From 971382cab0c8ee057706e3dd4a124252d6b3547d Mon Sep 17 00:00:00 2001 From: Gavin Ray Date: Wed, 8 Dec 2021 19:55:34 -0500 Subject: [PATCH] Better diagnostics if no valid signature found I downloaded Nix tonight, and immediately broke it by accidentally removing the default binary caching. After figuring this out, I also failed to fix it properly, due to using the wrong key for Nix's default binary cache If the diagnostic message would have been clearer about what/where a "signature" for a "substituter" is + comes from, it probably would have saved me a few hours. Maybe we can save other noobs the same pain? --- src/libstore/build/substitution-goal.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libstore/build/substitution-goal.cc b/src/libstore/build/substitution-goal.cc index 29a8cfb87..4c3701b27 100644 --- a/src/libstore/build/substitution-goal.cc +++ b/src/libstore/build/substitution-goal.cc @@ -140,6 +140,8 @@ void PathSubstitutionGoal::tryNext() { warn("substituter '%s' does not have a valid signature for path '%s'", sub->getUri(), worker.store.printStorePath(storePath)); + warn("verify that your nix.conf contains a correct signature in 'trusted-public-keys' for %s", + sub->getUri()); tryNext(); return; }