summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-11-23Update libre/your-freedomParabola automatic package builder
2021-11-21libre: texlive-bin: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading texlive-bin: error: texlive-bin: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired: $ gpg --verify /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz.sig gpg: assuming signed data in '/var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz' gpg: Signature made mer. 03 nov. 2021 03:02:20 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [unknown] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [unknown] gpg: aka "bill-auger <bill-auger@programmer.net>" [unknown] gpg: aka "[jpeg image of size 6017]" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: asciidoc: sync with Arch Linux by updating to 9.1.0-1Denis 'GNUtoo' Carikli
The changes and rationale was added as well from information that comes from the bug #717 [1]. [1]https://labs.parabola.nu/issues/717 Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: asciidoc: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading asciidoc: | > error: asciidoc: signature from "bill-auger <bill-auger@peers.community>" is unknown trust | > :: File /var/cache/pacman/pkg/asciidoc-8.6.10-2.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). | > Do you want to delete it? [Y/n] error: failed to commit transaction (invalid or corrupted package) This is because the corresponding gpg key is expired. Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: pacman-mirrorlist: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading mkinitcpio: error: pacman-mirrorlist: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/pacman-mirrorlist-20210803-1.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired. Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: mkinitcpio: bump package revision to workaround expired keyDenis 'GNUtoo' Carikli
Without that fix, we have the following error while installing or upgrading mkinitcpio: error: mkinitcpio: signature from "bill-auger <bill-auger@peers.community>" is unknown trust :: File /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)). This is because the corresponding gpg key is expired: # gpg --recv-keys FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: key 25DB7D9B5A8D4B40: public key "bill-auger <bill-auger@peers.community>" imported gpg: Total number processed: 1 gpg: imported: 1 # gpg --verify /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst.sig gpg: assuming signed data in '/var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst' gpg: Signature made sam. 06 nov. 2021 03:41:54 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [expired] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [expired] gpg: aka "bill-auger <bill-auger@programmer.net>" [expired] gpg: aka "[jpeg image of size 6017]" [expired] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 Key expirations often happen when because there are conflicting best security practices with key expiration dates: for long term software releases, it's better if the key don't have too short expiration dates, especially if users can't easily update the key, but short key expirations help a lot for security and for uses cases like mail, if you loose your key, having a short expiration date will ensure that people will (shortly) stop sending you mail that you can't decrypt. In addition keeping a key always up to date can in some case be very complex. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-21libre: Add mkinitcpio mkinitcpio-30-2.parabola2-any.src.tar.gz source codebill-auger
The process of packages releases makes it very easy to forget to push a package or its source code to git: - A developer can push to abslibre and forget to build the package, or that developer might want to build the package later on for various reasons. - A developer can also push the package and forget to push the corresponding git commits to abslibre. I often am in the first case, but here we are in the later case. Fortunately the process of packages releases also makes it easy to find that source code. The source code of libre/mkinitcpio can be found here: https://repo.parabola.nu/sources/parabola/mkinitcpio-30-2.parabola1-any.src.tar.gz https://repo.parabola.nu/sources/parabola/mkinitcpio-30-2.parabola1-any.src.tar.gz.sig And we can even verify its signature: $ gpg --verify mkinitcpio-30-2.parabola2-any.src.tar.gz.sig gpg: assuming signed data in 'mkinitcpio-30-2.parabola2-any.src.tar.gz' gpg: Signature made sam. 06 nov. 2021 03:42:02 CET gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778 gpg: Good signature from "bill-auger <bill-auger@peers.community>" [unknown] gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [unknown] gpg: aka "bill-auger <bill-auger@programmer.net>" [unknown] gpg: aka "[jpeg image of size 6017]" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40 Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778 So we can safely import the source back in abslibre. The archive has a bit more than needed for this specific situation: $ tar tf ../mkinitcpio-30-2.parabola2-any.src.tar.gz mkinitcpio/ mkinitcpio/mkinitcpio-30.tar.gz mkinitcpio/PKGBUILD mkinitcpio/.SRCINFO mkinitcpio/mkinitcpio.install mkinitcpio/mkinitcpio-30.tar.gz.sig mkinitcpio/9001-udev.patch So I only used the PKGBUILD, mkinitcpio.install and 9001-udev.patch files here as we don't commit the .SRCINFO or source tarballs to git in Parabola. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-11-18systemd-249.6-3.parabola1: updating versionOmar Vega Ramos
2021-11-12octopi-0.12.0-1.parabola1: updating versionOmar Vega Ramos
2021-11-12[blender]: upgrade to v2.93.5bill-auger
2021-11-12[mkinitcpio]: emergency [libre] packagebill-auger
2021-11-05nonprism/icedove: updated to 78.9.1Andreas Grapentin
2021-11-05libre/icedove: updated to 78.9.1Andreas Grapentin
2021-11-05[icedove]: upgrade to v78.8.1bill-auger
2021-11-05[icedove]: upgrade to v78.5.0bill-auger
2021-11-05[hydrogen]: upgrade to v1.1.0bill-auger
2021-11-05[mkinitcpio]: add udev.patchbill-auger
2021-11-05[mkinitcpio]: housekeepingbill-auger
2021-11-05[mkinitcpio][eudev]: move systemd hook function 'add_dev_rule'~ from 'eudev' ↵bill-auger
to 'mkinitcpio' this commit reverts the previous changes to the 'eudev' PKGBUILD 9001-udev.patch was originally made against the archlinux mkinitcpio project; so it probably should be in the mkinitcpio package # https://labs.parabola.nu/issues/3121 # https://github.com/archlinux/mkinitcpio/pull/54 # https://github.com/archlinux/mkinitcpio/commit/9ee1333a5f3302d7ddb004cf0909c94b4cff60ba.diff
2021-11-05updpkg: nonsystemd/eudev 3.2.9-2: add udev rule hook (fixes mkinitcpio)Tyler Swagar
2021-11-05[texlive-bin]: rebuild against latest popplerbill-auger
2021-11-05[texlive-bin]: rebuild against latest popplerbill-auger
2021-10-31Update libre/your-freedomParabola automatic package builder
2021-10-29[p11-kit]: rebuild against latest libffibill-auger
2021-10-27systemd-249.5-2.parabola1: updating versionOmar Vega Ramos
2021-10-18Update libre/your-freedomParabola automatic package builder
2021-10-18Update libre/your-freedomParabola automatic package builder
2021-10-18linux-libre-lts: don't build htmldocs (armv7h)David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-14Update libre/your-freedomParabola automatic package builder
2021-10-14updpkg: libre/linux-libre-firmware 1:1.4-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-14updpkg: libre/xtensa-elf-gcc 11.2.0-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-14updpkg: libre/sh-elf-gcc 11.2.0-1Megver83
Signed-off-by: Megver83 <megver83@parabola.nu>
2021-10-13updpkg: libre/arm-linux-gnueabi-gcc 11.2.0-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-13updpkg: libre/xtensa-elf-binutils 2.37-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-13updpkg: libre/sh-elf-binutils 2.37-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-13updpkg: libre/arm-linux-gnueabi-binutils 2.37-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-13updpkg: libre/linux-libre-pck 5.14.11.pck2-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-12updpkg: libre/linux-libre-pae 5.14.11-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-12updpkg: libre/linux-libre-hardened 5.14.11.hardened1-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-11updpkg: libre/linux-libre-lts 5.10.72-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-11updpkg: libre/linux-libre 5.14.11-1David P
Signed-off-by: David P <megver83@parabola.nu>
2021-10-08[iceweasel]: update branding checksumbill-auger
2021-10-08libre/iceweasel: Update to 93.0 according to upstreamsgrizzlyuser
Arch Linux ARM has removed the patch and webrtc disable flag
2021-10-08[iceweasel]: update branding checksumbill-auger
2021-10-01pcr: Add abootimg 0.6 from AurDenis 'GNUtoo' Carikli
The Aur package is based on the abootimg-git, Guix and Debian packages. While abootimg only supports old Android images format and its git repository[1] doesn't have new commits since 2012, the abootimg program is used by diffoscope to produce more fine grained diffs between two Android boot images. Without it you end up with a hexdump based diff which isn't very useful. With abootimg you can really debug and fix reproducibility issues when creating Android boot images. Here's what you get between two boot images whose only difference is due to the timestamps in the gzip command used to build the images[2]: --- tests/recovery-i9300-with-root.img +++ tests/recovery-i9300-with-root.img.1 ├── abootimg -i {} │ @@ -13,9 +13,9 @@ │ * load addresses: │ kernel: 0x40008000 │ ramdisk: 0x41000000 │ tags: 0x40000100 │ │ * cmdline = console=ttySAC2,115200 │ │ -* id = 0xa1891d8e 0xdfc327bf 0xe9dc0add 0xb1b7ba27 0x4c251f7d 0x00000000 0x00000000 0x00000000 │ +* id = 0xbd8bda50 0x69a5cbc5 0x9f4e7867 0x3853557e 0x888ff90a 0x00000000 0x00000000 0x00000000 ├── initrd.img │ ├── filetype from file(1) │ │ @@ -1 +1 @@ │ │ -gzip compressed data, was "ramdisk.cpio", last modified: Thu Sep 30 23:04:41 2021, from Unix │ │ +gzip compressed data, was "ramdisk.cpio", last modified: Thu Sep 30 23:02:44 2021, from Unix And without abootimg you have the following instead: --- tests/recovery-i9300-with-root.img +++ tests/recovery-i9300-with-root.img.1 │┄ 'abootimg' not available in path. Falling back to binary comparison. @@ -30,16 +30,16 @@ 000001d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000001e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000001f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000200: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000210: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000220: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000230: 0000 0000 0000 0000 0000 0000 0000 0000 ................ -00000240: 8e1d 89a1 bf27 c3df dd0a dce9 27ba b7b1 .....'......'... -00000250: 7d1f 254c 0000 0000 0000 0000 0000 0000 }.%L............ +00000240: 50da 8bbd c5cb a569 6778 4e9f 7e55 5338 P......igxN.~US8 +00000250: 0af9 8f88 0000 0000 0000 0000 0000 0000 ................ 00000260: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000270: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000280: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 00000290: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000002a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000002b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 000002c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ @@ -212218,15 +212218,15 @@ 0033cf90: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cfa0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cfb0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cfc0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cfd0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cfe0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0033cff0: 0000 0000 0000 0000 0000 0000 0000 0000 ................ -0033d000: 1f8b 0808 8942 5661 0003 7261 6d64 6973 .....BVa..ramdis +0033d000: 1f8b 0808 1442 5661 0003 7261 6d64 6973 .....BVa..ramdis 0033d010: 6b2e 6370 696f 00b4 5b7b 77db b692 cfbf k.cpio..[{w..... 0033d020: d6a7 c0b1 7dea 3c4c 5292 653b 76cb b6b9 ....}.<LR.e;v... 0033d030: 8d6f 93de a4ce 899d bddd 4db2 3c10 094a .o........M.<..J 0033d040: bc22 0916 0065 298f fdec 3b03 5212 1fa0 ."...e)...;.R... 0033d050: ac74 f7fa b48e 35f8 cd60 30c0 bc40 aa7f .t....5..`0..@.. 0033d060: de3f ef0f fafd fee8 e284 f5f1 870e e8a8 .?.............. 0033d070: 6ffe 1934 3e07 1db8 e6cf d3d5 1ffe 948a o..4>........... And the issue here is not hypothetical as the above show a real bug preventing tests from working in a tool meant to add root access by default in Replicant boot and recovery images. And that bug was really fixed thanks to abootimg. [1]https://github.com/ggrandou/abootimg [2]The ID takes into account the hash of the initrd image. Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2021-09-28And [libre/filesystem]. Think that is the lot.Freemor
2021-09-28Also tweak [nonsystemd/filesystem]Freemor
2021-09-28same tweak for [nonsystemd/your-initfreedom]Freemor
2021-09-28Same Tweak to [nonprism/your-privacy]Freemor
2021-09-28[libre/your-freedom] Dang... Tweak the tweak.. thats betterFreemor