DDenis 'GNUtoo' Carikli wrote on 21 Aug 2020 06:45
(address . firstname.lastname@example.org)
I found a potential issue with the debootstrap package and the Guix
The Free System Distribution Guidelines states that:
Toggle quote (10 lines)
> A free system distribution must not steer users towards obtaining any
> nonfree information for practical use, or encourage them to do so.
> The system should have no repositories for nonfree software and no
> specific recipes for installation of particular nonfree programs. Nor
> should the distribution refer to third-party repositories that are
> not committed to only including free software; even if they only have
> free software today, that may not be true tomorrow. Programs in the
> system should not suggest installing nonfree plugins, documentation,
> and so on.
However after instalation, the debootstrap package contains scripts for
installing many distributions, and most of them are either not FSDG
compliant or have nonfree software in them.
I assume that the Ubuntu repositories are "third-party repositories that
are not committed to only including free software", and they are used
in the debootstrap scripts to install Ubuntu.
After installation I got the following scripts in
The scripts are named after distribution codenames. So here you can see
some ubuntu code names like trusty, xenial, etc (ubuntu contains nonfree
software), or some debian code names like stretch.
Not all scripts are problematic, as amber is the codename of the
main PureOS repository.
To fix that, Parabola patches debootstrap to remove the problematic
scripts and also adds support for many FSDG distributions along the
way. It also has a modified manual with examples for Trisquel
instead of Debian.
Something similar could probably be done in debian.scm.
In addition the Guix blog post about "Running a Ganeti cluster on
Guix" should probably be reviewed as it contains code to install
As I understand, Debian may not contain nonfree software but it is not
FSDG compliant, so it could be a good idea to use an FSDG compliant
distributions instead to avoid any issues. In addition if the buster
script is removed, then the code on the blog post won't work anymore.
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----