python-pip is broken after updates

python-pip is broken after updates

[znavko]

Hello! I am using free vpn by protonvpn on GuixOS.
protonvpn installs own client written on python3 requiring pip3.
It works fine after installation under root.

But updates break it.

After I made under root

# guix pull && guix package -u
# guix system reconfigure /etc/config.scm
# guix system delete-generations 1d
# guix package --delete-generations=1d
# guix gc

(I have tiny ssd and need to remove generations
Also I had troubles with locale and need to reconfigure after update)

This breaks work of pip3.
Running of protonvpn is breaking cause it does not find
some packages or python3 component.

Also I cannot reinstall protonvpn cause it does not find
python3 module.

Only installing python-pip package again and installing of protonvpn
again saves the situation.

Could you check it and make some advices?

Re: python-pip is broken after updates

[Dmitry Alexandrov]

[-- Attachment #1: Type: text/plain, Size: 406 bytes --]

znavko@disroot.org wrote:
> I am using free vpn by protonvpn on GuixOS.  protonvpn installs own client written on python3 requiring pip3.  It works fine after installation under root.
>
> Could you … make some advices?

Guix aside, I definitely could advise you to stop using obscure ad-hoc software, that has to be run with superuser rights, when itʼs not necessary.  And in your case itʼs not.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 247 bytes --]

Re: python-pip is broken after updates

[Efraim Flashner]

[-- Attachment #1: Type: text/plain, Size: 1362 bytes --]

On Mon, May 25, 2020 at 01:34:18AM +0300, Dmitry Alexandrov wrote:
> znavko@disroot.org wrote:
> > I am using free vpn by protonvpn on GuixOS.  protonvpn installs own client written on python3 requiring pip3.  It works fine after installation under root.
> >
> > Could you … make some advices?
> 
> Guix aside, I definitely could advise you to stop using obscure ad-hoc software, that has to be run with superuser rights, when itʼs not necessary.  And in your case itʼs not.

This is certainly not useful advice. It's not up to you to determine
which software is appropriate and acceptable for another user to run.

To the original question, when installing python software using
upstream's methods, it will embed a reference to the path of pip/python
used. Using Guix, unless you register that version as a GC root, it will
eventually be garbage collected and you'll have to re-install.

On a different note however, yesterday a new package was added to guix,
protonvpn-cli, which I'm guessing is the python program you're using. I
suggest updating your Guix installation and trying it out to see if it
works as expected.


-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: python-pip is broken after updates

[znavko]

Yes, thank you for packaging protonvpn!

In Russia protonmail.com is blocked I did not know why, but
after I've discovered protonvpn I understood why.
The same is for tutanota mail. 
We do have so ugly rulers that break our freedom 
for saving their criminal authority just for trading of nature resources.


An advice about using protonvpn is not safe.
If the software is opensource programmers can check if it is safe or not.
So, I cannot concsent you right now.


May 25, 2020 6:21 AM, "Efraim Flashner" <efraim@flashner.co.il> wrote:

> On Mon, May 25, 2020 at 01:34:18AM +0300, Dmitry Alexandrov wrote:
> 
>> znavko@disroot.org wrote:
>> I am using free vpn by protonvpn on GuixOS. protonvpn installs own client written on python3
>> requiring pip3. It works fine after installation under root.
>> 
>> Could you … make some advices?
>> 
>> Guix aside, I definitely could advise you to stop using obscure ad-hoc software, that has to be run
>> with superuser rights, when itʼs not necessary. And in your case itʼs not.
> 
> This is certainly not useful advice. It's not up to you to determine
> which software is appropriate and acceptable for another user to run.
> 
> To the original question, when installing python software using
> upstream's methods, it will embed a reference to the path of pip/python
> used. Using Guix, unless you register that version as a GC root, it will
> eventually be garbage collected and you'll have to re-install.
> 
> On a different note however, yesterday a new package was added to guix,
> protonvpn-cli, which I'm guessing is the python program you're using. I
> suggest updating your Guix installation and trying it out to see if it
> works as expected.
> 
> --
> Efraim Flashner <efraim@flashner.co.il> אפרים פלשנר
> GPG key = A28B F40C 3E55 1372 662D 14F7 41AA E7DC CA3D 8351
> Confidentiality cannot be guaranteed on emails sent or received unencrypted

Re: python-pip is broken after updates

[Dmitry Alexandrov]

[-- Attachment #1: Type: text/plain, Size: 950 bytes --]

Efraim Flashner <efraim@flashner.co.il> wrote:
> On Mon, May 25, 2020 at 01:34:18AM +0300, Dmitry Alexandrov wrote:
>> znavko@disroot.org wrote:
>>> protonvpn installs own client written on python3 requiring pip3.  It works fine after installation under root.
>>> Could you … make some advices?
>>
>> Guix aside, I definitely could advise you to stop using obscure ad-hoc software, that has to be run with superuser rights, when itʼs not necessary.  And in your case itʼs not.
>
> This is certainly not useful advice.

I have another experience.  Quite a few people found an idea, that many services can be easily (in fact, sometimes even _easier_) be used without installing any ad-hoc branded software, new to them.  (Welcome to 2020. ;-).

> It's not up to you to determine which software is appropriate and acceptable for another user to run.

How have your thought shifted from from ‘advise’ to ‘determine’, I wonder?

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 247 bytes --]

Re: Avoiding ad-hoc provider-branded OpenVPN clients (was: python-pip is broken after updates)

[Dmitry Alexandrov]

[-- Attachment #1: Type: text/plain, Size: 2261 bytes --]

znavko@disroot.org wrote:
> An advice about using protonvpn is not safe.

Is that supposed to be a reply to me, despite you have been addressing @efraim@flashner.co.il?

If so, Iʼve said nothing negative about ‘safety’ of protonvpn.com.

(Though, I could of course: their Tor gateway or rather the way they advertise it tells a lot about how they regard their usersʼ safety.  Thankfully, itʼs not available on gratis plan.)

> If the software is opensource programmers can check if it is safe or not.

Except, that there is zero need in doing that, when ad-hoc software can be simply avoided.  Thatʼs even more so on GNU, where OpenVPN support is well-integrated into end-user networking configurators (such as ‘Network Manager’).

But let us recall, that business interests of any service provider push them to limit the official support of standard solutions in favour of getting as much users as possible addicted to their branded software.

In fact, some proxy-on-top-of-VPN-providers, which are fine with driving some users away — like donation-based riseup.net — have already _ceased_ to officially support anything but their branded clients.  Under the hood they still use the normal OpenVPN, of course, so itʼs possible to extract the configuration, but you would not find it anywhere on their website.

Therefore, please keep in mind, that what you are doing by installing a branded ad-hoc software instead of supplying generic client with credentials (besides acquiring technical problems for yourself) is contributing your mite to promoting vendor lock-in.


> In Russia protonmail.com is blocked I did not know why

Itʼs not hard to discover: https://roskomsvoboda.org/54951/

> but after I've discovered protonvpn I understood why.

Nope.  Googling is usually better than wild guessing.  protonvpn.com is _not_ blacklisted in Russia [1].

[1] https://reestr.rublacklist.net/search/?q=protonvpn.com

> The same is for tutanota mail.

Yes, paradoxically enough, sometimes even state censorship should be thanked for opposing companies, that are trying to finish off the open Internet, such as tutanota.io or (less so) protonmail.com.  (Though censors obviously have their own reasons for doing it.)

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 247 bytes --]