bug#39614: icecat "profile cannot be loaded"

[Nathan Dehnel]

deleting the directory and --ProfileManager flag don't help

On Sat, Feb 15, 2020 at 6:14 AM Tobias Geerinckx-Rice  wrote:
>
> Danny Milosavljevic 写道：
> > There's also a command line option for icecat to specify another
> > directory
> > (--profile ...), but not sure whether it would create a new one,
> > too.
>
> You can also start icecat with the ‘--ProfileManager’ option for
> the slightly more user-friendly GUI edition.
>
> Kind regards,
>
> T G-R

bug#39575: guix time-machine fails when a tarball was modified in-place

[Bengt Richter]

On +2020-02-15 21:01:36 +0100, Tobias Geerinckx-Rice via Bug reports for GNU 
Guix wrote:
> Jan, Simon,
> 
> Janneke 写道：
> > https://snapshot.debian.org/archive/debian/20190406T212022Z/pool/main/h/harfbuzz/harfbuzz_2.4.0.orig.tar.bz2
> 
> This is a wonderful resource!  Thank you, Janneke (and Debian)!
> 
> zimoun 写道：
> > Cool!
> > But how do you determine the "date", i.e., this reference
> > '20190406T212022Z' ?
> 
> You'd take the timestamp immediately preceding your desired (Guix) commit's
> date, or something like that.  The fact that git commit dates aren't linear
> shouldn't hurt here.
> 
> > Could it be automated?
> 
> Not without parsing HTML to get the valid timestamps:
> .
>

You may not need to parse the html fully if the part you need is
isolatable into delimited scopes that you can successively narrow.

For example, I while back I wanted a command I could type to get
the url of the latest linux kernel at kernel.org:

stable-kernel.scm -h 
--8<---cut here---start->8---
Usage: stable-kernel-scm [ -h ]
   -h for this message
  (without args):
   go to https://www.kernel.org/ to wget page,
   extract URL of latest stable release tarball
   and write that URL to stdout.
--8<---cut here---end--->8---
(oops, I see I din't use $0 in the usage text -- should be .scm, not -scm)

I offer it below [1], with the thought that you could probably
modify (not to mention improve :-) it to get the timestamps you want.
Especially if you could get them to make the narrow context unique enough
that it's delimiters can delimit it in one shot.

The page at kernel.org is apparently stable enough that this still works,
but YMMV until the snapshot page is similarly stable. (You could ask
them to make it easy :)

> Also, this doesn't seem to be a supported service yet[0]:
> 
>  “This is an implementation for a possible snapshot.debian.org  service.
>   It's not yet finished, it's more a prototype/proof of concept   to show
>   and learn what we want and can provide.  So far it seems to   actually
> work.”
> 
> Still really cool,
> 
> T G-R
> 
> [0]: https://salsa.debian.org/snapshot-team/snapshot

HTH or is useful some way.
-- 
Regards,
Bengt Richter

[1]
--8<---cut here---start->8---
#!/usr/bin/bash
exec guile -e main -s "$0" "$@"
!#
 stable-kernel.scm
 goes to https://www.kernel.org/ to wget page, then
 extracts name of latest stable release tarball to stdout


(define (usage)
  (format (current-error-port)
  (string-join
   '(
"Usage: stable-kernel-scm [ -h ]"
"   -h for this message"
"  (without args):"
"   go to https://www.kernel.org/ to wget page,"
"   extract URL of latest stable release tarball"
"   and write that URL to stdout."
"")
   "\n")))

(use-modules (ice-9 format))
(use-modules (ice-9 rdelim))
(use-modules (ice-9 popen))
(use-modules (ice-9 textual-ports))
(use-modules (ice-9 and-let-star))
(use-modules (ice-9 regex))

(define (extract-delimited str s-beg s-end)
  (and-let*
   ((ix-beg (string-contains str s-beg))
(ix-post-beg (+ ix-beg (string-length s-beg)))
(ix-end   (string-contains str s-end ix-post-beg)))
   (substring str ix-post-beg  ix-end)))

(define kernel-url "https://www.kernel.org/;)

(define (get-kern-name)
  (let*((cmd-kern (string-append "wget -q -O - " kernel-url))
(p-inp (open-input-pipe cmd-kern))
(wgot-pinp-str (get-string-all p-inp))
(extracted-table-releases
 (extract-delimited wgot-pinp-str
""
""))
(extracted-stable-tarball-anchor
 (extract-delimited extracted-table-releases
"stable:"
">tarball<"))
(extracted-stable-href
 (extract-delimited extracted-stable-tarball-anchor
"8---

bug#39402: [PATCH] services: xorg: Filter modules based on system

[Jakub Kądziołka]

On Sun, Feb 09, 2020 at 09:31:09PM +, shtwzrd wrote:
> @@ -356,7 +361,7 @@ in @var{config}, are available.  The result should be 
> used in place of
>  #~(apply execl #$X #$X ;; Second #$X is for argv[0].
>   "-logverbose" "-verbose" "-terminate"
>   #$@(xorg-configuration-server-arguments config)
> -  (cdr (command-line
> + (cdr (command-line
>  
>(program-file "startx" exp))
>  
> @@ -477,7 +482,7 @@ desktop session from the system or user profile will be 
> used."
>(auto-login? slim-configuration-auto-login?
> (default #f))
>(default-user slim-configuration-default-user
> -(default ""))
> +(default ""))
>(theme slim-configuration-theme
>   (default %default-slim-theme))
>(theme-name slim-configuration-theme-name
> @@ -870,10 +875,10 @@ the GNOME desktop environment.")
> "Enable=" (if (gdm-configuration-debug? config)
>   "true"
>   "false") "\n"
> -   "\n"
> -   "[security]\n"
> -   "#DisallowTCP=true\n"
> -   "#AllowRemoteAutoLogin=false\n"))
> + "\n"
> + "[security]\n"
> + "#DisallowTCP=true\n"
> + "#AllowRemoteAutoLogin=false\n"))
>  
>  (define (gdm-pam-service config)
>"Return a PAM service for @command{gdm}."
Looks like you reformatted the file by accident. Apart from that, LGTM,
so pushed as 779d96c9b0ee38cbaca9f8577e6cc7f907fb29cb after removing the
formatting mishap.

Thanks for the patch!


signature.asc
Description: PGP signature

bug#39511: udpate

[Matt Wette]

oops:  `(Auth ...) => (list `(Auth...))

bug#39575: guix time-machine fails when a tarball was modified in-place

[Tobias Geerinckx-Rice via Bug reports for GNU Guix]

Jan, Simon,

Janneke 写道：

https://snapshot.debian.org/archive/debian/20190406T212022Z/pool/main/h/harfbuzz/harfbuzz_2.4.0.orig.tar.bz2


This is a wonderful resource!  Thank you, Janneke (and Debian)!

zimoun 写道：

Cool!
But how do you determine the "date", i.e., this reference 
'20190406T212022Z' ?


You'd take the timestamp immediately preceding your desired (Guix) 
commit's date, or something like that.  The fact that git commit 
dates aren't linear shouldn't hurt here.



Could it be automated?


Not without parsing HTML to get the valid timestamps: 
.


Also, this doesn't seem to be a supported service yet[0]:

 “This is an implementation for a possible snapshot.debian.org 
 service.
  It's not yet finished, it's more a prototype/proof of concept 
  to show
  and learn what we want and can provide.  So far it seems to 
  actually work.”


Still really cool,

T G-R

[0]: https://salsa.debian.org/snapshot-team/snapshot


signature.asc
Description: PGP signature

bug#39511: github auth

[Matt Wette]

I have not gotten into testing, but according to email and references
provided previously the patch below might work.


--- github.scm-orig    2020-02-15 10:32:52.209481329 -0800
+++ github.scm    2020-02-15 10:40:36.958144491 -0800
@@ -154,14 +154,12 @@
 ;; Ask for version 3 of the API as suggested at
 ;; .
 `((Accept . "application/vnd.github.v3+json")
+  ,@(if (%github-token)
+    `(Authorization . ,(string-append "token " (%github-token)))
+    '())
   (user-agent . "GNU Guile")))

-  (define (decorate url)
-    (if (%github-token)
-    (string-append url "?access_token=" (%github-token))
-    url))
-
-  (match (json-fetch (decorate release-url) #:headers headers)
+  (match (json-fetch release-url #:headers headers)
 (#()
  ;; We got the empty list, presumably because the user didn't use 
GitHub's

  ;; "release" mechanism, but hopefully they did use Git tags.

bug#39615: LetsEncrypt root certificate hash changed

[Tobias Geerinckx-Rice via Bug reports for GNU Guix]

Chris,

Christopher Baines 写道：

~$ guix pull
building 
/gnu/store/1r2cj292vvjvhbb92bri568p7dia7cp1-isrgrootx1.pem.drv...
building 
/gnu/store/dhlb62lpf1ggcrax62hm7l7rlcf5c4fi-letsencryptauthorityx3.pem.drv...

downloading from https://letsencrypt.org/certs/isrgrootx1.pem...
-sha256 hash mismatch for 
/gnu/store/ahiiz5x04rqr214sw840ifz0d3jzmnsb-isrgrootx1.pem:
  expected hash: 
  0zycy85ff9ga53z1q03df89ka9iihb9p8bjhw056rq2y4rn3b6ac
  actual hash: 
  1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92


Thanks!  I ran into this issue myself and updated the hashes in 
505b2631a9c35bbaa5ba6771ad4f646086f23cad.


One'd assume this to be caused by a tweaked expiry date somewhere, 
but the ‘contents’ of both old and new PEM files is actually the 
same:



Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number:
   82:10:cf:b0:d2:40:e3:59:44:63:e0:bb:63:82:8b:00
   Signature Algorithm: sha256WithRSAEncryption
   Issuer: C = US, O = Internet Security Research Group, CN = 
   ISRG Root X1

   Validity
   Not Before: Jun  4 11:04:38 2015 GMT
   Not After : Jun  4 11:04:38 2035 GMT
   Subject: C = US, O = Internet Security Research Group, CN 
   = ISRG Root X1

   Subject Public Key Info:
   Public Key Algorithm: rsaEncryption
   RSA Public-Key: (4096 bit)
   Modulus:
   00:ad:e8:24:73:f4:14:37:f3:9b:9e:2b:57:28:1c:
   87:be:dc:b7:df:38:90:8c:6e:3c:e6:57:a0:78:f7:
   75:c2:a2:fe:f5:6a:6e:f6:00:4f:28:db:de:68:86:
   6c:44:93:b6:b1:63:fd:14:12:6b:bf:1f:d2:ea:31:
   9b:21:7e:d1:33:3c:ba:48:f5:dd:79:df:b3:b8:ff:
   12:f1:21:9a:4b:c1:8a:86:71:69:4a:66:66:6c:8f:
   7e:3c:70:bf:ad:29:22:06:f3:e4:c0:e6:80:ae:e2:
   4b:8f:b7:99:7e:94:03:9f:d3:47:97:7c:99:48:23:
   53:e8:38:ae:4f:0a:6f:83:2e:d1:49:57:8c:80:74:
   b6:da:2f:d0:38:8d:7b:03:70:21:1b:75:f2:30:3c:
   fa:8f:ae:dd:da:63:ab:eb:16:4f:c2:8e:11:4b:7e:
   cf:0b:e8:ff:b5:77:2e:f4:b2:7b:4a:e0:4c:12:25:
   0c:70:8d:03:29:a0:e1:53:24:ec:13:d9:ee:19:bf:
   10:b3:4a:8c:3f:89:a3:61:51:de:ac:87:07:94:f4:
   63:71:ec:2e:e2:6f:5b:98:81:e1:89:5c:34:79:6c:
   76:ef:3b:90:62:79:e6:db:a4:9a:2f:26:c5:d0:10:
   e1:0e:de:d9:10:8e:16:fb:b7:f7:a8:f7:c7:e5:02:
   07:98:8f:36:08:95:e7:e2:37:96:0d:36:75:9e:fb:
   0e:72:b1:1d:9b:bc:03:f9:49:05:d8:81:dd:05:b4:
   2a:d6:41:e9:ac:01:76:95:0a:0f:d8:df:d5:bd:12:
   1f:35:2f:28:17:6c:d2:98:c1:a8:09:64:77:6e:47:
   37:ba:ce:ac:59:5e:68:9d:7f:72:d6:89:c5:06:41:
   29:3e:59:3e:dd:26:f5:24:c9:11:a7:5a:a3:4c:40:
   1f:46:a1:99:b5:a7:3a:51:6e:86:3b:9e:7d:72:a7:
   12:05:78:59:ed:3e:51:78:15:0b:03:8f:8d:d0:2f:
   05:b2:3e:7b:4a:1c:4b:73:05:12:fc:c6:ea:e0:50:
   13:7c:43:93:74:b3:ca:74:e7:8e:1f:01:08:d0:30:
   d4:5b:71:36:b4:07:ba:c1:30:30:5c:48:b7:82:3b:
   98:a6:7d:60:8a:a2:a3:29:82:cc:ba:bd:83:04:1b:
   a2:83:03:41:a1:d6:05:f1:1b:c2:b6:f0:a8:7c:86:
   3b:46:a8:48:2a:88:dc:76:9a:76:bf:1f:6a:a5:3d:
   19:8f:eb:38:f3:64:de:c8:2b:0d:0a:28:ff:f7:db:
   e2:15:42:d4:22:d0:27:5d:e1:79:fe:18:e7:70:88:
   ad:4e:e6:d9:8b:3a:c6:dd:27:51:6e:ff:bc:64:f5:
   33:43:4f
   Exponent: 65537 (0x10001)
   X509v3 extensions:
   X509v3 Key Usage: critical
   Certificate Sign, CRL Sign
   X509v3 Basic Constraints: critical
   CA:TRUE
   X509v3 Subject Key Identifier: 
   79:B4:59:E6:7B:B6:E5:E4:01:73:80:08:88:C8:1A:58:F6:E9:9B:6E

   Signature Algorithm: sha256WithRSAEncryption
55:1f:58:a9:bc:b2:a8:50:d0:0c:b1:d8:1a:69:20:27:29:08:
ac:61:75:5c:8a:6e:f8:82:e5:69:2f:d5:f6:56:4b:b9:b8:73:
10:59:d3:21:97:7e:e7:4c:71:fb:b2:d2:60:ad:39:a8:0b:ea:
17:21:56:85:f1:50:0e:59:eb:ce:e0:59:e9:ba:c9:15:ef:86:
9d:8f:84:80:f6:e4:e9:91:90:dc:17:9b:62:1b:45:f0:66:95:
d2:7c:6f:c2:ea:3b:ef:1f:cf:cb:d6:ae:27:f1:a9:b0:c8:ae:
fd:7d:7e:9a:fa:22:04:eb:ff:d9:7f:ea:91:2b:22:b1:17:0e:
8f:f2:8a:34:5b:58:d8:fc:01:c9:54:b9:b8:26:cc:8a:88:33:
89:4c:2d:84:3c:82:df:ee:96:57:05:ba:2c:bb:f7:c4:b7:c7:
4e:3b:82:be:31:c8:22:73:73:92:d1:c2:80:a4:39:39:10:33:
23:82:4c:3c:9f:86:b2:55:98:1d:be:29:86:8c:22:9b:9e:e2:
6b:3b:57:3a:82:70:4d:dc:09:c7:89:cb:0a:07:4d:6c:e8:5d:
8e:c9:ef:ce:ab:c7:bb:b5:2b:4e:45:d6:4a:d0:26:cc:e5:72:
ca:08:6a:a5:95:e3:15:a1:f7:a4:ed:c9:2c:5f:a5:fb:ff:ac:
28:02:2e:be:d7:7b:bb:e3:71:7b:90:16:d3:07:5e:46:53:7c:

bug#39575: guix time-machine fails when a tarball was modified in-place

[zimoun]

Hi,

On Fri, 14 Feb 2020 at 14:14, Ludovic Courtès  wrote:
> Tobias Geerinckx-Rice  skribis:

> > ~ λ guix download https://www.tobias.gr/guix/harfbuzz-2.4.0.tar.bz2
>
> Thanks, you saved us!

Thank you! :-)


> Anyway, everything will be so much better when SWH archives tarballs!

The future will be better. :-)
Even some details need to be discussed: frequency of source.json
generation, frequency of the SWH crawler ingest it, etc.

How could all the archives living in ci.guix.gnu.org be sent to SWH?
Because IMHO the of Berlin (or other) is to archive the world but to
build it. :-)


Cheers,
simon

bug#28659: bug#39575: guix time-machine fails when a tarball was modified in-place

[zimoun]

Hi,

On Fri, 14 Feb 2020 at 22:34, Ludovic Courtès  wrote:

> Also, one could argue that we’d steer users towards downloading from our
> server, which could be a privacy concern (probably not a strong argument
> since one can easily change the substitute URLs.)

I am not following the privacy concern.
What do you mean?

Cheers,
simon

bug#39615: LetsEncrypt root certificate hash changed

[Christopher Baines]

~$ guix pull
building /gnu/store/1r2cj292vvjvhbb92bri568p7dia7cp1-isrgrootx1.pem.drv...
building 
/gnu/store/dhlb62lpf1ggcrax62hm7l7rlcf5c4fi-letsencryptauthorityx3.pem.drv...
downloading from https://letsencrypt.org/certs/isrgrootx1.pem...
-sha256 hash mismatch for 
/gnu/store/ahiiz5x04rqr214sw840ifz0d3jzmnsb-isrgrootx1.pem:
  expected hash: 0zycy85ff9ga53z1q03df89ka9iihb9p8bjhw056rq2y4rn3b6ac
  actual hash:   1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92
hash mismatch for store item 
'/gnu/store/ahiiz5x04rqr214sw840ifz0d3jzmnsb-isrgrootx1.pem'
build of /gnu/store/1r2cj292vvjvhbb92bri568p7dia7cp1-isrgrootx1.pem.drv failed
View build log at 
'/var/log/guix/drvs/1r/2cj292vvjvhbb92bri568p7dia7cp1-isrgrootx1.pem.drv.bz2'.
cannot build derivation 
`/gnu/store/lv78345x77bv6103l9ssqkx4l3v7z0xj-le-certs-0.drv': 1 dependencies 
couldn't be built
guix pull: error: build of 
`/gnu/store/lv78345x77bv6103l9ssqkx4l3v7z0xj-le-certs-0.drv' failed


signature.asc
Description: PGP signature

bug#39575: guix time-machine fails when a tarball was modified in-place

[zimoun]

Hi,

On Fri, 14 Feb 2020 at 14:51, Ludovic Courtès  wrote:
> Jan Nieuwenhuizen  skribis:

> > What about
> >
> > 
> > https://snapshot.debian.org/archive/debian/20190406T212022Z/pool/main/h/harfbuzz/harfbuzz_2.4.0.orig.tar.bz2
>
> Good idea.

Cool!
But how do you determine the "date", i.e., this reference '20190406T212022Z' ?

Could it be automated?


Cheers,
simon

bug#39614: icecat "profile cannot be loaded"

[Tobias Geerinckx-Rice via Bug reports for GNU Guix]

Danny Milosavljevic 写道：
There's also a command line option for icecat to specify another 
directory
(--profile ...), but not sure whether it would create a new one, 
too.


You can also start icecat with the ‘--ProfileManager’ option for 
the slightly more user-friendly GUI edition.


Kind regards,

T G-R


signature.asc
Description: PGP signature

bug#39614: icecat "profile cannot be loaded"

[Danny Milosavljevic]

Hi,

I think that this has to be fixed upstream in the Icecat (or even Firefox)
project one way or another.

Could you back up ~/.mozilla/icecat ?

If you then rename ~/.mozilla/icecat to something else, your old profile
will be gone and a new one will be created and it will start up.

There's also a command line option for icecat to specify another directory
(--profile ...), but not sure whether it would create a new one, too.


pgpIpbr6VTwtS.pgp
Description: OpenPGP digital signature