diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2020-11-13 21:17:53 +0100 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2020-11-15 23:05:34 +0100 |
commit | 5d15733c426d232e98098d99a5bfe145586609a4 (patch) | |
tree | 2fa6ad0de047eab6cc3529acc7ebc7d41f276929 /guix | |
parent | 7140c55d1712cca1a44fb4c968a0bef42c2324a4 (diff) |
archive: Warn about replacing an ACL symlink.
* guix/scripts/archive.scm (authorize-key): Warn when %ACL-FILE is a
symbolic link and print an additional hint for Guix System users.
Co-authored-by: Ludovic Courtès <ludo@gnu.org>
Diffstat (limited to 'guix')
-rw-r--r-- | guix/scripts/archive.scm | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/guix/scripts/archive.scm b/guix/scripts/archive.scm index 02557ce454..c04baf9784 100644 --- a/guix/scripts/archive.scm +++ b/guix/scripts/archive.scm @@ -1,5 +1,6 @@ ;;; GNU Guix --- Functional package management for GNU ;;; Copyright © 2013, 2014, 2015, 2016, 2017, 2019, 2020 Ludovic Courtès <ludo@gnu.org> +;;; Copyright © 2020 Tobias Geerinckx-Rice <me@tobias.gr> ;;; ;;; This file is part of GNU Guix. ;;; @@ -310,6 +311,16 @@ the input port." (leave (G_ "failed to read public key: ~a: ~a~%") (error-source err) (error-string err))))) + ;; Warn about potentially volatile ACLs, but continue: system reconfiguration + ;; might not be possible without (newly-authorized) substitutes. + (let ((stat (false-if-exception (lstat %acl-file)))) + (when (and stat (eq? 'symlink (stat:type (lstat %acl-file)))) + (warning (G_ "replacing symbolic link ~a with a regular file~%") + %acl-file) + (when (string-prefix? (%store-prefix) (readlink %acl-file)) + (display-hint (G_ "On Guix System, add public keys to the +@code{authorized-keys} field of your @code{operating-system} instead."))))) + (let ((key (read-key)) (acl (current-acl))) (unless (eq? 'public-key (canonical-sexp-nth-data key 0)) |