pull: Add '--disable-authentication'.

* guix/channels.scm (latest-channel-instance): Add #:authenticate? and honor it. (latest-channel-instances): Likewise. * guix/scripts/pull.scm (%default-options): Add 'authenticate-channels?'. (show-help, %options): Add '--disable-authentication'. (guix-pull): Pass #:authenticate? to 'latest-channel-instances'. * doc/guix.texi (Invoking guix pull): Document it.
author: Ludovic Courtès <ludo@gnu.org> 2020-06-08 23:22:17 +0200
committer: Ludovic Courtès <ludo@gnu.org> 2020-06-16 16:10:47 +0200
commit: a9eeeaa6aeeafb817df3aad22a4b85205ac3ec13 (patch)
tree: 3b95e57daa70ee60c750025d3eeb008b9d90cd11 /doc/guix.texi
parent: c3f6f564e909ebefe752d24b325871a4e3a02d40 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index dd626816d0..6c59db3393 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3929,6 +3929,20 @@ Make sure you understand its security implications before using
 @option{--allow-downgrades}.
 @end quotation
 
+@item --disable-authentication
+Allow pulling channel code without authenticating it.
+
+@cindex authentication, of channel code
+By default, @command{guix pull} authenticates code downloaded from
+channels by verifying that its commits are signed by authorized
+developers, and raises an error if this is not the case.  This option
+instructs it to not perform any such verification.
+
+@quotation Note
+Make sure you understand its security implications before using
+@option{--disable-authentication}.
+@end quotation
+
 @item --system=@var{system}
 @itemx -s @var{system}
 Attempt to build for @var{system}---e.g., @code{i686-linux}---instead of
author	Ludovic Courtès <ludo@gnu.org>	2020-06-08 23:22:17 +0200
committer	Ludovic Courtès <ludo@gnu.org>	2020-06-16 16:10:47 +0200
commit	a9eeeaa6aeeafb817df3aad22a4b85205ac3ec13 (patch)
tree	3b95e57daa70ee60c750025d3eeb008b9d90cd11 /doc/guix.texi
parent	c3f6f564e909ebefe752d24b325871a4e3a02d40 (diff)