| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
My gpg key was updated.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
In commit 71059ce4e93cb772baec40be7d90852b95e709f7 ("GNUtoo: resign
from Parabola"), I resigned. I'm now back.
What happened (mostly) in the bug #1035 [1] and a bit on #parabola on
liberachat is that me and bill-auger had many missunderstandings on
top of missunderstandings in this bug.
The question that triggered missunderstandings was if we would need to
keep Guix or not on the rationale that, according to bill-auger, Guix
was not FSDG compliant.
My point of view was that whatever decision we take, we need to stay
consistent in Parabola and with the wider community of FSDG compliant
distritions and also have a rationale for taking each decision.
So for me we cannot have at the same time Guix being listed in the
free-distro page[2] and have a downstream distribution decide that
Guix is not FSDG compliant. For me, if it's not FSDG compliant, it
should be fixed upstream somehow and then used as a rationale in
FSDG compliant distributions if upstream decides that Guix is not
compliant.
Though Parabola could take decisions to exclude Guix on other grounds
(for instance it could decide for some reasons to remove all third
party package managers for some good reasons yet to be found).
To explain my position on that, I wrote very long messages that were
not read by bill-auger because they were too long and so we starting
having missunderstanding on top of missunderstandings. Part of it
could also be due to me not having taken into account that he would
not have read or in mind all the previous messages.
And after that I also missinterpretated text he wrote (that could be
interpretated in multiple ways) and I assumed he was pushing me on
purpose to demonstrate a point because the text could also be
interpretated in this way.
And since pushing people is dangerous, because contributors often are
overworked, I wanted to at least get the point accross that pushing
people like that was not something to be done, and that was something
very important to me to get accross because the health of contributors
and the community in general is extremely important.
But then he didn't listen because that issue already took too much
time and I really needed to get that point accross.
That explains why I wrote that:
This community has become toxic because there is no reguard for
contributors health.
I didn't add much details though because I was extremely nerovous.
Right after that, the most important missunderstandings were solved on
IRC after I resigned, so since they are now solved, I can come back.
References:
-----------
[1]https://labs.parabola.nu/issues/1035
[2]https://www.gnu.org/distros/free-distros.html
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
This community has become toxic because there is no reguard for
contributors health.
See the following issue for more details:
https://labs.parabola.nu/issues/1035
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
I don't have my main key on any of the computers that are involved in
building signing or pushing Parabola packages:
$ gpg -K FB31DBA3AB8DB76A4157329F7651568F80374459
sec# rsa4096 2017-05-29 [SC] [expires: 2022-10-12]
FB31DBA3AB8DB76A4157329F7651568F80374459
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@makefreedom.org>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@riseup.net>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
ssb rsa4096 2017-07-22 [S] [expires: 2022-10-12]
ssb rsa4096 2017-07-22 [E] [expires: 2022-10-12]
So the 782F9DDBE36BA7F3D4DE49065F5DFCC14177E263 subkey is used instead:
$ gpg --list-options show-unusable-subkeys \
--with-subkey-fingerprint --list-keys \
FB31DBA3AB8DB76A4157329F7651568F80374459
pub rsa4096 2017-05-29 [SC] [expires: 2022-10-12]
FB31DBA3AB8DB76A4157329F7651568F80374459
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@makefreedom.org>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@riseup.net>
uid [ultimate] Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
sub rsa4096 2017-07-22 [S] [expires: 2022-10-12]
782F9DDBE36BA7F3D4DE49065F5DFCC14177E263
sub rsa4096 2017-07-22 [E] [expires: 2022-10-12]
A0AD5A691D5E1A819FB3007C91EDBFDAAEDC2DB4
sub rsa4096 2017-05-29 [E] [expired: 2018-04-04]
E01713B69D72CA8CBB0A3F739EF8F853E2CF85BB
And for some reason, that might be the cause why uploading new
packages fails (though it didn't fail before), so it's worth trying to
see if adding in the subkey makes it work:
==> Running db-update on repos
removed 'sources/parabola/netpbm-10.73.36-1.parabola1-armv7h.src.tar.gz'
==> WARNING: file already exists: sources/parabola/netpbm-10.73.36-1.parabola1-armv7h.src.tar.gz.sig
die "Package %s does not have a valid signature"
==> Checking /home/gnutoo/staging//libre/netpbm-10.73.36-1.parabola1-armv7h.pkg.tar.xz.sig... (detached)
gpg: Signature made Sun Nov 28 13:15:39 2021 GMT
gpg: using RSA key 782F9DDBE36BA7F3D4DE49065F5DFCC14177E263
gpg: Note: trustdb not writable
gpg: Good signature from "Denis 'GNUtoo' Carikli <GNUtoo@makefreedom.org>" [unknown]
gpg: aka "Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>" [unknown]
gpg: aka "Denis 'GNUtoo' Carikli <GNUtoo@no-log.org>" [unknown]
gpg: aka "Denis 'GNUtoo' Carikli <GNUtoo@riseup.net>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: FB31 DBA3 AB8D B76A 4157 329F 7651 568F 8037 4459
Subkey fingerprint: 782F 9DDB E36B A7F3 D4DE 4906 5F5D FCC1 4177 E263
==> ERROR: The signature identified by /home/gnutoo/staging//libre/netpbm-10.73.36-1.parabola1-armv7h.pkg.tar.xz.sig could not be verified.
==> ERROR: Package libre/netpbm-10.73.36-1.parabola1-armv7h.pkg.tar.xz does not have a valid signature
==> Removing left over lock from [libre] (x86_64)
==> Removing left over lock from [libre] (i686)
==> Removing left over lock from [libre] (armv7h)
==> Removing left over lock from [libre] (ppc64le)
==> ERROR: An unknown error has occurred. Exiting...
User defined signal 1
Thanks a lot to bill-auger for the help on finding the gpg command to
list subkeys in long form and for the suggestion to use a subkey (Bill
has a similar setup and had to use his subkey).
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
