Re: GNU Guix 1.3.0rc1 available for testing!

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Leo Famulari <leo@famulari.name>
To: Maxim Cournoyer <maxim.cournoyer@gmail.com>
Cc: guix-devel <guix-devel@gnu.org>
Subject: Re: GNU Guix 1.3.0rc1 available for testing!
Date: Sun, 2 May 2021 00:27:44 -0400	[thread overview]
Message-ID: <YI4qQHOOrf6tbXNb@jasmine.lan> (raw)
In-Reply-To: <87tunlonj1.fsf@gmail.com>

On Sat, May 01, 2021 at 10:52:18PM -0400, Maxim Cournoyer wrote:
> > https://guix.gnu.org/manual/en/
> > https://guix.gnu.org/manual/devel/en/
> 
> Thank you for pointing that issue; I caught the problem with
> guix-install.sh before posting, but overlooked that one.  As you
> pointed, that won't be reflected on our website, but I agree that having
> the new key covered in the devel manual (master branch) is already an
> improvement.  The attached patch augments the manual to cover for the
> new key.  Let me know if it looks good to you.  If it does, I will push
> it to the master branch (IIUC we can't push this change to the
> version-1.3.0 branch as that would break the string freeze there).

The "devel" manual on the website reflects the master branch. So, there
will be a web-based location where users can find these instructions
documented immediately.

The non-"devel" website manual is tied to the release tag. So, we have
no choice but to make these changes on the version-1.3.0 branch, right?
Or else the "1.3.0" manual will mention the wrong signing key?

Your patch looks good except that the instructions about 'mykeyring.kbx'
are a no-op: The created keyring contains no keys afterwards. This is
with GnuPG 2.2.27 from current Guix. We should just remove these
instructions since "--recv-keys" almost never works these days, since
the keyserver network collapsed. For example:

------
$ gpg --no-default-keyring --keyring mykeyring.kbx --recv-keys 27D586A4F8900854329FF09F1260E46482E63562 
gpg: keybox '/home/leo/.gnupg/mykeyring.kbx' created            
gpg: WARNING: server 'dirmngr' is older than us (2.2.12 < 2.2.27)
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: key 1260E46482E63562: no user ID
gpg: Total number processed: 1
$ gpg --no-default-keyring --keyring mykeyring.kbx --recv-keys 3CE464558A84FDC69DB40CFB090B11993D9AEBB5  
gpg: WARNING: server 'dirmngr' is older than us (2.2.12 < 2.2.27)                                                        
gpg: Note: Outdated servers may lack important security fixes.
gpg: Note: Use the command "gpgconf --kill all" to restart them.
gpg: key 090B11993D9AEBB5: no user ID
gpg: Total number processed: 1
$ cat ~/.gnupg/mykeyring.kbx 
 KBXf`)y`)y%
$ wc -c ~/.gnupg/mykeyring.kbx
32 /home/leo/.gnupg/mykeyring.kbx
------

As you can see, it does not contain two PGP keys.

> Are you sure you downloaded it from https://guix.gnu.org/install.sh
> (which just redirects to the current copy on the master branch) ?

Yes.

> Since commit e64af2060e8cfa48e74b887281acb3fd4c7e7781 (which was made
> just before writing the original message), it checks for both keys.

It checks for them one at a time, failing after each missing key. I
described it here:

https://lists.gnu.org/archive/html/guix-devel/2021-05/msg00039.html

next prev parent reply	other threads:[~2021-05-02  4:28 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-05-01  5:45 GNU Guix 1.3.0rc1 available for testing! Maxim Cournoyer
2021-05-01  7:48 ` Vagrant Cascadian
2021-05-02  2:53   ` Maxim Cournoyer
2021-05-01 21:25 ` Leo Famulari
2021-05-02  2:52   ` Maxim Cournoyer
2021-05-02  4:27     ` Leo Famulari [this message]
2021-05-04  4:02       ` Maxim Cournoyer
2021-05-02  4:05   ` Leo Famulari
2021-05-02  4:28     ` Leo Famulari
2021-05-02 18:45     ` Maxim Cournoyer
2021-05-02 22:14       ` Leo Famulari
2021-05-03 19:38 ` Tissevert
2021-05-04  0:34   ` Leo Famulari
2021-05-05  8:16     ` Tissevert
2021-05-05 17:01     ` Vagrant Cascadian
2021-05-06  1:18       ` Leo Famulari
2021-05-05  1:49 ` Chris Marusich

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YI4qQHOOrf6tbXNb@jasmine.lan \
    --to=leo@famulari.name \
    --cc=guix-devel@gnu.org \
    --cc=maxim.cournoyer@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.