From patchwork Wed Jul 15 22:15:06 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= X-Patchwork-Id: 23239 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 5A70B27BBE3; Wed, 15 Jul 2020 23:16:08 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTP id 014CB27BBE1 for ; Wed, 15 Jul 2020 23:16:08 +0100 (BST) Received: from localhost ([::1]:36222 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jvph9-0007uc-I3 for patchwork@mira.cbaines.net; Wed, 15 Jul 2020 18:16:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43336) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jvph4-0007uU-Si for guix-patches@gnu.org; Wed, 15 Jul 2020 18:16:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:42285) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jvph4-0006ZC-JQ for guix-patches@gnu.org; Wed, 15 Jul 2020 18:16:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1jvph4-0005kF-FD for guix-patches@gnu.org; Wed, 15 Jul 2020 18:16:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#42381] [PATCH 0/3] 'reconfigure' disallows downgrades by default Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 15 Jul 2020 22:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 42381 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 42381@debbugs.gnu.org Cc: Ludovic =?utf-8?q?Court=C3=A8s?= X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.159485132922022 (code B ref -1); Wed, 15 Jul 2020 22:16:02 +0000 Received: (at submit) by debbugs.gnu.org; 15 Jul 2020 22:15:29 +0000 Received: from localhost ([127.0.0.1]:53825 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jvpgX-0005j8-A8 for submit@debbugs.gnu.org; Wed, 15 Jul 2020 18:15:29 -0400 Received: from lists.gnu.org ([209.51.188.17]:51874) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jvpgU-0005ix-8q for submit@debbugs.gnu.org; Wed, 15 Jul 2020 18:15:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43190) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jvpgT-0007mw-Qb for guix-patches@gnu.org; Wed, 15 Jul 2020 18:15:25 -0400 Received: from fencepost.gnu.org ([2001:470:142:3::e]:37544) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jvpgP-0006J9-SF; Wed, 15 Jul 2020 18:15:21 -0400 Received: from [2a01:e0a:1d:7270:af76:b9b:ca24:c465] (port=49030 helo=gnu.org) by fencepost.gnu.org with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1jvpgP-0000xn-F6; Wed, 15 Jul 2020 18:15:21 -0400 From: Ludovic =?utf-8?q?Court=C3=A8s?= Date: Thu, 16 Jul 2020 00:15:06 +0200 Message-Id: <20200715221506.8468-1-ludo@gnu.org> X-Mailer: git-send-email 2.27.0 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches Hello! This patch series changes ‘guix system reconfigure’ so that it errors out when attempting to downgrade the system, which could (re)introduce security vulnerability and/or cause problems with stateful services (we experienced the latter a couple of weeks ago on berlin.guix.gnu.org actually). Having this sanity check is pretty much a prerequisite for unattended upgrades IMO (patch coming soon!). It works by comparing the commits shown by ‘guix describe’ to those shown by ‘guix system describe’, essentially. Apart from that, it is similar to what ‘guix pull’ does. There’s a bit of redundancy with code in ‘guix pull’, but that seemed unavoidable (it’s mostly UI stuff). Thoughts? Thanks, Ludo’. Ludovic Courtès (3): git: Factorize 'resolve-reference'. git: 'update-cached-checkout' has a new #:check-out? parameter. guix system: 'reconfigure' disallows downgrades by default. doc/guix.texi | 35 +++++++++-- guix/git.scm | 90 ++++++++++++++------------ guix/scripts/system.scm | 15 ++++- guix/scripts/system/reconfigure.scm | 97 ++++++++++++++++++++++++++++- 4 files changed, 192 insertions(+), 45 deletions(-)