From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id SCB1DnRTP19KAwAA0tVLHw (envelope-from ) for ; Fri, 21 Aug 2020 04:54:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id qEJbCnRTP19MZQAA1q6Kng (envelope-from ) for ; Fri, 21 Aug 2020 04:54:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 63A1994004E for ; Fri, 21 Aug 2020 04:54:11 +0000 (UTC) Received: from localhost ([::1]:37886 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k8z45-0006Ft-33 for larch@yhetil.org; Fri, 21 Aug 2020 00:54:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52660) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k8z3y-0006Fc-Hp for bug-guix@gnu.org; Fri, 21 Aug 2020 00:54:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33205) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k8z3y-0006Io-8g for bug-guix@gnu.org; Fri, 21 Aug 2020 00:54:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1k8z3y-0005Gr-6T for bug-guix@gnu.org; Fri, 21 Aug 2020 00:54:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#42964: Potential FSDG issue with debootstrap scripts Resent-From: Denis 'GNUtoo' Carikli Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 21 Aug 2020 04:54:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 42964 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 42964@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.159798559020189 (code B ref -1); Fri, 21 Aug 2020 04:54:01 +0000 Received: (at submit) by debbugs.gnu.org; 21 Aug 2020 04:53:10 +0000 Received: from localhost ([127.0.0.1]:44748 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k8z38-0005FZ-4Q for submit@debbugs.gnu.org; Fri, 21 Aug 2020 00:53:10 -0400 Received: from lists.gnu.org ([209.51.188.17]:45762) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k8z36-0005FQ-2f for submit@debbugs.gnu.org; Fri, 21 Aug 2020 00:53:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:52468) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k8z35-0006Av-QI for bug-guix@gnu.org; Fri, 21 Aug 2020 00:53:07 -0400 Received: from cyberdimension.org ([80.67.179.20]:47584 helo=gnutoo.cyberdimension.org) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_CHACHA20_POLY1305:256) (Exim 4.90_1) (envelope-from ) id 1k8z33-00065t-HV for bug-guix@gnu.org; Fri, 21 Aug 2020 00:53:07 -0400 Received: from gnutoo.cyberdimension.org (localhost [127.0.0.1]) by cyberdimension.org (OpenSMTPD) with ESMTP id 6f34cd28 for ; Fri, 21 Aug 2020 04:51:22 +0000 (UTC) Received: from primarylaptop.localdomain (localhost.localdomain [::1]) by gnutoo.cyberdimension.org (OpenSMTPD) with ESMTP id 57b690a2 for ; Fri, 21 Aug 2020 04:51:22 +0000 (UTC) Date: Fri, 21 Aug 2020 06:45:27 +0200 From: Denis 'GNUtoo' Carikli Message-ID: <20200821064527.5cf8d23b@primarylaptop.localdomain> X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; i686-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="Sig_/8Sw+v4abKZPeDjh+JYJQhy_"; protocol="application/pgp-signature"; micalg=pgp-sha256 Received-SPF: pass client-ip=80.67.179.20; envelope-from=GNUtoo@cyberdimension.org; helo=gnutoo.cyberdimension.org X-detected-operating-system: by eggs.gnu.org: First seen = 2020/08/21 00:53:01 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.4 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -2.4 (--) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: -1.11 X-TUID: 1TjpN6bJb2wN --Sig_/8Sw+v4abKZPeDjh+JYJQhy_ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Hi, I found a potential issue with the debootstrap package and the Guix blog. The Free System Distribution Guidelines states that: > A free system distribution must not steer users towards obtaining any > nonfree information for practical use, or encourage them to do so. > The system should have no repositories for nonfree software and no > specific recipes for installation of particular nonfree programs. Nor > should the distribution refer to third-party repositories that are > not committed to only including free software; even if they only have > free software today, that may not be true tomorrow. Programs in the > system should not suggest installing nonfree plugins, documentation, > and so on. However after instalation, the debootstrap package contains scripts for installing many distributions, and most of them are either not FSDG compliant or have nonfree software in them. I assume that the Ubuntu repositories are "third-party repositories that are not committed to only including free software", and they are used in the debootstrap scripts to install Ubuntu. After installation I got the following scripts in ~/.guix_profile/share/debootstrap/scripts/: - aequorea - amber - artful - ascii - bartholomea - beowulf - bionic - bookworm - breezy - bullseye - buster - ceres - chromodoris - cosmic - dapper - dasyatis - debian-common - disco - edgy - eoan - etch - etch-m68k - feisty - focal - gutsy - hardy - hoary - hoary.buildd - intrepid - jaunty - jessie - jessie-kfreebsd - kali - kali-dev - kali-last-snapshot - kali-rolling - karmic - lenny - lucid - maverick - natty - oldoldstable - oldstable - oneiric - potato - precise - quantal - raring - sarge - sarge.buildd - sarge.fakechroot - saucy - sid - squeeze - stable - stretch - testing - trusty - unstable - utopic - vivid - warty - warty.buildd - wheezy - wily - woody - woody.buildd - xenial - yakkety - zesty The scripts are named after distribution codenames. So here you can see some ubuntu code names like trusty, xenial, etc (ubuntu contains nonfree software), or some debian code names like stretch. Not all scripts are problematic, as amber is the codename of the main PureOS repository[2]. To fix that, Parabola patches debootstrap to remove the problematic scripts[3] and also adds support for many FSDG distributions along the way. It also has a modified manual[4] with examples for Trisquel instead of Debian. Something similar could probably be done in debian.scm[5]. In addition the Guix blog post about "Running a Ganeti cluster on Guix"[6] should probably be reviewed as it contains code to install Debian buster. As I understand, Debian may not contain nonfree software but it is not FSDG compliant, so it could be a good idea to use an FSDG compliant distributions instead to avoid any issues. In addition if the buster script is removed, then the code on the blog post won't work anymore. References: ----------- [1]https://www.gnu.org/distros/free-system-distribution-guidelines.html [2]https://libreplanet.org/wiki/Group:Hardware/FSDG_distributions/PureOS [3]https://git.parabola.nu/abslibre.git/tree/libre/debootstrap/PKGBUILD#n50 [4]https://git.parabola.nu/abslibre.git/tree/libre/debootstrap/debootstrap.8 [5]https://git.savannah.gnu.org/cgit/guix.git/tree/gnu/packages/debian.scm#= n121 [6]https://guix.gnu.org/en/blog/2020/running-a-ganeti-cluster-on-guix/ Denis. --Sig_/8Sw+v4abKZPeDjh+JYJQhy_ Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEeC+d2+Nrp/PU3kkGX138wUF34mMFAl8/UWcACgkQX138wUF3 4mMY5Q//bPHoIi+0BWTG+d0HK2R5mH+uL3OEJyCQBqt/e3jhVd8FypKBNGNENe5F zQsUbbWlVxj3vDFB7ndtwtgUd2IwSSihAhg9okD+Gm80wA9vWQt8dLFqPuVjroWG +JZOmp4PM2b59+A2qMHsdQM4vxqgu+qdvhT0kQ7SlFr7RXsBL0R3zJ9Mhw67dGlN mhX89LYBvpJcnD6KHlH0BQJpK6hwUa7USSh3NMvTsu9BP07aeSkYG16/719PtPEg 95iewUBAgYXYITLmadVsxYdmOOBCmK/ROGthMd1kwOIRiZFXwHnN7dg8hHEjozXp +WHaylKOKuuuixsfQtMvitX+emdIth7RHIhOv5s7Ntz22dAszKQJwxuy9sgLDkpg A5JB9Iq4fc7aKg82QAAOzPHixcbjp21ifRSgU8j+XiKmf4Q7OZgic/TvKMFZ/uGa m+oWPE6VKeh7AJrerQCwXcN7JnL6v7wqTqmMHKYrsBNMdnQi3qZ+lzqfL5TcVH/e E20khAz10qXD27Csn6CJDl9x/FmlcxOu481FKDyj1n/2C9ebowhUY3qeRr2qZRuM t68oYboiWKBd9sQ0OGaW8PGY2VhymnWShfAmHLiVFHC/rOvUGYyd4pGXGpCPrbEb iiwGNSKwm38gcp38iV/xVfRu+7fXSEBmUqWF8MY911gojLp3DHQ= =lazX -----END PGP SIGNATURE----- --Sig_/8Sw+v4abKZPeDjh+JYJQhy_--