| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
|
|
Without that fix, when creating a chroot with the following commands
on Parabola x86_64, the resulting chroot is 64bit:
# mkdir rootfs
# pacstrap -C /usr/share/pacman/defaults/pacman.conf.i686 ./rootfs/
# file rootfs/usr/bin/pacman
rootfs/usr/bin/pacman: ELF 64-bit LSB pie executable, x86-64, [...]
In addition, if we run Parabola i686 on an x86_64 computer with
linux-libre-64, and that we try to install packages (after pacman -Sy),
some packages will refuse to be installed because they have
dependencies on 64bit libraries packages while we have 32bit ones
instead:
# pacman -S e2fsprogs
resolving dependencies...
looking for conflicting packages...
error: failed to prepare transaction (could not satisfy dependencies)
:: installing e2fsprogs (1.46.5-1) breaks dependency 'libss.so=2-32' required by krb5
:: installing e2fsprogs (1.46.5-1) breaks dependency 'libcom_err.so=2-32' required by krb5
but packages without such dependencies (like xterm or coreutils) can
be installed without warnings and we end up with non-working
packages:
# pacman -S xterm
[the installation proceeds]
# file /usr/bin/xterm
/usr/bin/xterm: ELF 64-bit LSB pie executable, x86-64, [...]
# xterm
bash: /usr/bin/xterm: No such file or directory
So it's a good idea to hardcode the architecture by default.
The Arch Linux 32 installer uses auto to auto-detect the CPU currently
in use to select matching repositories.
But in Parabola, for x86 32bit we only have one i686 repository and no
pentium4 or i586.
In addition, all the Parabola installers don't depend on auto (the
multi architecture installer has two complete Parabola systems, one
for i686 and one for x86_64, so it doesn't need auto).
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
|
|
U-boot contains some nonfree software, for instance nonfree microcode
in arch/x86/dts/microcode/, so this commit removes that.
This commit also removes instructions to install nonfree
software. While these instructions were not shipped in any of the
binary pakcages generated by this PKGBUILD, it's still a good idea to
also clean that up in the long run:
- Parabola has also PKGBUILDs for other SOCs, and ideally we could
expand to cover as many computers as possible if the computers are
supported in upstream projects (like u-boot) and that they don't
require too much extra maintenance. Having already a cleaned up
u-boot to base the PKGBUILDs on could help factorizing the code and
sharing the work on the u-boot code review process.
- Other FSDG compliant distributions already have u-boot (like Guix)
or might be interested in shipping u-boot (like Replicant), so it
would be a good idea not to duplicate the work again and again.
In the future the code that removes the nonfree software and the
problematic documentation should be moved in a reusable script (that
could still be run in mksource), possibly in its own package, in order
to be reusable accross different distributions and u-boot PKGBUILDs.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
According to Wikipedia: "GIF images are compressed using the
Lempel–Ziv–Welch (LZW) lossless data compression technique to reduce
the file size without degrading the visual quality. This compression
technique was patented in 1985. Controversy over the licensing
agreement between the software patent holder, Unisys, and CompuServe
in 1994 spurred the development of the Portable Network Graphics (PNG)
standard. By 2004 all the relevant patents had expired."[1].
So we can safely stop removing GIF related code on the basis of
patents alone.
[1]https://en.wikipedia.org/wiki/GIF
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
Signed-off-by: David P <megver83@parabola.nu>
|
|
|
|
|
|
|
|
|
|
Without that fix, we have the following error while
installing or upgrading texlive-bin:
error: texlive-bin: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
:: File /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
This is because the corresponding gpg key is expired:
$ gpg --verify /var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz.sig
gpg: assuming signed data in '/var/cache/pacman/pkg/texlive-bin-2021.58686-3.parabola8-i686.pkg.tar.xz'
gpg: Signature made mer. 03 nov. 2021 03:02:20 CET
gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778
gpg: Good signature from "bill-auger <bill-auger@peers.community>" [unknown]
gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [unknown]
gpg: aka "bill-auger <bill-auger@programmer.net>" [unknown]
gpg: aka "[jpeg image of size 6017]" [unknown]
gpg: Note: This key has expired!
Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40
Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778
Key expirations often happen when because there are
conflicting best security practices with key expiration
dates: for long term software releases, it's better if
the key don't have too short expiration dates, especially if
users can't easily update the key, but short key expirations
help a lot for security and for uses cases like mail, if you
loose your key, having a short expiration date will ensure
that people will (shortly) stop sending you mail that you
can't decrypt.
In addition keeping a key always up to date can in some case
be very complex.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
The changes and rationale was added as well from
information that comes from the bug #717 [1].
[1]https://labs.parabola.nu/issues/717
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Without that fix, we have the following error while
installing or upgrading asciidoc:
| > error: asciidoc: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
| > :: File /var/cache/pacman/pkg/asciidoc-8.6.10-2.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
| > Do you want to delete it? [Y/n] error: failed to commit transaction (invalid or corrupted package)
This is because the corresponding gpg key is expired.
Key expirations often happen when because there are
conflicting best security practices with key expiration
dates: for long term software releases, it's better if
the key don't have too short expiration dates, especially if
users can't easily update the key, but short key expirations
help a lot for security and for uses cases like mail, if you
loose your key, having a short expiration date will ensure
that people will (shortly) stop sending you mail that you
can't decrypt.
In addition keeping a key always up to date can in some case
be very complex.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Without that fix, we have the following error while
installing or upgrading mkinitcpio:
error: pacman-mirrorlist: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
:: File /var/cache/pacman/pkg/pacman-mirrorlist-20210803-1.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
This is because the corresponding gpg key is expired.
Key expirations often happen when because there are
conflicting best security practices with key expiration
dates: for long term software releases, it's better if
the key don't have too short expiration dates, especially if
users can't easily update the key, but short key expirations
help a lot for security and for uses cases like mail, if you
loose your key, having a short expiration date will ensure
that people will (shortly) stop sending you mail that you
can't decrypt.
In addition keeping a key always up to date can in some case
be very complex.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Without that fix, we have the following error while
installing or upgrading mkinitcpio:
error: mkinitcpio: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
:: File /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst is corrupted (invalid or corrupted package (PGP signature)).
This is because the corresponding gpg key is expired:
# gpg --recv-keys FBCC5AD7421197B7ABA72853908710913E8C7778
gpg: key 25DB7D9B5A8D4B40: public key "bill-auger <bill-auger@peers.community>" imported
gpg: Total number processed: 1
gpg: imported: 1
# gpg --verify /var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst.sig
gpg: assuming signed data in '/var/cache/pacman/pkg/mkinitcpio-30-2.parabola2-any.pkg.tar.zst'
gpg: Signature made sam. 06 nov. 2021 03:41:54 CET
gpg: using RSA key FBCC5AD7421197B7ABA72853908710913E8C7778
gpg: Good signature from "bill-auger <bill-auger@peers.community>" [expired]
gpg: aka "bill-auger <mr.j.spam.me@gmail.com>" [expired]
gpg: aka "bill-auger <bill-auger@programmer.net>" [expired]
gpg: aka "[jpeg image of size 6017]" [expired]
gpg: Note: This key has expired!
Primary key fingerprint: 3954 A7AB 837D 0EA9 CFA9 7989 25DB 7D9B 5A8D 4B40
Subkey fingerprint: FBCC 5AD7 4211 97B7 ABA7 2853 9087 1091 3E8C 7778
Key expirations often happen when because there are
conflicting best security practices with key expiration
dates: for long term software releases, it's better if
the key don't have too short expiration dates, especially if
users can't easily update the key, but short key expirations
help a lot for security and for uses cases like mail, if you
loose your key, having a short expiration date will ensure
that people will (shortly) stop sending you mail that you
can't decrypt.
In addition keeping a key always up to date can in some case
be very complex.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
