bug#49801: Guix time machine provenance/manifest reproducibility issue?

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#49801: Guix time machine provenance/manifest reproducibility issue?

From:	zimoun
Subject:	bug#49801: Guix time machine provenance/manifest reproducibility issue?
Date:	Thu, 2 Sep 2021 10:10:22 +0200

Hi Denis,

Thanks for the investigation and the attempt.

Well, I miss if it works or not...

On Thu, 2 Sept 2021 at 00:27, Denis 'GNUtoo' Carikli
<GNUtoo@cyberdimension.org> wrote:

> With and without this patch:
> > diff --git a/guix/scripts/pull.scm b/guix/scripts/pull.scm
> > index fb8ce50fa7..af1cf77f07 100644
> > --- a/guix/scripts/pull.scm
> > +++ b/guix/scripts/pull.scm
> > @@ -739,7 +739,7 @@ Use '~/.config/guix/channels.scm' instead."))
> >               (cons (match ref
> >                       (('commit . commit)
> >                        (channel (inherit guix)
> > -                               (url url) (commit commit) (branch
> > #f)))
> > +                               (url url) (commit commit)))
> >                       (('branch . branch)
> >                        (channel (inherit guix)
> >                                 (url url) (commit #f) (branch
> > branch)))
>
> on top of 95c29d2746943733cbe8df7013854d45bb0df413 ("gnu: electron-cash:
> Update to 4.2.5." which is today's master HEAD), I get the same diff
> with and without time-machine.

...here I understand the patch fixes the issue...

> I made and used this Makefile to build two hello tarball in both cases:
> > COMMIT ?= 95c29d2746943733cbe8df7013854d45bb0df413
> >
> > all: \
> >       hello-guix-$(COMMIT).tar.xz \
> >       hello-time-machine-$(COMMIT).tar.xz \
> >
> > hello-guix-$(COMMIT).tar.xz:
> >       install -m 644 \
> >               `../pre-inst-env \
> >               guix pack \
> >               --compression=xz --save-provenance hello` \
> >       $@
> >
> > hello-time-machine-$(COMMIT).tar.xz:
> >       install -m 644 \
> >               `../pre-inst-env guix time-machine \
> >                       --branch=master \
> >                       --commit=$(COMMIT) \
> >                       -- \
> >                       pack --compression=xz --save-provenance hello` \
> >       $@
>
> And once the file named manifest is extracted from both tarballs I get
> this diff (with and without your slightly modified patch):
> > --- 
> > ./hello-guix-95c29d2746943733cbe8df7013854d45bb0df413/gnu/store/lw9x5aimyqcq5iazj786fv7q5l3h0syk-profile/manifest
> >  1970-01-01 01:00:01.000000000 +0100
> > +++ 
> > ./hello-time-machine-95c29d2746943733cbe8df7013854d45bb0df413/gnu/store/30pf6ppiqpjsjaaiw35kc5lp6dcixpf1-profile/manifest
> >  1970-01-01 01:00:01.000000000 +0100
> > @@ -12,4 +12,19 @@
> >        "/gnu/store/a462kby1q51ndvxdv3b6p0rsixxrgx1h-hello-2.10"
> >        (propagated-inputs ())
> >        (search-paths ())
> > -      (properties)))))
> > +      (properties
> > +        (provenance
> > +          (repository
> > +            (version 0)
> > +            (url "https://git.savannah.gnu.org/git/guix.git";)
> > +            (branch #f)
> > +            (commit
> > +              "95c29d2746943733cbe8df7013854d45bb0df413")
> > +            (name guix)
> > +            (introduction
> > +              (channel-introduction
> > +                (version 0)
> > +                (commit
> > +                  "9edb3f66fd807b096b48283debdcddccfea34bad")
> > +                (signer
> > +                  "BBB0 2DDF 2CEA F6A8 0D1D  E643 A2A0 6DF2 A33A 
> > 54FA"))))))))))

...but then here I see it does not fix it.

However, because you run "./pre-inst-env guix pack --save-provenance",
it seems expected that the 'properties' is empty.  From my
understanding, '(find guix-channels? channels)' does not return  the
'guix' channel because it is the current Git checkout.  It is not the
case with "guix time-machine" because it creates an inferior using the
'guix' channel.

Moreover, if you want to try the patch, you need to run:

    ./pre-inst-env guix pull -p /tmp/new
    ./tmp/new/bin/guix describe # return commit 12345
    ./tmp/new/bin/guix pack --save-provenance
    ./tmp/new/bin/guix time-machine --commit=12345 -- pack --save-provenance

and be careful with the '--localstatedir' and '--sysconfdir' variables
at './configure' time.


Well,  from my point of view, the Guix way would be:

   guix describe -f channels > channels.scm
   guix pack --save-provenance

then later or elsewehere

  guix time-machine -C channels.scm -- pack --save-provenance

Although, it will not fix the bug you are exposing. :-)
WDYT?

Last, I have not carefully checked and maybe I am wrong, the both
options "--commit=1234 --branch=master" are exclusive I guess; i.e.,
the argument 'master' passed to '--branch' is not used in this case,
IIUC.

Cheers,
simon

[Prev in Thread]

Current Thread

[Next in Thread]

bug#49801: Guix time machine provenance/manifest reproducibility issue?, Denis 'GNUtoo' Carikli, 2021/09/01
- bug#49801: Guix time machine provenance/manifest reproducibility issue?, zimoun <=
  - bug#49801: Guix time machine provenance/manifest reproducibility issue?, Denis 'GNUtoo' Carikli, 2021/09/02
    - bug#49801: Guix time machine provenance/manifest reproducibility issue?, zimoun, 2021/09/02

Prev by Date: bug#50329: Missing icon folder in emacs-lsp-treemacs package.
Next by Date: bug#50335: Inheritance vs. ‘this-package’
Previous by thread: bug#49801: Guix time machine provenance/manifest reproducibility issue?
Next by thread: bug#49801: Guix time machine provenance/manifest reproducibility issue?
Index(es):
- Date
- Thread