bug-guix
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#69755: Issue trying to guix pull

From: pelzflorian (Florian Pelz)
Subject: bug#69755: Issue trying to guix pull
Date: Tue, 12 Mar 2024 20:23:20 +0100
User-agent: Gnus/5.13 (Gnus v5.13) 
Hello Michael.

Michael Ford <fanquake@gmail.com> writes:
> building 
> /gnu/store/p9nimij8lz4yln5jd3gm0kdhirrwz56h-guix-1.4.0-18.4c94b9e-checkout.drv...
> -suspicious ownership or permission on
> `/gnu/store/bj2rp8ql9zxnv4l9gvlhph55fa241mk4-guix-1.4.0-18.4c94b9e-checkout';
> rejecting this build output
> Backtrace:

A probable fix was pushed by Ludovic recently.
Does it work?  Can this issue be closed?

commit ff1251de0bc327ec478fc66a562430fbf35aef42
Author: Ludovic Courtès <ludo@gnu.org>
Date:   Tue Mar 12 11:53:35 2024 +0100

    daemon: Address shortcoming in previous security fix for CVE-2024-27297.
    
    This is a followup to 8f4ffb3fae133bb21d7991e97c2f19a7108b1143.
    
    Commit 8f4ffb3fae133bb21d7991e97c2f19a7108b1143 fell short in two
    ways: (1) it didn’t have any effet for fixed-output derivations
    performed in a chroot, which is the case for all of them except those
    using “builtin:download” and “builtin:git-download”, and (2) it did not
    preserve ownership when copying, leading to “suspicious ownership or
    permission […] rejecting this build output” errors.

Regards,
Florian
reply via email to
[Prev in Thread] Current Thread [Next in Thread]