From patchwork Sun Apr 21 09:42:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christopher Baines X-Patchwork-Id: 63260 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 80DC127BBEA; Sun, 21 Apr 2024 10:45:45 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_PASS autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 01A6227BBE2 for ; Sun, 21 Apr 2024 10:45:45 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ryTk7-0005pv-IW; Sun, 21 Apr 2024 05:44:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ryTjl-0005Qa-5v for guix-patches@gnu.org; Sun, 21 Apr 2024 05:43:53 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ryTjk-0002mb-6L; Sun, 21 Apr 2024 05:43:52 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ryTjx-0006UI-V2; Sun, 21 Apr 2024 05:44:05 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#70494] [PATCH 14/23] scripts: perform-download: Support configuring the %store-prefix. Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: guix@cbaines.net, dev@jpoiret.xyz, ludo@gnu.org, othacehe@gnu.org, rekado@elephly.net, zimon.toutoune@gmail.com, me@tobias.gr, guix-patches@gnu.org Resent-Date: Sun, 21 Apr 2024 09:44:05 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 70494 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 70494@debbugs.gnu.org Cc: Christopher Baines , Josselin Poiret , Ludovic =?utf-8?q?Court=C3=A8s?= , Mathieu Othacehe , Ricardo Wurmus , Simon Tournier , Tobias Geerinckx-Rice X-Debbugs-Original-Xcc: Christopher Baines , Josselin Poiret , Ludovic =?utf-8?q?Court=C3=A8s?= , Mathieu Othacehe , Ricardo Wurmus , Simon Tournier , Tobias Geerinckx-Rice Received: via spool by 70494-submit@debbugs.gnu.org id=B70494.171369262024599 (code B ref 70494); Sun, 21 Apr 2024 09:44:05 +0000 Received: (at 70494) by debbugs.gnu.org; 21 Apr 2024 09:43:40 +0000 Received: from localhost ([127.0.0.1]:41770 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ryTjW-0006OU-Lq for submit@debbugs.gnu.org; Sun, 21 Apr 2024 05:43:40 -0400 Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27]:39677) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ryTiz-0006Hx-0b for 70494@debbugs.gnu.org; Sun, 21 Apr 2024 05:43:07 -0400 Received: from localhost (unknown [IPv6:2a02:6b67:d93b:1:254c:b471:debc:14be]) by mira.cbaines.net (Postfix) with ESMTPSA id 453AB27BBEA for <70494@debbugs.gnu.org>; Sun, 21 Apr 2024 10:42:48 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id f8b19d1f for <70494@debbugs.gnu.org>; Sun, 21 Apr 2024 09:42:47 +0000 (UTC) From: Christopher Baines Date: Sun, 21 Apr 2024 10:42:32 +0100 Message-ID: X-Mailer: git-send-email 2.41.0 In-Reply-To: <87bk632h36.fsf@cbaines.net> References: <87bk632h36.fsf@cbaines.net> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches * guix/scripts/perform-download.scm (guix-perform-download): Use GUIX_STORE_DIRECTORY from the environment if it's set, as this allows using the perform-download script with a non-default store directory. Change-Id: Id96bb901a106e1b13be5b21b3ce436c680c616a2 --- guix/scripts/perform-download.scm | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/guix/scripts/perform-download.scm b/guix/scripts/perform-download.scm index 5079d0ea71..f7f5231f27 100644 --- a/guix/scripts/perform-download.scm +++ b/guix/scripts/perform-download.scm @@ -20,7 +20,8 @@ (define-module (guix scripts perform-download) #:use-module (guix ui) #:use-module (guix scripts) #:use-module (guix derivations) - #:use-module ((guix store) #:select (derivation-path? store-path?)) + #:use-module ((guix store) #:select (%store-prefix derivation-path? + store-path?)) #:autoload (guix build download) (%download-methods url-fetch) #:autoload (guix build git) (git-fetch-with-fallback) #:autoload (guix config) (%git) @@ -153,6 +154,9 @@ (define-command (guix-perform-download . args) (#f #f) (str (string-contains str "print-extended-build-trace=1")))) + (and=> (getenv "GUIX_STORE_DIRECTORY") + %store-prefix) + ;; This program must be invoked by guix-daemon under an unprivileged UID to ;; prevent things downloading from 'file:///etc/shadow' or arbitrary code ;; execution via the content-addressed mirror procedures. (That means we