Ludovic Courtès writes: > Pjotr Prins <pjotr.publi...@thebird.nl> skribis: > >> On Sat, May 27, 2017 at 12:16:45PM +0200, Ludovic Court??s wrote: >>> On GuixSD, the key of hydra.gnu.org and bayfront.guixsd.org are always >>> registered by default. We cannot do that for someone installing Guix on >>> a foreign distro because that involves creating a file in /etc. >> >> Many installs are not on GuixSD. Can't we use the key that is stored >> in the store itself? If /etc does not exist then use what comes >> with the installation. > > The current behavior is to print a warning when /etc/guix/acl (the list > of authorized keys) is empty or nonexistent. > > Your suggestion would be to automatically populate it, right? > > I’m mildly reluctant to that, because we’d stealthily force every user > into trusting our substitute servers. OTOH I agree that the current > situation is not optimal. > > What do people think?
Maybe we could find a mid-way here by doing the same as Fedora does with RPMfusion repositories: It asks the user for trusting the signing keys before enabling the repository. So in our case it would be something like: $ guix package -i emacs A `substitute' is available for this package on https://mirror.hydra.gnu.org. This means we can download the binary output for this package, instead of compiling it from its source code. Do you want to use this substitute server with key ... for this package, and for future packages? [y/N] We need to find the proper wording for this message. Using this, we can still let the user decide, but we can make it a lot easier for the user to make a decision -- a 'yes' or 'no' answer to a question is easier than a paragraph in the manual with instructions to enable it. Kind regards, Roel Janssen
