Nix: `nix copy` silently ignores --no-check-sigs unless user is trusted
Running
$ nix copy --from ssh://[email protected] /nix/store/drc0i99pbfymnmi8zsiqnwhji04z3m84-pandoc-1.19.2.4-armv7l-unknown-linux-gnueabihf
where none of the source derivations have been unsigned fails with "error: cannot add path '/nix/store/402qhax6xjfqgglfcrccz2abkwgbv5pg-armv7l-unknown-linux-gnueabihf-ghc-8.2.1-doc' because it lacks a valid signature".
Looking at nix copy --help, one might be tempted by the --no-check-sigs flag to work around the signature check. However, confusingly, the above command fails in the same way even with that flag if run as an untrusted user.
It would be helpful if nix copy warned that it was ignoring the --no-check-sigs flag if run as an untrusted user.
bgamari
All 3 comments
This is especially annoying when combined with the lack of progress feedback and the fact that the check isn't made until after the full file has been transferred, so you find yourself waiting an unpredictable long time, then see the error, then try the option and wait again, then see the error again.
Ralith
on 29 Apr 2018
This applies to many options that are restricted to trusted users — IMO all of these should raise warnings or even errors when passed on the command line or a per-user nix.conf.
lheckemann
on 17 Jun 2018
Related: to some users it might be confusing that nix-copy-closure doesn't need you to pass this flag, i.e. it's as if it were specified.
_I'm not trying to say we should change the requirement to pass it explicitly; I haven't thought about it too much yet._
vcunat
on 21 May 2019
Related issues
luc65r
·
3Comments
chexxor
·
4Comments
eqyiel
·
3Comments
drewm1980
·
3Comments
ericsagnes
·
4Comments
Most helpful comment
This applies to many options that are restricted to trusted users — IMO all of these should raise warnings or even errors when passed on the command line or a per-user
nix.conf.