Commits signed by key not registered on Savannah

Hi David, da...@craven.ch (David Craven) writes: > dvc pushed a commit to branch master > in repository guix. > > commit a5bc3dfeaac3b5f04702a0e24c99b0c44a2422af > Author: David Craven > Date: Mon Jan 16 23:37:21 2017 +0100 > > gnu: Add ovmf. > > * gnu/packages/grub.scm (edk2-commi

Re: GuixSD on commodity hosting platforms, hoster: IN-Berlin

ng0 writes: >> > It turns out that it could be as simple as providing them with the raw >> > disk image, so I will give it a try soon. >> >> Can you share the config.scm of that? > > What do you mean? I imagined you will be running something like guix system disk-image in-berlin.scm It is

Re: GuixSD on commodity hosting platforms, hoster: IN-Berlin

On 17-02-11 11:37:27, Jan Nieuwenhuizen wrote: > ng0 writes: > > >> > It turns out that it could be as simple as providing them with the raw > >> > disk image, so I will give it a try soon. > >> > >> Can you share the config.scm of that? > > > > What do you mean? > > I imagined you will be runni

Re: Commits signed by key not registered on Savannah

> According to "git log --show-signature" on my machine, several recent > commits by you (including this one) were signed with a different key > than the one you have registered on Savannah. Savannah has key > C5E051C79C0BECDB, but your recent commits were signed with key > 33B9E9FDE28D2C23. How

Re: `guix pull` over HTTPS

Marius Bakke skribis: > Ludovic Courtès writes: > >> Marius Bakke skribis: [...] >>> If the private key used on https://git.savannah.gnu.org/ is static, one >>> option would be to "pin" the corresponding public key. However, some LE >>> clients also rotate the private key when renewing, so we

Re: Add murmur.

ng0 skribis: > On 17-02-10 22:54:21, Marius Bakke wrote: >> ng0 writes: >> >> > On 17-02-09 23:50:02, Ludovic Courtès wrote: >> >> ng0 skribis: >> >> >> >> > On 17-02-09 17:50:04, Ludovic Courtès wrote: >> >> >> Hi ng0! >> >> >> >> >> >> contact@cryptolab.net skribis: >> >> >> >> >> >>

Re: Archive authentication & ‘guix challenge’

myglc2 skribis: > On 02/09/2017 at 17:36 Ludovic Courtès writes: [...] >> Could it be that the ‘guix archive’ you ran uses a configuration >> directory other than this one? What does: >> >> guile -c '(use-modules (guix config)) (pk %config-directory)' >> >> print? > > Thanks Ludo ... > > g1@

Re: Commits signed by key not registered on Savannah

David Craven skribis: >> According to "git log --show-signature" on my machine, several recent >> commits by you (including this one) were signed with a different key >> than the one you have registered on Savannah. Savannah has key >> C5E051C79C0BECDB, but your recent commits were signed with k

New guix-patches mailing list not showing up on Mailman

Hello! I created a new ‘guix-patches’ mailing lists ~48h ago on Savannah. The list shows up on but still not on lists.gnu.org. Did something go wrong? TIA! Ludo’.

Re: Add murmur.

On 17-02-11 15:31:15, Ludovic Courtès wrote: > ng0 skribis: > > > On 17-02-10 22:54:21, Marius Bakke wrote: > >> ng0 writes: > >> > >> > On 17-02-09 23:50:02, Ludovic Courtès wrote: > >> >> ng0 skribis: > >> >> > >> >> > On 17-02-09 17:50:04, Ludovic Courtès wrote: > >> >> >> Hi ng0! > >> >>

Re: [PATCH] gnu: lcms: Update to 2.8.

Marius Bakke writes: > Alex Vong writes: > >> Hi, >> >> This patch update lcms to 2.8: > > Thank you for this! > Thanks for the review too! >> Besides, the security bug in which 'lcms-fix-out-of-bounds-read.patch' >> fixed has been assigned CVE-2016-10165 according to [0], should we >> change t

Re: [PATCH 5/6] gnu: gcc: Force Aarch64 to use /lib.

> + ;; Force Aarch64 libdir to be /lib and not /lib64 > + (substitute* "gcc/config/aarch64/t-aarch64-linux" > +(("lib64") "lib")) > + I'd amend the comment to say why.

[PATCH] gnu: ffmpeg: Build with SDL support.

SDL is required for the `ffplay' executable to be built. * gnu/packages/video.scm (ffmpeg)[inputs]: Add sdl2. --- gnu/packages/video.scm | 1 + 1 file changed, 1 insertion(+) diff --git a/gnu/packages/video.scm b/gnu/packages/video.scm index 3acd2bf91..bb2ed1f63 100644 --- a/gnu/packages/video.s

Fixing non-reproducibility in some guile packages (was: guile2.2-gdbm-ffi issue)

Christopher Allan Webber writes: > (Originally accidentally sent this to guile-de...@gnu.org ... sorry!) > > Hiya, > > I pushed guile2.2-gdbm because it was just a couple of lines and it > seemed to work and didn't affect anything. I made a mistake though that > I didn't realize until I ran > "gu

Broken tests

Hi! > Revert "import: json: Explicitly ask for JSON data." > This reverts commit 81e0bc1834490a1a8092c75a0733b15c2b407285. I reverted this commit in my local repository for now, it breaks the pypi, crate and some other test I can't recall (gem and/or cpan). David

[PATCH 2/2] gnu: sed: Update to 4.4.

From: ng0 * gnu/packages/base.scm (sed): Update to 4.4. [source]: Change to "tar.xz" source, remove obsolete patch 'sed-hurd-path-max.patch'. * gnu/packages/patches/sed-hurd-path-max.patch: Delete file. * gnu/local.mk (dist_patch_DATA): Remove it. --- gnu/local.mk

base: Update grep + sed to latest stable.

the hurd patch in sed was upstreamed, it is now obsolete.

[PATCH 1/2] gnu: grep: Update to 3.0.

From: ng0 * gnu/packages/base.scm (grep): Update to 3.0. --- gnu/packages/base.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/gnu/packages/base.scm b/gnu/packages/base.scm index c75e03828..dc11b1a32 100644 --- a/gnu/packages/base.scm +++ b/gnu/packages/base.scm @@ -

[PATCH] gnu: ghc: remove unused 'libedit' input

ghc stopped using libedit (via editline) in 2009: https://git.haskell.org/ghc.git/commitdiff/46aed8a4a084add708bbd119d19905105d5f0d72 * gnu/packages/haskell.scm (ghc, ghc-8): remove 'libedit' input Signed-off-by: Sergei Trofimovich --- gnu/packages/haskell.scm | 3 --- 1 file changed, 3 de

Re: [PATCH 0/2] Add graft for Bash CVE-2017-5932

On Fri, Feb 10, 2017 at 10:40:56AM +0100, Ludovic Courtès wrote: > Hello! > > This patch fixes Bash CVE-2017-5932, which is a remote code execution > vulnerability triggered by file name completion and disclosed on Wednesday: > > > https://github.com/jheyens/bash_completion_vuln/raw/master/201

Re: Shadow -> 4.4

On Fri, Jan 20, 2017 at 11:02:05AM +, ng0 wrote: > Leo Famulari writes: > > > On Thu, Jan 19, 2017 at 08:06:34PM +, contact@cryptolab.net wrote: > >> Question: I don't prefer to crash and burn systems, which test is > >> enough to show that it works? Reconfiguring one of my own system

Re: [PATCH 1/2] gnu: grep: Update to 3.0.

On Sat, Feb 11, 2017 at 05:18:01PM +, contact@cryptolab.net wrote: > From: ng0 > > * gnu/packages/base.scm (grep): Update to 3.0. This is on core-updates as f3a79f88e51d367c5e5668bfbf7fb433260b1fd6.

Re: [PATCH 2/2] gnu: sed: Update to 4.4.

On Sat, Feb 11, 2017 at 05:18:02PM +, contact@cryptolab.net wrote: > From: ng0 > > * gnu/packages/base.scm (sed): Update to 4.4. > [source]: Change to "tar.xz" source, > remove obsolete patch 'sed-hurd-path-max.patch'. > * gnu/packages/patches/sed-hurd-path-max.patch: Delete file. > * gnu

Re: [PATCH] gnu: slurm: Update to 16.05.9.1.

Carolili writes: > Dear Guix people, > > Here is a patch that updates Slurm to the latest version. Don't hesitate to > point out any corrections, as this is my first attempt at a Guix patch. > Thanks! > (It was nice meeting you at FOSDEM and learning more about the project ^^) Applied, thank y

[PATCH] gnu: rxvt-unicode: Add '.desktop' files.

From: ng0 This fixes . * gnu/packages/xdisorg.scm (rxvt-unicode)[arguments]: Use 'modify-phases'. Add 'install-desktop-urxvt' and 'install-desktop-urxvtc' phase. --- gnu/packages/xdisorg.scm | 43 +-- 1 file changed, 41 inserti

Add .desktop files to urxvt (fixes bug #23106)

[PATCH] gnu: rxvt-unicode: Add '.desktop' files. This patch fixes bug #23106.

Re: `guix pull` over HTTPS

On Sat, Feb 11, 2017 at 03:28:52PM +0100, Ludovic Courtès wrote: > Marius Bakke skribis: > > I think pinning the public key could work, if the Savannah > > administrators are aware of it. But we'd need a reliable fallback > > mechanism in case the private key needs to be updated. > > Yeah, sounds

Announcement regarding the oss-security mailing list

I think that several of us are subscribed to oss-security as part of our effort to learn about upstream security issues in a timely manner. A couple days ago, MITRE decided to stop assigning CVEs from the list: http://seclists.org/oss-sec/2017/q1/351 So, I expect that we will see fewer bugs sent

Re: Shadow -> 4.4

On 17-02-11 13:47:23, Leo Famulari wrote: > On Fri, Jan 20, 2017 at 11:02:05AM +, ng0 wrote: > > Leo Famulari writes: > > > > > On Thu, Jan 19, 2017 at 08:06:34PM +, contact@cryptolab.net wrote: > > >> Question: I don't prefer to crash and burn systems, which test is > > >> enough to

Re: [PATCH 2/2] gnu: sed: Update to 4.4.

On 17-02-11 13:56:14, Leo Famulari wrote: > On Sat, Feb 11, 2017 at 05:18:02PM +, contact@cryptolab.net wrote: > > From: ng0 > > > > * gnu/packages/base.scm (sed): Update to 4.4. > > [source]: Change to "tar.xz" source, > > remove obsolete patch 'sed-hurd-path-max.patch'. > > * gnu/packag

Re: `guix pull` over HTTPS

Leo Famulari writes: > However, I think that pulling code over HTTPS using a certificate store > like nss-certs or from the host distro is a huge improvement over what > we have now. If we can do that sooner, we should. I agree. If it’s easy to make the “le-certs” idea work I’m all for it, but

Re: [PATCH] gnu: slurm: Update to 16.05.9.1.

Hi and welcome! > Here is a patch that updates Slurm to the latest version. Don't > hesitate to point out any corrections, as this is my first attempt at > a Guix patch. Thanks! Excellent first patch. Thank you! -- Ricardo GPG: BCA6 89B6 3655 3801 C3C6 2150 197A 5888 235F ACAC https://eleph

Auditing CPE names

I wonder if anyone checks the Common Platform Enumeration (CPE) names of new packages when creating them? It's important to name the package in accordance with the CPE or set the cpe-name property, or else `guix lint -c cve` won't work for that package. There is an example of setting the cpe-name

Re: Announcement regarding the oss-security mailing list

Leo Famulari writes: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > > http://seclists.org/oss-sec/2017/q1/351 > > So, I ex

Re: Announcement regarding the oss-security mailing list

On 17-02-11 14:44:00, Leo Famulari wrote: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > > http://seclists.org/oss-sec/2017

Re: Shadow -> 4.4

On Sat, Feb 11, 2017 at 07:48:07PM +, ng0 wrote: > Are there any reasons _against_ configuring 'shadow' with SELinux > support? I'm not that familiar with SELinux, so I can't say one way or the other. There were some scattered discussions about SELinux in GuixSD at FOSDEM, but I'm not sure if

Re: bug#25463: guile-2.0.13 Check errors

Hello! ren...@openmailbox.org skribis: > I am trying to build guile version 2.0.13 in GNU Hurd through Guix > package manager, in the 'Check' phase I have 4 errors; I am attaching > the build log(config.zip), environment > variables(environment-variables) and test log(check-guile.zip). > > This i

[PATCH 2/2] gnu: neomutt: Configure with 'lmdb' and 'tokyocabinet'.

From: ng0 * gnu/packages/mail.scm (neomutt)[configure]: Add '--with-tokyocabinet' and '--with-lmdb'. [inputs]: Add 'lmdb' and 'tokyocabinet'. --- gnu/packages/mail.scm | 7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/gnu/packages/mail.scm b/gnu/packages/mail.scm index a

Add tokyocabinet, Add databases to neomutt

[PATCH 1/2] gnu: Add tokyocabinet. Pretty straight forward, just adds the database. [PATCH 2/2] gnu: neomutt: Configure with 'lmdb' and 'tokyocabinet'. Adds the lmdb and tokyocabinet as two more choices of database backends to neomutt. This is not a problem for neomutt as multiple backends can

[PATCH 1/2] gnu: Add tokyocabinet.

From: ng0 * gnu/packages/databases.scm (tokyocabinet): New variable. --- gnu/packages/databases.scm | 33 - 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 39287efd9..4df437fa1 100644 ---

Re: Commits signed by key not registered on Savannah

Hi David, David Craven writes: >> According to "git log --show-signature" on my machine, several recent >> commits by you (including this one) were signed with a different key >> than the one you have registered on Savannah. Savannah has key >> C5E051C79C0BECDB, but your recent commits were sig

Re: Add tokyocabinet, Add databases to neomutt

On 17-02-11 21:07:39, contact@cryptolab.net wrote: > [PATCH 1/2] gnu: Add tokyocabinet. > > Pretty straight forward, just adds the database. > > [PATCH 2/2] gnu: neomutt: Configure with 'lmdb' and 'tokyocabinet'. > > Adds the lmdb and tokyocabinet as two more choices of database backends to

Re: Fixing non-reproducibility in some guile packages

Christopher Allan Webber writes: Hi! > I think this is a pretty serious bug. It means that guile-gdbm-ffi was > never properly reproducible by our standard methods of determining > inputs. This is entirely my fault, since I'm the one who put together > these packages. > > The guile-wisp package

[PATCH] gnu: Add ghc-hslogger.

* gnu/packages/haskell.scm (ghc-hslogger): New variable. --- gnu/packages/haskell.scm | 29 + 1 file changed, 29 insertions(+) diff --git a/gnu/packages/haskell.scm b/gnu/packages/haskell.scm index 37e35c45f..f0800b4dc 100644 --- a/gnu/packages/haskell.scm +++ b/gnu/pa

Re: Archive authentication & ‘guix challenge’

On 02/11/2017 at 15:32 Ludovic Courtès writes: > myglc2 skribis: > >> On 02/09/2017 at 17:36 Ludovic Courtès writes: > > [...] > >>> Could it be that the ‘guix archive’ you ran uses a configuration >>> directory other than this one? What does: >>> >>> guile -c '(use-modules (guix config)) (pk

Re: Commits signed by key not registered on Savannah

I wrote: > Preferably, the public key block associated with your account on > Savannah would include both your old and new public keys. Sorry, my request above was ill-considered, and I hereby revoke it. I now believe that you should register only your new key on Savannah. It might be nice to ass

Re: [Savannah-hackers-public] New guix-patches mailing list not showing up on Mailman

I created a new œôòøguix-patchesœôòù mailing lists ~48h ago on Savannah. I just created it by hand. Assaf is looking into the PHP<->Savannah linkage/breakage. --best, karl.

Re: Commits signed by key not registered on Savannah

> It might be nice to associate with each committer, a list of all keys > that they have ever used to sign commits in our git repository. > Keys would be added to the list over time, but never removed. Sounds good. Where would we put that list? And does that list also need to be signed? Puh, luck

Re: Debbugs handling of Guix patches

I see you got this sorted out, so I've now completed the debbugs part. It may take an hour or so for the mailing list redirection to take effect.

[PATCH] website: packages: Anchor location url to commit id.

From: Eric Bavier * website/www/packages.scm (git-description): New variable. (location-url): Include "?id=..." if possible. --- website/www/packages.scm | 22 -- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/website/www/packages.scm b/website/www/packages.sc

[PATCH 1/1] gnu: screen: Fix CVE-2017-5618.

* gnu/packages/patches/screen-CVE-2017-5618.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/screen.scm (screen)[source]: Use it. --- gnu/local.mk| 1 + gnu/packages/patches/screen-CVE-2017-5618.patch | 40 + gnu

Re: [Savannah-hackers-public] New guix-patches mailing list not showing up on Mailman

Hello, On Sat, Feb 11, 2017 at 03:37:43PM +0100, Ludovic Courtès wrote: I created a new ‘guix-patches’ mailing lists ~48h ago on Savannah. The list shows up on but still not on lists.gnu.org. Did something go wrong? Perhaps the required cron-jobs o

Re: Announcement regarding the oss-security mailing list

Leo Famulari writes: > I think that several of us are subscribed to oss-security as part of our > effort to learn about upstream security issues in a timely manner. > > A couple days ago, MITRE decided to stop assigning CVEs from the list: > > http://seclists.org/oss-sec/2017/q1/351 > > So, I exp