From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 20 10:46:13 2019 Received: (at submit) by debbugs.gnu.org; 20 Sep 2019 14:46:13 +0000 Received: from localhost ([127.0.0.1]:58285 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iBKAn-0000k8-AG for submit@debbugs.gnu.org; Fri, 20 Sep 2019 10:46:13 -0400 Received: from lists.gnu.org ([209.51.188.17]:58231) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1iBKAl-0000k0-EH for submit@debbugs.gnu.org; Fri, 20 Sep 2019 10:46:11 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:37476) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1iBKAh-0002TC-El for guix-patches@gnu.org; Fri, 20 Sep 2019 10:46:09 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,URIBL_BLOCKED autolearn=disabled version=3.3.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1iBKAf-0002at-8K for guix-patches@gnu.org; Fri, 20 Sep 2019 10:46:07 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:56154) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1iBKAb-0002ZB-J8 for guix-patches@gnu.org; Fri, 20 Sep 2019 10:46:04 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 06ef8145; Fri, 20 Sep 2019 14:45:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:cc:from:message-id; s= dkim; bh=urCvbEQv379hKPwwmWEeuVnRe9o=; b=OytGVueaMl5KxtYf+bLUQCi X2nQGPZh3OIRfhlz+r3//BlSL4LXnCxBsduOBW2hAbepWENT1+RfDKmSyC2xT3n3 8oAO5jW0Fl3X3EqnEb0BAOkqC8ySGy6bX3yj6T/Esmq5/DoWPI+xZGepfQVzjPd/ HOydwignFxNoblQS6//A3eOyrJGYdlvo7KoeosdYjf4M/83c9KBfCC5+F3LcEj3C 8X9q74R+dY7uITKGQ611P0ALa4OghAYn16WlhS7na52n8ICSAL1AGHpAkd1VE0QJ FBCFvvc8xsZCIEenmX89v9+u0DZlA+JiiU4w/RgluYoA5uHqXJy4bnUsRGcRsNA= = DomainKey-Signature: a=rsa-sha1; c=nofws; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:cc:from:message-id; q=dns; s=dkim; b=GAh5TLeRlWWEmHTSoWcr+2PlEDOK10qQDg6hcfx5rIORyWdup1YQb CnPej7V1i+Ia8JIB1e80oiJ9SeogYRVY3bBthuJ95jXcKbO1K+tXaemf66Y+mIyB GhSIuinl530EeslEyhRep7a212NRh/q11+N6WvaSaRsdCCmzVtyMgNqIAate7uIu lgKVYB2Rbjfq3hNC29frceyHOnnvU3zxOlIAQmxwX16K6nEljVD9lKjgrGC56zYr iGcstm7wcggKkDcUFcNt1JI668RsMoVqAJAVERuTO37GA6n77UURQ3vP+3ndGFx3 ZIhpTeXeA6tNwAipDIegGJk9wIGYXF8zQ== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 73f594d7 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Fri, 20 Sep 2019 14:45:56 +0000 (UTC) Date: Fri, 20 Sep 2019 16:45:42 +0200 User-Agent: K-9 Mail for Android In-Reply-To: <20190920154954.35713605@scratchpost.org> References: <20190920010248.28082-1-dannym@scratchpost.org> <20190920073149.2933-1-dannym@scratchpost.org> <20190920073149.2933-2-dannym@scratchpost.org> <20190920140529.234c55ad@alma-ubu> <20190920154954.35713605@scratchpost.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [bug#37466] [PATCH 2/4] gnu: Add heads. To: guix-patches@gnu.org, Danny Milosavljevic , =?ISO-8859-1?Q?Bj=F6rn_H=F6fling?= From: Julien Lepiller Message-ID: X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:5884:8208::1 X-Spam-Score: -2.3 (--) X-Debbugs-Envelope-To: submit Cc: 37466@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -3.3 (---) Le 20 septembre 2019 15:49:54 GMT+02:00, Danny Milosavljevic a =C3=A9crit : >Hi Bj=C3=B6rn, > >On Fri, 20 Sep 2019 14:05:29 +0200 >Bj=C3=B6rn H=C3=B6fling wrote: > >> That's the non-free kernel, right? > >Right=2E > >> Besides that neither DNS nor Google knows that host=2E > >Hmm, you're right, but it worked for me=2E Doesn't work now=2E >Using "www" is probably better anyhow (and works)=2E > >> In general, this long list of source-files looks a bit strange: I >think >> all/most of these packages are already a Guix package, where >> the source code is (more or less) verified to be FSDG-compatible, >> possibly with a snipped=2E Now this package is just getting a huge list >of >> unreviewed source tarballs in=2E Hm=2E >>=20 >> Could we at least somehow reference the source package from Guix? > >Well, heads provides an initrd and they want reproducible builds for it >for >security purposes--that's the main reason they build a "cross" compiler >too: >To have the compiler produce verifiable executables=2E > >So basically if we change the version or anything, the hashes won't >match >any more and any person going along their installation guide should >abort the installation--because heads has presumably been tampered >with=2E > >Not sure what to do about it=2E > >Maybe at least linux-libre produces bitwise identical outputs to Linux >for what they care about=2E I'll try it=2E Not sure about heads, but some build systems specify the exact version of = their dependencies, but we don't package all of them in guix=2E In that cas= e, the guix build-system overwrites the declared hash with the actual hash = of the package that is used instead=2E Can't you do something similar?