[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#39819: Declarative /etc/guix/acl?
From: |
Ludovic Courtès |
Subject: |
bug#39819: Declarative /etc/guix/acl? |
Date: |
Mon, 12 Oct 2020 14:53:24 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) |
Hi,
Jan Nieuwenhuizen <janneke@gnu.org> skribis:
> Ludovic Courtès writes:
>
> Hello!
>
>> For some reason, /etc/guix/acl is not declarative on Guix System: we let
>> users modify it and assume it’s stateful, which can surprise users as in
>> <https://issues.guix.gnu.org/39819>.
>>
>> Should we make it declarative, just like most of /etc? I think so.
>
> Yes, I think so too.
OK.
> However, if you have your own substitute server, you now can run guix
> archive --authorize < ..., e.g. at bootstrap/install time. For such
> cases, IWBN to have a --authorized-key argument to guix build / guix
> system.
There’s already an ‘authorized-keys’ field in ‘guix-configuration’:
https://guix.gnu.org/manual/devel/en/html_node/Base-Services.html#index-guix_002dconfiguration
So you would just list keys there. Is that what you have in mind?
The option is already there, it’s just non-authoritative.
Ludo’.