Bug#942487: [Pkg-rust-maintainers] Bug#942487: Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

[Bernhard R. Link]

* Ximin Luo  [191223 12:58]:
> dpkg and all other debian tools support it right now. It is only reprepro 
> with this artifical constraint, which makes it not work for packages that are 
> processable by dpkg and other debian tools.

If it is artifical, then it is artifically high. It is 128 times more than
what almost every single package needs and more than five times what the most
absurd package before needed and twice what other tools are said to have
had as limit there. I will increase it in reprepro (and maybe might make it
configurable to some extent), but there will always be an upper limit.

> Are you suggesting that dpkg and other tools have a concrete security problem?

dpkg does not check checksums of index files, so it is likely
uneffected. If apt has no limit then that likely makes some attacks
needlessly easy (though it might have other mitigations in that regard,
and there are less things apt has to care about the way it is typically
used).
Accepting absurd input without confirmation is never a secure way to handle
things, though.

    Bernhard R. Link

Bug#942487: [Pkg-rust-maintainers] Bug#942487: Bug#942487: rust-web-sys: Provides header is more than 256K long and it breaks reprepro...

[Bernhard R. Link]

* Ximin Luo  [191223 09:16]:
> A long-term fix would be to fix this:
>
> line 151-166:

>   if (f->size - f->ofs <= 2048) {
>   /* Adding code to enlarge the buffer in this case
>* is risky as hard to test properly.
>*
>* Also it is almost certainly caused by some
>* mis-representation of the file or perhaps
>* some attack. Requesting all existing memory in
>* those cases does not sound very useful. */
>
>   fprintf(stderr,
> "Error parsing %s line %d: Ridiculous long (>= 256K) control chunk!\n",
>   f->filename,
>   f->startlinenumber);
>   f->failed = true;
>   return RET_ERROR;
>   }
>
> One reasonable option would be to rip out this code and use whatever dpkg 
> itself is using to parse the fields.

As the comment describes, accepting arbitrary long control data would
open all kind of security issues and require quite some hard to properly
test code. Most of the attacks enabled by having longer control chunks
might be able to mitigated some way, but that would require all kind of
different logic that can then have some new bugs.

So allowing arbitrary absurdly long control data is not something I want
to support.

Bernhard R. Link

Bug#926233: copying arch:all across distributions does not reevaluate architectures list

[Bernhard R. Link]

* Christoph Berg  [190402 13:09]:
> I think arch:all packages should always live in all architectures for
> a distribution.

It's actually a feature that architecture all packages can be different
in the different architectures. This feature makes it easier to keep
all architectures useable by avoiding architecture all packages
entering an architecture before the architecture any packages of the
same source package are built.
(Though in hindsight it is perhaps not that useful a feature compared to
the annoyance t causes in in more often seen use cases. It is already on
my list of features that might be removed in the future).

As long as there are no architecture any packages from the same source a
reprepro flood $distributionname
should also haved fixed your case.


    Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#923319: #923319: dynalogin: FTBFS with pam >= 1.3

[Bernhard R. Link]

Control: retitle -1 dynalogin: FTBFS with pam >= 1.3

I think this problem is caused by three factors playing together:

- pam dropped support for PAM_STATIC with version 1.3.0
- libtool always compiles everything both as shared and as static
  object, even if it is a pam_module that only makes sense as shared
  object.
- dynalog is incorrectly defining PAM_STATIC compiled non-PIC.

AFAUI it PAM_STATIC was to be used to include a pam module into libpam
directly. As such it makes no sense for dynalogin to define it.
(Also searching for PAM_STATIC with codesearch.debian.net, usually
pam modules only check for it but do not define it (with very few
exceptions, and those I checked yet shishi and dynalogin have FTBFS
because of it)).

As libtool compiles everything both as static and as shared object
(as you might have some mechanism to also use them statically, and
libtool even have some mechanism where you can simulate loadable
plugins on architectures that only support static linking)
this needless build triggers that code.

But as pam 1.3.0 removed that possibility, it now fails.

I think the proper fix is to simple remove the following three lines:
#ifndef PIC
#define PAM_STATIC
#endif
from pam_dynalogin/pam_dynalogin.c

(Additionally it might be worth checking if setting
pam_dynalogin_la_LIBTOOLFLAGS = -shared
im Makefile.am is possible (not sure, as -shared is a compiler (so
LDFLAGS is too late) and a linker option, but not a generic option).
For a targeted fix, just not defining PAM_STATIC should be enough
and safer.)

(The same problem can also be seen in #924123 with shishi).

    Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#924123: shishi: FTBFS with pam >= 1.3 (was: with gcc 8.3)

[Bernhard R. Link]

Control: retitle -1 shishi: FTBFS with pam >= 1.3

Just some litte fly-by comment looking over RC bugs affecting testing:

I can also reproduce the FTBFS in an unstable chroot (so nothing testing
specific with that build failure).

The log is not really helpful here, as libtool only prints stderr of the
-DPIC compilation, but hides stderr of the non-PIC compilation, while
only the non-PIC compilation fails (the PIC case only produces harmless
warnings).

Unhiding the output of that gcc run gives the following result:

| pam_shishi.c: In function 'pam_sm_authenticate':
| pam_shishi.c:185:48: warning: cast to pointer from integer of different size 
[-Wint-to-pointer-cast]
|pam_set_data (pamh, "shishi_setcred_return", (void *) retval, NULL);
| ^
| pam_shishi.c: At top level:
| pam_shishi.c:292:8: error: variable '_pam_shishi_modstruct' has initializer 
but incomplete type
|  struct pam_module _pam_shishi_modstruct = {
| ^~
| pam_shishi.c:293:3: warning: excess elements in struct initializer
|"pam_shishi",
|^~~~
| pam_shishi.c:293:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:294:3: warning: excess elements in struct initializer
|pam_sm_authenticate,
|^~~
| pam_shishi.c:294:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:295:3: warning: excess elements in struct initializer
|pam_sm_setcred,
|^~
| pam_shishi.c:295:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:296:3: warning: excess elements in struct initializer
|pam_sm_acct_mgmt,
|^~~~
| pam_shishi.c:296:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:297:3: warning: excess elements in struct initializer
|pam_sm_open_session,
|^~~
| pam_shishi.c:297:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:298:3: warning: excess elements in struct initializer
|pam_sm_close_session,
|^~~~
| pam_shishi.c:298:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:299:3: warning: excess elements in struct initializer
|pam_sm_chauthtok
|^~~~
| pam_shishi.c:299:3: note: (near initialization for '_pam_shishi_modstruct')
| pam_shishi.c:292:19: error: storage size of '_pam_shishi_modstruct' isn't 
known
|  struct pam_module _pam_shishi_modstruct = {
|^
| /usr/include/security/pam_modules.h: In function 'pam_sm_authenticate':
| pam_shishi.c:127:7: warning: ignoring return value of 'asprintf', declared 
with attribute warn_unused_result [-Wunused-result]
|asprintf ((char **) [0].msg, "Password for `%s@%s': ",
|^~
|shishi_principal_default (h), shishi_realm_default (h));
|~~~

Looking at the sourcecode of the pam sourcepackage, it seems like suppor
for PAM_STATIC was removed with pam upstream 1.3.0, which hit Debian
with 1.3.1-3 uploaded 2019-02-12.

Taking a look at other pam_modules, they do not define PAM_STATIC
themself under any circumstances but only check it,
while extra/pam_shishi/pam_shishi.c contains:

| #ifndef PIC
| #define PAM_STATIC
| #endif

Looking around at some old pam documentation, my guess is that
PAM_STATIC is only to be used if modules are to be linked into libpam
directly. So I think those three lines above are in error and without
them this build failure might also be fixed.

@vorlon: could you take a look if my understanding of PAM_STATIC is
correct and it is nothing that should be defined if compiled as
an pam module outside of the pam source tree?

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#925567: gcc-8-cross: FTBFS: conftest.c:72: undefined reference to `getexecname'

[Bernhard R. Link]

Control: retitle 925567 gcc-8-cross: FTBFS: out of memory allocating 4064 bytes 
after a total of 155293664 bytes
Control: notfound 925567 gcc-8-cross/26
Control: fixed 925567 gcc-8-cross/26

The error message the build failed with according to the linked log is actually:

| out of memory allocating 4064 bytes after a total of 155293664 bytes
| cc1plus: out of memory allocating 65536 bytes after a total of 3620864 bytes

(The "undefined reference to `getexecname'" if part of a check an no
error but part of the full config.log)

This bugs still appears on
https://bugs.debian.org/release-critical/other/testing.html, I guess
because bugs.debian.org says:

   Found in version gcc-8-cross/26
   Fixed in version 26

and thus thinks testing is still affected.
I'm trying to send some notfound and fixed commands to clear that.


    Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#901952: fixing pristine-tar w.r.t. changed tar escaping

[Bernhard R. Link]

* Bernhard R. Link  [190330 07:58]:
> I'm looking into #901952 (pristine-tar failing to checkout out old files
> with non-printable unicode characters) and think that might be solved
> with the attached patches, by calling tar with --null and giving it
> a copy of the manifest file that is unescaped and NUL-terminated.
> 
> What I haven't looked into yet is whether it will break files
> generated with 1.46, as that the format incompatibly without
> changing the version of the delta (though perhaps that can be
> mitigated by an additional variant at checkout time).
> 
> What are your opinions on that? Is this worth trying to get into buster?

Attached version with some small fixes, more tests convering those
changes (and compatibility with previous versions), and an additional
variant run on checkout time to also handle files commited with 1.46.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC
>From c26122199aca7c2e08a8597d700d66b8734a3ad6 Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:32:13 +0100
Subject: [PATCH 1/6] revert writing unquoted filenames to manifest

this caused the filename to be unquoted two times,
break with filenames containing newlines
and changed the semantics of manifest files without changing the format version
---
 pristine-tar | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pristine-tar b/pristine-tar
index 0fe132e..fe10340 100755
--- a/pristine-tar
+++ b/pristine-tar
@@ -664,7 +664,7 @@ sub genmanifest {
 chomp;
 # ./ or / in the manifest just confuses tar
 s/^\.?\/+//;
-print OUT unquote_filename($_) . "\n" if length $_;
+print OUT $_ . "\n" if length $_;
   }
   close IN;
   close OUT;
-- 
2.20.1

>From bf607f0cd6de861a461eec9f60998950267001ab Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:44:25 +0100
Subject: [PATCH 2/6] change unquoting to match how tar quotes the filenames

Tar also generates octal escape sequences (\123) for some unicode
characters, especially when run in a non-unicode locale like with
LC_ALL=C. Those were not yet unquoted.

Vertical tab was unquoted improperly \x11 instead of \x0b.

If there was a literal backslash in a filename followed by
a character like a, b, n, r, t, v, then tar escapes that to
e.g. \\b. The old unquote the \b it saw in that, which this
fixes.

With those changes the unquote matches what tar uses, which
is a prerequisite for giving tar the unquoted filenames
to work around the behaviour change in tar 1.30.

Compared to versions <= 1.45 this does not change the result
of recreating a tar (so ensures every delta produced by those
is still useable) and only make pristine-tar able to handle
more tarballs. (As unquote in those were only used to create
dummy files for missing files in git, while tar was given
the original manifest file ignoring wrongly unquoted files).

As 1.46 wrote unquoted files to the manifest, this commit
breaks using some delta files created with 1.46. A later
commit will add a compatibility step for those.
---
 pristine-tar | 28 
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/pristine-tar b/pristine-tar
index fe10340..f6754c8 100755
--- a/pristine-tar
+++ b/pristine-tar
@@ -362,15 +362,27 @@ Options:
 sub unquote_filename {
   my $filename = shift;
 
-  $filename =~ s/\\a/\a/g;
-  $filename =~ s/\\b/\b/g;
-  $filename =~ s/\\f/\f/g;
-  $filename =~ s/\\n/\n/g;
-  $filename =~ s/\\r/\r/g;
-  $filename =~ s/\\t/\t/g;
-  $filename =~ s/\\v/\x11/g;
-  $filename =~ s//\\/g;
+  my $unquote_character = sub {
+if (defined $2 and $2 eq "000") {
+  die "filenames with NUL bytes are not supported";
+}
+return pack("C", oct($2)) if defined $2;
+my %map_named_escapes = (
+a => "\a",
+b => "\b",
+f => "\f",
+n => "\n",
+r => "\r",
+t => "\t",
+v => "\x0b",
+"\\" => "\\",
+);
+return $map_named_escapes{$1};
+  };
 
+  # unquote by calling $unquote_character for each matched group:
+  # (do all in a single run, as the octal sequences might output anything)
+  $filename =~ s/\\([abfnrtv\\])|\\([0-7]{3})/$unquote_character->()/ge;
   return $filename;
 }
 
-- 
2.20.1

>From c4d5609decd4b81285e92950a343b822e21608dc Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:56:52 +0100
Subject: [PATCH 3/6] send manifests file to tar NUL-terminated and unquoted
 (Closes: #901952)

tar changed behavior in no longer unescaping filenames with --verbatim-files-from
breaking reading all delta files and handling files with such filenames.

(This also fixes #902115 properly this time).
---
 pristine-ta

Bug#901952: fixing pristine-tar w.r.t. changed tar escaping

[Bernhard R. Link]

I'm looking into #901952 (pristine-tar failing to checkout out old files
with non-printable unicode characters) and think that might be solved
with the attached patches, by calling tar with --null and giving it
a copy of the manifest file that is unescaped and NUL-terminated.

What I haven't looked into yet is whether it will break files
generated with 1.46, as that the format incompatibly without
changing the version of the delta (though perhaps that can be
mitigated by an additional variant at checkout time).

What are your opinions on that? Is this worth trying to get into buster?

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC
>From c26122199aca7c2e08a8597d700d66b8734a3ad6 Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:32:13 +0100
Subject: [PATCH 1/4] revert writing unquoted filenames to manifest

this caused the filename to be unquoted two times,
break with filenames containing newlines
and changed the semantics of manifest files without changing the format version
---
 pristine-tar | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pristine-tar b/pristine-tar
index 0fe132e..fe10340 100755
--- a/pristine-tar
+++ b/pristine-tar
@@ -664,7 +664,7 @@ sub genmanifest {
 chomp;
 # ./ or / in the manifest just confuses tar
 s/^\.?\/+//;
-print OUT unquote_filename($_) . "\n" if length $_;
+print OUT $_ . "\n" if length $_;
   }
   close IN;
   close OUT;
-- 
2.20.1

>From 3caa71e47a23eab2b93291960c2e5d54471dd839 Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:44:25 +0100
Subject: [PATCH 2/4] also unquote octal escape sequences returned by tar

Tar also generates octal escape sequences (\123) for some unicode
characters. Those were not yet unquoted.

This also means when such files exist, there are no longer empty
files with the incorrectly unquoted names created.
This change has no effect compared to pristine-tar <= 1.45
as those created files are then ignored as they do not appear
in the manifest file. Though there is a small chance it might
break deltas created with 1.46 with such fules (assuming those
where even able to be checked in with 1.46).
---
 pristine-tar | 26 ++
 1 file changed, 18 insertions(+), 8 deletions(-)

diff --git a/pristine-tar b/pristine-tar
index fe10340..82256f5 100755
--- a/pristine-tar
+++ b/pristine-tar
@@ -362,15 +362,25 @@ Options:
 sub unquote_filename {
   my $filename = shift;
 
-  $filename =~ s/\\a/\a/g;
-  $filename =~ s/\\b/\b/g;
-  $filename =~ s/\\f/\f/g;
-  $filename =~ s/\\n/\n/g;
-  $filename =~ s/\\r/\r/g;
-  $filename =~ s/\\t/\t/g;
-  $filename =~ s/\\v/\x11/g;
-  $filename =~ s//\\/g;
+  my $unquote_character = sub {
+die "filenames with NUL bytes are not supported" if $2 eq "000";
+return pack("C", oct($2)) if defined $2;
+my %map_named_escapes = (
+a => "\a",
+b => "\b",
+f => "\f",
+n => "\n",
+r => "\r",
+t => "\t",
+v => "\x11",
+"\\" => "\\",
+);
+return $map_named_escapes{$1};
+  };
 
+  # unquote by calling $unquote_character for each matched group:
+  # (do all in a single run, as the octal sequences might output anything)
+  $filename =~ s/\\([abfnrtv\\])|\\([0-7]{3})/$unquote_character->()/ge;
   return $filename;
 }
 
-- 
2.20.1

>From ce7d2f64abf077c5f91119b53d34f0071e49c5e4 Mon Sep 17 00:00:00 2001
From: "Bernhard R. Link" 
Date: Fri, 29 Mar 2019 22:56:52 +0100
Subject: [PATCH 3/4] send manifests file to tar NUL-terminated and unquoted
 (Closes: #901952)

tar changed behavior in no longer unescaping filenames with --verbatim-files-from
breaking reading all delta files and handling files with such filenames.

(This also fixes #902115 properly this time).
---
 pristine-tar | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/pristine-tar b/pristine-tar
index 82256f5..f6cea05 100755
--- a/pristine-tar
+++ b/pristine-tar
@@ -394,12 +394,14 @@ sub recreatetarball {
 
   my @manifest;
   open(IN, "<", $manifestfile) || die "$manifestfile: $!";
+  open(OUT, ">", "$tempdir/manifest") || die "$tempdir/manifest: $!";
   while () {
 chomp;
 push @manifest, $_;
+print OUT unquote_filename($_) . pack("C", 0);
   }
   close IN;
-  link($manifestfile, "$tempdir/manifest") || die "link $tempdir/manifest: $!";
+  close OUT;
 
   # The manifest and source should have the same filenames,
   # but the manifest probably has all the files under a common
@@ -526,7 +528,7 @@ sub recreatetarball_helper {
 0,"--numeric-owner",
 "-C", "$tempdir/workdir",
 "--no-recursion", "--mode",
-"0644",   "--verbatim-files-from",
+"0644",   "--null",
 "--files-from",   "$tempdir/manifest"
   );
   if (exists $options{tar_format}) {
-- 
2.20.1

Bug#924831: another ftbfs caused by #807666

[Bernhard R. Link]

The log contains:
/usr/include/x86_64-linux-gnu/mpich/mpicxx.h:22:4: error: #error 'Please use 
the same version of GCC and g++ for compiling MPICH and user MPI programs'

so this bugs seems to be another instance of #807666 and should be fixed
once the fix for that reaches testing.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#924802: #924802 looks mpicxx related, might be due to #807666

[Bernhard R. Link]

retitle 924802 madness: FTBFS: failure checking for working mpicxx
block 924802 807666
thanks

Just some quick fly-by observations:

While the are errors about pow in the log, those seem to be harmless and
properly ignored capability checking.

The actual error causing the failure in the log is:

-- Could NOT find MPI_CXX (missing: MPI_CXX_WORKS) 
CMake Error at 
/usr/share/cmake-3.13/Modules/FindPackageHandleStandardArgs.cmake:137 (message):
  Could NOT find MPI (missing: MPI_CXX_FOUND) (found version "3.1")
Call Stack (most recent call first):
  /usr/share/cmake-3.13/Modules/FindPackageHandleStandardArgs.cmake:378 
(_FPHSA_FAILURE_MESSAGE)
  /usr/share/cmake-3.13/Modules/FindMPI.cmake:1671 
(find_package_handle_standard_args)
  external/mpi.cmake:6 (find_package)
  CMakeLists.txt:493 (include)


FindMPI.cmake says:
# If the find procedure fails for a variable ``MPI__WORKS``, then the 
settings detected by or passed to
# the module did not work and even a simple MPI test program failed to compile.


As the build attempt was done using "mpich amd64 3.3-2", most likely
this is related to #807666 (as the description of that bug says it makes using
mpich with c++ fail, which would fit those symptoms).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#923533: Missing Vcs-* headers

[Bernhard R. Link]

* Axel Beckert  [190301 15:39]:
> it is confusing that VCS related package has no Vcs-* headers.
>
> git-dpm though seems to have a Git repository on Salsa at
> https://salsa.debian.org/brlink/git-dpm.
>
> So please add the according Vcs-* headers:
>
>   Vcs-Git: https://salsa.debian.org/brlink/git-dpm.git
>   Vcs-Browser: https://salsa.debian.org/brlink/git-dpm

That repository is a mostly semi-temporary place. I've yet not
decided whether it will stay there, or if I will request a
group for it (like it had on alioth) or move it to the Debian group.

Also after getting disappointed two times (first git.debian.org and
then anonscm.debian.org), I lost the believe that those URLs are
even supposed to be be valid for a full release lifetime and thus
am no longer persuaded that putting that information into the archive
is the proper think to do. I'd much rather see some registry where
maintainers can put information about the current leading repository
whenever that changes and where tools like debcheckout can query it from.

> Maybe you also want to add a Homepage header pointing to the latter
> URL, too:
>
>   Homepage: https://salsa.debian.org/brlink/git-dpm

git-dpm actually had a proper homepage, which also got lost with
alioth. I'm still considering where to revive that.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#924355: RM: cuyo/2.0.0brl1-3

[Bernhard R. Link]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please consider removing cuyo from buster. The version in testing
currently is an old forked version that is in no good shape.
While there is an ITA for it (#916692), that didn't got to a new upload
before the freeze.

Also given that it is only some small game there should be no harm in
having one Debian release without it.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#916692: #916692

[Bernhard R. Link]

Hi,

any news on this one? Given the poor state the package is in,
do you have the resources for an upload before buster release?

Otherwise I plan to request a removal from testing once
the soft freeze started (as autoremoval via #916691 did
not happen).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#916692: RFA: cuyo -- Tetris-like game

[Bernhard R. Link]

Package: wnpp
Severity: normal

I'm planing to drop maintaining cuyo. The upstream license situation is
a bit complex and I lack the time to maintain a forked version. I'll
request it removed from testing and get the package removed unless
someone speaks up and wants to take over the package.

The package description is:
 Cuyo, named after a Spanish relative adjective, shares
 with tetris that things fall down and how to navigate them.
 When enough "of the same type" come "together", they explode.
 The goal of each level is to blow special "stones" away, you
 start with. But what "of the same type" and "together" means,
 varies with the levels.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#916691: cuyo -- Not fit for next release

[Bernhard R. Link]

Source: cuyo
Severity: critical

Pseudo-Bug to keep cuyo out fo testing so it does not end up in the next 
release.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#849807: gnutls_record_send after incomplete gnutls_handshake sends data unencrypted

[Bernhard R. Link]

Package: libgnutls30
Version: 3.5.7-3
Severity: normal
Tags: security

This bug report is not about wrong behavior if libgnutls is called
correctly but rather about dangerous behaviour if the caller is using
libgnutls incorrectly.

If a handshake has not yet completed (the caller ignoring
gnutls_handshake return code or the caller having a bug in the handling
of GNUTLS_E_AGAIN) then telling libgnutls to send data causes it to send
it unencrypted. Unless there are cases where might be useful, I think a
security relevelant library like libgnutls should rather catch this
mistake and avoid sending stuff unencrypted.

Here's an example:

cat <<'EOF' > example.c
#define _GNU_SOURCE
#include 
#include 
#include 
#include 
#include 
#include 
#include 

static ssize_t sim_write(gnutls_transport_ptr_t session, const void *data, 
size_t len) {
bool found = memmem(data, len, "SECRET", 6) != NULL;
printf("Would have written %d bytes%s.\n", (int)len, found?" containing 
unencrypted plain-text secret":"");
fflush(stdout);
return len;
}
static ssize_t sim_read(gnutls_transport_ptr_t session, void *data, size_t len) 
{
/* simulate non-blocking io with no incoming data arrived yet */
gnutls_transport_set_errno(session, EAGAIN);
fflush(stdout);
return -1;
}

int main() {
gnutls_certificate_credentials_t xcred;
gnutls_session_t session;
int r;

r = gnutls_global_init();
assert (r == GNUTLS_E_SUCCESS);
r = gnutls_certificate_allocate_credentials();
assert (r == GNUTLS_E_SUCCESS);
r = gnutls_init(, GNUTLS_CLIENT);
assert (r == GNUTLS_E_SUCCESS);
r = gnutls_set_default_priority(session);
assert (r == GNUTLS_E_SUCCESS);
r = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
assert (r == GNUTLS_E_SUCCESS);
gnutls_session_set_verify_cert(session, "server", 0);

gnutls_transport_set_ptr(session, session);
gnutls_transport_set_push_function(session, sim_write);
gnutls_transport_set_pull_function(session, sim_read);

r = gnutls_handshake(session);
assert (r == GNUTLS_E_AGAIN);
/* ignoring the return code and doing the sending: */
r = gnutls_record_send(session, "SECRET\n", 7);
printf("gnutls_record_send returned %d\n", r);

return 0;
}
EOF
gcc -Wall -O2 -g example.c -lgnutls && ./a.out

It outputs:

Would have written 238 bytes.
Would have written 12 bytes containing unencrypted plain-text secret.
gnutls_record_send returned 7

i.e. the data is send unencrypted (looking at the output one sees a
CLIENT_HELO followed by an APPLICATION_DATA packet with unencrypted
content).

One example where this happens is libldap, which runs into this if
gotten an non-blocking fd (as currently sssd does, see #849756),
causing sssd-ldap to corrently sending passwords unencrypted.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#849773: O: libnss-extrausers

[Bernhard R. Link]

Package: wnpp
Severity: normal

Hi,

I'm hereby orphaning libnss-extrausers, after neglecting it a bit for
too long. There is some open bug report with patches that do not apply,
and the whole thing got a bit out of date as nss is a moving target
(and the nss modules it was forked of are now very different).
So if you take it be ready for a large chunk of upstream work.

Packaging nss modules is also something of an unsolved problem with
multi-arch. (You can multi-arch them, but then people have to make sure
to install all the right architectures or get strange errors if they
forget), so that is no easy thing either.

Might perhaps best to just drop it and use the db backend instead (those
are not in another directory, but at least can keep them outside the
main files).

You can find the package in git at
https://anonscm.debian.org/cgit/collab-maint/libnss-extrausers.git/log/?h=debian
(including the last upload orphaning it).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#849772: RM: xfm -- ROM; dependencies lost required functionality

[Bernhard R. Link]

Package: ftp.debian.org
Severity: normal

Please remove xfm from unstable. It wasn't in jessie and isn't
that useful anymore since magic dropped the support it needs to
identify file types.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#849756: sssd-ldap fails to connect to ldaps:// due to problem with non-blocking socket

[Bernhard R . Link]

Package: sssd-ldap
Version: 1.14.2-1
Severity: serious
Tags: security

Feel free to downgrade the severity, but as this sends passwords in cleartext 
(though in a case that I hope
will never work so not that likely to loose important passwords) and makes me 
wonder whether this package can
work at all with any ldaps server, I guessed it might be a suitable severity.

This might be the cause of other "[sdap_process_result] (0x0040): ldap_result 
error: [Can't contact LDAP server]" bug reports, but as this error message is 
so generic, I'm creating a new bug report.

sssd calls ldap_install_tls on a socket without removing and NON_BLOCKING bits 
from it.
This seems to be not supported by the current libldap2-4 version, which returns 
LDAP_SUCCESS but later fails.

Due to the way libldap fails the request is then send unencrypted (within the 
SSL Stream).
Here it usually happens that sssd sends both the "Client Hello" and an 
"Application Data" block (containing unencryted ldap_default_bind_dn and 
ldap_default_authtok)  before the server can even answer with an hello and the 
server than sends (depending when the Application data arrives) either with an 
Unexpected Message Fatal Alert or an Unencrypted Data Alert. (The ldap Server 
log reports TLS handshake errors, while the on the sssd side one gets 
"[sdap_process_result] (0x0040): ldap_result error: [Can't contact LDAP 
server]").

Some example data extracted from the output of wireshark:


Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 1, Ack: 1, Len: 150
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Client Hello
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Length: 145
Handshake Protocol: Client Hello

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 151, Ack: 1, Len: 140
Secure Sockets Layer
TLSv1.2 Record Layer: Application Data Protocol: ldap
Content Type: Application Data (23)
Version: TLS 1.2 (0x0303)
Length: 135
Encrypted Application Data: 
30818402010160600201030439636e3d...

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 151, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 291, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1, Ack: 291, Len: 1448
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Hello
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 53
Handshake Protocol: Server Hello

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 1449, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 1449, Ack: 291, Len: 2648
[2 Reassembled TCP Segments (3389 bytes): #29(1390), #31(1999)]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Certificate
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 3384
Handshake Protocol: Certificate
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Server Key Exchange
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 527
Handshake Protocol: Server Key Exchange

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 4097, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 4097, Ack: 291, Len: 216
[2 Reassembled TCP Segments (333 bytes): #31(117), #33(216)]
Secure Sockets Layer
TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages
Content Type: Handshake (22)
Version: TLS 1.2 (0x0303)
Length: 328
Handshake Protocol: Certificate Request
Handshake Protocol: Server Hello Done

Transmission Control Protocol, Src Port: 47911 (47911), Dst Port: 636 (636), 
Seq: 291, Ack: 4313, Len: 0

Transmission Control Protocol, Src Port: 636 (636), Dst Port: 47911 (47911), 
Seq: 4313, Ack: 291, Len: 7
Secure Sockets Layer
TLSv1.2 Record Layer: Alert (Level: Fatal, Description: Unexpected Message)
Content Type: Alert (21)
Version: TLS 1.2 (0x0303)
Length: 2
Alert Message



The content of the "Application Data Protocol: ldap" package is plain 
non-encrypted data (here a bit redacted):
0``9cn=,cn=X,cn=,ou=X 
MYPASWORD___01.3.6.1.4.1.42.2.27.8.5.1


As I can see it the cause of this is that in 
../openldap-2.4.44+dfsg/libraries/libldap/tls2.c
the code is:

#ifdef LDAP_USE_NON_BLOCKING_TLS
/*
 * Use non-blocking io during SSL Handshake when a timeout is configured
 */
if ( ld->ld_options.ldo_tm_net.tv_sec >= 0 ) {
ber_sockbuf_ctrl( ld->ld_sb, LBER_SB_OPT_SET_NONBLOCK, sb );
 

Bug#849564: python3-reportbug: reportbug fails with AttributeError: 'str' object has no attribute 'utils'

[Bernhard R. Link]

Package: python3-reportbug
Version: 7.1.1
Control: affects -1 reportbug

Running reportbugs fails with:

*** Welcome to reportbug.  Use ? for help at prompts. ***
Note: bug reports are publicly archived (including the email address of
the submitter).
Detected character set: UTF-8
Please change your locale if this is incorrect.

Traceback (most recent call last):
  File "/usr/bin/reportbug", line 2233, in 
main()
  File "/usr/bin/reportbug", line 1107, in main
return iface.user_interface()
  File "/usr/bin/reportbug", line 1325, in user_interface
fromaddr = utils.get_user_id(self.options.email,
self.options.realname, charset)
  File "/usr/lib/python3/dist-packages/reportbug/utils.py", line 316, in
get_user_id
addr = email.utils.formataddr((realname, email))
AttributeError: 'str' object has no attribute 'utils'


It looks like the parameter email shadows the module name email causing
this error.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#847103: reprepro bzip2 lists decompression fails with internal decompressor

[Bernhard R. Link]

* Alberto Donato <alberto.don...@canonical.com> [161205 17:51]:
> I get the following error:
>
> $ reprepro --bunzip2 NONE update precise-security
> Error reading from
> ./lists/update-precise-security_precise-security_main_amd64_Packages.bz2:
> Trailing garbage after compressed data!
> There have been errors!
>
> Lists are downloaded correctly but they don't get decompressed. After that,
> even running with the external decompressor fails:

This looks like the Packages.bz2 file was created by concatenating two
.bz2 files, the later being empty. This is either  not supported by
libbz2 directly (and would need some workaround in reprepro), or there
is a bug in libbz2.

BZ2_bzDecompress return BZ_STREAM_END.
In bz2.next_in is another header ("BZh9\027rE8P\220\000\000\000"),
bz2.avail_in is 13. (I.e. directly at the end of the current buffer
reprepro feeds into libbz2 is another BZ2 block/stream, which might
not be complete).

The actual end of the Packages.bz2 file is
000a2170: d8 9d b0 42 5a 68 39 17 72 45 38 50 90 00 00 00 ...BZh9.rE8P
000a2180: 00  .

i.e. the file has one more byte than the 16k bytes block buffer
reprepro uses to feed the data into libbz2.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#820462: reprepro: Please add an --ignore option for --export=never warnings

[Bernhard R. Link]

Control: tags -1 +pending

* Frédéric Brière <fbri...@fbriere.net> [161222 15:22]:
> Specifying --export=never will trigger a "no index file was exported"
> warning, which can result in a slew of messages when performing a batch
> of multiple operations (which is the typical case for --export=never).
> An --ignore option to silence this warning would be nice.

When looking to implement it, I found it was already there (albeit not
documented).  There is a --export=silent-never which is like
--export=never but supresses most warnings. Will be documented in the
next version.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#834203: reprepro: Error including .changes: "'*.debian.tar.xz' has the wrong architecture to add it to unstable!"

[Bernhard R. Link]

Control: tags -1 +moreinfo

First sorry for the very late reply.

* Manuel A. Fernandez Montecelo <m...@debian.org> [161222 14:03]:
> Possibly I am doing something wrong and couldn't see any bugs or changes in 
> the
> changelog that might have caused this, but I am pretty sure that this was
> working only weeks ago in the same system with approximately the same versions
> (it's unstable, so I update often).
>
> Using "--ignore wrongarchitecture" or "surprisingarch" doesn't help.
>
> It happens with tar.xz and .gz files, either .debian or original (for native
> packages) or also diff.gz.
>
> includedeb works fine for including the .debs in the .changes files.
>
> Any clue if there's a problem somewhere or if I am doing something wrong (in
> which case, sorry for the noise)?

Could you make sure you have "source" in your Architectures: line in
conf/distributions? (Without this reprepo thinks you do not want source
files in this distribution and thus will complain if those are added.)

If you do not want to include sources, please try -T deb option before
the checkin. (Or -A yourarchitecture)

Bernhard R. Link

Bug#827947: 827947 not a bug

[Bernhard R. Link]

Control: -1 severity wishlist
Control: -1 tags +pending

I'm downgrading this to wishlist, as the output does not break
processincoming but some other script is confused by processincoming
outputing this information. (And as it is an example script it can
easily be edited to remove the line after copying it).

Nevertheless I prefer scripts not being verbose by default, too,
to it will be changed in the next version.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#843402: Fwd: reprepro_5.0.0-1_amd64.changes ACCEPTED into experimental

[Bernhard R. Link]

Hi,

I'd appreciate if those invovled could test the version of reprepro
currently in experimental. I plan to upload 5.0.1 to unstable with
some additional smaller things to unstable tomorrow (Friday) evening
(UTC).

Thanks in advance,
Bernhard R. Link

- Forwarded message from Debian FTP Masters 
<ftpmas...@ftp-master.debian.org> -

From: Debian FTP Masters <ftpmas...@ftp-master.debian.org>
Date: Wed, 21 Dec 2016 23:21:44 +
To: "Bernhard R. Link" <brl...@debian.org>
X-local-part: brl+debian+redirect
Subject: reprepro_5.0.0-1_amd64.changes ACCEPTED into experimental



Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Wed, 21 Dec 2016 21:22:52 +0100
Source: reprepro
Binary: reprepro
Architecture: source amd64
Version: 5.0.0-1
Distribution: experimental
Urgency: medium
Maintainer: Bernhard R. Link <brl...@debian.org>
Changed-By: Bernhard R. Link <brl...@debian.org>
Description:
 reprepro   - Debian package repository producer
Closes: 843402
Changes:
 reprepro (5.0.0-1) experimental; urgency=medium
 .
   * new release
   - drop support for apt-methods of squeeze and before
   - some code-refactoring (to prepare for future changes)
   - add support for .buildinfo in .changes files (Closes: #843402)
   * change debhelper compatibility level to 9
   * remove jessie gnupg2 depencency workarounds
   * change build-dependency from libgpgme11-dev to libgpgme-dev
   * enable hardening compiler flags, drop support for ancient dpkg-dev
Checksums-Sha1:
 4cbb1544a5b686b65894dcb2518477cfb2f17472 1963 reprepro_5.0.0-1.dsc
 33a27bae3a1acbf387c1de1e6209a51e55c74b0d 672057 reprepro_5.0.0.orig.tar.gz
 6d54a01b3b92faed524195a795e4282cc814f0e2 18688 reprepro_5.0.0-1.debian.tar.xz
 eda840235f2dfcc7dcc0021b823eb0dbced2d77b 997170 
reprepro-dbgsym_5.0.0-1_amd64.deb
 049d7bef980e00c4321681c02ee7ffe844bad3cd 5170 reprepro_5.0.0-1_amd64.buildinfo
 9900a8f634658634b15a0c306c355477ee1d043e 450256 reprepro_5.0.0-1_amd64.deb
Checksums-Sha256:
 867dda4666e549dead2189013b60b4dcc8e7484ecc99d4a6443ab8d511390d02 1963 
reprepro_5.0.0-1.dsc
 da7c0dbdd80afb1b49ea6740448bec1a7e7ab10e05520c33a9b11f5b8ca49f0b 672057 
reprepro_5.0.0.orig.tar.gz
 9c987e71583242c15de3067fd669897b39e5e20832cb6b349c06ee6fd3b8af90 18688 
reprepro_5.0.0-1.debian.tar.xz
 dfa62606508970123e705f08f8a73e717d912578284320f10a8c7bbe0827 997170 
reprepro-dbgsym_5.0.0-1_amd64.deb
 6bf03ae96e55d24411c559ff8d5a322694774fea50b51e9b3db212d8bb1e3fb6 5170 
reprepro_5.0.0-1_amd64.buildinfo
 2b2b17498ff32ebb48ec10b9c21d09e505c3c7f99f3d343e0233cfccd8396296 450256 
reprepro_5.0.0-1_amd64.deb
Files:
 18285327421dc384cb540f25f36fcd5b 1963 utils extra reprepro_5.0.0-1.dsc
 7d13c1af92e95aeeb6330112af662cf9 672057 utils extra reprepro_5.0.0.orig.tar.gz
 b21dade6e8c4354a128f75d7f0d37f4b 18688 utils extra 
reprepro_5.0.0-1.debian.tar.xz
 063145457cda9a0940dd49ab140ce113 997170 debug extra 
reprepro-dbgsym_5.0.0-1_amd64.deb
 ec9d3fe058662fd95630b766da01e2f0 5170 utils extra 
reprepro_5.0.0-1_amd64.buildinfo
 d4651302bdfc2f4f431c14adec8e8634 450256 utils extra reprepro_5.0.0-1_amd64.deb

-BEGIN PGP SIGNATURE-

iQJGBAEBCAAwFiEER2LYZQQfdf9pay9D6ZZIQUY/gV8FAlhbB+0SHGJybGlua0Bk
ZWJpYW4ub3JnAAoJEOmWSEFGP4Ffej4P/iBgwH92AgpbHscBk9PSuQsoJG6xBy2a
OzW/iYgCbl4TwL9qm9O0gDDlZOoNMC2CMqRL4kaFKK9Sq9I8yUBIuvoaGJwQvCC2
6ULB80A6vaK1NRpVqO1z7X+Mj2vMG25qDNdD2xImj7fsz6GXsMEcYQbS18wTz5Br
0oT4Q9cpiLmhYggHWNIaYddXTxh04qOhws04JfTJ3oXHz6Bwe5yVE2zPbMNHb4Dn
x8xhCyap6YAOZhfGfyntAX1E0tt4nrqD25bD53LzAUcDjiOkK1lGFXCIkBb/I6B+
qoXKZc2kBhaHCUU8TS+EQbLe/91V5O4u2fpN80Gq3gZcdn2ucJ6ikVTUGfzXl8vo
c+EDzMmyELcxqnDvzlVqflL87QMc5Fihiy4Q2n7aUdiceq2OffedxCopioGUW+HT
BpYbfoLFXxpD/oh9L638SK+ckSuP/AEUD1G1S2zGuR0EGAF9/1Wd13kIHlA0kqvh
1rr9VsgDNVLSVTufkvIbUzr0+7kTznC7xy+OvdJUpAMyXOukwuqnchr4XxirOrCs
xNFN6nco6y+Smii0P+3nODQq6p0H6lw4GBzODN1729OLvjMT6/kQHrtqjz0ajzQ8
1Rqz5l6EKcbb71H4rtnVPf4xLqfTFsJPyJxJL+IYKo42x0gmGiZnp8zwhJCXhyBo
UV4pOlzS6uH5
=7MEj
-END PGP SIGNATURE-


Thank you for your contribution to Debian.

- End forwarded message -
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#789608: reprepro: no passphrase prompt - possible cause

[Bernhard R. Link]

Control: tags -1 +pending

First a sory for the late reply.

* Paul Casto <pca...@bricata.com> [161221 21:45]:
> Observed the same problem - attempted to run `reprepro export` and was not 
> prompted for gpg passphrase.
> Conditions were similar to ones reported above. 
> While not explicitly stated above, only pinentry-curses was listed, so 
> assuming that this is a non X11 system.
> 
> Banged my head for a bit, and then discovered this post
> https://bbs.archlinux.org/viewtopic.php?id=138546
> 
> I didn't follow that back through to find the status of the bug, but... 
> 
> I did lead me down the path of discovering that this is an issue when running 
> reprepro under an account where an su is involved.  
> If I log in directly as the user that will be running reprepro (and has the 
> keys), then it works - ncurses prompt for passphrase.
> If I log in as another user, and then su to the user that is running reprepro 
> (and has the keys) it does not.  With the symptoms as described above.

For pinentry that is to be expected. AFAIUI it tries to access /dev/tty
and that belongs to the logged in user and does not allow anyone else to
write there.

The next version of reprepro will add the following sentence in the
manpage of --ask-passphrase:

 (With current versions of gnupg you need to set 'pinentry-mode loopback'
 in your .gnupg/gpg.conf file to use '--ask-passphrase'.
 Without that option gnupg uses the much safer and recommended pinentry 
instead).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#824521: [reprepro] Please add dep-11 support

[Bernhard R. Link]

I'd suggest to report a bug against apt for this. (Asking for files not
advertised and generating such an output is definitely a bug in apt,
no matter wether reprepro supports to generate those files or not).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#823629: reprepro: Please provide a way to compact references.db after some of its content has been freed

[Bernhard R. Link]

* intrig...@debian.org <intrig...@debian.org> [160506 22:00]:
> for Tails we have a system that uses reprepro snapshots intensively
> (basically, a large subset of the Debian archive is snapshot'ed four
> times a day). And then, we use _removereferences (+ manually removing
> the corresponding directory in dists/) to free the snapshots we don't
> need anymore.
>
> But despite the cleanup operation (_removereferences), it seems that
> references.db keeps growing. As a result, some operations become very
> slow unless there's enough memory available to keep that file in the
> disk cache.
>
> FYI, we're talking of a (currently) 5.4 GiB references.db here.
>
> I'm sure that there must be a good reason (such as optimizing I/O) for
> the current behavior, and that's fine with me. But would it be
> possible to have one extra operation, that one could run from time to
> time, and that compacts references.db so that it uses only the disk
> space (and thus, the in-memory disk cache) that it needs?

You might want to start with checking the stats of that file to see
if there is some libdb corruption in there or only no space freed.

db*_verify db/references.db
db*_stats -d db/references.db -s references

(With the tools from the db*-util package matching the libdb version
your reprepro binary is linked against).

> And, just in case I find someone ready to implement it: any pointer to
> where and how it could be done?

It's a pity that libdb does not come with some dbX.Y_compact utility.

For a short hot-fix you might try to use db*_dump and db*_load to create
a copy of the database.

If you are willing to lose all the snapshot-information, just deleting
the references.db file and running "reprepro rereference" will also create
a file with all but the snapshot references in them.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#820867: reprepro: Please allow to apply overrides on already installed packages

[Bernhard R. Link]

* Raphaël Hertzog <hert...@debian.org> [160413 11:21]:
> For some reasons it seems that "update" + "pull" rules do not properly
> transfer the priority... for instance I have the emdebian-archive-keyring
> which is priority extra in Debian's Packages files but priority important
> in the .deb itself. And it ended up as priority important in the Kali
> archive...

I didn't yet have the time to try to reproduce this part. (Current
behaviour should be that reprepro get the priority the time the specific
version of a package was added to a specific distribution. If that
happend due to "update" or "pull" it should get the Priority of the
source distribution (and only the one from the file if the file is
added locally via include*/processincoming). Though if the Priority
changed in the source distribution, reprepro will currently not update
to local one (unless there is a new version of the package)).


> Now I want to fix this priority so I added the "DebOverride" directive
> to conf/distributions but the next "export" does not apply this updated
> priority. Instead I have to remove the package and add it back to get
> it applied.
>
> It would be nice if the overrides could either be automatically applied
> or at least have a command to apply them without requiring such trickery.

There is "reprepro reoverride" for this part.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#820460: reprepro: Omitting Release from DebIndices still generates that file

[Bernhard R. Link]

package reprepro
tags 820460 +moreinfo
thanks

* Frédéric Brière <fbri...@fbriere.net> [160408 18:51]:
> The documentation for DebIndices states that omitting the optional
> Release filename will result in no file being generated.  This does not
> appear to work for me; Release files are still generated, despite having
> "DebIndices: Packages . .gz .xz" in my configuration.

That file should no longer be generated, but reprepro will not delete an
old file if it is still there. Could you check if it is newly generated
or just the old file?


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

Bug#798478: ratpoison: diff for NMU version 1.4.8-1.1

[Bernhard R. Link]

* Luca Falavigna <dktrkr...@debian.org> [151226 15:42]:
> I've prepared an NMU for ratpoison (versioned as 1.4.8-1.1) and
> uploaded it to DELAYED/2. Please feel free to tell me if I
> should delay it longer.

Thanks.

        Bernhard R. Link

Bug#480576: [debhelper-devel] Bug#480576: debhelper and dh-autoreconf

[Bernhard R. Link]

* Wookey woo...@wookware.org [150612 19:00]:
 I would second the opinion that running dh-autoreconf by default is
 something that should be expected to work. In practice it does work
 except for old and languishing packages that have very old autofoo:
 those need some updates. Often very simple ones, but in a few cases
 deeper ones. See (https://wiki.debian.org/Autoreconf for useful info)

There is not only the situation with current autoconf/automake. The
question is also if this is enabled what will happen in the future.

While autoconf/automake got a very long way in no longer breaking
packages every so often, the incompatible changes for tests is not
so long ago (and happened after everyone already claimed those
problems are a think from the past), that this cannot be ruled out
to cause problems in the future.

 So I would like to clarify whether there is a plan to do this in debhelper
 for level 10 or not, as mooted in this bug
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744915#25

 Maintainers (at least one) seem to be expecting it:
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788321#20
 but perhaps that is premature?

 Is the situation 'yes, if someone sends patches', or 'yes, it's
 underway', or 'maybe, sometime', or 'no never, it's a dumb idea' (or
 something else)?

In my personal opinion running autoreconf at build time is a
derivitation from upstream at least on the same level as having some
patch is. There is nothing inherently bad about derivating from upstream
or applying patches, but I think there should be at least a good reason
to.

Then there is also the problem that as autoreconf is supposed to be
run by people doing upstream work, there is no built-in mechanism
to clean up after that. (There is make maintainer-clean, but last
I looked it semantics were excplitely something like whatever the
maintainer thinks reasonable). This leads those gross hacks
dh-autorconf does to clean up. (And then even so strange clean up
that does not clean but copy files back and forth last I looked).

That said it might be a good idea to integrate some solution for this
deeper with debhelper and at least warn in some cases when this is
not used. (I guess looking for libtool or even usage of the
'canonical' variables (detectable by having guess.guess/config.sub))


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#781077: mark 781077 pending

[Bernhard R. Link]

package debhelper
tags 781077 + pending
thanks

* brl...@debian.org brl...@debian.org [150405 02:29]:
 This is an automated email from the git hooks/post-receive script.

 brlink pushed a commit to branch master
 in repository debhelper.

 commit 40656c02c319461e65879c2dba7475b2f288b578
 Author: Bernhard R. Link brl...@debian.org
 Date:   Sat Apr 4 19:04:41 2015 +0200
 
 dh_installwm: call after dh_link in dh call sequence, error out in compat 
 10 if there is no man page
 
 Move dh_installwm after dh_link, so that a manpage created by dh_link
 can be found.
 
 Also error out in compat 10 if no manpage is found.
 ---
  debhelper.pod| 5 +
  debian/changelog | 2 ++
  dh   | 2 +-
  dh_installwm | 4 
  4 files changed, 12 insertions(+), 1 deletion(-)
 
 diff --git a/debhelper.pod b/debhelper.pod
 index 2c33aab..1e28e60 100644
 --- a/debhelper.pod
 +++ b/debhelper.pod
 @@ -565,6 +565,11 @@ Bdh_installdeb no longer installs a maintainer-provided
  debian/Ipackage.shlibs file.  This is now done by Bdh_makeshlibs
  instead.
  
 +=item -
 +
 +Bdh_installwm refuses to create a broken package if no man page
 +can be found (required to register for the x-window-manager alternative).
 +
  =back
  
  =back
 diff --git a/debian/changelog b/debian/changelog
 index a00b8be..2d24a46 100644
 --- a/debian/changelog
 +++ b/debian/changelog
 @@ -92,6 +92,8 @@ debhelper (9.20150101.1) UNRELEASED; urgency=medium
   --disable-silent-rules (otherwise). (Closes: #551463, #680686)
* dh_compress: exclude .xz .lzma and .lz files from compression
  (Closes: #778927)
 +  * dh_installwm: call by dh after dh_link (Closes: #781077),
 +error out in compat 10 if no man page found
  
[ Jason Pleau ]
* dh_installchangelogs: Add CHANGES.md to the list of common changelog
 diff --git a/dh b/dh
 index eceb62e..93111da 100755
 --- a/dh
 +++ b/dh
 @@ -381,7 +381,6 @@ my @i = qw{
   dh_installpam
   dh_installppp
   dh_installudev
 - dh_installwm
   dh_installgsettings
   dh_bugfiles
   dh_ucf
 @@ -392,6 +391,7 @@ my @i = qw{
   dh_usrlocal
  
   dh_link
 + dh_installwm
   dh_installxfonts
   dh_compress
   dh_fixperms
 diff --git a/dh_installwm b/dh_installwm
 index b09bc3a..8fa0253 100755
 --- a/dh_installwm
 +++ b/dh_installwm
 @@ -102,6 +102,10 @@ WM:  foreach my $wm (@wm) {
   }
   }
   }
 + if (! compat(9)) {
 + error(no manpage found (creating an 
 x-window-manager alternative requires a slave symlink for the manpage));
 + }
 + # Reaching this code means a broken package will be 
 produced.
   
 autoscript($package,postinst,postinst-wm-noman,s:#WM#:$wm:;s/#PRIORITY#/$dh{PRIORITY}/,);
   }
   }
 
 -- 
 Alioth's /usr/local/bin/git-commit-notice on 
 /srv/git.debian.org/git/debhelper/debhelper.git
 
 
 ___
 debhelper-devel mailing list
 debhelper-de...@lists.alioth.debian.org
 http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debhelper-devel
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#778927: [debhelper-devel] Bug#778927: dh_compress: Please do not compress xz compressed files

[Bernhard R. Link]

Control: tags -1 + pending

* Andreas Tille ti...@debian.org [150221 22:15]:
 This result is surprising since bz2 compressed files are not gzipped by
 dh_compress.  So please do not compress .xz files.

Should be fixed by the following commit, pushed to master:

diff --git a/debian/changelog b/debian/changelog
index b80d1f3..1105d73 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -82,6 +82,8 @@ debhelper (9.20150101.1) UNRELEASED; urgency=medium
   * autoconf is always passed one of
  --enable-silent-rules (if DH_QUIET is set) or
  --disable-silent-rules (otherwise). (Closes: #551463, #680686)
+  * dh_compress: exclude .xz .lzma and .lz files from compression
+(Closes: #778927)
 
  -- Niels Thykier ni...@thykier.net  Thu, 01 Jan 2015 17:24:38 +0100
 
diff --git a/dh_compress b/dh_compress
index 53a6bb1..bbd5847 100755
--- a/dh_compress
+++ b/dh_compress
@@ -121,6 +121,7 @@ foreach my $package (@{$dh{DOPACKAGES}}) {
! -iname *.epub ! -iname *.jar ! -iname 
*.zip \\
! -iname *.odg ! -iname *.odp ! -iname 
*.odt \\
! -iname .htaccess ! -iname *.css \\
+   ! -iname *.xz ! -iname *.lz ! -iname 
*.lzma \\
! -iname *.svg ! -iname *.svgz ! -iname 
*.js \\
! -name index.sgml ! -name objects.inv ! 
-name *.map \\
! -name copyright 2/dev/null || true;
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#551463: tagging 551463, tagging 680686, tagging 639168, tagging 680687 pending

[Bernhard R. Link]

limit source debhelper
tags 551463 + pending
tags 680686 + pending
tags 639168 + pending
tags 680687 + pending
thanks

commited to git:
  * add DH_QUIET environment variable to make things more silent
  * dh: don't output commands to run if DH_QUIET is set
  * buildsystems print commands unless DH_QUIET is set (Closes: #639168,
  * #680687)
  * autoconf is always passed one of
 --enable-silent-rules (if DH_QUIET is set) or
 --disable-silent-rules (otherwise). (Closes: #551463, #680686)



Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#155931: Implemented permissions exceptions file

[Bernhard R. Link]

package debhelper
tags 155931 - patch
thanks

That patch needs some improvements:
- chown after chmod will revert some permissions (like suid)
- no error handling:
  lines with exactly three words in in will be silently ignored
Possible further improvements:
- globbing (can't use filedoublearray's but would needs its own just
  like dh_install)
- input validation (for permissions? is there a way to avoid people
  using dynamic user/group names here?)

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774227: busybox-static: execs applets when chrooting

[Bernhard R. Link]

Package: busybox-static
Version: 1:1.22.0-14
Severity: important
Tags: patch

#599101 is back, at least in busybox-static (I have not not tested the other 
one):

Things like chroot /target dpkg ... do not call dpkg but instead call
busybox's internal command (which leads to quite hard to debug error
messages trying to run debootstrap).

To fix it the same patch as before is needed, which is also the
end of debian/patches/applets-fallback.patch.sav:

--- a/coreutils/chroot.c
+++ b/coreutils/chroot.c
@@ -41,5 +41,7 @@ int chroot_main(int argc UNUSED_PARAM, c
/*argv[2] = NULL; - already is */
}
 
-   BB_EXECVP_or_die(argv);
+   execvp(argv[0], argv);
+   xfunc_error_retval = (errno == ENOENT) ? 127 : 126;
+   bb_perror_msg_and_die(can't execute '%s', argv[0]);
}



Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#759886: [debhelper-devel] Bug#759886: debhelper: please make mtimes of packaged files deterministic

[Bernhard R. Link]

* Jérémy Bobbio lu...@debian.org [141228 22:06]:
 Joey Hess:
  Jérémy Bobbio wrote:
   Joey Hess:
My other idea is to make dh_fixmtimes set something that a later command
(eg, dh_builddeb) could use and warn if it was not run.
   
   Maybe it should be integrated to dh_builddeb, then?
  
  I don't think it belongs in dh_builddeb directly.
 
 Unfortunately, while trying to understand why r-cran-gbm was not
 building reproducibly [1], I noticed that there might be a compelling
 reason to merge dh_fixmtimes in dh_builddeb.
 
 When DH_ALWAYS_EXCLUDE is specified, dh_builddeb might delete files.
 When this happens, parent directories get their mtime updated, reverting
 dh_fixmtimes work.
 
 So the ideal moment to set deterministic mtimes is after that pass.
 Which means integrating the find+xargs+touch in dh_builddeb…

May I suggest to just duplicate the DH_ALWAYS_EXCLUDE handling in
dh_fixmtimes for the time being?

If they are already removed then dh_builddeb should not do any new harm
and this way you keep more control over dh_fixmtimes so there is less
chances debhelper will ship outdated code.

Those two can then still later be merged if that still looks sensible
then.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#773965: binNMUed db5.3 FTBFS due to --link-doc check

[Bernhard R. Link]

* Helmut Grohne hel...@subdivi.de [141226 11:06]:
 My attempt to cross build db5.3 for x32 from amd64 failed. A log is
 attached. The relevant bits are:
 
 | dh_installdocs -pdb5.3-doc -plibdb5.3-java
 | dh_installdocs: No packages to build.
 | dh_installdocs --remaining-packages --link-doc=libdb5.3
 | dh_installdocs: WARNING: --link-doc between architecture all and not all 
 packages breaks binNMUs
 | dh_installdocs: Aborting build as this is a binNMU (leading to a broken 
 package)
 | debian/rules:250: recipe for target 'override_dh_installdocs' failed
 
 As you can see, this is not specific to cross building. Looking closer
 at the db5.3 source package one can see that it only builds two arch:all
 packages. Those are db5.3-doc and libdb5.3-java. Given the
 --remaining-packages switch in the second dh_installdocs invocation, it
 does not cover any arch:all packages and thus should not error out.
 
 In theory, debhelper does cover for --remaining-packages in
 dh_installdocs. I do not see why this mechanism does not work for db5.3.
 I hope that someone can figure this out.

The problem seems to be 97993b514bfbcc84c213e9e5d68c1b1c3a833ce7
(the commit introducing INTERNAL_EXCL_DOPACKAGES).
With that commit reverted it work as far as my limited tests concluded.

I think the key here is that the binary-arch is called, which causes
debhelper to limit everything to architecture dependent packages.

As above commit causes dh_installdoc --link-doc to specifically also
look at packages excluded because of this it looks at the packages
thus causes this false positive.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#769577: how to configure reprepro to make repository of what is installed on host

[Bernhard R. Link]

* Richard Betham rich...@betham.org.uk [141202 19:48]:
 Thank you very much for your e-mail,
 It is useful to know that I must remove the : and whatever follows,
 from the end of the package name,
 so that it will be suitable input for reprepro FilterList.

I guess that still needs to be added to the documentation.
(Those :architecture are a relatively new addition to the dpkg
--get-selections output format added due to multi-arch support)

 I have got my Makefile script file to work well enough
 to generate an image for a cdrom which seems to
 be acceptable to apt-cdrom, and to apt-get.
 
 However, when I run my script again, trying to use the cdrom as one 
 of the sources, reprepro generates an error message and aborts.
 The text of the error messages is copied into the attached file
 called make.op.txt
 
 I have tried various variants of the update file,
 using:
 Method: cdrom:[...]
 Method: cdrom://[...]
 Method: cdrom:[...]
 
 I did not put ...,
 I put Debian~Wheezy~in~part~as~at~2014-11-29+21:20:36.
 I prefer to have spaces in the name, but that seemed to cause 
 trouble.
 
 I attach copies of various files which seem relevant.
 
 Please advise me of the correct format for the line 
 in the file conf/updates, which starts:
 Method: cdrom:...

I haven't yet used the cdrom method with reprepro, so I am a bit of a
loss what the correct syntax is. Adding enough verbosity (I think you
need several -V to get to those details) you can see what reprepro
gives the apt cdrom method. I don't knwow that format the apt method
expects exactly, but doc/method.dbk in apt source package lists some
example URLs:

file:/var/mirrors/debian/
ftp://ftp.debian.org/debian
ftp://jgg:MooCow@localhost:21/debian
nfs://bigred/var/mirrors/debian
rsync://debian.midco.net/debian
cdrom:Debian 2.0r1 Disk 1/

so I guess it might be a single colon without any other additions
(though I do not know how current that example is).

Perhaps it is easier to just mount the .iso files somewhere and
just use the file:/ method.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#768046: reprepro: 'includedsc' fails for native packages with 'debian/' being a symlink

[Bernhard R. Link]

* Stephan Sürken abs...@debian.org [141104 14:39]:
 with a Debian native package having a setup like (for example) so

 debian - debian-wheezy
 debian-squeeze/
 debian-wheezy/

 , i.e., 'debian/' being a symlink, reprepro fails to find
 'debian/control', and finally fails with

 ---
 No section and no priority for 'PACKAGE', skipping.
 There have been errors!
 ---

 This is due to 'sourceextraction.c: parse_tarfile()', which
 iterates through all archive entries, and will never find
 debian/control as archive member string. I.e., iterating of
 libarchive entries, you only get

 debian
 debian-wheezy/control

 in this case. Maybe some extra code when debian/ is a symlink
 may help here, in that loop.

 Of course this (i.e., using a symlink here) is not a standard or
 desireable setup; however, other Debian tools just work find
 with such a setup, and I don't know of any documented
 restrictions -- so I think this should be fixed in reprepro.

To quote the manpage:

Note that .dsc files do not contain section or priority, but the
Sources.gz file needs them. reprepro tries to parse .diff and .tar
files for it, but is only able to resolve easy cases. If reprepro
fails to extract those automatically, you have to either specify a
DscOverride or give them via -S and -P

i.e. extracting the section and priority from the source package is a
let's try efford, and there are other cases where I decided reprepro
will just give up (like some cases where debian/control is both in
.orig.tar.gz and .diff.gz).

I'll have a look. I guess the case where the symlink is before the
directory might be easy to add, while the reverse case will likely
fall in the not easily done with sequential parsing, thus not
supported category. Sorry.

There are three workarounds:

- As the manpage says, name section or priority with -S and/or -P or
  via a override file.

- Use include with the .changes file. A .changes file usually contains
  section and priority for the source, so reprepro

- for private repositories or packages, there is a non-standard (and
  I guess also undocumented) extension reprepro has: If a .dsc contains
  Section: or Priority: it will use those values instead of looking
  further. (Not sure what the best way is to get them there, in specific
  workflows adding a XS-Section: in addition to the Section: in the
  debian/control might get this. Only suiteable for private packages
  of course).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#768015: reprepro fails on 'uniform compressed' dpkg binary packages

[Bernhard R. Link]

retitle 768015 reprepro: better error message if processing .deb file needs a 
missing uncompressor

* Daniel Baumann daniel.baum...@progress-technologies.net [141104 19:39]:
 and now i found out that the problem is that, when using lzip, depending
 on using lunzip and that fails if it's not installed (people are using
 lzip -d, not lunzip anymore)..
 
 so the only remaining thing is that it would be nice to have a more
 accurate error message when the reprepro uncompressor is not
 installed/available.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#769981: reprepro complaining about 'all' architecture

[Bernhard R. Link]

* Michael P. Soulier msoul...@digitaltorque.ca [141119 20:51]:
 On Nov 19, 2014, at 12:45 PM, Debian Bug Tracking System 
 ow...@bugs.debian.org wrote:
 
  - delete all from all Architecture: lines in conf/distributions
  - run reprepro --delete clearvanished (reprepro should tell you to do
   this if you try to run it)
 
 So for my packages that will run on any platform, should they be architecture 
 “any” then?

Your package is Architecture all. If you include it, reprepro will by
default add it to every architecture.

So for an architecture any package the split is done at build time:

debian/control
Architecture: any

Binaries generated by the different builds:
_amd64.deb _i386.deb _deb

put into:
binary-amd64/Packages, binary-i386/Packages, binary-.../Packages


while for an architecture all package the split is done when including
it into a repository:

debian/control
Architecture: any

Binaries generated by the builds:
_all.deb

put into:
binary-amd64/Packages, binary-i386/Packages, binary-.../Packages

Hope that clears it up,
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#769577: how to configure reprepro to make repository of what is installed on host

[Bernhard R. Link]

* Richard Betham rich...@betham.org.uk [141114 18:06]:
 I wish to be able, conveniently to make a repository containing
 the packages which:
 + are installed on my computer; and
 + are not included in the Official DVD, (or are a later version).
 I prefer the new repository to contain the versions of packages which
 are installed in my computer.
 These have always been tested, even if not much.
 I wish to copy the result to a CD-R, or to a DVD, which
 should be acceptable to apt-cdrom, and to apt-get.
 (apt-move used to do almost this.)
 
 It is not obvious from the documentation of reprepro, how to do this.
 
 I have started trying to make a script file to do this.
 Does anybody else want it?
 Has anybody already written one?
 
 Is there an easy way to make a repository containing only installed 
 packages?

To get the list of installed packages suitable for reprepro, do:

dpkg --get-selections | sed -e 's/:[^ \t]*//'  conf/mylist.lst

This you can then give to reprepro in a conf/updates block listing
the source where you get your packages and add something like

FilterList: purge mylist.lst

to make that update rule pull only package that you have installed.

Removing newer packages than some given set is not that easy AFAIK.
(There is support for the other way around: Doing a mirror with only
packages from the DVD that you do not have a newer version around).

If you compare the versions yourself and know which packages not to
include, you can add create another list with packagename purge
in each lines and give that to FilterList to exclude them:

FilterList: purge mylist.lst without.lst

Hope that helps,
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747141: debhelper: dh_installdocs --link-doc forces source-version dependencies (was: Re: Bug#766795: afterstep not binnmu safe and not installable in sid)

[Bernhard R. Link]

* Axel Beckert a...@debian.org [141109 17:33]:
 I suspect that's currently the only solution. zsh is affected, too:
 
 Depends: zsh-common (= 5.0.7-3), zsh-common (= 5.0.7-3+b1), [...]
 
 debian/control says:
 
 Depends: zsh-common (= ${source:Version}),
  ${misc:Depends},
[...]
 
 So it may be worth reinvestigating this issue instead of removing
 ${misc:Depends} from tons of packages (and causing lintian warnings
 about that) and requesting freeze exceptions for all these uploads. (I
 expected hundreds of them, zsh and afterstep only being some
 examples.)
 
 Any advice by the release team on this issue is appreciated.


The problem is that removing the misc:Depends just replaces one bug with
another one: The packages created that way will not include a changelog
for the binnmu.

Packages using --link-doc to link from an architecture any[1] to an
architecture all package are not really bin-nmuable. So the only
possiblities I see are:

- keep the way it is which causes those packages generate uninstallable
  packages if binnmu'd [2]
- remove the dependencies (in the packages or debhelper), causing
  binnmu'd packages to have no changelog of the binnmu.
- try to add some bin-nmu and affectedness detection (with the danger of
  false positives) to debhelper to make thsoe packages fail to build
  if binnmu'd so that no uninstallable packages are generated.
- change the affected packages in question to not use --link-doc.

Bernhard R. Link

[1] Or rather anything but all.
[2] What is the status if multi-arch and bin-nmu, does being bin-nmu'd
still break multi-arch packages?

-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747141: [debhelper-devel] Bug#747141: debhelper: dh_installdocs --link-doc forces source-version dependencies (was: Re: Bug#766795: afterstep not binnmu safe and not installable in sid)

[Bernhard R. Link]

* Bernhard R. Link brl...@debian.org [141109 19:45]:
 - keep the way it is which causes those packages generate uninstallable
   packages if binnmu'd [2]

I forgot to mention that the smalles possible change to bring any
package that became uninstallable by binNMU back to working state
is a MU or source-full NMU (other changes are only needed if
one wants to fix the problem that another binNMU breaks them again).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#763569: git-dpm generates incorrect patches with the ident gitattribute

[Bernhard R. Link]

* Sam Hartman hartm...@debian.org [141109 19:15]:
 I've been working with this a bit more.  One possibility would be to add
 an export option or some git dpm option to generate a dsc or a tree that
 could be used to generate a dsc.  At that point you could either add the
 changes as a final patch or unapply them.

Being able to just call dpkg-buildpackage in a checkout of the git
repository with needing to call git-dpm at all is quite an import
feature of git-dpm for me. Besides: how would that help if the problem
is that the patches generated do not fit the files?

I think there are only two posibilities:
- not using git-format-patch. Perhaps needed in the long term anyway
  to get nicer patch headers. But then I'm not sure that can be easily
  fixed using any other invocation of git's diff machinery (and not
  running in other problems on the way). And using non-git diff on trees
  exported with git to generate the patches sounds like no nice way to
  be heading.
- fix the information in git. I fear in the end the only feasible
  solution is to document that one needs to do an git-dpm
  import-new-upstream with --exclude .gitattribute here.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747141: debhelper: dh_installdocs --link-doc breaks binNMUs

[Bernhard R. Link]

I guess the easiest thing to do is simply to warn and in future compat
levels to error out with something like:

diff --git a/dh_installdocs b/dh_installdocs
index 3eefcdf..4ccd373 100755
--- a/dh_installdocs
+++ b/dh_installdocs
@@ -166,6 +166,14 @@ foreach my $package (@{$dh{DOPACKAGES}}) {
my $link_doc=($dh{LINK_DOC}  $dh{LINK_DOC} ne $package);
 
if ($link_doc) {
+   # TODO: does this need getpackages to be called first?
+   if (package_arch($package) ne package_arch($dh{LINK_DOC})) {
+   if (compat(9)) {
+   warning(WARNING: --link-doc between 
architecture all and not all packages breaks binNMUs);
+   } else {
+   error(--link-doc not allowed between 
${package} and $dh{LINK_DOC} (one is all and the other not));
+   }
+   }
# Make sure that the parent directory exists.
if (! -d $tmp/usr/share/doc  ! -l $tmp/usr/share/doc) {
doit(install,-g,0,-o,0,-d,$tmp/usr/share/doc);


Everything additional looks like it would have or cause quite some
problems:

- erroring out now breaks even the normal non-binNMU cases
- replacing the dependency with another version in case all-non-all
  link is not possible.
- replacing the dependency with another version in case non-all-all
  link gets complicated by the possibility of having different versions
  for different packages. (and then results in a package nowhere having
  the changelog for the binNMU, so many complications and special cases
  for a not-really-solution).
- ignoring --link-doc if the packages have different arch:all-ness might
  also have some nasty side-effects. And doing that only if there in an
  bin-NMU case would be quite suprising and likely not that much better
  than now.
- aborting with an error in case there is a broken --link-doc and there
  is an binNMU currently happening has the problem of detecting that the
  dependency is actually affected (due to binary packages maybe having
  differing versions) and could perhaps break some binNMU that by some
  other hard to forsee factors perhaps would not create a broken
  package.

Of those at most erroring out in case of binNMU that is considered to
create uninstallable packages seems worth considering to me, and making
that good enough to not create new problems looks hard.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#768507: #768507 - debhelper

[Bernhard R. Link]

Hi Niels,

If you want a team for maintaining debhelper, I'm more than willing to join.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#763569: git-dpm generates incorrect patches with the ident gitattribute

[Bernhard R. Link]

* Sam Hartman hartm...@debian.org [141001 03:33]:
 I'm packaging software that uses the ident tag in .gitattributes in the
 upstream git directory.
 Basically all the files in the tree have a $Id$ tag.
 Why, I don't know; I thought we all learned we hated that back in the
 bad old days of cvs.
 
 Unfortunately this produces really unfortunate results with patches.
 Attached is an example of the uunrepresented changes in a package I'm
 working on:
 
 
 I'm not quite sure how git dpm update-patches generates patches but it
 manages to capture the patches with the old blob IDrather than with the
 blob ID that results from  the merged content.
 
 So, dpkg-source claims there are unrepresented upstream changes in the
 form of all the blob id updates for all the files patched by git dpm.

This is quite an ugly problem. git-dpm just uses git-format-patch and
that as far as I see it has no way to generate the proper patches.

Even worse removing the .gitattribute file usually does not help either,
as it caused git to put something different in the internal storage than
what the file actual has (so removing the .gitattribute will make git
claim the content of the file changed).

The only way I see around this is importing a tarball of the sources
on top of it (for example using git-dpm import-new-upstream).
If the tarball contains the .gitattribute even that will
not help without the new --exclude option added it git-dpm 0.9.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#758234: it's actively harmful

[Bernhard R. Link]

* Matthias Urlichs matth...@urlichs.de [141103 07:48]:
  As long as only a small number of packages have the wrong priority,
  starting with that set and pulling the rest in via dependencies is
  likely to not run into any ugly problems. So simple algorithms have
  a chance.
 
 I'm not saying that we should immediately replace Required and Important
 priorities with two metapackages (which would depend on every top-level
 package that's currently marked as such). That'd be too complex for simple
 tools like debootstrap.

 What I am saying is that if package A is Important / Required and has a
 simple dependency on B, then (absent any Pre-Depends) the priority of B is
 not relevant any more and thus doesn't need to be overridden.

And what about the dependencies of B? Is it allowed to have non-simple
dependencies in your suggestion?

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#758234: it's actively harmful

[Bernhard R. Link]

* Matthias Urlichs matth...@urlichs.de [141029 19:48]:
 That's obvious. What is not so obvious, to me, is why we would still
 want the current policy in the first place, given that everything(?)
 is resolved via dependencies these days.

Resolving dependencies is a hard and complex task. In general it will
not even have a unique solution. And virtual packages, alternatives
and versioned depends needs more complexity (including backtracking
to find solutions) than most tools can do.

As long as only a small number of packages have the wrong priority,
starting with that set and pulling the rest in via dependencies is
likely to not run into any ugly problems. So simple algorithms have
a chance.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#760579: git-dpm: Adopt git-bp style tag names

[Bernhard R. Link]

package git-dpm
tag 760579 + pending
thanks

* Barry Warsaw ba...@debian.org [140905 19:09]:
 On Sep 05, 2014, at 07:24 PM, Bernhard R. Link wrote:
 
 Could you check if after
 
 git config --global dpm.debianTag 'debian/%e%v'
 git config --global dpm.patchedTag 'debian/%e%v'
 git config --global dpm.upstreamTag 'debian/%e%u'
 
 A new repo and ran:
 
 git config dpm.debianTag 'debian/%e%v'
 git config dpm.patchedTag 'patched/%e%v'
 git config dpm.upstreamTag 'upstream/%e%u'
 
 And it worked perfectly.  Thanks!  (Yes, I think we want this per-repo so that
 team members don't have to set their global settings when working with other
 non-team git-dpm repos.)

The current master branch at git://anonscm.debian.org/git-dpm/git-dpm.git now
also has support for storing tag names in debian/.git-dpm (and some more
%-sequences (to support the different ways epochs and tildes are escaped).

Thanks for your suggestions and testing very welcome,
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#760579: git-dpm: Adopt git-bp style tag names

[Bernhard R. Link]

* Barry Warsaw ba...@debian.org [140905 16:36]:
 Because of backward compatibility, you probably have to preserve the
 current behavior as a default, but here's a request to allow for some
 configurability here, in say a debian/gitdpm.conf file.

Could you check if after

git config --global dpm.debianTag 'debian/%e%v'
git config --global dpm.patchedTag 'debian/%e%v'
git config --global dpm.upstreamTag 'debian/%e%u'

git-dpm produces tags more to your liking?
(I guess for tagging it might make sense to also have
some config in the repository itself, currently almost
all git-dpm config is only per-repository or per-user).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#757599: O: xbuffy - monitor mailboxes and/or newsgroups

[Bernhard R. Link]

Package: wnpp
Severity: normal
Control: affects -1 + xbuffy

I'm orphaning xbuffy as I haven't used it myself for over two years
so lack the setup to test it properly.

Current packages can be found in git at
git://anonscm.debian.org/collab-maint/xbuffy.git
http://anonscm.debian.org/cgit/collab-maint/xbuffy.git
http://anonscm.debian.org/gitweb/?p=collab-maint/xbuffy.git;a=summary

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#756399: reprepro: use britney's HeidiResult file to update a distribution

[Bernhard R. Link]

* Raphaël Hertzog hert...@debian.org [140729 16:27]:
 Kali is using reprepro and we're starting to use britney to
 maintain a derivative of testing. So britney is generating us
 an HeidiResult file and it would be nice if reprepro could
 make use of that file to update a distribution.
 
 $ reprepro setcontent codename heidi-file
 
 The HeidiResult file looks like this:
 0ad 0.0.16-4 amd64 games
 0ad-data 0.0.16-1 all games
 [...]
 0ad 0.0.16-4 armhf games
 0ad-data 0.0.16-1 all games
 [...]
 0ad 0.0.16-4 source games
 0ad-data 0.0.16-1 source games
 
 Note that entries for arch all packages are (needlessly) duplicated.
 Each binary/source package has its own entry.
 
 It's possible that the HeidiResult file lists multiple versions of source
 packages (it might keep older versions around during transitions) as well as 
 some
 obsolete binary packages.
 
 Any package not listed in the HeidiResult file must be removed.
 Packages are to be found in other distributions of the reprepro setup.
 
 PS: No hurry, for now we opted to use a custom script that calls reprepro
 many times with copy and remove commands.

Does that actually has different values for the different architectures?
If not then this might easily be translated to two filter files for
FilterList and FilterSrcList for a pull rule.
(something like
sed -n -e 's/^\(.*\) \(.*\) source .*/\1 = \2/p'  srcfilterlist
sed -n -e 's/^.* .* source .*//' -e 's/^\(.*\) \(.*\) .* .*/\1 = \2/p'   
binfilterlist

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#748658: Please consider supporting generation of .xz index files.

[Bernhard R. Link]

* Daniel Baumann daniel.baum...@progress-technologies.net [140728 10:18]:
 what is the status of this?

reprepro 4.15.0-1 ships with an
/usr/share/doc/reprepro/examples/xz.example
script to generate Packages.gz using a DebIndices hook.

Native generation of the .xz files is there but not enabled in the
Debian packages to avoid depending in both liblzma and xz-utils as
the native unpackaging of .xz files still needs some more work.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#756034: #756280: please don't claim other people wrote or maintain software they do not

[Bernhard R. Link]

 Upstream Author : Bernhard R. Link brl...@debian.org

While I somtimes no longer remember what features I've already added
to some code a long time ago, I think I would at least remember if
I had written a whole program. In other words, please make sure to
look up the correct upstream author.

| ircii (20131230-1.1) unstable; urgency=low
|   * Non-maintainer upload.
|   * New upstream release (Closes: #747700)
|
|  -- Denis Rodrigues Ferreira denis...@gmail.com  Fri, 18 Jul 2014 13:34:53 
+0100

ircii is orphaned. You cannot do an non-maintainer upload because there
is no maintainer. Please either adopt it and do an MU or do a QA upload instead.
(also the empty line after the first line is missing, which makes this 
uneccassary
hard to read.)

| Source: ircii
| Section: net
| Priority: optional
| Maintainer: Bernhard R. Link brl...@debian.org
| Build-Depends: debhelper (= 9), autotools-dev, libncurses5-dev, quilt
| Standards-Version: 3.9.5
| Homepage: http://www.eterna.com.au/ircii/
| Vcs-Git: git://anonscm.debian.org/collab-maint/ircii.git
| Vcs-Browser: 
http://anonscm.debian.org/gitweb/?p=collab-maint/ircii.git;a=summary

Thanks for volunteering me to maintain this package. But if I take over
a package I'd like to decide that on my own.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL

[Bernhard R. Link]

* Mike Hommey m...@glandium.org [140713 12:55]:
  … while IMHO it's possible to safely mix openssl and libressl if we prepare
  for that (i.e. make sure that _everything_ in libressl is only exported 
  with properly versioned symbols)
 
 Contrary to what you seem to believe, this only really works if *both*
 libraries have versioned symbols. Otherwise, you can end up with
 libraries linked against the unversioned one using symbols from the
 versioned one at run time when both are loaded in the same address
 space.

Actually, both having versioned symbols is not enough.
It is either both must always have had versioned symbols or
both must have versioned symbols now and every binary linked against
either must have been built (or rebuilt) after the symbols got
versioned.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#753800: tracker.debian.org: please give the details link some content

[Bernhard R. Link]

Package: tracker.debian.org
Severity: minor

Please add some content to the span title=details links.
Currently the whole content of the a .. is a i... tag without any
content and the image of the question mark in the circle is put there as
background image. This causes some text browsers to not offer anything
to select there, so the link is not shown and cannot be followed.

It would be nicer if there was some img .. with a proper alternate
text.

Thanks in advance,
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#570623: reprepro: please add multiple version management

[Bernhard R. Link]

* Benjamin Drung benjamin.dr...@profitbricks.com [140612 17:30]:
 the logging and tracking was not working in all cases when adding
 packages with the include command. The fix is in the attached 0003
 patch. The include and processincoming commands do work now (except when
 these commands want to remove a package, which is still on my todo
 list).

What version of reprepro is that patch relative to? I'm a bit at loss
at packagedata.c.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#752457: reprepro: Please release lock after crash

[Bernhard R. Link]

package reprepro
tag 752457 -patch +wontfix
thanks

 When reprepro crashes, the database lock file is not released, because the 
 lock
 file still exists on the system. A patch is attached that changes the locking
 system to use fcntl() to lock the database lockfile instead of open with 
 O_EXCL.
 With this change, the lock is correctly released in case of the reprepro 
 process
 is crashing.

That is currently intentional (at least as long as using bdb).
Once reprepro crashes it is likely that bdb just corruptet itself, so
one needs a check of the database, anyway. So it is nothing I want to
just step over. (Perhaps the error message if there is already a lock
file should be made a bit scarier).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#748936: apt doesnt understand architecture wildcards

[Bernhard R. Link]

* Johannes Schauer j.scha...@email.de [140522 13:30]:
 Debian policy 11.1.1 [1] and the associated footnote [2] allow
 architecture wildcards of the form os-any and any-cpu. Apt seems to
 equal cpu with debian architecture which is not correct. Here is an
 example of correct matching:
 
 dpkg-architecture -aarmhf -iany-arm  echo any-arm matches armhf
 
 Apt would instead only match the deprecated arm architecture with
 any-arm. This doesnt seem to be a problem in practice though because:
 
  1) apt does not check whether a source package can be compiled on the
 current host architecture (it ignores the Architecture field of
 source packages)
  2) all packages that have any-arm in their build dependency
 architecture restrictions also include any-armel, any-armeb and
 any-armhf
 
 Nevertheless, apt behaviour should reflect dpkg behaviour and naturally
 policy. The correct behaviour is encoded in dpkg scripts/Dpkg/Arch.pm
 and needs the files /usr/share/dpkg/triplettable and
 /usr/share/dpkg/cputable to work correctly.

Urgh. Really? This is far too complicated for most programs to implement
properly. I'd suggest to rather fix dpkg (and also fix policy. The footnote
describes absolutely nothing currently, and having such important fields
a meaning that you cannot calculate without knowing what architectures
the system finally using the package uses makes it unhandable).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#749126: downloadable maintainer mbox contains from message dates

[Bernhard R. Link]

Package: debbugs
Severity: normal


The From  message header in the downloadable maintainer mbox
does not contain the date of the message like in the mbox folder
or status mbox but instead the current date.

This causes answers to those mails attributing the sender with the
wrong date in the reply (like in the header mutt inserts on top
of a quotation).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#742417: bls tag for configure syntax errors

[Bernhard R. Link]

Sorry for the late reply. I totally missed your bug report.

* Evgeni Golov evg...@debian.org [2014-03-23 14:38]:
 Those errors might look like this in the build log:

 checking for idna_to_ascii_from_locale... no
 ../configure: line 12285: test: =: unary operator expected

 This usually means that there is a syntax error in the configure script
 but the execution could be completed. Syntax errors can lead to
 unexpected configuration results.

Do you have an example of a buildd log that contains a line like that?
I did a manual scan of all packages currently in unstable with the
regexp you gave and could not find any example.

 Those errors might look like this in the build log:
 
  checking for idna_to_ascii_from_locale... no
  ../configure: line 12285: test: =: unary operator expected
 
 This usually means that there is a syntax error in the configure script
 but the execution could be completed. Syntax errors can lead to
 unexpected configuration results.
 ---
  data/bls/descriptions/X-configure-syntax-error.description | 14 
 ++
  1 file changed, 14 insertions(+)
  create mode 100644 data/bls/descriptions/X-configure-syntax-error.description
 
 diff --git a/data/bls/descriptions/X-configure-syntax-error.description 
 b/data/bls/descriptions/X-configure-syntax-error.description
 new file mode 100644
 index 000..7df52f6
 --- /dev/null
 +++ b/data/bls/descriptions/X-configure-syntax-error.description
 @@ -0,0 +1,14 @@
 +## Match: regexp:.*configure: line [0-9]\+:

I'd would have expected that regexp to be quite expensive due to the
starting with .* but it currently hardly increases the number of states
in the compile finite state machine and it really cannot be helped that
much I guess it does not matter.

 +This is an experimental tag. It needs review and a better description.
 +br
 +The build log contains a message from ttconfigure/tt starting with
 +pre
 +configure: line X:
 +/pre
 +br
 +This message usually means that there is a syntax error in the configure
 +script, but the execution could be completed. Syntax errors can lead to
 +unexpected configuration results.
 +br
 +If you have more information for this description or want it escalated
 +to warning or error, please let me know.

I guess it makes sense to start with an warning right away (I guess
error is a bit too hard as it might not be an actual problem)

I guess a longer description might be nice but currently the only thing
I can think of is perhaps making the example line a bit more specific
like

 +configure: line NNN: SOME-ERROR-MESSAGE


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#570623: reprepro: please add multiple version management

[Bernhard R. Link]

* Benjamin Drung benjamin.dr...@profitbricks.com [140521 16:48]:
 I got distracted by different tasks, but now I have time to work on
 reprepro again.
 
 Am Dienstag, den 04.02.2014, 23:23 +0100 schrieb Bernhard R. Link:
  * Benjamin Drung benjamin.dr...@profitbricks.com [140203 13:15]:
   Okay. Attached the patch for my prototype. Be aware: It's just a
   prototype that is just able to run the commands that I wanted to test,
   but isn't near to be ready for mainlining. The prototype implements case
   2 just because that was my initial idea, but now I tend to think that
   case 1 might be easier/cleaner.
 
  Thanks. I'll take a look this weekend.

 Any feedback so far?

It's too long ago for me to remember. AFAIR it mostly was that libdb
trick that is quite hard to understand.

It sounds quite slow either way. Perhaps the way to go is instead
changing the data format, like having the version first (perhaps even in
preparsed format to speed things up).
  
   Good idea, but is this function really time critical? It should be only
   called when comparing duplicate keys (which shouldn't happen that often,
   does it?).
  
  It might also happen when updating some value otherwise. (And if the
  version is in some meta-data first one also does not have to
  differentiate between binaries and sources that much). One could also
  take the opportunity of a format change to allow for other possible
  future meta data (like the first added timestamp).
 
 How flexible should the new data structure be? What meta data besides
 the timestamp could be relevant?

It would be nice if it allowed other fields to be added later without
breaking the format again. Like some (field-length-content)* format.

   How do you want to preparse the version?
  
  if versions are compared they are split into epoch version and revision
  and version and revision are gain split into sequences of numbers and
  not-numbers. Dpkg for example first parsed all the functions and later
  only compares the already split part. if easily possible it could make
  sense to store it in a format like that (but then parsing a on-disk
  format of the split data might be just as time-consuming as just looking
  at the real data).
 
 The version and revision can have a nearly unlimited amount of
 concatenated numbers and not-numbers. You could store the parts as list
 with type information. I doubt that a different on-disk format could
 increase the speed. We could split the full version into epoch, version,
 and revision and store them separately, but parsing these parts will be
 more time consuming. My feeling is that we should stick with the full
 version as string.

Yes, might not make much sense if one has to store the preparsed format.

 While working on reprepro, I found a typo. A patch for that is attached.

applied.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#748658: Please consider supporting generation of .xz index files.

[Bernhard R. Link]

* peter green plugw...@p10link.net [140519 12:57]:
 Please consider supporting generation of xz index files, xz is much faster
 to decompress than bz2.

If you feel adventurous you can try the code at
http://anonscm.debian.org/gitweb/?p=mirrorer/reprepro.git;a=shortlog;h=refs/heads/master

Otherwise take a look at the standalone bzip example
(/usr/share/doc/reprepro/examples/bzip.examples in the packages).
Replacing all bzip2 with xz and .bz2 with .xz in there should make it
possible to generate Packages.xz and/or Sources.gz


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747674: make-dfsg: undeterministic build due to missing configure arguments/build-conflicts

[Bernhard R. Link]

* Manoj Srivastava sriva...@acm.org [140511 02:09]:
  debian/rules does not tell configure which optional features to use, so
  they are added or not depending on autodetection, that is whether some
  packages are installed or not. As those are also not found in the
  Build-Conflicts, the build is nondeterministic:
 
 All kinds of things make build non-deterministic. Setting up the
  build environment consistently is required for any kind of
  determinism. A clean machine with build-essential and the build depends
  will result in make without guile.  As such, all kinds of things in the
  user environment may change the behaviour of the software built.

I guess with clean you mean minimal here.

Because the bug causes the outcome to behave differently in different
clean chroots, depending on what packages are installed.

Also packages are practically never build in a truely minimal chroot.
For example most people use chroots still have apt and its
dependencies like gnupg installed. Build environments like sbuild
support speeding up builds by keeping installed packages installed
(in the past that was even the behaviour of offical Debian buildds)
and last but not least debugging of packages is much easier outside
of a temporary chroot, so a bug like this makes it much harder for
porters or users running into some problem.

Even if requiring some minimal build environment, a indeterminism
like this bug can cause problems: Imagine between the last upload
of make-dfsg and the release of jessie, and of the build-dependencies
gains a dependency to guile-dev, then a security upload to jessie
would suddenly change the behaviour of make in this regard.

Finally the whole point of the existance of Build-Conflicts is that
a minimal set of installed packages is not a guaranteed property of
a build. If a package needs that guarantee, that is what Build-Conflicts
is for.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#745675: email uploader when there's an error in processincoming

[Bernhard R. Link]

* Antoine Beaupré anar...@debian.org [140424 01:03]:
 it is pretty confusing for users when their upload fails to register
 in reprepro - they have no way to tell what went wrong, short of
 looking into the log, something which only admins have access to.

 could reprepro email the uploader when errors happen?

This is a long planed feature, TODO already lists implement sending
mails to uploader, but also a quite complicated one. For one the error
reporting needs some revamping, as most error reporting currently goes
directly to stderro.

Then there is a question of where to send mails to. I guess one wants
something like a whitelist there, to make sure DDs are not pestered with
mails if someone tries to add their package to some local repository
somehwere in the world.

As an intermediate step, you might want to consider if it makes sense
for you to write this log to some place where users can look at them.
(as the repository generated is usually available via plain html,
making the log visible on the same way is usually easy, unless you
consider any information in there especially protectworthy).

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747753: Strange Replaces: none and Conflicts: none in control information

[Bernhard R. Link]

Package: snmptrapfmt
Version: 1.14+nmu1
Severity: important

The control information of snmptrapfmt_1.14+nmu1_amd64.deb contains the two 
lines

Replaces: none
Conflicts: none

which causes apt to believe there is a virtual package none around.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#747674: make-dfsg: undeterministic build due to missing configure arguments/build-conflicts

[Bernhard R. Link]

Package: make
Version: 4.0-5
Severity: normal


debian/rules does not tell configure which optional features to use, so
they are added or not depending on autodetection, that is whether some
packages are installed or not. As those are also not found in the
Build-Conflicts, the build is nondeterministic:

Debdiff of generated .deb with and without guile-2.0-dev installed:

Control files: lines which differ (wdiff format)

Depends: [-guile-2.0-libs,-] libc6 (= [-2.17), libgc1c2 (= 1:7.2d)-] {+2.17)+}


-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)

Kernel: Linux 3.14-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages make depends on:
ii  libc6  2.18-5

make recommends no packages.

Versions of packages make suggests:
pn  make-doc  none

-- no debconf information
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#746973: dpkg-gensymbols(1) is misleading to omit important part of symbols file maintainance

[Bernhard R. Link]

Package: dpkg
Version: 1.17.9
Severity: normal
Tags: patch

dpkg-gensymbols(1) reads as if applying the dpkg-gensymbols generated
diff to a symbols file was all there was to do for a new upstream
version. Attached patch hopefully fixes that:


From 7f2679cb82526a14b0c5c3b1418b09c6c2d92762 Mon Sep 17 00:00:00 2001
From: Bernhard R. Link brl...@debian.org
Date: Sun, 4 May 2014 15:31:54 +0200
Subject: [PATCH] dpkg-gensymbols(1): Fix seriously misleading part about
 applying diffs to symbols files

---
 man/dpkg-gensymbols.1 | 16 ++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/man/dpkg-gensymbols.1 b/man/dpkg-gensymbols.1
index 65b042c..bf6c8c0 100644
--- a/man/dpkg-gensymbols.1
+++ b/man/dpkg-gensymbols.1
@@ -61,8 +61,12 @@ option).
 The symbols files are really useful only if they reflect the evolution of
 the package through several releases. Thus the maintainer has to update
 them every time that a new symbol is added so that its associated minimal
-version matches reality. To do this properly the diffs contained in the
-build logs can be used. In most cases, the diff applies directly to the
+version matches reality.
+As as start for this the diffs contained in the build logs can be used,
+but the maintainer has to ensure additionally that the behaviour of that
+symbol was not changed in a way that something using that symbol linked
+against the new version no longer works against the old package.
+In most cases, the diff applies directly to the
 debian/\fIpackage\fR.symbols file. That said, further tweaks are usually
 needed: it's recommended for example to drop the Debian revision
 from the minimal version so that backports with a lower version number
@@ -79,6 +83,14 @@ Note that you can put comments in symbols files: any line 
with '#' as the
 first character is a comment except if it starts with '#include' (see
 section \fBUsing includes\fP). Lines starting with '#MISSING:' are special
 comments documenting symbols that have disappeared.
+.P
+Do not forget to check if old symbols' versions needs to be increased.
+There is no way \fBdpkg\-gensymbols\fP can warn you about this.
+Blindly applying the diff or assuming there is nothing to change
+if there is no diff without checking this leads to packages
+with dependencies that claim the package working with older versions
+it cannot work with, thus introducing hard to find bugs with
+(partial) upgrades.
 .SS Using #PACKAGE# substitution
 .P
 In some rare cases, the name of the library varies between architectures.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#742623: Please show the whole git repository directory of a project instead of just one repository

[Bernhard R. Link]

* Olivier Berger olivier.ber...@telecom-sudparis.eu [140421 20:02]:
 Thanks for the suggestion.

 I'm not sure this is the best way to do it.

 That URL corresponds to one linked from the SCM tool 
 (https://alioth.debian.org/scm/?group_id=), when following the Browse 
 git repository link.

 I think it may be better to list all repositories of a project in that base 
 page of the SCM tool, instead.

Having a nicer list earlier would also be nice, but it's more
complicated while just fixing the iframe at the Browse Git Repository
page is an easy fix with hardly any disadvantage (one click more for
projects that really only have one git repository in their directory).

Having the list already at the /scm/?group_id= page would either mean
the php code needs to know about which git repositories exist (not very
recommendable, as that would mean more reading of untrusted data from
the php code) or just embedding the iframe to gitweb already there.
Which again would likely mean to change the layout there and so on and
so forth...

 [...] I'll forward it in upstream bugtracker.

Thanks,
Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#742623: Please show the whole git repository directory of a project instead of just one repository

[Bernhard R. Link]

Package: gforge-plugin-scmgit
Version: 5.2.3-1

Currently https://alioth.debian.org/scm/browser.php?group_id=
shows an iframe with the git repository named like the project in the
project's directory for git repositories.

It would be nicer if it could instead show the list of all git
repositories in that directory. That's one more click if there is
only one but much better visibility of other repositories
(and even allows to have no repository there named like the project
itself).

Needs at least gitweb 1.7.10-rc0. (wheezy has already 1.7.10.4)

Index: fusionforge-5.2.3/plugins/scmgit/common/GitPlugin.class.php
===
--- fusionforge-5.2.3.orig/plugins/scmgit/common/GitPlugin.class.php
2014-03-25 16:14:29.341835604 +0100
+++ fusionforge-5.2.3/plugins/scmgit/common/GitPlugin.class.php 2014-03-25 
16:15:28.949835377 +0100
@@ -212,7 +212,7 @@
 
if ($project-usesPlugin($this-name)) {
if ($this-browserDisplayable($project)) {
-   print 'iframe 
src='.util_make_url(/plugins/scmgit/cgi-bin/gitweb.cgi?p=.$project-getUnixName().'/'.$project-getUnixName().'.git').'
 frameborder=0 width=100% height=700/iframe' ;
+   print 'iframe 
src='.util_make_url(/plugins/scmgit/cgi-bin/gitweb.cgi?pf=.$project-getUnixName()).'
 frameborder=0 width=100% height=700/iframe' ;
}
}
}


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#741178: xterm mis-sets terminal size (again)

[Bernhard R. Link]

Package: xterm
Version: 302-1
Severity: normal
Control: found -1 303-1

It looks like #347308 aka #347774 is back:

If I open an xterm my window manager makes it fill out the whole frame
instantly, but xterm again sometimes does not seem to set the terminal size
to it (but instead to  some previous size) until I trigger a resize of the
window, in which case xterm sets the terminal size to the window size.

Btw: #461773 might be a another duplicate of #347308.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC

-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)

Versions of packages xterm depends on:
ii  libc6   2.18-4
ii  libfontconfig1  2.11.0-5
ii  libice6 2:1.0.8-2
ii  libtinfo5   5.9+20140118-1
ii  libutempter01.1.5-4
ii  libx11-62:1.6.2-1
ii  libxaw7 2:1.0.12-1
ii  libxft2 2.3.1-2
ii  libxmu6 2:1.1.1-1
ii  libxpm4 1:3.5.10-1
ii  libxt6  1:1.1.4-1
ii  xbitmaps1.1.1-2

Versions of packages xterm recommends:
ii  x11-utils  7.7+1

Versions of packages xterm suggests:
pn  xfonts-cyrillic  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#737634: dpkg-dev: please reject native/non-native version when building native/non-native source packages

[Bernhard R. Link]

* Sam Hartman hartm...@debian.org [140205 13:27]:
 no, that means I have to maintain the artifact (namely the
 .orig.tar.gz).
 The archive software (both reprepro and dak were I to use that) require
 that the .orig.tar.gz not change checksums.
 
 I don't want my build machines to be able to push back to my master
 repository.
 Nor do I want to have to release upstream versions if I lose state on my
 build machines.
 So this violates my requirements because I have to maintain  an artifact
 of dpkg-source (the .orig.tar.gz) and makesure its checksum never
 changes.

This answers the question why you want to use a 3.0 (native) package.
But the real question here is: Why do you want to use a version with -
for such a package?

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#570623: reprepro: please add multiple version management

[Bernhard R. Link]

* Benjamin Drung benjamin.dr...@profitbricks.com [140203 13:15]:
 Okay. Attached the patch for my prototype. Be aware: It's just a
 prototype that is just able to run the commands that I wanted to test,
 but isn't near to be ready for mainlining. The prototype implements case
 2 just because that was my initial idea, but now I tend to think that
 case 1 might be easier/cleaner.

Thanks. I'll take a look this weekend.

  It sounds quite slow either way. Perhaps the way to go is instead
  changing the data format, like having the version first (perhaps even in
  preparsed format to speed things up).

 Good idea, but is this function really time critical? It should be only
 called when comparing duplicate keys (which shouldn't happen that often,
 does it?).

It might also happen when updating some value otherwise. (And if the
version is in some meta-data first one also does not have to
differentiate between binaries and sources that much). One could also
take the opportunity of a format change to allow for other possible
future meta data (like the first added timestamp).

 How do you want to preparse the version?

if versions are compared they are split into epoch version and revision
and version and revision are gain split into sequences of numbers and
not-numbers. Dpkg for example first parsed all the functions and later
only compares the already split part. if easily possible it could make
sense to store it in a format like that (but then parsing a on-disk
format of the split data might be just as time-consuming as just looking
at the real data).

 How would the data format change? Currently the database value contains
 just the control junk. We could put the pair (version, control) as value
 into the database. How should the pair separated? Maybe with a null
 character?

something like that.

 Then we could just use the pointer to the value as version
 string (the null character from the pair separation would also be used
 to terminate the string).

Yes. That would be the store verbatim and non-preparsed variant.
Alternatively one could first store a length of the string, so one can
even faster jump to the control part.


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#570623: reprepro: please add multiple version management

[Bernhard R. Link]

* Benjamin Drung benjamin.dr...@profitbricks.com [140108 15:51]:

First sorry for my late reply. I must have totally missed your mail.

 The first step is to agree on the database layout change. I came up with
 two alternatives:

 1) Allow duplicate entries in packages.db and sort duplicate entries by
 their Debian version. They can be sorted a) upwards or b) downwards.
 Depending on the request, we will either search for all versions of a
 package, one specific version of the package, or for the latest version
 of a package.

 2) Rename the key of packages.db to also contain the version of the
 package, e.g. sl|3.03-17 or hello_2.8-4 (which delimiter should we
 use?). This would allow us to check directly for a specific version of a
 package. We need to add a secondary table that allows us to access the
 database as described in 1) through the secondary table. This secondary
 table will allow duplicate entries and the values of the secondary table
 point to the key in packages.db. Depending on the task, we either query
 the first or secondary table. The secondary table will be kept in sync
 by BerkeleyDB.

 In the first case, we need to add a function to iterate over the
 duplicate packages to find a specific version. In the second case, we
 need to create the secondary table and transform the database.

 Which layout do you prefer?

I think that layout is better that better fits the code. Not yet having
looked at the code, I cannot say. I guess 1 might be simpler. In the
case of 2 I think | is fine, as it is already used elsewhere (though
I guess one should make sure reprepro does not allow | in package
names).

 Another issue is the sorting of the packages in the database. We need
 one function to sort all entries in the table. So we need one function
 to sort binary packages and source packages, but we have
 binaries_getversion() and source_getversion(). Here's the example code
 (without the error handling) of the sorting function:
 
 static int debianversioncompare(UNUSED(DB *db), const DBT *a, const DBT *b) {
 char *a_version, *b_version;
 int versioncmp;
 
 binaries_getversion(a-data, a_version);
 binaries_getversion(b-data, b_version);
 dpkgversions_cmp(a_version, b_version, versioncmp);
 return versioncmp;
 }
 
 Do you have a suggestion how to improve this function?

It sounds quite slow either way. Perhaps the way to go is instead
changing the data format, like having the version first (perhaps even in
preparsed format to speed things up).


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#628878: patch to fix xli with png with palette and transparency

[Bernhard R. Link]

package xli
severity 628878 normal
tags 628878 + patch
thanks

It looks like the thing to trigger this bug is a png in palette mode
that uses transparency, as the way png is used it told to expand this
into an alpha channel (which is then dropped, but that happens to late,
so the size information is wrong).

The following patch fixes it for me:

--- xli-1.17.0+20061110.orig/png.c  2006-11-11 06:52:14.0 +0100
+++ xli-1.17.0+20061110.new/png.c   2014-01-06 14:29:28.522747134 +0100
@@ -206,6 +206,7 @@
gflag = PNG_BACKGROUND_GAMMA_FILE;
}
png_set_background(png, bg, gflag, expand, gval);
+   png_set_strip_alpha(png);
}
if (bit_depth  8  (bit_depth  1 ||
PNG_COLOR_TYPE_GRAY != color_type)) {


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC
--- xli-1.17.0+20061110.orig/png.c	2006-11-11 06:52:14.0 +0100
+++ xli-1.17.0+20061110.new/png.c	2014-01-06 14:29:28.522747134 +0100
@@ -206,6 +206,7 @@
 			gflag = PNG_BACKGROUND_GAMMA_FILE;
 		}
 		png_set_background(png, bg, gflag, expand, gval);
+		png_set_strip_alpha(png);
 	}
 	if (bit_depth  8  (bit_depth  1 ||
 			PNG_COLOR_TYPE_GRAY != color_type)) {

Bug#697630: Can't include changes files which contain a duplicate arch all

[Bernhard R. Link]

package reprepro
tags 697630 - patch
thanks

* Simon McVittie simon.mcvit...@collabora.co.uk [131126 17:44]:
 On Tue, 08 Jan 2013 at 23:11:55 +0100, Bernhard R. Link wrote:
  * Sjoerd Simons sjo...@debian.org [130107 20:33]:
   With our usage of reprepro we get .changes files form multiple builders
   (different architecture), all of them build arch dependent and arch
   independent. This unfortunately means reprepro will error out as soon as a
   second buld of an arch all package is received.
  
  Thanks for your patch, but I fear it is not that easy.
 [...]
  This only does not copy the file, and even takes the contents from the
  old file (I don't know if that is good and ugly or bad and ugly, most
  likely something of both), but the checksum is still the one from the
  new file.
 
 Here's a later version of Sjoerd's patch, which seems to address this.
 We've been using it for a while and it appears to work fine in practice.

[...]
 +.B updatedarchall
 +When asked to include a architecture all package into a repository which
 +already includes that same file with a different checksum ignore the request.
 +Useful when getting multiple builds include architecture independent packages

That's not what this patc does. It's rather:

When asked to include a architecture all package into a repository which
already includes the same file (in the same or another distribution),
the package will be included with the information for the Packages
file (like description or the dependencies apt sees) from the new
package, while the file (which is then all dpkg sees) is taken from
the already existing package. This can be useful if multiple builds
create an architecture all package (i.e. if all using dpkg-buildpackage
-b instead of dpkg-buildpackage -B), but great care has to be taken
has to be taken to not end up with conflicting information [...]

The more I try to describe it, the more I think this is not something
I want to have.

How about something like the following instead (it would have the
disadvantage of not adding the arch all package at all if the
conflicting package is in another distribution, but better no package
than a package where content and index might be not match):


diff --git a/checkin.c b/checkin.c
index 1884273..8a1d456 100644
--- a/checkin.c
+++ b/checkin.c
@@ -880,12 +880,13 @@ static retvalue changes_check(const struct distribution 
*distribution, const cha
 }
 
 static retvalue changes_checkfiles(const char *filename, struct changes 
*changes) {
-   struct fileentry *e;
+   struct fileentry *e, **pe;
retvalue r;
 
r = RET_NOTHING;
 
-   for (e = changes-files; e != NULL ; e = e-next) {
+   pe = changes-files;
+   while ((e = *pe) != NULL) {
//TODO: decide earlier which files to include
if (e-type == fe_BYHAND) {
/* byhand files might have the same name and not
@@ -918,6 +919,21 @@ static retvalue changes_checkfiles(const char *filename, 
struct changes *changes
return RET_ERROR_OOM;
/* do not copy yet, but only check if it could be included */
r = files_canadd(e-filekey, e-checksums);
+   if (r == RET_ERROR_WRONG_MD5 
+   e-architecture_into == architecture_all 
+   IGNORABLE(conflictingarchall)) {
+   struct fileentry *removedentry;
+
+   fprintf(stderr,
+Ignoring '%s' as --ignore=ignoreconflictingarchall given and there is already 
a file with different contents of that name.,
+   e-name);
+
+   removedentry = e;
+   *pe = removedentry-next;
+   removedentry-next = NULL;
+   freeentries(removedentry);
+   continue;
+   }
if (RET_WAS_ERROR(r))
return r;
/* If is was already there, remember that */
@@ -943,6 +959,7 @@ static retvalue changes_checkfiles(const char *filename, 
struct changes *changes
}
free(fullfilename);
}
+   pe = e-next;
}
 
return RET_OK;
diff --git a/ignore.h b/ignore.h
index 5a64288..d2c0c5d 100644
--- a/ignore.h
+++ b/ignore.h
@@ -36,7 +36,8 @@
IGN(wrongarchitecture) \
IGN(oldfile) \
IGN(longkeyid) \
-   IGN(missingfile)
+   IGN(missingfile) \
+   IGN(conflictingarchall)
 
 
 enum ignore {


Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#730572: reprepro: support for ddebs (debug symbols)

[Bernhard R. Link]

* Simon McVittie simon.mcvit...@collabora.co.uk [131126 18:03]:
 (Deliberately not tagging this +patch right now, since Debian doesn't
 officially support ddebs yet, and the archive layout looks likely to change.)
 
 Ubuntu has a semi-separate archive for separate debug symbols, and
 https://wiki.debian.org/AutomaticDebugPackages is the proposal to
 add the same thing to Debian. It would be great if reprepro could
 support them, too.
 
 The attached patch is a proof-of-concept implementation: it treats them
 as a mixture of .deb and .ddeb. It seems to work OK in conjunction with
 Ubuntu's pkg-create-dbgsym.

Thanks. That fits the coding style of reprepro quite well. If you'd
have claimed I had written it and just forgotten about about, I'd
have had a hard time arguing against that.

 diff --git a/checkin.c b/checkin.c
 index 02ba279..ba5331f 100644
 --- a/checkin.c
 +++ b/checkin.c
 @@ -130,7 +130,7 @@ static void freeentries(/*@only@*/struct fileentry 
 *entry) {
   free(entry-section);
   free(entry-priority);
   free(entry-name);
 - if (entry-type == fe_DEB || entry-type == fe_UDEB)
 + if (FE_BINARY(entry-type))
   deb_free(entry-pkg.deb);
else if (entry-type == fe_DSC) {
strlist_done(entry-needed_filekeys);

I've already applied this one. As it makes sense anyway.


 @@ -1164,8 +1169,7 @@ static retvalue changes_checkpkgs(struct distribution 
 *distribution, struct chan
   e = changes-files;
   while (e != NULL) {
   char *fullfilename;
 - if (e-type != fe_DEB  e-type != fe_DSC
 -  e-type != fe_UDEB) {
 + if (!FE_PACKAGE (e-type)) {
   e = e-next;
   continue;
   }

This, too. But without the space between E and (.

 + /* we use the deb overrides for ddebs too - ddebs aren't
 +  * meant to have overrides so this is probably fine */
   binoverride = distribution-overrides.deb;
   components = distribution-components;

I think if those packages will finally come without a Priority or
Section in the package, there will be a more complex solution needed,
as without no Section at all, reprepro will not accept the package
yet (unless there is one in the override file).


 @@ -173,20 +176,36 @@ static retvalue gentargetcontents(struct target 
 *target, struct release *release
   struct filetorelease *file;
   struct filelist_list *contents;
   struct target_cursor iterator;
 + const char *suffix;
 + const char *symlink_prefix;
  
   if (onlyneeded  target-saved_wasmodified)
   onlyneeded = false;
  
 + switch (target-packagetype) {
 + case pt_ddeb:
 + symlink_prefix = d;
 + suffix = -ddeb;
 + break;
 + case pt_udeb:
 + symlink_prefix = s;
 + suffix = -udeb;
 + break;
 + default:
 + symlink_prefix = ;
 + suffix = ;
 + }
 +
   contentsfilename = mprintf(%s/Contents%s-%s,
   atoms_components[target-component],
 - (target-packagetype == pt_udeb)?-udeb:,
 + suffix,
   atoms_architectures[target-architecture]);

Will there even be Contents files for ddebs?


 +/* This is pretty close to duplicating the enum typedef'd to filetype
 + * in changes.h, but its order corresponds to typesuffix[]. Do not
 + * confuse them. */
  enum filetype { ft_UNKNOWN,


uh, oh. Indeed, I should probably rename one of those two.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#729321: keyboard-configuration: changes /etc/default/keyboard upon upgrade without asking

[Bernhard R. Link]

Package: keyboard-configuration
Version: 1.103
Severity: serious

After upgrading keyboard-configuration from 1.102 to 1.103,
/etc/default/keyboard was changed (perhaps to some old state?).

The state before was:

| # KEYBOARD CONFIGURATION FILE
| 
| # Consult the keyboard(5) manual page.
| 
| XKBMODEL=pc105
| XKBLAYOUT=de
| XKBVARIANT=nodeadkeys
| XKBOPTIONS=compose:rwin,terminate:ctrl_alt_bksp,caps:none
| 
| BACKSPACE=guess

Afterwards the caps:none was gone. There were no questions asked
while upgrading.

-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)

Kernel: Linux 3.11-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages keyboard-configuration depends on:
ii  debconf 1.5.52
ii  initscripts 2.88dsf-43
ii  liblocale-gettext-perl  1.05-7+b2

keyboard-configuration recommends no packages.

keyboard-configuration suggests no packages.

Versions of packages console-setup depends on:
ii  console-setup-linux  1.103
ii  debconf  1.5.52
ii  xkb-data 2.5.1-3

Versions of packages console-setup suggests:
ii  locales   2.17-94
ii  lsb-base  4.1+Debian12

Versions of packages console-setup-linux depends on:
ii  kbd  1.15.5-1

Versions of packages console-setup-linux suggests:
ii  console-setup  1.103

Versions of packages keyboard-configuration is related to:
pn  console-common  none
pn  console-datanone
pn  console-tools   none
ii  kbd 1.15.5-1

-- debconf information:
* keyboard-configuration/layoutcode: de
* keyboard-configuration/optionscode: compose:rwin,terminate:ctrl_alt_bksp
  debian-installer/console-setup-udeb/title:
* keyboard-configuration/layout:
* keyboard-configuration/switch: No temporary switch
* console-setup/codeset47: # Latin1 and Latin5 - western Europe and Turkic 
languages
* console-setup/fontsize-fb47: 8x16
* keyboard-configuration/modelcode: pc105
  keyboard-configuration/unsupported_layout: true
  console-setup/framebuffer_only:
* keyboard-configuration/unsupported_config_options: false
* keyboard-configuration/variantcode: nodeadkeys
* keyboard-configuration/toggle: No toggling
* console-setup/charmap47: UTF-8
  console-setup/store_defaults_in_debconf_db: true
* keyboard-configuration/altgr: The default for the keyboard layout
* keyboard-configuration/compose: Right Logo key
* keyboard-configuration/other:
  console-setup/use_system_font:
* keyboard-configuration/variant: German - German (eliminate dead keys)
* console-setup/fontface47: Fixed
* keyboard-configuration/model: Generic 105-key (Intl) PC
* keyboard-configuration/ctrl_alt_bksp: true
  keyboard-configuration/unsupported_options: true
  console-setup/codesetcode: Lat15
  keyboard-configuration/unsupported_config_layout: true
* keyboard-configuration/xkb-keymap: de(nodeadkeys)
* keyboard-configuration/store_defaults_in_debconf_db: true
  console-setup/fontsize: 8x16
  console-setup/fontsize-text47: 8x16
  console-setup/guess_font:


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#709104: Should not Depends or Recommends gnupg-agent

[Bernhard R. Link]

* Bernhard Reiter wrote
 I do believe that gnupg2 should depend on gpg-agent!
 Rationale: Some users will be suprised by core behaviour of gnupg2
 not working correctly in the case of gpg-agent not being installed.

That's a reason for a Recommends. Not at all a reason for a Depends.

 About dragging in GUI resources via pinentry: There is pinentry-curses
 which does not GTK or Qt dependencies. So it does not drag in GUI
 resources.

As libgpgme11 depends on gpgme2 that means you get that pulled in in
every non-interactive setup (like buildds) if you have anything that
uses libgpgme11. But perhaps that just means libgpgme will die for
goog because everyone replaces it with something that calls gpgme(1.4)
directly because of gpgme2's dependencies.

Bernhard R. Link
-- 
F8AC 04D5 0B9B 064B 3383  C3DA AFFC 96D1 151D FFDC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722520: make 3.82: with -j tries to run receipes without prerequisites yet done

[Bernhard R. Link]

Package: make
Version: 3.82-1
Severity: important
Control: block 720706 by -1

With the following 3 makefiles:

## Makefile #
all: a b
a:
$(MAKE) -C data

b:
$(MAKE) -C src

clean:
$(MAKE) -C src clean
$(MAKE) -C data clean

.PHONY: all a b clean
## src/Makefile #
all: A1 A2 A3 A4 A5 A6 A7

A1 A2 A3 A4 A5 A6 A7:
sleep 10  $@

clean:
-rm -f A*

.PHONY: all clean
# data/Makefile #
SHELL = /bin/bash

# Give directory a/ a chance to start anything:
test := $(shell sleep 1)

.PHONY: all clean

list = B1 B2 B3 B4 B5

all: $(list)

B3: B1 B2
B5: B3

B%:
@for pred in $^ ; do printf %s $@: checking $$pred:  ; if test -f 
$$pred ; then echo found ; else echo not found ; exit 1 ; fi ; done
echo $^  $@

.SECONDARY: $(list)

clean:
rm -f B*

#

and running make -j8 in the top level directory, I get:

$ make -j8
make -C data
make -C src
make[1]: Entering directory `/mydir/src'
sleep 10  A1
sleep 10  A2
sleep 10  A3
sleep 10  A4
sleep 10  A5
sleep 10  A6
sleep 10  A7
make[1]: Entering directory `/mydir/data'
echo   B1
echo   B2
echo   B4
B5: checking B3: not found
make[1]: *** [B5] Error 1
[...]

That means despite make knowing that B3 is a prerequisite to B5,
B5 is run with B3 not yet done in this case.

-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)

Versions of packages make depends on:
ii  libc6  2.17-92+b1

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#720448: git-dpm update-patches wipes out dep-3 headers on previous patches

[Bernhard R. Link]

* Paul Elliott pelli...@blackpatchpanel.com [130829 22:24]:
  As a workaround till this is fixedI suggest starting each commit with
  a single line followed by an empty line. (As suggested by the DISCUSSION
  section of git-commit(1)).
 
 That does not work. The dep-3 standard clearly states:
   A header always ends on the first empty line.
 
 So the result would loose some of the dep-3.

Please take a look at http://dep.debian.net/deps/dep3/
at the the Fix regex problems sample DEP-3 header.
That's the kind of DEP-3 header you can create with git-dpm.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#720448: git-dpm update-patches wipes out dep-3 headers on previous patches

[Bernhard R. Link]

* Paul Elliott pelli...@blackpatchpanel.com [130829 03:35]:
 Ok I will send you an example. [...]
 Tell me if this example is helpfull.

Yes, it is helpful. That seems to be a ugly effect of git wanting to
allow multi-line short descriptions.

As a workaround till this is fixedI suggest starting each commit with
a single line followed by an empty line. (As suggested by the DISCUSSION
section of git-commit(1)).

Thanks for your example,
Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#720448: git-dpm update-patches wipes out dep-3 headers on previous patches

[Bernhard R. Link]

* Paul Elliott pelli...@blackpatchpanel.com [130822 04:15]:
 ++From: Paul Elliott pelli...@blackpatchpanel.com
 ++Date: Wed, 21 Aug 2013 02:09:27 -0500
 ++Subject: =?UTF-8?q?harden=20library=20against=20buffer=20overflow=20attack?=
 ++ =?UTF-8?q?s=20on=20sprintf=0Acalls=20to=20sprintf=20with=20'%s'=20in=20fo?=
 ++ =?UTF-8?q?rmat=20string=20replaced=20with=20snprintf?=

I cannot reproduce that here. Do you have anything active that could
cause git-format's patch to garble that subject line (or rather why does
it try to put the newline =0A in the subject itself?)

 Notice that the lines deleted were dep-3, because I hand edited it
 to be dep-3. When the new patch installed, this dep-3 was
 removed and replaced with unreadable stuff that is not dep-3!

If you use update-patches you have to put the dep-3 headers in the
commit message, so they end up in the generated patches.

 dep-3 patch headers are highly recommended but not required by debian.
 http://dep.debian.net/deps/dep3/

Note that this explicitely allows the Author in From: and the having
a Subject: for parts of the description.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#720706: cuyo: FTBFS in parallel mode with make 3.82 from experimental: Unbound module Farbe

[Bernhard R. Link]

* Daniel Schepler dschep...@gmail.com [130824 18:33]:
 config.status: creating po/Makefile
 config.status: creating config.h
 config.status: executing depfiles commands
 dh_testdir
 dh_testdir
 /usr/bin/make -C data
 /usr/bin/make -C src
 make[1]: Entering directory `/tmp/buildd/cuyo-2.0.0brl1/src'
 x86_64-linux-gnu-g++ -DHAVE_CONFIG_H -I. -I..  -I/usr/include/SDL 
 -D_GNU_SOURCE=1 -D_REENTRANT -DPKGDATADIR=\/usr/share/games/cuyo\ 
 -DLOCALEDIR=\/usr/share/locale\ -D_FORTIFY_SOURCE=2  -g -O2 
 -fstack-protector --param=ssp-buffer-size=4 -Wformat -Werror=format-security 
 -Wall -W -ansi -pedantic -MT bilddatei.o -MD -MP -MF .deps/bilddatei.Tpo -c 
 -o bilddatei.o bilddatei.cpp
 ...
 make[1]: Entering directory `/tmp/buildd/cuyo-2.0.0brl1/data'
 /usr/bin/ocamlopt -o pam.cmi -c pam.mli
 /usr/bin/ocamlopt -o natmod.cmi -c natmod.mli
 /usr/bin/ocamlopt -o helfer.cmi -c helfer.mli
 /usr/bin/ocamlopt -o graphik.cmi -c graphik.mli
 File graphik.mli, line 20, characters 0-10:
 Error: Unbound module Farbe

Is that all output of that directory?

The Makefile has a line
graphik.cmi: farbe.cmi xpmlex.cmi pam.cmi
so I am a bit lost why this version of make thinks
it can try to generate that file before it does farbe.cmi.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#714626: please check for redundant search paths

[Bernhard R. Link]

* Simon Ruderich si...@ruderich.org [130815 00:20]:
 On Mon, Jul 01, 2013 at 02:39:58PM +0200, Matthias Klose wrote:
  Please check for redundant search paths for -I and -L flags, which are 
  already
  included in the search paths of the compiler.
 
  That is, things like
 
/usr/{include,lib}
/usr/local/{include,lib}
/usr/{include,lib}/multiarch
/usr/local/{include,lib}/multiarch
  [...]
 [...]
 Implementing this should be straight-forward, but I'm not sure if
 blhc is the best place to add this.
 
 Bernhard, what do you think? Should this get implemented in blhc
 or in your general buildd log scanner?

I'm also undecided which is the best place. As blhc already looks at
similar flags it might be easy to add there, but then it is quite a
different check compared to those blhc has.

 If you think blhc is the right place, what buildd-mode messages (e.g.
 I-foo, W-foo) should I use?

If you consider it something blhc should do, I'd suggest something like
W-dangerous-search-path. Otherwise I'll add a new rule to my log
scanner.

 (btw. are the sources of the buildd log scanner available)

The scanner itself is available at git://anonscm.debian.org/qa/bls.git,
the rules are embedded in their descriptions at
http://anonscm.debian.org/viewvc/qa/trunk/data/bls/descriptions/

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#717486: RFA: xfm -- X file and application manager

[Bernhard R. Link]

Package: wnpp
Severity: normal

I plan to request removal of xfm, as I think it is no longer useful
(libmagic no longer makes definitions available to other packages,
so xfm has a outdates copy and most users are no longer capable of using
the interface as being trained to expect different behaviour by other
graphic file managers.

If you still consider it useful and want to maintain it, feel free to
contact me or adopt it directly. I plan to request it's removal
otherwise. (I'll have it removed from jessie now and currently plan
to request removal from unstable after jessie released).

The package description is:
 Xfm is a file and application manager program for the X Window System, based
 on the Xaw3d widget set.  It provides virtually all of the features that you
 would expect in a file manager; move around your directory tree in multiple
 windows, move, copy or delete files, and launch programs with simple mouse
 operations.  Directory displays are updated automatically in regular
 intervals when the contents of the directory change.  The integrated
 application manager provides a kind of shelf onto which you can place your
 favorite applications, as well as the files and directories you are currently
 working with.  It also allows you to access different groups of applications
 and files.  User-definable file types let you specify a command to be
 executed when double-clicking on a file or dropping other files onto it.
 Last not least, xfm can automatically mount and unmount special devices like
 floppies as you open and close the corresponding directories (mount points).


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#717487: please keep xfm out of testing (I plan to request removal)

[Bernhard R. Link]

Package: xfm
Version: 1.5.4-3
Severity: serious

As xfm lost updates to file format detection as libmagic no longer
ships magic definitions for other programs and due to its old age,
I plan to request removal of xfm.

To give anyone a fair warning time, I'm filing this bug to keep it
out of testing.

I've filed a RFA as #717486, feel free to adopt the package if you want
it to live longer instead.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#717489: RM: xfm/1.5.4-3

[Bernhard R. Link]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Please remove xfm from testing. I plan to drop it (RFA #717486 filed in
the unlikely case anyone wants to take it over instead) and have filed
#717487 to stop it from migrating back to testing. (I currently plan
to request removal from unstable once jessie released (preferable without
xfm)).

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#714418: new dak extra source feature causes problems for reprepro systems pulling from debian testing

[Bernhard R. Link]

* peter green plugw...@p10link.net [130629 04:27]:
 For some time now dak has been keeping arround extra versions of
 source packages to satisfy built-using. Recently dak also started
 including them in packages files marked with the extr control field
 Extra-Source-Only: yes. Extra source versions may be either older
 or newer than the primary source version. Wanna-build has also been
 made to ignore packages that are marked with Extra-Source-Only:
 yes.
 [...]
 IMO until/unless reprepro implements proper support for built-using
 and extra packages to support it packages with Extra-Source-Only:
 yes should be ignored when updating. This will restore the old
 behaviour before dak started adding those packages to it's Sources
 file.

Thanks. I'll take a look at the weekend. Until then note that using
FilterFormula: Extra-Source-Only (!= yes)
in conf/updates you can filter them out manually.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#658829: Bug#706895: transition: db5.3

[Bernhard R. Link]

* Ondřej Surý ond...@debian.org [130611 08:27]:
 the information from Matthias was correct, and Berkeley DB 6.0 has been
 released today, + packaged and uploaded to unstable.

 db-defaults has been updated to 6.0 dependencies and uploaded to
 experimental.

Are those package also available somewhere while it is still stuck in
NEW? I managed to build something from git but that needed to remove a
patch that already seems to be applied upstream and removing some
signature check to make it build.

 I don't expect bigger problems with the transition since I think we went
 through the biggest hell when transitioning from db4.{7,8} to db5.1, but
 there might be still some packages which will need some patching to support
 major version bump (although I think I have provided patches for most of
 those when the bump from 4 to 5 happened).

The API changes from 5 - 6 at least break reprepro.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698648: zconf.h not cross-compiler safe

[Bernhard R. Link]

* Mark Brown broo...@debian.org [130522 20:01]:
 On Wed, May 22, 2013 at 07:40:55PM +0200, Bernhard R. Link wrote:
  If the issue is only that the file is broken when zlib is compiled
  with a cross compiler, wouldn't make more sense to simply fail the
  build if a cross-compiler is used, instead of introducing the hack
  of moving the file to an architecture specific directory? (Assuming
  there are no other bugs in that file making it architecture specific).
 
 You haven't provided any context here so it's difficult to tell what
 you're talking about...  I tried opening a web browser and looking at
 the bug log but it's pretty hard to associate your comments with the
 report, this is nothing to do with building the package since Debian
 package builds are always native.

The original bug reports says
| Because the test is built with the cross-compiler when cross-compiling
| it will (in general) not be able to run so if this package is
| cross-built then that line is not replaced. If it is built natively
| then it is replaced. i.e cross and natively built packages have
| different zconf.h files This is a problem when bootstrapping a new
| architecture when low-level libraries like this must be cross-built
| until the arch is self-hosting.

So the only verified case of zconf.h depending on a Debian system on the
build (which would make it not safe for /usr/include in the current
state but needing /usr/include/`dpkg-architecture -qDEB_BUILD_MULTIARCH`/)
is about cross-compile architectures.

As you say, Debian packages are usually always build natively, so if it
only fails with cross-compiling, it might not be worth the hassle to
move it into a subdirectory of /usr/include (which causes other problems,
including but not limited to #707537).

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698648: zconf.h not cross-compiler safe

[Bernhard R. Link]

If the issue is only that the file is broken when zlib is compiled
with a cross compiler, wouldn't make more sense to simply fail the
build if a cross-compiler is used, instead of introducing the hack
of moving the file to an architecture specific directory? (Assuming
there are no other bugs in that file making it architecture specific).

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#707951: popularity-contest: please leak less private information

[Bernhard R. Link]

* Bill Allombert bill.allomb...@math.u-bordeaux1.fr [130512 12:39]:
 On Sun, May 12, 2013 at 11:53:17AM +0200, Bernhard R. Link wrote:
  Package: popularity-contest
  Version: 1.57
 
  Please do not send second resolution information about program usage.
  Best only send out information what is actually used by the resulting
  graphs (i.e. a per-package NO-FILES/OLD/RECENT-CTIME/VOTE information
  and nothing else).

 I am considering rounding the number of second to the next multiple of 24h.
 However, unless you are using strictatime, you probably do not leak much
 information already.

Doesn't relatime update atime when it is older than a day? So doesn't
relatime/strictatime just change from second of last use before popcon
run so second of first use in a 24 hours window, but still exact to
a second?

 It is important the vote determination is done in a centralised way.

How does that prevent not sending timestamps?

  Additionally it would be nice to have a blacklist of packages to not
  send information from. Or perhaps some filter on packagename
  (mycompany-*) or sections (local/*).

 I am considering to allow packages to opt out of popcon by adding a control 
 field
 like X-Popcon: no. Would that be suitable ?

That means you have to consider that when creating packages, which would
be quite complicated to get retroactively.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#707951: popularity-contest: please leak less private information

[Bernhard R. Link]

* Bill Allombert bill.allomb...@math.u-bordeaux1.fr [130519 23:24]:
  Doesn't relatime update atime when it is older than a day? So doesn't
  relatime/strictatime just change from second of last use before popcon
  run so second of first use in a 24 hours window, but still exact to
  a second?

 Not exactly. It is only updated if it is 24 hour old.
 So you get the exact time of an event you cannot qualify. This is the stopped
 watch fallacy.

The worst case with strictatime is a program called less than once per
day, where popcon sends out total usage information. With relatime
exactly the same happens.

   It is important the vote determination is done in a centralised way.
 
  How does that prevent not sending timestamps?

 If you do not have the timestamps, then you have to rely on the client
 computation being correct.

So you can trust clients to collect correct timestamps, but not to
compare them? I do not understand.

Bernhard R. Link


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#708181: requests password to boot

[Bernhard R. Link]

Package: grub-pc
Version: 2.00-14
Severity: important

After upgrading to 2.00-14, grub asks for a password at boot time and
no longer boots unless the superuser password is entered.

-- Package-specific info:

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  load_env
fi
set default=0

if [ x${feature_menuentry_id} = xy ]; then
  menuentry_id_option=--id
else
  menuentry_id_option=
fi

export menuentry_id_option

if [ ${prev_saved_entry} ]; then
  set saved_entry=${prev_saved_entry}
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z ${boot_once} ]; then
saved_entry=${chosen}
save_env saved_entry
  fi
}

function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

terminal_input console
terminal_output console
set timeout=1
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 'gnulinux-simple-redacted' {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root='hd0,msdos1'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 
--hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 --hint='hd0,msdos1'  
redacted
else
  search --no-floppy --fs-uuid --set=root redacted
fi
echo'Loading Linux 3.8-1-amd64 ...'
linux   /boot/vmlinuz-3.8-1-amd64 root=UUID=redacted ro  quiet
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-3.8-1-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 
'gnulinux-advanced-redacted' {
menuentry 'Debian GNU/Linux, with Linux 3.8-1-amd64' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.8-1-amd64-advanced-redacted' {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root='hd0,msdos1'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root 
--hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 
--hint='hd0,msdos1'  redacted
else
  search --no-floppy --fs-uuid --set=root redacted
fi
echo'Loading Linux 3.8-1-amd64 ...'
linux   /boot/vmlinuz-3.8-1-amd64 root=UUID=redacted ro  quiet
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-3.8-1-amd64
}
menuentry 'Debian GNU/Linux, with Linux 3.2.0-4-amd64' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.2.0-4-amd64-advanced-redacted' {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root='hd0,msdos1'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root 
--hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 
--hint='hd0,msdos1'  redacted
else
  search --no-floppy --fs-uuid --set=root redacted
fi
echo'Loading Linux 3.2.0-4-amd64 ...'
linux   /boot/vmlinuz-3.2.0-4-amd64 root=UUID=redacted ro  quiet
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-3.2.0-4-amd64
}
menuentry 'Debian GNU/Linux, with Linux 3.2.0-3-amd64' --class debian 
--class gnu-linux --class gnu --class os $menuentry_id_option 
'gnulinux-3.2.0-3-amd64-advanced-redacted' {
load_video
insmod gzio
insmod part_msdos
insmod ext2
set root='hd0,msdos1'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root 
--hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 
--hint='hd0,msdos1'  redacted
else
  search --no-floppy --fs-uuid --set=root redacted
fi
echo'Loading Linux 3.2.0-3-amd64 ...'
linux   /boot/vmlinuz-3.2.0-3-amd64 root=UUID=redacted ro  quiet

Bug#707951: popularity-contest: please leak less private information

[Bernhard R. Link]

Package: popularity-contest
Version: 1.57

Please do not send second resolution information about program usage.
Best only send out information what is actually used by the resulting
graphs (i.e. a per-package NO-FILES/OLD/RECENT-CTIME/VOTE information
and nothing else).
Without that installing popularity-contest on any computers with actual
users is simply impossible, as it is too much of a hassle to get consent
from all the users (not too speak about even explaining them what you
seek consent for), as given that much information there is simply no
way to can legally run it without informed consent.

Additionally it would be nice to have a blacklist of packages to not
send information from. Or perhaps some filter on packagename
(mycompany-*) or sections (local/*).

Bernhard R. Link

P.S: I thought that was old news, but I was told it is not, so here your
bug report.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org