[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New “guix refresh” command

From: Nikita Karetnikov
Subject: Re: New “guix refresh” command
Date: Thu, 30 May 2013 04:46:21 +0400

> That could be done by changing ‘gnupg-verify*’.  An optional argument
> could be added to select between interactive behavior (“do you want to
> download this key and add it to your keyring?”), always-download, and
> never-download.

I'm attaching my attempt.

There are two similar but unrelated problems:

1. The following function doesn't print the message.

(begin (format #t (_ "~a~a~!")
                           "Would you like to download this key "
                           "and add it to your keyring? (y/N) ")

2. 'else' doesn't work.

 (and (receive?)

# which gpg2
# gpg2 --delete-key EA52ECF4
# ./pre-inst-env guix refresh -u
accepted connection from pid 7779, uid 0
starting download of `guix-file.RAA3r7' from 
ftp://ftp.gnu.org/.../guile-2.0.9.tar.gz        100.0% of 7163.4 KiB
starting download of `guix-file.gJlE96' from 
ftp://ftp.gnu.org/.../guile-2.0.9.tar.gz.sig    100.0% of 0.2 KiB
gpg: Signature made Wed 10 Apr 2013 06:14:45 AM UTC using DSA key ID EA52ECF4
gpg: Can't check signature: No public key

(It should print the above message here, but it always tries to download
GCC instead.)

starting download of `guix-file.ZkDiI7' from 

To-do list:

1. Any argument except 'always', 'never', and 'interactive' should raise
   an error.

2. Fetch signatures first and don't download tarballs which can't be
   authenticated (when signatures are missing and 'never' is used).

3. How should I change 'receive?' to support i18n?

Anything else?

Attachment: download-sigs.diff
Description: Text Data

Attachment: pgpYuHzl2b1aW.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]