emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#31825: closed (guix offload fails with guix-authenticate error)

From: GNU bug Tracking System
Subject: bug#31825: closed (guix offload fails with guix-authenticate error)
Date: Sun, 08 Aug 2021 04:10:01 +0000 
Your message dated Sun, 08 Aug 2021 00:09:20 -0400
with message-id <87lf5c37db.fsf@gmail.com>
and subject line Re: bug#31825: guix offload fails with guix-authenticate error
has caused the debbugs.gnu.org bug report #31825,
regarding guix offload fails with guix-authenticate error
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
31825: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=31825
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: guix offload fails with guix-authenticate error Date: Wed, 13 Jun 2018 23:54:15 -0400 
Hello!

I've read the documentation carefully many times, but I still can't make
`guix offload' work. It always fails like so:

--8<---------------cut here---------------start------------->8---
guix offload test
guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...
guix offload: '192.168.1.105' is running guile (GNU Guile) 2.2.3
guix offload: Guix is usable on '192.168.1.105' (test returned 
"/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")
sending 1 store item to '192.168.1.105'...
exporting path `/gnu/store/wrv01knf5xa76j73afscj066pbqq1na3-export-test'
guix offload: error: build failed: program `guix-authenticate' failed with exit 
code 1
--8<---------------cut here---------------end--------------->8---

In GDB, I've attempted to follow the forks but without success. The
most useful hint I've got was the following message about
guix-authenticate not being found:

--8<---------------cut here---------------start------------->8---
sudo gdb --args guix-daemon --build-users-group=guixbuild
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.5) 7.11.1
[...]
(gdb) r
Starting program: /home/mcournoyer/src/guix/guix-daemon 
--build-users-group=guixbuild
[Thread debugging using libthread_db enabled]
Using host libthread_db library 
"/gnu/store/4sqaib7c2dfjv62ivrg9b8wa7bh226la-glibc-2.26.105-g0890d5379c/lib/libthread_db.so.1".
accepted connection from pid 2241, user mcournoyer
accepted connection from pid 29024, user mcournoyer
accepted connection from pid 2241, user mcournoyer
accepted connection from pid 29068, user mcournoyer
error: executing `guix-authenticate': No such file or directory
--8<---------------cut here---------------end--------------->8---

Things I've tried without success:

1. Installing guix into my user's profile and then this to the ~/.bashrc
on the remote machine:

--8<---------------cut here---------------start------------->8---
GUIX_PROFILE=$HOME/.guix-profile
source $GUIX_PROFILE/etc/profile

# Hack to make guix-authenticate available
export PATH=$PATH:$GUIX_PROFILE/libexec
--8<---------------cut here---------------end--------------->8---

2. Noticing that the guix-daemon I was debugging (the one at
~/src/guix/guix-daemon) was using nixLibexecDir = "/usr/local/libexec"
and that the guix-daemon has code doing this in guix-daemon.cc:469:

--8<---------------cut here---------------start------------->8---
      /* Hackily help 'local-store.cc' find our 'guix-authenticate' program, 
which
         is known as 'OPENSSL_PATH' here.  */
      std::string search_path;
      search_path = settings.nixLibexecDir;
      if (getenv ("PATH") != NULL)
        {
          search_path += ":";
          search_path += getenv ("PATH");
        }

      setenv ("PATH", search_path.c_str (), 1);
--8<---------------cut here---------------end--------------->8---

I tried:

--8<---------------cut here---------------start------------->8---
sudo ln -s /var/guix/profiles/per-user/mcournoyer/guix-profile/libexec 
/usr/local/libexec
--8<---------------cut here---------------end--------------->8---

I'm motivated to get this working; would be pleased to debug further
given fresh ideas.

Thanks,

Maxim

--- End Message ---
--- Begin Message --- Subject: Re: bug#31825: guix offload fails with guix-authenticate error Date: Sun, 08 Aug 2021 00:09:20 -0400 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) 
Hi,

Maxim Cournoyer <maxim.cournoyer@gmail.com> writes:

> Just as a follow-up; I've managed to fall into this trap again,
> attempting to authorize the keys by adding them to the 'authorize-keys'
> field of guix-configuration record.
>
> On the local machine:
>
> guix offload test /etc/guix/machines.scm 127.0.0.1
> guix offload: testing 1 build machines defined in '/etc/guix/machines.scm'...
> guix offload: Guix is usable on '127.0.0.1' (test returned 
> "/gnu/store/883yjkl46dxw9mzykykmbs0yzwyxm17z-test")
> guix offload: '127.0.0.1' is running GNU Guile 3.0.0
> sending 1 store item (0 MiB) to '127.0.0.1'...
> exporting path `/gnu/store/l9mph3k5l26nm8mb50imsklbsz0bji0b-export-test'
> guix offload: error: program 
> `/gnu/store/amjsgks2n05k9lkck78z64nphad1dkqr-guix-1.0.1-13.50299ad/bin/guix' 
> failed with exit code 1
>
>
> On the remote machine:
>
> sudo strace -p 15683 -p 15716 -f -s345 -o /tmp/log
>
> And found within /tmp/log:
>
> 16120 write(2, "guix authenticate: error: error: unauthorized public
> key: (public-key \n (ecc \n (curve Ed25519)\n (q #MY-PUBLIC-KEY#)\n
> )\n )\n", 176) = 176
>
> So, still actual :-)
>
> Maxim

I think many things have been improved in the diagnostics of guix
offload since the original report.  The last gotcha I had hit described
above appears to had been caused by the keys added to the
'authorized-keys' field of the 'guix-configuration' record not being
taken into account when a /etc/guix/acl file was already populated (it
used to not be declarative).

Closing this forgotten issue.

Thanks,

Maxim

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]