On Tue, 8 Jul 2025 21:01:58 +0200 Denis 'GNUtoo' Carikli <gnu...@cyberdimension.org> wrote:
> Given the current status I gave a quick and dirty try at "backporting" > the patches and so far I have something that compiles and I will try > to test it soon[4] I had to install slirp4netns and recompile Guix from scratch, but then my quick and dirty "backport" seems to work: > substitute: updating substitutes from > 'https://bordeaux.guix.gnu.org'... 100.0% substitute: updating > substitutes from 'https://ci.guix.gnu.org'... 100.0% building path(s) > `/gnu/store/q7zx2204nxc1m8vdq0w4p05y4bp8jra2-check-abstract-socket-hole' > killing process 1754127 Abstract Unix-domain socket hole is CLOSED, > build failed with "while setting up the child process: in phase > waitForSlirpReady: unexpected end-of-file". Now I guess the next step could be to try to reduce the amount of patches and test the previous security vulnerabilities as well. I've code to do that automatically[1], but here too there is room for improvements as this code that comes from the blog posts about security issues probably needs to be integrated in Guix proper somehow. References: ----------- [1]https://git.sr.ht/~gnutoo/guix-security-tests Denis.
pgpstmsB4KE81.pgp
Description: OpenPGP digital signature
