Bug#988168: unblock: cifs-utils/6.11-3

2021-05-06 Thread Mathieu Parent (Debian) 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package cifs-utils.

[ Reason ]

It fixes:

CVE-2021-20208: cifs.upcall kerberos auth leak in container
(Closes: #987308)

[ Impact ]

Only needed when using containers. Marked "minor" for stretch and
buster.

[ Tests ]

Minimal manual tests done.

[ Risks ]

?

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
(Anything else the release team should know.)

unblock cifs-utils/6.11-3


cifs-utils.debdiff
Description: Binary data

Bug#985217: unblock: samba/2:4.13.5+dfsg-1

2021-03-14 Thread Mathieu Parent (Debian) 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package samba

This is an update from 4.13.4 to 4.13.5 (requested in #984863).

[ Reason ]
This is a stability fixes release.

Full list of changes:
o  Trever L. Adams 
   * BUG 14634: s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
 start-up failure.

o  Jeremy Allison 
   * BUG 13992: s3: libsmb: Add missing cli_tdis() in error path if encryption
 setup failed on temp proxy connection.
   * BUG 14604: smbd: In conn_force_tdis_done() when forcing a connection closed
 force a full reload of services.

o  Andrew Bartlett 
   * BUG 14593: dbcheck: Check Deleted Objects and reduce noise in reports about
 expired tombstones.

o  Ralph Boehme conn->session_info for the initial
 delete-on-close token.

o  Peter Eriksson 
   * BUG 14648: s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error
 path.

o  Björn Jacke 
   * BUG 14624: classicupgrade: Treat old never expires value right.

o  Volker Lendecke 
   * BUG 14636: g_lock: Fix uninitalized variable reads.

o  Stefan Metzmacher 
   * BUG 13898: s3:pysmbd: Fix fd leak in py_smbd_create_file().

o  Andreas Schneider 
   * BUG 14625: lib:util: Avoid free'ing our own pointer.

o  Paul Wise 
   * BUG 12505: HEIMDAL: krb5_storage_free(NULL) should work.

[ Impact ]
At least Paul Wise is affected. See:

https://bugzilla.samba.org/show_bug.cgi?id=13992
https://bugzilla.samba.org/show_bug.cgi?id=12505


[ Tests ]
As is every samba release, the testsuite is improved.

I've also tested the package.

[ Risks ]

[ Checklist ]

  [ ] all changes are documented in the d/changelog

I forgot samba was a key package, so the changelog is not complete.
The missing pieces are above.

  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

Attached are releavant changes (removing diff in the doc about the version).


[ Other info ]
I may ask another unblock request before the bullseye release if samba
4.13.6+ is released.

unblock samba/2:4.13.5+dfsg-1
diff --git a/Makefile b/Makefile
index 0b7b0ae8866..7f5960d5191 100644
--- a/Makefile
+++ b/Makefile
@@ -15,6 +15,9 @@ uninstall:
 test:
 	$(WAF) test $(TEST_OPTIONS)
 
+testonly:
+	$(WAF) testonly $(TEST_OPTIONS)
+
 perftest:
 	$(WAF) test --perf-test $(TEST_OPTIONS)
 
diff --git a/VERSION b/VERSION
index 130087004f0..c24df6ba32e 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
 
 SAMBA_VERSION_MAJOR=4
 SAMBA_VERSION_MINOR=13
-SAMBA_VERSION_RELEASE=4
+SAMBA_VERSION_RELEASE=5
 
 
 # If a official release has a serious bug  #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 544f4377bfd..8b8c349eaa5 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,79 @@
+   ==
+   Release Notes for Samba 4.13.5
+   March 09, 2021
+   ==
+
+
+This is the latest stable release of the Samba 4.13 release series.
+
+
+Changes since 4.13.4
+
+
+o  Trever L. Adams 
+   * BUG 14634: s3:modules:vfs_virusfilter: Recent talloc changes cause infinite
+ start-up failure.
+
+o  Jeremy Allison 
+   * BUG 13992: s3: libsmb: Add missing cli_tdis() in error path if encryption
+ setup failed on temp proxy connection.
+   * BUG 14604: smbd: In conn_force_tdis_done() when forcing a connection closed
+ force a full reload of services.
+
+o  Andrew Bartlett 
+   * BUG 14593: dbcheck: Check Deleted Objects and reduce noise in reports about
+ expired tombstones.
+
+o  Ralph Boehme conn->session_info for the initial
+ delete-on-close token.
+
+o  Peter Eriksson 
+   * BUG 14648: s3: VFS: nfs4_acls. Add missing TALLOC_FREE(frame) in error
+ path.
+
+o  Björn Jacke 
+   * BUG 14624: classicupgrade: Treat old never expires value right.
+
+o  Volker Lendecke 
+   * BUG 14636: g_lock: Fix uninitalized variable reads.
+
+o  Stefan Metzmacher 
+   * BUG 13898: s3:pysmbd: Fix fd leak in py_smbd_create_file().
+
+o  Andreas Schneider 
+   * BUG 14625: lib:util: Avoid free'ing our own pointer.
+
+o  Paul Wise 
+   * BUG 12505: HEIMDAL: krb5_storage_free(NULL) should work.
+
+
+###
+Reporting bugs & Development Discussion
+###
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored.  All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+

Bug#956535: buster-pu: package php-horde-data/2.1.4-5+deb10u1

2020-04-15 Thread Mathieu Parent (Debian) 
Le mer. 15 avr. 2020 à 08:40, Salvatore Bonaccorso  a écrit :
>
> Hi Roberto,
>
> On Tue, Apr 14, 2020 at 05:45:54PM -0400, Roberto C. Sánchez wrote:
> > On Tue, Apr 14, 2020 at 10:04:00PM +0200, Salvatore Bonaccorso wrote:
> > > Control: tags -1 - moreinfo
> > >
> > > Hi Adam,
> > >
> > > On Sun, Apr 12, 2020 at 10:05:55PM +0100, Adam D. Barratt wrote:
> > > > Control: tags -1 + moreinfo
> > > >
> > > > On Sun, 2020-04-12 at 09:23 -0400, Roberto C. Sanchez wrote:
> > > > > Please find attached a proposed debdiff for php-horde-data.  The
> > > > > change fixes CVE-2020-8518, which the security team has classified as
> > > > > , deeming it a minor issue which can be fixed via a point
> > > > > release.
> > > >
> > > > The Security Tracker indicates that this issue affects the package in
> > > > unstable and is not yet fixed there; is that correct?
> > >
> > > This is correct, the issue has not been fixed in unstable "yet". The
> > > horde ecosystem is currently unmaintained, and previous maintainer
> > > indicated to ask actually for removal if nobody steps up. See #942282
> > > for context.
> > >
> > > That said, it's possible to either wait for a fix in unstable or the
> > > removal of the php-horde* packages first before accepting the upload
> > > for a buster point release (same for the other updates proposed by
> > > Roberto).
> > >
> > > Does this make sense?
> > >
> > Hi Salvatore,
> >
> > I've communicated with Mathieu Parent (the php-horde-* maintainer)
> > regarding his intentions for unstable uploads of these three packages.
> > He has asked that I go ahead and perform the uploads.  However, if you
> > think that a removal request is forthcoming in the very near future, I
> > will wait and not make those uploads.
> >
> > My intent was to have them done in the next 24 hours.  Please advise if
> > I should proceed or if I should wait for removal.
>
> That's fine if you communicated with Mathieu and he agreed then go
> ahead and fix it as well in unstable.
>


Thanks Roberto!

Hello Salvatore,

> Mathieu, but are you still planning to request removals?

Done as #956808.

Cheers!

-- 
Mathieu Parent

Re: Proposal: Repository for fast-paced package backports

2018-12-27 Thread Mathieu Parent (Debian) 
(Please reply to pkg-samba-maint only)

Le jeu. 27 déc. 2018 à 11:00, L.P.H. van Belle  a écrit :
>
>
> Hai,

Hi,

> A very interesting thread this, since im doing this already for samba, my 
> comments..
> If i may ..
>
> Im running a samba repo now for jessie and stretch. ( and ubuntu 18.04 )
> I really needed newer samba packages and i was not able to get them uploaded 
> to unstable.
> So i decided to build them myself and share them.

This is different here. Samba is not in backport because of lack of
time from my side (or other members of the team).

I think that Samba perfectly fits in backport, as the version in
testing is already the latest upstream.

> And now people are more and more using my samba package over the official 
> debian package.
> Because the newer version are build against debian stable or oldstable, and 
> people can choose there upgrade.

Do you have any stats here? How many download each month? How many
different source IPs? per dist, per samba version?

> If the might be a fast-lane repo, why not per package version.
> This way we can keep the changes to other packages small and limited.
>
> What i now now do.
> I have 4 repo's for jessie,  jessie-samba45 jessie-samba46 jessie-samba47 
> jessie-samba48
> I have 4 repo's for stretch, stretch-samba46 stretch-samba47 stretch-samba48 
> stretch-samba49
> (And for the ubuntu supporters a samba49 in amd64 only.)

So, you have 9 repos. How long does it takes to update all those when
a security fix comes?

Regards

-- 
Mathieu Parent

Bug#861715: unblock: php-horde-crypt/2.7.5-2

2017-05-09 Thread Mathieu Parent (Debian) 
2017-05-07 22:47 GMT+02:00 Niels Thykier :
> Control: tags -1 moreinfo
>
> Mathieu Parent:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>>
>> Please unblock package php-horde-crypt
>>
>> This fixes a security issue:
>>
>>   * Escape user provided recipients and charset data. Fixes CVE-2017-7413 and
>> CVE-2017-7414 (Closes: #859635)
>>
>> (debdiff attached)
>>
>> Note that the package doesn't work correctly in stretch, because it is not
>> compatible with gpg v2 (#849151 and #854819). I plan to fix this later, but
>> maybe in a point-release. Today, I want to prevent IMP (php-horde-imp) from
>> being removed from testing.
>>
>> unblock php-horde-crypt/2.7.5-2
>>
>> Thanks!
>>
>> [...]
>
> Sorry, but I think I am missing context here.  How functional is
> php-horde-crypt in stretch right now?  If lack of gpg v2 support causes
> a major loss of functionality then #849151 and #854819 should be RC and
> handled accordingly.

It is non-functionnal, but IMP is functionnal and it depends on it.

Alternatively, I can remove this dependency, but I have not tested it.

Regards

-- 
Mathieu Parent

Bug#860521: [pkg-horde] Bug#860521: unblock: php-horde-core/2.27.6+debian1-1

2017-04-18 Thread Mathieu Parent (Debian) 
2017-04-18 9:09 GMT+02:00 Mathieu Parent :
[...]
> [...] and prevent all
> Horde to be removed from stretch because of jquery-mobile removal (See 
> #734101).

I'm a bit afraid because they are "Marked for autoremoval on 21
April". Will this fit?

Regards

-- 
Mathieu Parent

Bug#848719: unblock: samba/2:4.5.2+dfsg-2

2016-12-19 Thread Mathieu Parent (Debian) 
2016-12-19 20:51 GMT+01:00 Niels Thykier :
> Control: severity -1 normal
>
> On Mon, 19 Dec 2016 20:44:58 +0100 Mathieu Parent 
> wrote:
>> Package: release.debian.org
>> Severity: serious
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>>
>> Please let package samba enter testing fast, it includes security fixes only.
>>
>> unblock samba/2:4.5.2+dfsg-2
>>
>> [...]
>
> Aged to 2 days.  Please note that unblock/aging requests are always
> severity "normal".


OK. Thanks

-- 
Mathieu Parent

Re: tagging 816205

2016-03-30 Thread Mathieu Parent (Debian) 
2016-03-28 14:44 GMT+02:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
> On Mon, 2016-03-28 at 14:39 +0200, Mathieu Parent (Debian) wrote:
>> 2016-03-26 18:35 GMT+01:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
>> > On Sat, 2016-03-26 at 17:14 +0100, Mathieu Parent wrote:
>> >> tags 816205 + jessie-ignore
>> >> thanks
>> >
>> > Was that discussed with anyone on the Release Team before the tag was
>> > added?
>>
>> No.I've done it to remove this bug from my UDD dashboard.
>
> I see. Please don't do that in future.

OK.

> The tags have a specific purpose (which isn't "I don't want to fix or
> see this in $release") and should only be set by, or with the agreement
> of, the Release Team. See the bolded sections of
> https://www.debian.org/Bugs/Developer#tags

OK

> Regards,
>
> Adam
>



-- 
Mathieu Parent

Re: tagging 816205

2016-03-28 Thread Mathieu Parent (Debian) 
2016-03-26 18:35 GMT+01:00 Adam D. Barratt :
> On Sat, 2016-03-26 at 17:14 +0100, Mathieu Parent wrote:
>> tags 816205 + jessie-ignore
>> thanks
>
> Was that discussed with anyone on the Release Team before the tag was
> added?

No.I've done it to remove this bug from my UDD dashboard.

> From a quick look at the bug log it may well be suitable for a -ignore
> tag, but it shouldn't simply be added by the maintainer or a bug triager
> (with a couple of exceptions where the SRMs have previously agreed scope
> with some people).

OK. Feel free to remove the tag if needed.


Regards
-- 
Mathieu Parent

Bug#784178: jessie-pu: package php-horde-passwd/5.0.2-3+deb8u1

2015-05-04 Thread Mathieu Parent (Debian) 
2015-05-04 4:22 GMT+02:00 David Prévot taf...@debian.org:
 Hi Mathieu,

Salut David,

 Le 03/05/2015 16:10, Mathieu Parent a écrit :

 php-horde-passwd in jessie (5.0.2-3) has a typo bug in the Kolab driver 
 (#780670) which needs a one-line fix.

 It looks like Sid is still affected. Can you please get a fixed version
 in Sid: I believe the release team will expect to have the fix in the
 archive before considering backporting it into stable.

Good catch. It was waiting in git, now uploaded as 5.0.2-4.

 Regards

 David


Merci

-- 
Mathieu Parent


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/cafx5sbzmk1qebrhzx-vz1jqxzgz_cq2yaww00ml+krn0zcs...@mail.gmail.com

Bug#776510: pre-unblock: ctdb/2.5.4+debian0-4

2015-02-11 Thread Mathieu Parent (Debian) 
2015-02-10 23:15 GMT+01:00 Mehdi Dogguy me...@dogguy.org:
 Le 2015-02-09 08:25, Mathieu Parent (Debian) a écrit :


 you can now:
 unblock ctdb/2.5.4+debian0-4


 Done.

 Thanks for your work!

Thanks Medhi

-- 
Mathieu Parent


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAFX5sbzrq7au_qqM0xMcYmvLSRNNrPsXARAiQ=3m_3tmhru...@mail.gmail.com

Bug#776510: pre-unblock: ctdb/2.5.4+debian0-4

2015-02-08 Thread Mathieu Parent (Debian) 
2015-02-08 23:41 GMT+01:00 Mehdi Dogguy me...@dogguy.org:
 Control: tags -1 confirmed

 Hi,

Hi Mehdi,

 Le 2015-01-28 21:43, Mathieu Parent a écrit :

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock

 I just want to make sure I could upload a new CTDB to sid...

 I prepared (see attached patch and [git]) a new ctdb version, which fixes
 an
 important bug: Before the patch, systemd was not be aware of the
 ctdb.service
 file after upgrade from wheezy (#774328).

 The patch ensure that ctdb.service is copied before dh_systemd_enable.


 Please go ahead and notify us as soon as the package hits the archive.

Done

you can now:
unblock ctdb/2.5.4+debian0-4

Thanks

-- 
Mathieu Parent


--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/CAFX5sbyR1cb=-ftqbo8c7yx56hx-wbgpxg5hxbspjwruc_c...@mail.gmail.com

Proposed release goal: PEAR package building using pkg-php-tools

2013-09-15 Thread Mathieu Parent (Debian) 
Hi release team,

I (re-)propose the following Jessie release goal.

This goal is on good shape already, thanks to the great pkg-php-pear
team, but it will gain visibility by being more official.

= PEAR package building using pkg-php-tools =
== Goal description ==

pkg-php-tools was introduced in Debian wheezy. It considerably eases
the building of PEAR packages (PHP packages).

== Wiki page ==
See https://wiki.debian.org/ReleaseGoals/pkg-php-tools

== Advocates ==

 * Mathieu Parent (sath...@debian.org)
 * Thomas Goirand (z...@debian.org)
 * Thijs Kinkhorst (th...@debian.org)

== Volunteers ==

 * Prach Pongpanich (prach...@gmail.com)

-- 
Mathieu Parent


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAFX5sbwxcsaq2g_U=zy6d2x6ev_3rd2nd-qrtfepk3go8wf...@mail.gmail.com

Bug#598883: unblock: kolab-webadmin/2.2.3-20091217-4

2010-10-25 Thread Mathieu Parent (Debian) 
reopen 598883 -
thanks

unblock kolab-webadmin/2.2.3-20091217-4

I am reopening this freeze exception as bug #598010 was not completely
solved by the proposed patch.

The new uploaded version use sieve port number instead of port name as
the former doesn't work as expected.

Mini diff :
--- debian/patches/71-sieve-port-number.diff(révision 1534)
+++ debian/patches/71-sieve-port-number.diff(révision 1538)
-+function Net_Sieve($user = null , $pass  = null , $host =
'localhost', $port = 'sieve', $logintype = '', $euser = '', $debug =
false)
++function Net_Sieve($user = null , $pass  = null , $host =
'localhost', $port = 4190, $logintype = '', $euser = '', $debug =
false)

Thanks and sorry for the time spent.

Mathieu

PS: Complete diff:

Index: debian/changelog
===
--- debian/changelog(révision 1534)
+++ debian/changelog(révision 1538)
@@ -1,3 +1,11 @@
+kolab-webadmin (2.2.3-20091217-4) unstable; urgency=low
+
+  * Really fix could not connect to sieve port: not currently in by
+hardcoding sieve port as kolab-webadmin doesn't use nsswitch for service
+port numbers (Closes: #598010)
+
+ -- Mathieu Parent sath...@debian.org  Thu, 21 Oct 2010 22:23:48 +0200
+
 kolab-webadmin (2.2.3-20091217-3) unstable; urgency=low

   * Updated Standards-Version to 3.9.1: no changes
Index: debian/patches/71-sieve-port-number.diff
===
--- debian/patches/71-sieve-port-number.diff(révision 1534)
+++ debian/patches/71-sieve-port-number.diff(révision 1538)
@@ -25,7 +25,7 @@
  * @param  string $euser Effective User (if $user=admin,
login as $euser)
  */
 -function Net_Sieve($user = null , $pass  = null , $host =
'localhost', $port = 2000, $logintype = '', $euser = '', $debug =
false)
-+function Net_Sieve($user = null , $pass  = null , $host =
'localhost', $port = 'sieve', $logintype = '', $euser = '', $debug =
false)
++function Net_Sieve($user = null , $pass  = null , $host =
'localhost', $port = 4190, $logintype = '', $euser = '', $debug =
false)
  {
  $this-_state = NET_SIEVE_STATE_DISCONNECTED;
  $this-_data['user'] = $user;



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktikucc_saolwip3t1jkeqx-adck-tyv4z-m5f...@mail.gmail.com

Bug#598883: unblock: kolab-webadmin/2.2.3-20091217-3

2010-10-03 Thread Mathieu Parent (Debian) 
2010/10/3 Mehdi Dogguy me...@dogguy.org:
 On 10/02/2010 09:04 PM, Mathieu Parent wrote:

 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: freeze-exception

 Please unblock package kolab-webadmin

    * Updated Standards-Version to 3.9.1: no changes
    * Switch to dpkg-source 3.0 (quilt) format

 Note that this change won't be accepted for future freeze exceptions.

OK

 [...]

 unblock kolab-webadmin/2.2.3-20091217-3


 Unblocked.

Thanks a lot!

-- 
Mathieu Parent



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktik2uxc-q7ebkfmqqmhtnpt+jq_yxpa-9qmkc...@mail.gmail.com

Bug#596303: unblock: php-kolab-filter/0.1.9-2

2010-09-23 Thread Mathieu Parent (Debian) 
reopen 596303
thanks

2010/9/14 Adam D. Barratt a...@adam-barratt.org.uk:
 On Tue, 2010-09-14 at 23:19 +0200, Mathieu Parent (Debian) wrote:
 retitle 596303  unblock: php-kolab-filter/0.1.9-3
 thanks

  Me:
  I will reupload soon and update this bug.

 This is done now (0.1.9-3). Sorry for wasting your time.

 Thanks; unblocked.

I have found more derecated warnings by grepping into the code. The
remaining parts have been done in a new uploaded version: 0.1.9-4.
(NB: I have also updated std-version).

Can you please unblock this new version?

unblock: php-kolab-filter/0.1.9-4

Thanks

Mathieu Parent



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktin23wyqge4a5fv9-iu_6vbveg0y0r4encuc4...@mail.gmail.com

Bug#597843: unblock: kolabd/2.2.4-20100624-4

2010-09-23 Thread Mathieu Parent (Debian) 
2010/9/23 Mehdi Dogguy me...@dogguy.org:
 On 09/23/2010 04:01 PM, Mathieu Parent wrote:
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: freeze-exception

 Please unblock package kolabd


 Done.

Thanks Mehdi



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktinc=9e30+krqru20zk6mp7gliuz_c+p=_eyy...@mail.gmail.com

Bug#596280: unblock: kolabd/2.2.4-20100624-2

2010-09-16 Thread Mathieu Parent (Debian) 
On Wed, Sep 15, 2010 at 7:37 PM, Julien Cristau jcris...@debian.org wrote:
 On Tue, Sep 14, 2010 at 18:10:56 +0200, Mathieu Parent (Debian) wrote:

 unblock libkolab-perl/1:2.2.4-20100624-2


 +-        Kolab::log('K', 'Restarting OpenLDAP...');
 +-        system(invoke-rc.d slapd restart );
 ++        Kolab::log('K', 'Stopping OpenLDAP...');
 ++        system(invoke-rc.d slapd stop);
 ++        Kolab::log('K', 'Deleting old slapd config...');
 ++        system(rm -rf $Kolab::config{'ldapserver_confdir'}/slapd.d);
 ++        Kolab::log('K', 'Converting slapd config... (most errors here can 
 be ignored)');
 ++        system(mkdir $Kolab::config{'ldapserver_confdir'}/slapd.d);
 ++        system(slaptest -f $Kolab::config{'ldapserver_confdir'}/slapd.conf 
 -F $Kolab::config{'ldapserver_confdir'}/slapd.d);
 ++        system(chown -R openldap 
 $Kolab::config{'ldapserver_confdir'}/slapd.d);
 ++        system(chgrp -R openldap 
 $Kolab::config{'ldapserver_confdir'}/slapd.d);
 ++        Kolab::log('K', 'Starting OpenLDAP...');
 ++        system(invoke-rc.d slapd start);

 Doesn't perl have rm, mkdir and chown functions?

Yes. chown is even already used in libkolab-perl.

 Also rm -rf seems like heavy-handed configuration...

The -f is not even needed.

I will upload a better version once libkolab-perl/1:2.2.4-20100624-2
is in testing.

 Unblocked.

Merci ;)

Mathieu



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktimjdz8cxyq8nqfngfwv4mibydjsgdh_-f5y6...@mail.gmail.com

Bug#596303: unblock: php-kolab-filter/0.1.9-2

2010-09-14 Thread Mathieu Parent (Debian) 
On Tue, Sep 14, 2010 at 2:37 PM, Adam D. Barratt
a...@adam-barratt.org.uk wrote:
 On Fri, September 10, 2010 08:43, Mathieu Parent wrote:
 The upload fixes PHP deprecated warnings that causes kolabmailboxfilter
 script to fail because of too strict error handling. The upload also
 ignore any not-already-known E_DEPRECATED warning (Closes: #594541).

 The upload also include a tiny fix to Use DEB_COMPRESS_EXCLUDE_ALL
 instead of deprecated DEB_COMPRESS_EXCLUDE during the build of this pear
 package.

 It also includes this undocumented change:

 +       # remove empty directory
 +       rm -rf $(DEB_DESTDIR)usr/share/php/.registry/.channel.doc.php.net
        # move man pages to correct location
        mv $(DEB_DESTDIR)usr/share/doc/php-kolab-filter/man
 $(DEB_DESTDIR)usr/share/
 -       # remove empty directory
 -       rmdir $(DEB_DESTDIR)usr/share/php/.registry/.channel.doc.php.net ||:

 If the directory's empty, why the change to use rm -rf instead of rmdir?

Oh yes! this patch was waiting in my tree since some time. I will
revert it as it doesn't add anything usefull.

I will reupload soon and update this bug.


Mathieu Parent



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktikbgt0h1ejsdvhbhny9j3s08l2xobljr1cst...@mail.gmail.com

Bug#596280: unblock: kolabd/2.2.4-20100624-2

2010-09-14 Thread Mathieu Parent (Debian) 
retitle 596280 unblock libkolab-perl/1:2.2.4-20100624-2
thanks

On Sat, Sep 11, 2010 at 9:28 PM, Julien Cristau jcris...@debian.org wrote:
...
 I'm not unblocking this unless the openldap maintainers tell me it's ok.

The hack was refused by pkg-openldap team [1] which bring a better fix
which is now in libkolab-perl.

[1]: 
http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/2010-September/004115.html
[2]: 
http://svn.debian.org/wsvn/pkg-kolab/libkolab-perl/trunk/debian/patches/90-slapd-runtime-config.diff

This patch closes RC bug #596710 by generating slapd.d config on the fly.

The unblock request now becomes:

unblock libkolab-perl/1:2.2.4-20100624-2


Thanks

Mathieu Parent



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktim6ug72icszbz-jkkhwxtgea9zcy9utcfq=e...@mail.gmail.com

Bug#596303: unblock: php-kolab-filter/0.1.9-2

2010-09-14 Thread Mathieu Parent (Debian) 
retitle 596303  unblock: php-kolab-filter/0.1.9-3
thanks

 Me:
 I will reupload soon and update this bug.

This is done now (0.1.9-3). Sorry for wasting your time.

Thanks

Mathieu



-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktimpwm_5rjy4hrb_nctr_9ksba1mz9xbmqxtd...@mail.gmail.com

Bug#596280: [Pkg-openldap-devel] Hacking slapd conffiles to fix an RC bug in kolabd (Was: Bug#596280: unblock: kolabd/2.2.4-20100624-2)

2010-09-13 Thread Mathieu Parent (Debian) 
Hi,

On Mon, Sep 13, 2010 at 4:24 AM, Steve Langasek vor...@debian.org wrote:
...
 Note that kolabd for Wheezy will manage cn=config natively (most
 probably by creating slapd.conf and using slaptest; but perhaps by
 directly issuing ldap commands).

 Is there any reason this (slapd.conf + slaptest) couldn't be used as the
 workaround in squeeze?  That still doesn't sound great to me given that it
 would overwrite any previously present cn=config settings, but it seems to
 be the existing practice that kolabd will overwrite slapd configs, so it
 should at least do so in the preferred location; and getting this right
 shouldn't be any harder than the policy-violating conffile overwrite.

OK. Let's go for this path. I will upload a new kolabd that revert the
hack and upload a new libkolab-perl package which run slaptest after
changing any openldap config (this is where this fix belongs).

For the long term, how can we be sure to have write access to
cn=config? Couldn't slapd package provide a tool to query cn=config
(like ldapconfigsearch) which uses ldapsearch with proper credentials
if slapd is running and uses something else when slapd is stopped.
Similary, provide an ldapconfigmodify. Also providing ldapschemaadd,
ldapschemaremove, ... can ease the integration from other packages.

As a general note, the move to cn=config makes it possible to modify
slapd config in a Debian way but not in an easy way. I'm open to any
recommendation to make this easier.

 I'm sorry that the change to slapd.d by default has landed as late as it
 has, but again, I don't think it's acceptable for an external package to
 roll back this change on users' systems and leave them with new upgrade
 problems for wheezy, where slapd will *not* run the cn=config migration on
 upgrade.

I have seen this change long before it entered sid. So this is my
fault too (and lack of time as usual ;). And Debian has to be sometime
the distrib which push things forward.

Thanks for the hard work.

Mathieu Parent

NB : not signing this email as my key is on another computer.



--
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktinof=ln2iq6hgxfma6z6p6ujse5tb3ljdrtg...@mail.gmail.com

Bug#596280: Hacking slapd conffiles to fix an RC bug in kolabd (Was: Bug#596280: unblock: kolabd/2.2.4-20100624-2)

2010-09-12 Thread Mathieu Parent (Debian) 
Hi Debian OpenLDAP Maintainers,

The recent move of slapd package to runtime config (aka cn=config, aka
slapd.d) unfortunately broke kolabd. After a bootstrap by the user,
kolabd manages some configuration files including slapd.conf. Since
slapd 2.4.23-3, this is broken as described in #595539.

I have proposed an hacky workaround which set slapd back to
slapd.conf. Julien as Release Team member (thank you!), waits an ack
for your team about this change. So: What do you think?

Note that kolabd for Wheezy will manage cn=config natively (most
probably by creating slapd.conf and using slaptest; but perhaps by
directly issuing ldap commands).

Regards

Mathieu Parent


PS : below is the unblock request

On Sat, Sep 11, 2010 at 9:28 PM, Julien Cristau jcris...@debian.org wrote:
 On Fri, Sep 10, 2010 at 00:26:24 +0200, Mathieu Parent wrote:

 Please unblock package kolabd

 The main and only reason for this new version is to fix a bug
 introduced by the move of slapd to runtime configuration (aka
 cn=config, aka slapd.d). The fix includes a hack which is
 against policy to revert a similar against policy change from
 slapd postinst. Without this fix, kolab requires manual
 intervention to work.

 The diff can be seen at 
 http://svn.debian.org/wsvn/pkg-kolab/?op=compcompare[]=...@1510compare[]=...@1511

 The move back to static slapd config is done only if kolab
 manages slapd.conf.

 unblock kolabd/2.2.4-20100624-2

 I'm not unblocking this unless the openldap maintainers tell me it's ok.

 Cheers,
 Julien




-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/aanlktiktwc_l5op2v47nvgoxgnyjk_yygccuycame...@mail.gmail.com