texlive-texmf is actually subtitutable

OpenSubmitted by Ludovic Courtès.
Details
3 participants
  • Bengt Richter
  • Leo Famulari
  • Ludovic Courtès
Owner
unassigned
Severity
important
L
L
Ludovic Courtès wrote on 29 May 17:15 +0200
(address . bug-guix@gnu.org)
878sha3h7n.fsf@inria.fr
Strangely, ‘texlive-texmf’ (the big one) is substitutable:
Toggle snippet (21 lines)$ guix describeGeneracio 145 May 25 2020 00:37:58 (nuna) guix 9744cc7 repository URL: https://git.savannah.gnu.org/git/guix.git branch: master commit: 9744cc7b4636fafb772c94adb8f05961b5b39f16$ guix environment --ad-hoc texlive -- texdoc biblatex2.6 MB will be downloaded: /gnu/store/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6downloading from https://ci.guix.gnu.org/nar/lzip/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 ... subversion-1.10.6 2.5MiB 7.2MiB/s 00:00 [##################] 100.0%
La jena derivo estos konstruata: /gnu/store/55yx02hr0dz47px1aj0j14xll3bsrmml-texlive-texmf-20190410.drv2,845.8 MB will be downloaded: /gnu/store/nm6w84c9zj3yiylal3dk1sqzxq11sjzw-texlive-20190410-texmf.tar.xz /gnu/store/xpkl70g3bls935h1zdlq7sn2j6rccp3k-texlive-20190410downloading from https://ci.guix.gnu.org/nar/lzip/z4xvgiliw5baf1pr4z03c7n2hw3bm5x5-texlive-texmf-20190410 ... texlive-texmf-20190410 2.61GiB
The info suggests it won’t be substituted, but it’s eventuallysubstituted. I wonder why, because the .drv has:
("allowSubstitutes","0")
and the daemon has:
bool substitutesAllowed(const Derivation & drv) { return get(drv.env, "allowSubstitutes", "1") == "1"; }
and:
if (settings.useSubstitutes && substitutesAllowed(drv)) foreach (PathSet::iterator, i, invalidOutputs) addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair));
Thoughts?
Ludo’.
L
L
Leo Famulari wrote on 29 May 20:04 +0200
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 41602@debbugs.gnu.org)
20200529180411.GB3754@jasmine.lan
On Fri, May 29, 2020 at 05:15:40PM +0200, Ludovic Courtès wrote:
Toggle quote (20 lines)> The info suggests it won’t be substituted, but it’s eventually> substituted. I wonder why, because the .drv has:> > ("allowSubstitutes","0")> > and the daemon has:> > bool substitutesAllowed(const Derivation & drv)> {> return get(drv.env, "allowSubstitutes", "1") == "1";> }> > and:> > if (settings.useSubstitutes && substitutesAllowed(drv))> foreach (PathSet::iterator, i, invalidOutputs)> addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair));> > Thoughts?
I wonder if the content-addressed fallbacks take a different code paththat doesn't respect "allowSubstitutes"?
B
B
Bengt Richter wrote on 30 May 06:06 +0200
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 41602@debbugs.gnu.org)
20200530040609.GA2810@LionPure
On +2020-05-29 17:15:40 +0200, Ludovic Courtès wrote:
Toggle quote (44 lines)> Strangely, ‘texlive-texmf’ (the big one) is substitutable:> > --8<---------------cut here---------------start------------->8---> $ guix describe> Generacio 145 May 25 2020 00:37:58 (nuna)> guix 9744cc7> repository URL: https://git.savannah.gnu.org/git/guix.git> branch: master> commit: 9744cc7b4636fafb772c94adb8f05961b5b39f16> $ guix environment --ad-hoc texlive -- texdoc biblatex> 2.6 MB will be downloaded:> /gnu/store/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6> downloading from https://ci.guix.gnu.org/nar/lzip/7ji4l3szj68b0r5w10bvvdx1vy6nhz5p-subversion-1.10.6 ...> subversion-1.10.6 2.5MiB 7.2MiB/s 00:00 [##################] 100.0%> > La jena derivo estos konstruata:> /gnu/store/55yx02hr0dz47px1aj0j14xll3bsrmml-texlive-texmf-20190410.drv> 2,845.8 MB will be downloaded:> /gnu/store/nm6w84c9zj3yiylal3dk1sqzxq11sjzw-texlive-20190410-texmf.tar.xz> /gnu/store/xpkl70g3bls935h1zdlq7sn2j6rccp3k-texlive-20190410> downloading from https://ci.guix.gnu.org/nar/lzip/z4xvgiliw5baf1pr4z03c7n2hw3bm5x5-texlive-texmf-20190410 ...> texlive-texmf-20190410 2.61GiB> --8<---------------cut here---------------end--------------->8---> > The info suggests it won’t be substituted, but it’s eventually> substituted. I wonder why, because the .drv has:> > ("allowSubstitutes","0")> > and the daemon has:> > bool substitutesAllowed(const Derivation & drv)> {> return get(drv.env, "allowSubstitutes", "1") == "1";> }> > and:> > if (settings.useSubstitutes && substitutesAllowed(drv))> foreach (PathSet::iterator, i, invalidOutputs)> addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair));> > Thoughts?
This is the kind of "wonder why" that makes me wonder about trojan horse bug fixesas described in [1], which is a really interesting and scary read, especially since [1]could very conceivably be an example of what it itself is talking about (though theydon't sound malicious, so I can hope trusting okular to display it was not givingthem a pdf or image parser to exploit with malice).
Anyway, please note that the "pdf" file starts with these lines:
Toggle snippet (5 lines)# I'm a shell script :-) so please make me executable!# No shebang but I work equally well with Bash, Dash and Zsh# The script embeds link-grammar, a x86-64 ELF so it requires to be run on a x86-64 linux system
What looks like the beginning of a normal pdf file starts at line 30 counting from 1 as first line.okular will display the original as if it were pdf (bug??) though "file" just sees it as "data."
Trim off the first 29 lines and file sees it as pdf, and pdfinfo will find its way too.
Idk, you might want at least to cut out the first 29 lines before looking at it with e.g. okular,(which I trustingly used to open the file): note that okular got past the 29-line script part, (whichis a bit promiscuous for my taste), and displayed the pdf.
It was really interesting, esp the sections around
Toggle snippet (5 lines)3Deniable Backdoors Using Compiler Bugsby Scott Bauer, Pascal Cuoq, and John Regehr
Maybe you can view it in a sandbox :) But don't blame me if you don't.YOU WERE WARNED.
So read it -- and wonder what might come with a mysterious substitute ;-P
[1] https://www.alchemistowl.org/pocorgtfo/pocorgtfo08.pdf
Toggle quote (6 lines)> > Ludo’.> > >
-- Regards,Bengt Richter
L
L
Ludovic Courtès wrote on 30 May 16:07 +0200
(name . Leo Famulari)(address . leo@famulari.name)(address . 41602@debbugs.gnu.org)
87sgfhtt1f.fsf@gnu.org
Hi,
Leo Famulari <leo@famulari.name> skribis:
Toggle quote (24 lines)> On Fri, May 29, 2020 at 05:15:40PM +0200, Ludovic Courtès wrote:>> The info suggests it won’t be substituted, but it’s eventually>> substituted. I wonder why, because the .drv has:>> >> ("allowSubstitutes","0")>> >> and the daemon has:>> >> bool substitutesAllowed(const Derivation & drv)>> {>> return get(drv.env, "allowSubstitutes", "1") == "1";>> }>> >> and:>> >> if (settings.useSubstitutes && substitutesAllowed(drv))>> foreach (PathSet::iterator, i, invalidOutputs)>> addWaitee(worker.makeSubstitutionGoal(*i, buildMode == bmRepair));>> >> Thoughts?>> I wonder if the content-addressed fallbacks take a different code path> that doesn't respect "allowSubstitutes"?
It does, but this texlive-texmf.drv is not a fixed-output derivation.
Ludo’.
L
L
Leo Famulari wrote on 30 May 19:10 +0200
(no subject)
(address . control@debbugs.gnu.org)
20200530171007.GA25305@jasmine.lan
severity 41602 important
?