* HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
@ 2016-08-25 20:12 ng0
2016-08-28 21:02 ` Ludovic Courtès
0 siblings, 1 reply; 8+ messages in thread
From: ng0 @ 2016-08-25 20:12 UTC (permalink / raw)
To: guix-devel
[-- Attachment #1: Type: text/plain, Size: 276 bytes --]
First things first: Corrections will happen, this is not what I ask
for. I need help with getting pbpst (which just uses curl for this) to
learn about the certificates on the system.
I can not continue this, all the greping and no advance. I can not solve
this, I need help.
[-- Attachment #2: 0001-gnu-Add-tup.patch --]
[-- Type: text/x-patch, Size: 4848 bytes --]
From 9556d469f3be74a0ea0ada9e4879c25a32858a3e Mon Sep 17 00:00:00 2001
From: ng0 <ng0@we.make.ritual.n0.is>
Date: Mon, 15 Aug 2016 00:26:40 +0000
Subject: [PATCH 1/2] gnu: Add tup.
* gnu/packages/tup.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
gnu/local.mk | 2 ++
gnu/packages/tup.scm | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 85 insertions(+)
create mode 100644 gnu/packages/tup.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index b8c5378..bc4b968 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -5,6 +5,7 @@
# Copyright © 2013, 2014, 2015, 2016 Mark H Weaver <mhw@netris.org>
# Copyright © 2016 Chris Marusich <cmmarusich@gmail.com>
# Copyright © 2016 Kei Kebreau <kei@openmailbox.org>
+# Coypright © 2016 ng0 <ng0@we.make.ritual.n0.is>
#
# This file is part of GNU Guix.
#
@@ -343,6 +344,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/tmux.scm \
%D%/packages/tor.scm \
%D%/packages/tre.scm \
+ %D%/packages/tup.scm \
%D%/packages/tv.scm \
%D%/packages/unrtf.scm \
%D%/packages/upnp.scm \
diff --git a/gnu/packages/tup.scm b/gnu/packages/tup.scm
new file mode 100644
index 0000000..66ce099
--- /dev/null
+++ b/gnu/packages/tup.scm
@@ -0,0 +1,83 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages tup)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages linux)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages version-control)
+ #:use-module (gnu packages perl)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages)
+ #:use-module (guix download)
+ #:use-module (guix build-system gnu))
+
+(define-public tup
+ (package
+ (name "tup")
+ (version "0.7.4")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/gittup/"
+ name "/archive/v" version ".tar.gz"))
+ (file-name (string-append name "-" version ".tar.gz"))
+ (sha256
+ (base32
+ "044h9kbcg1sfwpn13j1grw79kwysqhyn3w3g6yy8ap4j32v10gz2"))))
+ (build-system gnu-build-system)
+ (arguments
+ ;; tup requires fusermount to have suid, which we cannot provide in build env,
+ ;; we bootstrap it and use tup generate. This also means that no tests are run.
+ `(#:tests? #f
+ #:modules ((guix build gnu-build-system)
+ (guix build utils))
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda* (#:key outputs #:allow-other-keys)
+ (zero? (system* "./build.sh"))
+ (zero? (system* "./build/tup" "generate" "script.sh"))))
+ (replace 'build
+ (lambda* (#:key outputs #:allow-other-keys)
+ (substitute* "script.sh"
+ (("`git describe`") (string-append "v" ,version)))
+ (zero? (system* "./script.sh"))
+ #t))
+ (replace 'install
+ (lambda* (#:key outputs #:allow-other-keys)
+ (let* ((out (assoc-ref outputs "out"))
+ (bin (string-append out "/bin"))
+ (man (string-append out "/share/man/man1")))
+ (install-file "tup" bin)
+ (install-file "tup.1" man))
+ #t)))))
+ (native-inputs
+ `(("pkg-config" ,pkg-config)
+ ("perl" ,perl)))
+ (inputs
+ `(("fuse" ,fuse)))
+ (synopsis "A file-based build system")
+ (description
+ "Tup is a file-based build system for Linux, OSX, and Windows. It inputs a list
+of file changes and a directed acyclic graph (DAG), then processes the DAG to
+execute the appropriate commands required to update dependent files. Updates are
+performed with very little overhead since tup implements powerful build
+algorithms to avoid doing unnecessary work. This means you can stay focused on
+your project rather than on your build system.")
+ (home-page "http://gittup.org/tup/")
+ (license license:gpl2)))
--
2.9.3
[-- Attachment #3: 0002-gnu-Add-pbpst.patch --]
[-- Type: text/x-patch, Size: 9960 bytes --]
From 50008c80803517cb3be0ddf435ee47095b4bf622 Mon Sep 17 00:00:00 2001
From: ng0 <ng0@we.make.ritual.n0.is>
Date: Tue, 16 Aug 2016 00:59:33 +0000
Subject: [PATCH 2/2] gnu: Add pbpst.
* gnu/packages/pastebin.scm: New file.
* gnu/local.mk (GNU_SYSTEM_MODULES): Add it.
---
gnu/local.mk | 1 +
gnu/packages/pastebin.scm | 163 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 164 insertions(+)
create mode 100644 gnu/packages/pastebin.scm
diff --git a/gnu/local.mk b/gnu/local.mk
index bc4b968..ff5e1a1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -272,6 +272,7 @@ GNU_SYSTEM_MODULES = \
%D%/packages/package-management.scm \
%D%/packages/parallel.scm \
%D%/packages/password-utils.scm \
+ %D%/packages/pastebin.scm \
%D%/packages/patchutils.scm \
%D%/packages/pciutils.scm \
%D%/packages/pcre.scm \
diff --git a/gnu/packages/pastebin.scm b/gnu/packages/pastebin.scm
new file mode 100644
index 0000000..95bb781
--- /dev/null
+++ b/gnu/packages/pastebin.scm
@@ -0,0 +1,163 @@
+;;; GNU Guix --- Functional package management for GNU
+;;; Copyright © 2016 ng0 <ng0@we.make.ritual.n0.is>
+;;;
+;;; This file is part of GNU Guix.
+;;;
+;;; GNU Guix is free software; you can redistribute it and/or modify it
+;;; under the terms of the GNU General Public License as published by
+;;; the Free Software Foundation; either version 3 of the License, or (at
+;;; your option) any later version.
+;;;
+;;; GNU Guix is distributed in the hope that it will be useful, but
+;;; WITHOUT ANY WARRANTY; without even the implied warranty of
+;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+;;; GNU General Public License for more details.
+;;;
+;;; You should have received a copy of the GNU General Public License
+;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
+
+(define-module (gnu packages pastebin)
+ #:use-module (gnu packages)
+ #:use-module (gnu packages bash)
+ #:use-module (gnu packages certs)
+ #:use-module (gnu packages curl)
+ #:use-module (gnu packages libidn)
+ #:use-module (gnu packages llvm)
+ #:use-module (gnu packages tls)
+ #:use-module (gnu packages tup)
+ #:use-module (gnu packages pkg-config)
+ #:use-module (gnu packages python)
+ #:use-module (gnu packages web)
+ #:use-module (gnu packages zsh)
+ #:use-module (guix build-system gnu)
+ #:use-module (guix git-download)
+ #:use-module ((guix licenses) #:prefix license:)
+ #:use-module (guix packages))
+
+;; We use this git checkout because it applies fixes needed to build
+;; pbpst on Guix, essential additions to the used build system.
+(define-public pbpst
+ (let ((revision "2")
+ (commit "4aeb782cdd05251a902af427ce942f3b8a866188"))
+ (package
+ (name "pbpst")
+ (version (string-append "1.2.0-" revision "." (string-take commit 7)))
+ (source (origin
+ ;; (method url-fetch)
+ ;; (uri (string-append "https://github.com/HalosGhost/"
+ ;; name "/archive/v" version ".tar.gz"))
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/HalosGhost/pbpst")
+ (commit commit)))
+ (file-name (string-append name "-" version "-checkout"))
+ (sha256
+ (base32
+ "1w0js3z5xk4l1inxvh49w6ydahz33r7vn2mziziihn9h5qfadlhs"))))
+ (build-system gnu-build-system)
+ ;; XXX: "make simple" runs "make gen dist @./make.sh". make.sh is generated
+ ;; by the primary build system, which is tup based. we can not use the
+ ;; full tup build system as it requires to load FUSE. "make gen" runs
+ ;; `tup generate make.sh' which is a new file, we need to apply some
+ ;; Guix specific patching before we can continue. We therefore remove
+ ;; "@./make.sh" from the "make simple" and run it manually, this way we can
+ ;; patch make.sh before running it.
+ (arguments
+ `(#:make-flags (list
+ (string-append "PREFIX=" (assoc-ref %outputs "out"))
+ "simple")
+ #:tests? #f
+ #:phases
+ (modify-phases %standard-phases
+ (replace 'configure
+ (lambda _
+ (substitute* "Makefile"
+ (("@./make.sh") "")
+ ;; XXX: Because this is a drop-in replacement build system, there are
+ ;; some unexplainable special behaviors introduced. One of them is that
+ ;; building pbpst binary out to ../dist/pbpst fails, but inside cwd
+ ;; "src/" succeeds. I blame dark matter. Fix this if you feel the
+ ;; desire for a headache.
+ (("dist/\\$\\(PROGNM\\)") "src/$(PROGNM)")
+ (("src/\\$\\(PROGNM\\)\\.1") "dist/$(PROGNM).1"))
+ (substitute* "Tuprules.tup"
+ (("`git describe --long --tags`") ,version))))
+ ;;(setenv "SSL_CERT_FILE" "/dev/null"))) ; I have no idea.
+ ;;(setenv "SSL_CERT_DIR" "/etc/ssl/certs")
+ ;;(setenv "SSL_CERT_FILE" "/etc/ssl/certs/ca-certificates.crt")))
+ (add-after 'build 'make-it
+ (lambda _
+ (patch-shebang "make.sh")
+ (substitute* "make.sh"
+ (("clang -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o ../dist/pbpst")
+ "clang -v -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o pbpst"))
+ ;; (("gcc -g -O3 -fPIE -pie -Weverything -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined -fsanitize-trap=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o ../dist/pbpst")
+ ;; "gcc -v -g -O3 -fPIE -pie -Werror -std=c11 -ggdb -D_FORTIFY_SOURCE=2 -fstack-protector-strong -march=native --param=ssp-buffer-size=1 -Wl,-z,relro,-z,now -fsanitize=undefined `pkg-config --libs-only-l libcurl jansson` callback.c main.c pb.c pbpst_db.c -o pbpst"))
+;; (("cp bash ../dist/bash")
+;; "cp bash ../dist/bash
+ ;;cd '..'"))
+ (zero? (system* "bash" "make.sh")))))))
+ ;; the above fails, the one below was used with the 2.1.0 release ball:
+ ;; (replace 'build
+ ;; (lambda _
+ ;; (zero? (system* "make" "simple"))
+ ;; (patch-shebang "make.sh")
+ ;; (substitute* "make.sh"
+ ;; (("`git describe --tags`") ,version))
+ ;; (zero? (system* "bash" "make.sh"))))
+ ;; ;; (mkdir-p (string-append out "/dist"))
+ ;; (mkdir-p "dist")
+ ;; (chdir "src")
+ ;; (zero? (system* "clang" "-g" "-O3" "-fPIE" "-pie" "-Weverything"
+ ;; "-Werror" "-std=c11" "-ggdb" "-D_FORTIFY_SOURCE=2"
+ ;; "-fstack-protector-strong" "-march=native"
+ ;; "--param=ssp-buffer-size=1" "-Wl,-z,relro,-z,now"
+ ;; "-fsanitize=undefined" "-fsanitize-trap=undefined"
+ ;; "pkg-config" "--libs-only-l" "libcurl" "jansson"
+ ;; "callback.c" "main.c" "pb.c" "pbpst_db.c"
+ ;; "-o ../dist/pbpst"))
+ ;; (chdir "../cmp")
+ ;; (copy-file "zsh" "../dist/zsh")
+ ;; (copy-file "bash" "../dist/bash")
+ ;; (chdir "../doc")
+ ;; (system* "sphinx-build" "-b man" "-Dversion=`git describe --tags`"
+ ;; "-d doctree" "-E . ../dist pbpst.rst pbpst_db.rst")
+ ;; (delete-file-recursively "doctree"))))
+ (inputs
+ `(("curl" ,curl)
+ ("jansson" ,jansson)
+ ("openssl" ,openssl)
+ ("libidn" ,libidn)
+ ;;("gnutls" ,gnutls)
+ ;;("nss-certs" ,nss-certs)
+ ("zsh" ,zsh) ; zsh completions
+ ("bash" ,bash))) ; bash completions
+ (native-inputs
+ `(("clang" ,clang)
+ ("clang-runtime" ,clang-runtime)
+ ("tup" ,tup)
+ ("pkg-config" ,pkg-config)
+ ("python" ,python)
+ ("python-sphinx" ,python-sphinx)))
+ (outputs '("out" "debug"))
+ ;; (native-search-paths
+ ;; ;; FIXME: These two variables must designate a single file or directory
+ ;; ;; and are not actually "search paths." In practice it works OK in
+ ;; ;; user profiles because there's always just one item that matches the
+ ;; ;; specification.
+ ;; (list (search-path-specification
+ ;; (variable "SSL_CERT_DIR")
+ ;; (files '("etc/ssl/certs")))
+ ;; (search-path-specification
+ ;; (variable "SSL_CERT_FILE")
+ ;; (files '("etc/ssl/certs/ca-certificates.crt")))))
+ (synopsis "Command-line libcurl C client for pb deployments")
+ (description
+ "pbpst is a small tool to make interacting with pb instances as simple as
+possible. pb is a versatile, free and open source pastebin which has more
+ features, is more robust, and is faster than any other pastebin with which I
+ am familiar. You can find the reference instance (which tracks pb's master
+ branch) at ptpb. Ideally, pbpst will support as many features of pb as
+ possible (hopefully, nearly all) in a simple, unassuming CLI.")
+ (home-page "https://github.com/HalosGhost/pbpst/")
+ (license license:gpl2))))
--
2.9.3
[-- Attachment #4: Type: text/plain, Size: 70 bytes --]
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-08-25 20:12 HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst ng0
@ 2016-08-28 21:02 ` Ludovic Courtès
2016-08-28 21:34 ` ng0
0 siblings, 1 reply; 8+ messages in thread
From: Ludovic Courtès @ 2016-08-28 21:02 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 <ng0@we.make.ritual.n0.is> skribis:
> First things first: Corrections will happen, this is not what I ask
> for. I need help with getting pbpst (which just uses curl for this) to
> learn about the certificates on the system.
[...]
> + (modify-phases %standard-phases
> + (replace 'configure
> + (lambda _
> + (substitute* "Makefile"
> + (("@./make.sh") "")
> + ;; XXX: Because this is a drop-in replacement build system, there are
> + ;; some unexplainable special behaviors introduced. One of them is that
> + ;; building pbpst binary out to ../dist/pbpst fails, but inside cwd
> + ;; "src/" succeeds. I blame dark matter. Fix this if you feel the
> + ;; desire for a headache.
> + (("dist/\\$\\(PROGNM\\)") "src/$(PROGNM)")
> + (("src/\\$\\(PROGNM\\)\\.1") "dist/$(PROGNM).1"))
> + (substitute* "Tuprules.tup"
> + (("`git describe --long --tags`") ,version))))
> + ;;(setenv "SSL_CERT_FILE" "/dev/null"))) ; I have no idea.
> + ;;(setenv "SSL_CERT_DIR" "/etc/ssl/certs")
> + ;;(setenv "SSL_CERT_FILE" "/etc/ssl/certs/ca-certificates.crt")))
I’m not sure what problem you’re experiencing here. However, note that
the build environment lacks /etc/ssl as discussed here:
https://www.gnu.org/software/guix/manual/html_node/Build-Environment-Setup.html#index-chroot
The ‘nss-certs’ package provides X.509 certificates:
https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
HTH!
Ludo’.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-08-28 21:02 ` Ludovic Courtès
@ 2016-08-28 21:34 ` ng0
2016-08-31 20:27 ` Ludovic Courtès
0 siblings, 1 reply; 8+ messages in thread
From: ng0 @ 2016-08-28 21:34 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel
Hi,
Ludovic Courtès <ludo@gnu.org> writes:
> ng0 <ng0@we.make.ritual.n0.is> skribis:
>
>> First things first: Corrections will happen, this is not what I ask
>> for. I need help with getting pbpst (which just uses curl for this) to
>> learn about the certificates on the system.
>
> [...]
>
>> + (modify-phases %standard-phases
>> + (replace 'configure
>> + (lambda _
>> + (substitute* "Makefile"
>> + (("@./make.sh") "")
>> + ;; XXX: Because this is a drop-in replacement build system, there are
>> + ;; some unexplainable special behaviors introduced. One of them is that
>> + ;; building pbpst binary out to ../dist/pbpst fails, but inside cwd
>> + ;; "src/" succeeds. I blame dark matter. Fix this if you feel the
>> + ;; desire for a headache.
>> + (("dist/\\$\\(PROGNM\\)") "src/$(PROGNM)")
>> + (("src/\\$\\(PROGNM\\)\\.1") "dist/$(PROGNM).1"))
>> + (substitute* "Tuprules.tup"
>> + (("`git describe --long --tags`") ,version))))
>> + ;;(setenv "SSL_CERT_FILE" "/dev/null"))) ; I have no idea.
>> + ;;(setenv "SSL_CERT_DIR" "/etc/ssl/certs")
>> + ;;(setenv "SSL_CERT_FILE" "/etc/ssl/certs/ca-certificates.crt")))
>
> I’m not sure what problem you’re experiencing here.
A build environment + log can be viewed at https://dl.n0.is/debug/ or
https://tor.n0.is for the onion (we are working on getting a .gnu for
gnunet access).
> However, note that the build environment lacks /etc/ssl as discussed here:
>
> https://www.gnu.org/software/guix/manual/html_node/Build-Environment-Setup.html#index-chroot
That is the build environment, the problem appears after the build.
The application itselfs just uses curl and the abilities of curl I was
assured by the developer, so there has to be something, but as I never
encountered this before on Guix I don't know where to start.
strace wasn't insightful either, neither gdb.
> The ‘nss-certs’ package provides X.509 certificates:
>
> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
I commented nss-certs, enabled or disabled it made no difference to the
resulting binary.
> HTH!
>
> Ludo’.
Thanks for the feedback,
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-08-28 21:34 ` ng0
@ 2016-08-31 20:27 ` Ludovic Courtès
2016-09-01 13:51 ` ng0
0 siblings, 1 reply; 8+ messages in thread
From: Ludovic Courtès @ 2016-08-31 20:27 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
Hi,
ng0 <ng0@we.make.ritual.n0.is> skribis:
>> The ‘nss-certs’ package provides X.509 certificates:
>>
>> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
>
> I commented nss-certs, enabled or disabled it made no difference to the
> resulting binary.
You need to have ‘nss-certs’ installed, *and* set the environment
variables mentioned above (depending on whether you use OpenSSL, GnuTLS,
Git, etc.; for GnuTLS, I think there’s no such environment variable.)
HTH!
Ludo’.
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-08-31 20:27 ` Ludovic Courtès
@ 2016-09-01 13:51 ` ng0
2016-09-01 14:22 ` Ricardo Wurmus
0 siblings, 1 reply; 8+ messages in thread
From: ng0 @ 2016-09-01 13:51 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel
Ludovic Courtès <ludo@gnu.org> writes:
> Hi,
>
> ng0 <ng0@we.make.ritual.n0.is> skribis:
>
>>> The ‘nss-certs’ package provides X.509 certificates:
>>>
>>> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
>>
>> I commented nss-certs, enabled or disabled it made no difference to the
>> resulting binary.
>
> You need to have ‘nss-certs’ installed, *and* set the environment
> variables mentioned above (depending on whether you use OpenSSL, GnuTLS,
> Git, etc.; for GnuTLS, I think there’s no such environment variable.)
>
> HTH!
> Ludo’.
Thanks.
Can you be more specific on why it could fail when all of this is set in
the user environment? I did all of this, and it still fails. environment
values exported in my user profile, nss-certs installed in user profile
and system wide, set nss-certs as an input of pbpst, still:
ng0@shadowwalker /gnu/store/1ciyxbyciasmdgmad3p2qmp9c3qnrc8i-pbpst-1.2.0-1.e58e573/bin$ ./pbpst --help
Usage: pbpst <operation> [option ...]
pbpst -- a simple tool to pastebin from the command-line
Operations:
-S, --sync Create a paste
-s, --shorten=URL Create a redirect to URL
-R, --remove Delete a paste
-U, --update Update a paste
-D, --database Operate on the database
Options:
-h, --help List this help and exit
-b, --dbpath=PATH Use the database at PATH
-P, --provider=HOST Use HOST as the pb provider
-V, --verbose Output verbosely
--list-lexers List available lexers and exit
--list-themes List available themes and exit
--list-formats List available formatters and exit
--version List the version and exit
Run `pbpst -h` with an operation for help with that operation
ng0@shadowwalker /gnu/store/1ciyxbyciasmdgmad3p2qmp9c3qnrc8i-pbpst-1.2.0-1.e58e573/bin$ ./pbpst --list-lexers
pbpst: Could not create the swap db: File exists
pbpst: Ensure no other instances of pbpst are running and that all pastes have been saved
pbpst: Then manually remove: /home/ng0/.config/pbpst/.db.json.swp
ng0@shadowwalker /gnu/store/1ciyxbyciasmdgmad3p2qmp9c3qnrc8i-pbpst-1.2.0-1.e58e573/bin$ rm /home/ng0/.config/pbpst/.db.json.swp
ng0@shadowwalker /gnu/store/1ciyxbyciasmdgmad3p2qmp9c3qnrc8i-pbpst-1.2.0-1.e58e573/bin$ ./pbpst --list-lexers
pbpst: Listing failed: Peer certificate cannot be authenticated with given CA certificates
--
ng0
For non-prism friendly talk find me on http://www.psyced.org
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-09-01 13:51 ` ng0
@ 2016-09-01 14:22 ` Ricardo Wurmus
2016-09-16 14:42 ` ng0
0 siblings, 1 reply; 8+ messages in thread
From: Ricardo Wurmus @ 2016-09-01 14:22 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
ng0 <ng0@we.make.ritual.n0.is> writes:
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Hi,
>>
>> ng0 <ng0@we.make.ritual.n0.is> skribis:
>>
>>>> The ‘nss-certs’ package provides X.509 certificates:
>>>>
>>>> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
>>>
>>> I commented nss-certs, enabled or disabled it made no difference to the
>>> resulting binary.
>>
>> You need to have ‘nss-certs’ installed, *and* set the environment
>> variables mentioned above (depending on whether you use OpenSSL, GnuTLS,
>> Git, etc.; for GnuTLS, I think there’s no such environment variable.)
>>
>> HTH!
>> Ludo’.
>
> Thanks.
>
> Can you be more specific on why it could fail when all of this is set in
> the user environment? I did all of this, and it still fails. environment
> values exported in my user profile, nss-certs installed in user profile
> and system wide, set nss-certs as an input of pbpst, still:
What environment variables did you set? The patch for pbpst is very
hard to read, so it’s not obvious what you tried.
If this tool just shells out to “curl” then it might respect
“CURL_CA_BUNDLE” as per the Curl documentation.
~~ Ricardo
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-09-01 14:22 ` Ricardo Wurmus
@ 2016-09-16 14:42 ` ng0
2016-09-27 18:48 ` Leo Famulari
0 siblings, 1 reply; 8+ messages in thread
From: ng0 @ 2016-09-16 14:42 UTC (permalink / raw)
To: Ricardo Wurmus; +Cc: guix-devel
Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
> ng0 <ng0@we.make.ritual.n0.is> writes:
>
>> Ludovic Courtès <ludo@gnu.org> writes:
>>
>>> Hi,
>>>
>>> ng0 <ng0@we.make.ritual.n0.is> skribis:
>>>
>>>>> The ‘nss-certs’ package provides X.509 certificates:
>>>>>
>>>>> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
>>>>
>>>> I commented nss-certs, enabled or disabled it made no difference to the
>>>> resulting binary.
>>>
>>> You need to have ‘nss-certs’ installed, *and* set the environment
>>> variables mentioned above (depending on whether you use OpenSSL, GnuTLS,
>>> Git, etc.; for GnuTLS, I think there’s no such environment variable.)
>>>
>>> HTH!
>>> Ludo’.
>>
>> Thanks.
>>
>> Can you be more specific on why it could fail when all of this is set in
>> the user environment? I did all of this, and it still fails. environment
>> values exported in my user profile, nss-certs installed in user profile
>> and system wide, set nss-certs as an input of pbpst, still:
>
> What environment variables did you set? The patch for pbpst is very
> hard to read, so it’s not obvious what you tried.
>
> If this tool just shells out to “curl” then it might respect
> “CURL_CA_BUNDLE” as per the Curl documentation.
>
> ~~ Ricardo
I had CURL_CA_BUNDLE set, in my profile. This is what I assume I need
to do, I've done so and yet it failed. nss-certs is in my profile. I
don't know what else I should try.
ng0@shadowwalker ~$ echo $CURL_CA_BUNDLE
/home/ng0/.guix-profile/etc/ssl/certs/ca-certificates.crt
--
ng0
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst.
2016-09-16 14:42 ` ng0
@ 2016-09-27 18:48 ` Leo Famulari
0 siblings, 0 replies; 8+ messages in thread
From: Leo Famulari @ 2016-09-27 18:48 UTC (permalink / raw)
To: ng0; +Cc: guix-devel
On Fri, Sep 16, 2016 at 02:42:37PM +0000, ng0 wrote:
> Ricardo Wurmus <ricardo.wurmus@mdc-berlin.de> writes:
>
> > ng0 <ng0@we.make.ritual.n0.is> writes:
> >
> >> Ludovic Courtès <ludo@gnu.org> writes:
> >>
> >>> Hi,
> >>>
> >>> ng0 <ng0@we.make.ritual.n0.is> skribis:
> >>>
> >>>>> The ‘nss-certs’ package provides X.509 certificates:
> >>>>>
> >>>>> https://www.gnu.org/software/guix/manual/html_node/X_002e509-Certificates.html
> >>>>
> >>>> I commented nss-certs, enabled or disabled it made no difference to the
> >>>> resulting binary.
> >>>
> >>> You need to have ‘nss-certs’ installed, *and* set the environment
> >>> variables mentioned above (depending on whether you use OpenSSL, GnuTLS,
> >>> Git, etc.; for GnuTLS, I think there’s no such environment variable.)
> >>>
> >>> HTH!
> >>> Ludo’.
> >>
> >> Thanks.
> >>
> >> Can you be more specific on why it could fail when all of this is set in
> >> the user environment? I did all of this, and it still fails. environment
> >> values exported in my user profile, nss-certs installed in user profile
> >> and system wide, set nss-certs as an input of pbpst, still:
> >
> > What environment variables did you set? The patch for pbpst is very
> > hard to read, so it’s not obvious what you tried.
> >
> > If this tool just shells out to “curl” then it might respect
> > “CURL_CA_BUNDLE” as per the Curl documentation.
> >
> > ~~ Ricardo
>
> I had CURL_CA_BUNDLE set, in my profile. This is what I assume I need
> to do, I've done so and yet it failed. nss-certs is in my profile. I
> don't know what else I should try.
>
> ng0@shadowwalker ~$ echo $CURL_CA_BUNDLE
> /home/ng0/.guix-profile/etc/ssl/certs/ca-certificates.crt
This looks related to the issues I'm having with the Darcs package.
Darcs uses libcurl, but can't find the certificates at runtime, despite
CURL_CA_BUNDLE being set correctly.
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2016-09-27 18:48 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-25 20:12 HELP needed with CA certificates! [PATCH] gnu: Add tup, Add pbpst ng0
2016-08-28 21:02 ` Ludovic Courtès
2016-08-28 21:34 ` ng0
2016-08-31 20:27 ` Ludovic Courtès
2016-09-01 13:51 ` ng0
2016-09-01 14:22 ` Ricardo Wurmus
2016-09-16 14:42 ` ng0
2016-09-27 18:48 ` Leo Famulari
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).