January 2012 - Arch-dev-public - lists.archlinux.org

[arch-dev-public] Remote PGP signing service (proof of concept)
by Rémy Oudompheng 03 Jan '12

03 Jan '12

Hello, I just wrote a small proof of concept for remote PGP signing. It is written in Go (using the weekly snapshot, not the r60 release), and is hosted at: https://github.com/remyoudompheng/remotepgp Usage is quite simple: - compile everything - run the server on the appropriate machine, for example ./server -addr localhost:10022 (by default it binds on localhost) - choose a remote file name - run the client: ./client -server http://localhost:10022/hash /home/remy/packages/blah It does the following: - looks for the secret keyring in $HOME/.gnupg/secring.gpg - chooses the first secret key and asks for the passphrase if needed - sends a little chunk of bytes to the server - the server hashes the concatenation of the file and the little chunk and returns the hash - the client finishes the signature process and writes blah.sig in the current directory. You should then be able to copy the remote file and check the signature is valid. For paranoid remote usage, it is possible to setup a SSH tunnel to connect to the server. Any comments are welcome. -- Rémy. (I'm not really good at license terms and associated legalese, please tell me if copyright notices get wrong)

3 2

[arch-dev-public] Signoff report for [testing]
by Arch Website Notification 03 Jan '12

03 Jan '12

=== Signoff report for [testing] === https://www.archlinux.org/packages/signoffs/ There are currently: * 2 new packages in last 24 hours * 1 known bad package * 0 packages not accepting signoffs * 15 fully signed off packages * 8 packages missing signoffs * 5 packages older than 14 days (Note: the word 'package' as used here refers to packages as grouped by pkgbase, architecture, and repository; e.g., one PKGBUILD produces one package per architecture, even if it is a split package.) == New packages in [testing] in last 24 hours (2 total) == * inetutils-1.9-1 (i686) * inetutils-1.9-1 (x86_64) == Incomplete signoffs for [core] (5 total) == * ed-1.6-1 (i686) 0/2 signoffs * glibc-2.15-3 (i686) 3/4 signoffs * inetutils-1.9-1 (i686) 0/2 signoffs * ed-1.6-1 (x86_64) 0/2 signoffs * inetutils-1.9-1 (x86_64) 0/2 signoffs == Incomplete signoffs for [extra] (3 total) == * pulseaudio-1.1-2 (i686) 0/2 signoffs * valgrind-3.7.0-2 (i686) 1/2 signoffs * pulseaudio-1.1-2 (x86_64) 1/2 signoffs == Completed signoffs (15 total) == * binutils-2.22-4 (i686) * file-5.10-1 (i686) * gcc-4.6.2-5 (i686) * linux-api-headers-3.1.6-1 (i686) * pacman-4.0.1-1 (i686) * binutils-2.22-4 (x86_64) * file-5.10-1 (x86_64) * gcc-4.6.2-5 (x86_64) * glibc-2.15-3 (x86_64) * linux-api-headers-3.1.6-1 (x86_64) * pacman-4.0.1-1 (x86_64) * namcap-3.2.1-1 (any) * pyalpm-0.5.3-1 (i686) * pyalpm-0.5.3-1 (x86_64) * valgrind-3.7.0-2 (x86_64) == All packages in [testing] for more than 14 days (5 total) == * pyalpm-0.5.3-1 (i686), since 2011-10-15 * pyalpm-0.5.3-1 (x86_64), since 2011-10-15 * namcap-3.2.1-1 (any), since 2011-10-20 * pacman-4.0.1-1 (i686), since 2011-11-21 * pacman-4.0.1-1 (x86_64), since 2011-11-21 == Top five in signoffs in last 24 hours == 1. dreisner - 2 signoffs

1 0

[arch-dev-public] [HEADSUP] Minimum kernel version bump
by Tom Gundersen 02 Jan '12

02 Jan '12

Hi guys, The next udev release will change its kernel requirements. This will not affect people running our standard kernel, but self-compiled kernels might be, and the -lts kernel is affected. The major changes are: * 2.6.34 is the minimum kernel requirement (our current -lts is .32). * devtmpfs support must be switched on; /dev can no longer be on a tmpfs (this should only affect self-compiled kernels). For more details see <http://git.kernel.org/?p=linux/hotplug/udev.git;a=blob_plain;f=README>. I think it does not make any sense for people to hold back udev and upgrade other packages, so once this is out I'll remove support for non-devtmpfs kernels in initscripts too. It might possibly make sense to re-evaluate our minimum kernel version supported in glibc, but I'll leave that to more knowledgeable people. Closer to the release I'll make a news item about this so everyone is aware. Cheers, Tom

4 9

[arch-dev-public] Registration question for forum/wiki
by Allan McRae 02 Jan '12

02 Jan '12

There are reports that the registration question for the forum and wiki is not working. I seem to remember a similar issue last year. Can someone take a look at this? Allan

1 2

[arch-dev-public] Signoff report for [testing]
by Arch Website Notification 02 Jan '12

02 Jan '12

=== Signoff report for [testing] === https://www.archlinux.org/packages/signoffs/ There are currently: * 4 new packages in last 24 hours * 1 known bad package * 0 packages not accepting signoffs * 13 fully signed off packages * 8 packages missing signoffs * 5 packages older than 14 days (Note: the word 'package' as used here refers to packages as grouped by pkgbase, architecture, and repository; e.g., one PKGBUILD produces one package per architecture, even if it is a split package.) == New packages in [testing] in last 24 hours (4 total) == * ed-1.6-1 (i686) * file-5.10-1 (i686) * ed-1.6-1 (x86_64) * file-5.10-1 (x86_64) == Incomplete signoffs for [core] (5 total) == * ed-1.6-1 (i686) 0/2 signoffs * file-5.10-1 (i686) 1/2 signoffs * glibc-2.15-3 (i686) 3/4 signoffs * ed-1.6-1 (x86_64) 0/2 signoffs * file-5.10-1 (x86_64) 1/2 signoffs == Incomplete signoffs for [extra] (3 total) == * pulseaudio-1.1-2 (i686) 0/2 signoffs * valgrind-3.7.0-2 (i686) 1/2 signoffs * pulseaudio-1.1-2 (x86_64) 1/2 signoffs == Completed signoffs (13 total) == * binutils-2.22-4 (i686) * gcc-4.6.2-5 (i686) * linux-api-headers-3.1.6-1 (i686) * pacman-4.0.1-1 (i686) * binutils-2.22-4 (x86_64) * gcc-4.6.2-5 (x86_64) * glibc-2.15-3 (x86_64) * linux-api-headers-3.1.6-1 (x86_64) * pacman-4.0.1-1 (x86_64) * namcap-3.2.1-1 (any) * pyalpm-0.5.3-1 (i686) * pyalpm-0.5.3-1 (x86_64) * valgrind-3.7.0-2 (x86_64) == All packages in [testing] for more than 14 days (5 total) == * pyalpm-0.5.3-1 (i686), since 2011-10-15 * pyalpm-0.5.3-1 (x86_64), since 2011-10-15 * namcap-3.2.1-1 (any), since 2011-10-20 * pacman-4.0.1-1 (i686), since 2011-11-21 * pacman-4.0.1-1 (x86_64), since 2011-11-21 == Top five in signoffs in last 24 hours == 1. bluewind - 3 signoffs 2. allan - 2 signoffs

1 0

[arch-dev-public] Signoff report for [testing]
by Arch Website Notification 01 Jan '12

01 Jan '12

=== Signoff report for [testing] === https://www.archlinux.org/packages/signoffs/ There are currently: * 1 new package in last 24 hours * 1 known bad package * 0 packages not accepting signoffs * 15 fully signed off packages * 4 packages missing signoffs * 5 packages older than 14 days (Note: the word 'package' as used here refers to packages as grouped by pkgbase, architecture, and repository; e.g., one PKGBUILD produces one package per architecture, even if it is a split package.) == New packages in [testing] in last 24 hours (1 total) == * initscripts-2012.01.1-1 (any) == Incomplete signoffs for [core] (1 total) == * glibc-2.15-3 (i686) 3/4 signoffs == Incomplete signoffs for [extra] (3 total) == * pulseaudio-1.1-2 (i686) 0/2 signoffs * valgrind-3.7.0-2 (i686) 1/2 signoffs * pulseaudio-1.1-2 (x86_64) 1/2 signoffs == Completed signoffs (15 total) == * binutils-2.22-4 (i686) * gcc-4.6.2-5 (i686) * linux-api-headers-3.1.6-1 (i686) * pacman-4.0.1-1 (i686) * perl-5.14.2-5 (i686) * binutils-2.22-4 (x86_64) * gcc-4.6.2-5 (x86_64) * glibc-2.15-3 (x86_64) * linux-api-headers-3.1.6-1 (x86_64) * pacman-4.0.1-1 (x86_64) * perl-5.14.2-5 (x86_64) * namcap-3.2.1-1 (any) * pyalpm-0.5.3-1 (i686) * pyalpm-0.5.3-1 (x86_64) * valgrind-3.7.0-2 (x86_64) == All packages in [testing] for more than 14 days (5 total) == * pyalpm-0.5.3-1 (i686), since 2011-10-15 * pyalpm-0.5.3-1 (x86_64), since 2011-10-15 * namcap-3.2.1-1 (any), since 2011-10-20 * pacman-4.0.1-1 (i686), since 2011-11-21 * pacman-4.0.1-1 (x86_64), since 2011-11-21 == Top five in signoffs in last 24 hours == 1. tomegun - 6 signoffs 2. stephane - 4 signoffs 3. bpiotrowski - 2 signoffs

1 0

[arch-dev-public] Away on January 5–15
by Gaetan Bisson 01 Jan '12

01 Jan '12

Hi all, I'll be away and unreachable from January 5 to January 15. There's no current issue that I know of with any of my packages but if something comes up feel free to step in. Happy 2012! -- Gaetan

1 0