Hi, Looks like it's working. I was able to complete the "building from git" section of the documentation after an update of guix. Thanks everyone.
Le sam. 9 sept. 2023 à 11:01, Simon Tournier <zimon.touto...@gmail.com> a écrit : > Hi, > > On Thu, 07 Sep 2023 at 19:45, wolf <w...@wolfsden.cz> wrote: > > >> The Makefile does not run ‘guix git authenticate’ using ./pre-inst-env. > >> And that’s probably to ensure the source of trust. If one corrupt the > >> commit that is built, then ’make authenticate’ would authenticate the > >> corruption because it would run the corrupted newly built guix command. > >> Currently, ’make authenticate’ run one guix command that had already > >> been authenticated. Well, that’s my understanding. > > > > Hmm, but the recipe for the authenticate rule comes from the (possibly) > > compromised source, no? So the attacker can just modify the recipe > instead of > > the command going the authentication. Am I missing something? > > Yes, the corruption of Makefile.am can be the corruption I was talking > about. > > Well, for more explanations one can maybe read: > > [bug#57909] bug#57910: [PATCH] Add link to 'pre-inst-env' from > 'installing from git' docs > Ludovic Courtès <l...@gnu.org> > Sat, 24 Sep 2022 17:58:29 +0200 > id:87k05s7oii.fsf...@gnu.org > https://issues.guix.gnu.org//57910 > https://issues.guix.gnu.org/msgid/87k05s7oii.fsf...@gnu.org > https://yhetil.org/guix/87k05s7oii.fsf...@gnu.org > > [bug#57909] bug#57910: [PATCH] Add link to 'pre-inst-env' from > 'installing from git' docs > Maxime Devos <maximede...@telenet.be> > Sat, 24 Sep 2022 18:23:10 +0200 > id:ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be > https://issues.guix.gnu.org//57910 > > https://issues.guix.gnu.org/msgid/ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be > > https://yhetil.org/guix/ec49e6c2-a542-7d95-0d73-10b2816c5...@telenet.be > > Cheers, > simon >
