guix offload sometimes can use ~/.ssh/config, sometimes not

Open

Details

3 participants

Ludovic Courtès
Maxim Cournoyer
zimoun

Owner: unassigned

Submitted by: Maxim Cournoyer

Severity: normal

Maxim Cournoyer wrote on 31 Jan 2020 07:50

Recipients:(name . bug-guix)(address . bug-guix@gnu.org)

Message-ID:87blqkrueq.fsf@gmail.com

"hurd" is a host name defined in my ~/.ssh/config file.

$ guix offload status
guix offload: getting status of 1 build machines defined in '/etc/guix/machines.scm'...
guix offload: warning: machine 'hurd' is 31553985 seconds behind
load on machine 'hurd' is 0.02 (normalized: 0.02)
hurd
  kernel: Linux 5.1.2-gnu
  architecture: x86_64
  host name: hurd
  normalized load: 0.02
  free disk space: 950819.34 MiB
  time difference: -31553985 s

$ guix offload test
guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...
guix offload: Guix is usable on 'hurd' (test returned "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")
guix offload: 'hurd' is running GNU Guile 2.2.4
sending 1 store item (0 MiB) to '10.42.0.199'...
exporting path `/gnu/store/s9f3igal64f8c4k23jda5z24pfpzqxv6-export-test'
guix offload: 'hurd' successfully imported '/gnu/store/s9f3igal64f8c4k23jda5z24pfpzqxv6-export-test'
retrieving 1 store item from '10.42.0.199'...
guix offload: successfully imported
'/gnu/store/y7l8zymvqcnja6ybk8lzxncf9v0r5g79-import-test' from 'hurd'

$ guix build git --no-substitutes --check
process 31348 acquired build slot '/var/guix/offload/hurd:22/0'
guix offload: error: failed to connect to 'hurd': Failed to resolve hostname hurd (Name or service not known)
waiting for locks or build slots...

So, in many cases it seems able to use the information in ~/.ssh/config
to connect with the machine, but not when actually trying to offload
builds.

Maxim

Ludovic Courtès wrote on 5 Feb 2020 12:11

Recipients:(name . Maxim Cournoyer)(address . maxim.cournoyer@gmail.com)(address . 39366@debbugs.gnu.org)

Message-ID:87sgjpp9v6.fsf@gnu.org

Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:

Toggle quote (5 lines)

> "hurd" is a host name defined in my ~/.ssh/config file.

> $ guix offload status

> guix offload: getting status of 1 build machines defined in '/etc/guix/machines.scm'...

[...]

Toggle quote (4 lines)

> $ guix offload test

> guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...

> guix offload: Guix is usable on 'hurd' (test returned "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")

[...]

Toggle quote (4 lines)

> $ guix build git --no-substitutes --check

> process 31348 acquired build slot '/var/guix/offload/hurd:22/0'

> guix offload: error: failed to connect to 'hurd': Failed to resolve hostname hurd (Name or service not known)

That is confusing indeed. It comes from the fact that ‘guix offload’ in

the last case is running as root; thus, it sees a different

~/.ssh/config.

We could instruct ‘guix offload’ to always ignore ~/.ssh/config, but

that wouldn’t be great because using it can be useful.

Perhaps it should emit a warning when not running as root?

Thanks,

Ludo’.

zimoun wrote on 16 Dec 2021 14:39

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)

Message-ID:86wnk4hdnn.fsf@gmail.com

Hi,

On Wed, 05 Feb 2020 at 12:11, Ludovic Courtès <ludo@gnu.org> wrote:

Toggle quote (23 lines)> Maxim Cournoyer <maxim.cournoyer@gmail.com> skribis:
>
>> "hurd" is a host name defined in my ~/.ssh/config file.
>>
>> $ guix offload status
>> guix offload: getting status of 1 build machines defined in '/etc/guix/machines.scm'...
>
> [...]
>
>> $ guix offload test
>> guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...
>> guix offload: Guix is usable on 'hurd' (test returned "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")
>
> [...]
>
>> $ guix build git --no-substitutes --check
>> process 31348 acquired build slot '/var/guix/offload/hurd:22/0'
>> guix offload: error: failed to connect to 'hurd': Failed to resolve hostname hurd (Name or service not known)
>
> That is confusing indeed.  It comes from the fact that ‘guix offload’ in
> the last case is running as root; thus, it sees a different
> ~/.ssh/config.

Therefore, see 52517. :-) And the manual is also confusing, IMHO.

http://issues.guix.gnu.org/issue/52517

Toggle quote (3 lines)

> We could instruct ‘guix offload’ to always ignore ~/.ssh/config, but

> that wouldn’t be great because using it can be useful.

Well, I am in favor of POLA.

Cheers,

simon

Ludovic Courtès wrote on 3 Jan 2022 17:58

Recipients:(name . zimoun)(address . zimon.toutoune@gmail.com)

Message-ID:87r19og3iq.fsf@gnu.org

Hi,

zimoun <zimon.toutoune@gmail.com> skribis:

Toggle quote (2 lines)

> On Wed, 05 Feb 2020 at 12:11, Ludovic Courtès <ludo@gnu.org> wrote:

[...]

Toggle quote (14 lines)>> That is confusing indeed.  It comes from the fact that ‘guix offload’ in
>> the last case is running as root; thus, it sees a different
>> ~/.ssh/config.
>
> Therefore, see 52517. :-)  And the manual is also confusing, IMHO.
>
> <http://issues.guix.gnu.org/issue/52517>
>
>
>> We could instruct ‘guix offload’ to always ignore ~/.ssh/config, but
>> that wouldn’t be great because using it can be useful.
>
> Well, I am in favor of POLA.

Yeah, actually that would be in line with

bd8345777f5a48ee61656248655ebac71a09e926.

How about this:

Toggle diff (14 lines)diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm
index 9ddf458c13..925325ef5f 100644
--- a/guix/scripts/offload.scm
+++ b/guix/scripts/offload.scm
@@ -231,6 +231,9 @@ (define* (open-ssh-session machine #:optional max-silent-time)
                                ;; stateless instead.
                                #:knownhosts "/dev/null"
 
+                               ;; Likewise for ~/.ssh/config.
+                               #:config "/dev/null"
+
                                ;; We need lightweight compression when
                                ;; exchanging full archives.
                                #:compression

?

Ludo’.

zimoun wrote on 3 Jan 2022 18:24

Recipients:(name . Ludovic Courtès)(address . ludo@gnu.org)

Message-ID:867dbgvik1.fsf@gmail.com

Hi,

On Mon, 03 Jan 2022 at 17:58, Ludovic Courtès <ludo@gnu.org> wrote:

Toggle quote (25 lines)>>> We could instruct ‘guix offload’ to always ignore ~/.ssh/config, but
>>> that wouldn’t be great because using it can be useful.
>>
>> Well, I am in favor of POLA.
>
> Yeah, actually that would be in line with
> bd8345777f5a48ee61656248655ebac71a09e926.
>
> How about this:
>
> diff --git a/guix/scripts/offload.scm b/guix/scripts/offload.scm
> index 9ddf458c13..925325ef5f 100644
> --- a/guix/scripts/offload.scm
> +++ b/guix/scripts/offload.scm
> @@ -231,6 +231,9 @@ (define* (open-ssh-session machine #:optional max-silent-time)
>                                 ;; stateless instead.
>                                 #:knownhosts "/dev/null"
>  
> +                               ;; Likewise for ~/.ssh/config.
> +                               #:config "/dev/null"
> +
>                                 ;; We need lightweight compression when
>                                 ;; exchanging full archives.
>                                 #:compression

I am not enough familiar with this part of code but it sounds reasonable

since it is indeed aligned with the mentioned commit

bd8345777f5a48ee61656248655ebac71a09e926. :-)

Cheers,

simon

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 39366@debbugs.gnu.org

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date