.org";
>>
>> ... which I tried _before_ I had authorized bayfront. I was surprised that it
>> worked before authorization. Should it?
>
> Yes. It is not actually importing the archives into your store, only
> looking at the content hashes that the servers advertise, so there is no
> risk here and no requirement to authenticate.
Oh DUH! Of course. Thanks! - George
