Hello,
Mike Gerwitz skribis:
> But there doesn't seem to be any way to secure a git repository against
> a second-preimage attack.
That’s by large beyond the scope of this discussion. :-)
I think all we want is to allow someone who gets a checkout of Guix to
authenticate the source code, i.e.
Andreas Enge skribis:
> On Wed, Jun 01, 2016 at 02:39:54PM +0200, Ludovic Courtès wrote:
>> This is implemented using the ‘add-to-store’ RPC, which, after all these
>> years, is still implemented like this (nix/libstore/local-store.cc):
>>
>> --8<---cut here---start--
Jan Nieuwenhuizen skribis:
> Then, I uncommented the /home section in drakenvlieg.scm, like so
>
> ;; Switch to GuixSD
> (file-system (device "home")
> (title 'label)
> (mount-point "/home")
> (type "ext4"))
> (file-system (device (la
On 2016-06-04(12:45:16PM+), ng0 wrote:
> On 2016-06-04(01:17:53+0200), Ludovic Courtès wrote:
> > Hi!
> >
> > Mike Gerwitz skribis:
> >
> > > On Fri, Jun 03, 2016 at 18:12:47 +0200, Ludovic Courtès wrote:
> > >> First, ‘git pull’ doesn’t do it for you, you have to pass ‘--verify’ and
> > >> th
On Sun, Jun 05, 2016 at 09:51:45AM +0200, Werner Koch wrote:
> Given that Guix is a new distro you should really try to get rid of 1.4
> and only use 2.1. For Windows we use the name "gpg" for a long time now
> and there is a configure option --enable-gpg2-is-gpg to make it easier.
If a Guix user
