-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Tue, May 16, 2017 at 02:06:39PM +0200, Patrik Hagara wrote: > Hi! > > First off, thanks to whoever was responsible for me > being accepted into the GSoC program and congrats > to both Andrew and Paras for getting in, too! :) > > On Fri, May 05, 2017 at 08:27:34AM -0700, John Casey wrote: > > Unfortunately, my Qubes project wasn't accepted > > John, sorry to hear your Qubes Manager proposal wasn't > accepted. It really could use a generous dose of (not > only) UI changes.
Unfortunately, as new GSoC org, we didn't get as many slots as we requested, so we were forced to reject some, even good proposals. > So... I've spend the last few days setting up my dev > env and getting familiar with qubes-builder. > > While skimming through issues on GitHub labeled as > "minor" and "help wanted", searching for something > quick and easy just to get a hang of the dev workflow, > I haven't stumbled upon anything "right up my alley". > > Due to this, I decided to start working on my actual > GSoC project instead (I hope it's not discouraged), Yes, that's fine. If you finish early, we can always extend the project ;) > implementing the first step as outlined in my project > proposal -- the AEM install script is now able to > generate, enroll and encrypt a LUKS key file and the > sealing script then seals (duh) and copies it to the > AEM media. > > You can find my fork of the AEM repo on GitHub under > phagara. > > Now to my questions. :) > > Is there a preferred way of dealing with forked repos > under qubes-builder? Right now I've simply added a new > remote for the antievilmaid component and I'm assuming > simply running `make prepare-merge` and subsequently > `make do-merge` should do the trick when the upstream > repo has new, non-conflicting commits. Yes, exactly. > As far as RPM package signing goes -- I guess it's not > even worth setting that up for development since the > only person installing the pkgs built by me would be > just myself, in which case the signature would serve > no practical purpose. Am I right? If you install packages on the same machine as you build them, then yes. But if you transfer them using some untrusted channel (network or such), signing may be useful. All you need for that is to have some key generated, and adjust builder.conf: SIGN_KEY=<key-id>, NO_SIGN=0. Pro tip: if you work on a single component (or some subset of them), you can adjust COMPONENTS in builder.conf to include only what you need. It will make things a lot faster. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZGv95AAoJENuP0xzK19csHJsH+QGLpNYcTn48vRDocFwagvWp bjcqfi11arjfT+sBSD6oyM13/b1IrVxuVy44GQQM5qmw9GNoUn9EPMIkx7hrGS9R RalpCjEPgoqi75qVtp0iJau68k8bjP9n+4E0n9+mhQofqaKjjIGdx7ao8wA4z0uz GnJCMWl9VnIvUcXpHQNLkFPYh+HGhuVBGlOAlfeyR/uH4PH69GEQcydGwDw7yhjN A52D4uXw12yW10V+gCNge92uaGYoRMrGy+Dd951PCVNrM+4EyFW5od09ZZ67gViv QmOF5vmPIP/QV09m7m9wbCYi9PJA6qiSmW36dqaFMq3zy8cK34dl7hCk9NQ75DE= =0Rh6 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170516133241.GD1335%40mail-itl. For more options, visit https://groups.google.com/d/optout.
