package installation fail when home dir contains a @

  • Open
  • quality assurance status badge
Details
2 participants
  • Julien Lepiller
  • pofman
Owner
unassigned
Submitted by
pofman
Severity
normal
P
P
pofman wrote on 23 Nov 2022 13:46
(address . bug-guix@gnu.org)
384620554.2032398863.1669207590413.JavaMail.root@zimbra76-e14.priv.proxad.net
Hello!

I use the guix package manager on ubuntu 22.04.

I have successfully installed fdm and mu packages but I got an error when installing emacs package.

My user is a domain user, the domain name is 'foo.bar' and then sssd use a home directory like '/home/user@foo.bar' which seems to cause that error.

Installation log:
$ LANG=C guix install emacs
The following package will be installed:
emacs 28.2

hint: Backtrace:
17 (primitive-load "/home/user@foo.bar/.config/guix?")
In guix/ui.scm:
2275:7 16 (run-guix . _)
2238:10 15 (run-guix-command _ . _)
In ice-9/boot-9.scm:
1752:10 14 (with-exception-handler _ _ #:unwind? _ # _)
In guix/status.scm:
835:3 13 (_)
815:4 12 (call-with-status-report _ _)
In guix/store.scm:
1300:8 11 (call-with-build-handler _ _)
1300:8 10 (call-with-build-handler #<procedure 7f83d177e480 at g?> ?)
In guix/build/syscalls.scm:
1435:3 9 (_)
1402:4 8 (call-with-file-lock/no-wait _ _ _)
In guix/scripts/package.scm:
325:7 7 (build-and-use-profile _ "/var/guix/profiles/per-user/?" ?)
In guix/ui.scm:
312:5 6 (display-hint _ _)
1448:24 5 (texi->plain-text _)
In texinfo.scm:
1132:22 4 (parse _)
980:31 3 (loop #<input: string 7f83bec67a10> (*fragment*) _ _ _)
967:36 2 (loop #<input: string 7f83bec67a10> #f #<procedure ide?> ?)
92:2 1 (command-spec _)
In ice-9/boot-9.scm:
1685:16 0 (raise-exception _ #:continuable? _)

ice-9/boot-9.scm:1685:16: In procedure raise-exception:
Throw to key `parser-error' with args `(#f "Unknown command" foo)'.
J
J
Julien Lepiller wrote on 23 Nov 2022 21:03
ED47AE45-5CCD-4483-9DD1-C6E7990DD3A0@lepiller.eu
Oh no, do we have a Texi injection vulnerability in Guix? :)

What I understand is that an error occurs when trying to show a hint to the user (display-hint in the backtrace). This calls texi->plain-text which transforms texinfo markup to text for displaying on a terminal. With your user name, it tries to read something like:

/home/~a/.guix-profile/etc/profile

Which is expanded into:

/home/user@foo.bar/.guix-profile/etc/profile

And the @ is understood as texinfo markup but there is no @foo command in texinfo. How do we fix that though?

Le 23 novembre 2022 13:46:30 GMT+01:00, pofman@free.fr a écrit :
Toggle quote (47 lines)
>Hello!
>
>I use the guix package manager on ubuntu 22.04.
>
>I have successfully installed fdm and mu packages but I got an error when installing emacs package.
>
>My user is a domain user, the domain name is 'foo.bar' and then sssd use a home directory like '/home/user@foo.bar' which seems to cause that error.
>
>Installation log:
>$ LANG=C guix install emacs
>The following package will be installed:
> emacs 28.2
>
>hint: Backtrace:
> 17 (primitive-load "/home/user@foo.bar/.config/guix?")
>In guix/ui.scm:
> 2275:7 16 (run-guix . _)
> 2238:10 15 (run-guix-command _ . _)
>In ice-9/boot-9.scm:
> 1752:10 14 (with-exception-handler _ _ #:unwind? _ # _)
>In guix/status.scm:
> 835:3 13 (_)
> 815:4 12 (call-with-status-report _ _)
>In guix/store.scm:
> 1300:8 11 (call-with-build-handler _ _)
> 1300:8 10 (call-with-build-handler #<procedure 7f83d177e480 at g?> ?)
>In guix/build/syscalls.scm:
> 1435:3 9 (_)
> 1402:4 8 (call-with-file-lock/no-wait _ _ _)
>In guix/scripts/package.scm:
> 325:7 7 (build-and-use-profile _ "/var/guix/profiles/per-user/?" ?)
>In guix/ui.scm:
> 312:5 6 (display-hint _ _)
> 1448:24 5 (texi->plain-text _)
>In texinfo.scm:
> 1132:22 4 (parse _)
> 980:31 3 (loop #<input: string 7f83bec67a10> (*fragment*) _ _ _)
> 967:36 2 (loop #<input: string 7f83bec67a10> #f #<procedure ide?> ?)
> 92:2 1 (command-spec _)
>In ice-9/boot-9.scm:
> 1685:16 0 (raise-exception _ #:continuable? _)
>
>ice-9/boot-9.scm:1685:16: In procedure raise-exception:
>Throw to key `parser-error' with args `(#f "Unknown command" foo)'.
>
>
>
Attachment: file
?