Hello,
Could someone please help to review this package request?
-> https://bugzilla.redhat.com/show_bug.cgi?id=2259602
Thank you.
---
-Prasad
--
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to
Removing orphaned packages may not be easy, as other packages may depend on
them.
Thank you.
---
-P J P
http://feedmug.com
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedora
sooner.
* Fedora security team was more looking into auditing and improving Fedora
distribution security
via safe default configurations and policies etc. While also following up
with maintainers
for fixing CVE bugs sooner.
Thank you.
---
-P J P
http://feedmug.com
___
part of all themes
We are looking for talks and workshops which appeal to the beginner,
intermediate and advanced participant in community projects.
The CFP is NOW OPEN! Ready to submit your proposal? Visit
-> http://devconf.in/
Questions? Please write to us at
Thank you.
--
Hello,
Please see -> https://devconf.info/in/cfp
CFP closes: 4 May 2018
Accepted speakers confirmation: 4 June 2018
Conference Dates: 4, 5 August, 2018, Bengaluru, India
We invite you to submit a proposal to speak at DevConf.in 2018. This
is the second DevConf.in conference where free and
ty issues.
It contains CVSS v2 and v3 computation utilities and interactive
calculator compatible with both Python v2 and v3.
Its licence has been changed from GPLv3+ to LGPLv3+.
-> https://github.com/skontar/cvss/issues/6
Thank you.
---
-P J P
http://feedmug.com
--
devel mailin
//github.com/iovisor/bcc> - which
> provides tooling around the new eBPF infrastructure in the kernel. This
> might eventually need some fixes upstream first so the build process is
> streamlined within Fedora.
Cool, sounds like a plan! Welcome aboard!! :) (just shout if you need
anythi
> * howto get domainname set automatically from dhcp
Dhcp configuration manual should help with that.
---
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
//fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver#How_To_Test
Please let us know if you face any difficulties. Thank you.
--- -P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
build a
strong solution.
[*] https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver
Thank you.
---
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
ange
request.
---
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
?
IMHO NetworkManager is best placed and best suited to conduct network probes
and notify other applications via its APIs. NM could be our one solid system
wide solution for everything that is network.
---
Regards
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
' character of a resolver was
proposed to upstream glibc, but that is yet to be resolved properly.
- https://www.sourceware.org/ml/libc-alpha/2014-11/msg00426.html
---
Regards
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org
for testing?
As per F23 schedule, it's post 28 Jul 2015
- https://fedoraproject.org/wiki/Releases/23/Schedule
---
Regards
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http
.
---
Regards
-P J P
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Hello,
Please see:
- https://bugzilla.redhat.com/show_bug.cgi?id=1209124
Does anyone know where to contact Mr Michael Stahnke, the rubygem-activesupport
EPEL branch maintainer. The package needs to be updated with few fixes.
Thank you.
---
Regards
- P J P
http://feedmug.com
On Wednesday, 14 January 2015 10:44 PM, Simo Sorce wrote:
Anaconda installer OR maybe OpenSSH package needs to create
initial set of authentication keys for 'root' user.
Sorry, but what is the point of this operation, wrt auth with keys issue ?
Well, it can be used it to export to
Hi,
On Wednesday, 14 January 2015 8:01 PM, Simo Sorce wrote:
Ok, I state my opposition to without-password too inequivocably here.
Mostly because it is just the same as 'no', given there is no way, in a
regular install to seed a key into the root account.
Except you have no mechanism to
Hello Simo,
On Wednesday, 14 January 2015 2:29 AM, Simo Sorce wrote:
Sorry this is false. You got enough emails telling you this
change is undesirable, that's the definition of opposition
and means you have no _consensus_.
IIUC, that was for disabling remote root access completely with
Hello Dennis,
On Tuesday, 13 January 2015 10:05 PM, Dennis Gilmore wrote:
There is no consensus on that.
Well, no opposition as such either. How is it done otherwise,
do we conduct votes to establish consensus, is that a usual practice?
I do not do enough installs that I use kickstart
On Tuesday, 13 January 2015 4:24 AM, Volker Sobek wrote:
Maybe this difference can be addressed together with what ever is
decided upon in this discussion? I think having some consistency here
would be good.
IMO, the install image consistency issues need to be handled separately and
could
Hello,
Please see: (shared by 'fenrus02' on IRC)
- https://stribika.github.io/2015/01/04/secure-secure-shell.html
Here are few more recommendations for sshd(8) configurations, mostly pertaining
to encryption algorithms.
Does it make sense to incorporate any of the suggestions from there?
Hello Miloslav, all
On Tuesday, 13 January 2015 10:26 AM, P J P wrote:
So, we do seem to have consensus(at least no opposition) for
'PermitRootLogin=without-password' option. I'll update the feature
page with it and details about the specific use-cases.
I have updated the feature page
Hello,
On Sunday, 11 January 2015 2:27 PM, Peter Robinson wrote:
Earlier in the discussions I was told that this is not really an issue: in
production, about every server with remote access also has a KVM.
Often not the case in small business or third party hosted environments.
Without
On Monday, 12 January 2015 5:59 PM, Milan Keršláger wrote:
You are (instead of completly mitigating), only raising complexity a
little bit (ie not completly avoiding), which is what is Security
through obscurity about (ie. by hiding source code, the attacker only
solve more complex problem -
Hello,
On Monday, 12 January 2015 4:09 PM, Ian Malone ibmal...@gmail.com wrote:
On 12 January 2015 at 09:20, Milan Keršláger milan.kersla...@pslib.cz
4) Blocking root access means forcing admins to log as normal user and
then do su/sudo and providing root password, which is far less
Hello Milan,
On Monday, 12 January 2015 3:11 PM, Milan Keršláger wrote:
No, this is not good idea as I wrote few minutes ago because it does not
improve security, it just provide feeling of better security, see:
https://en.wikipedia.org/wiki/Security_through_obscurity
I disagree. First
On Tuesday, 13 January 2015 12:05 AM, Stephen John Smoogen wrote:
I don't see how this is the case. All we have done is move the
first line of the root-kit script to calling sudo via the password
that was used to open the account up. Since many of Linux systems
are single user boxes.. it is most
On Tuesday, 13 January 2015 1:10 AM, Stephen John Smoogen wrote:
Sorry if I am misunderstanding but the feature is to address brute
forcing the root account so that they do not get root access to the server.
Right.
I am saying that this isn't a speed-bump because they are already trying
to
On Tuesday, 13 January 2015 3:06 AM, Miloslav Trmač wrote:
(The general theme of this mail: Being flexible is fine, and establishing
this
through this discussion is great; however, ultimately the Change proposal
needs
to document the _specific outcome_ of that discussion.²)
I
Hello Paul,
On Monday, 12 January 2015 11:18 PM, Paul Wouters wrote:
What if I told you Neo, that there are no strong passwords?
Passwords are weak. Some are less weak than others. I'd rather
teach people to use ssh keys for remote access and only restrict
passwords to console/physical
P J P p...@fedoraproject.org told us here
that not.
No! Again, intention is to keep malicious users from gaining 'root' access
via BF attacks. It is quite similar to why we run services as non-root users,
instead of root. If at all break-in happens, it is still a non-root user.
The PJP
On Monday, 12 January 2015 8:32 PM, Paul Wouters wrote:
do you use PrzemekKlosowski as your username on your fedora? I doubt it.
It is more likely to be przemek, klosowski or pklosowski. In fact, often
this is revealed in mail headers (eg sendmail invoked by user paul).
More often, people
On Monday, 12 January 2015 8:47 PM, Mike Pinkerton wrote:
Not just virtualized deployments, but also in remote installs on bare
metal.
Okay and the '%post' install section trick won't help there?
IIUC, it'd depend on which tool/application is used to do such remote
installations and if
On Monday, 12 January 2015 11:27 PM, Mike Pinkerton wrote:
Sure, if the tool provides the ability to tweak the install to enable
password-based root login, then one can log in after installation,
upload keys, configure sshd, etc. The question is whether the tool
that is available has that
On Saturday, 10 January 2015 1:34 AM, Mike Pinkerton wrote:
Even if you want to do key-based authentication rather than password,
you still need to use password initially to get the key onto the
remote box.
True!
---
Regards
-Prasad
http://feedmug.com
--
devel mailing list
Hello,
I'm writing a common reply for consolidation and brevity. I'll try to cover all
the concerns raised so far.
- Idea behind this feature is to keep malicious users from gaining 'root'
access to remote systems. Restricting remote root login increases the
difficulty level in that,
On Wednesday, 24 December 2014 3:07 PM, Andrew Haley wrote:
At some loss of usability. To often we hear This is better for
security, therefore we should do it without considering the usability
trade-off.
It'll help if you could define this some loss of usability. If it is about
remotely
On Wednesday, 24 December 2014 11:01 PM, Mike Pinkerton wrote:
Remotely installed on bare metal.
I see. Is there a provision that you could edit the kick-start file? Or
supply parameters to it?? If so, it could be possible to enable remote root
login post install. If not, let's see how we
Hello,
Please see:
- https://bugzilla.redhat.com/show_bug.cgi?id=1104041#c6
- https://admin.fedoraproject.org/pkgdb/package/dcmtk/
Mr Mario, the current maintainer is looking for a co-maintainer for the 'dcmtk'
Fedora package. If you are interested, please apply for the co-maintainer
Hello Tomas,
On Thursday, 27 November 2014 3:05 PM, Tomas Mraz wrote:
- Original Message -
On Wed, Nov 26, 2014 at 11:48 AM, Scott Schmit wrote:
Look, this is a basic system configuration. It's not Cripple Mr.
Onion. Pick *one* setting, and let people know from that whether
On Thursday, 27 November 2014 4:49 PM, Reindl Harald wrote:
so why not consider disable sshd at all and make a checkbox
in Anaconda ssh support yes/no because after somebody says yes
it's his clearly decision and he is responsible to secure it with key-only
auth
Sure these are options,
On Tuesday, 25 November 2014 8:53 PM, Kevin Fenzi wrote:
On Tue, 25 Nov 2014 09:56:59 -0500
Simo Sorce wrote:
We can install machine w/o user accounts, removing the ability to log
in as root via ssh means those machines will not be accessible.
This has been the reason this hasn't been
On Tuesday, 25 November 2014 9:07 PM, Simo Sorce wrote:
My machines get joined to an IPA domain as soon as they are finished
installing, I do *not* want a local user, it would be a liability.
Well, I think this is more specific case for which remote 'root' login could
be enabled by user.
Hello Matthew,
On Tuesday, 25 November 2014 9:21 PM, Matthew Miller wrote:
Keep in mind that in cloud, cloud-init does the same thing (instead of
firstboot).
Ah I see, cool!
---
Regards
-Prasad
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
Hi,
On Tuesday, 25 November 2014 10:00 PM, Gabriel Ramirez wrote:
I have a server which only runs several VM's with specific services, no
need user accounts in the host or in the VM's,
so you propose when I reiinstall any of them create a user account in
each of them, that will cause
On Sunday, 23 November 2014 1:59 AM, Rahul Sundaram wrote:
I would suggesting going through the feature process. Although the config
file change itself is trivial, there are multiple components that require
coordination with several teams (Anaconda, Fedora Security team, openSSH,
GNOME etc),
On Monday, 24 November 2014 2:59 PM, P J P wrote:
On Sunday, 23 November 2014 1:59 AM, Rahul Sundaram wrote:
I would suggesting going through the feature process...
Having FESCo review a proposal is useful as well.
Right, makes sense. I'll do that.
Please see - https://fedoraproject.org
On Saturday, 22 November 2014 1:39 AM, Richard W.M. Jones wrote:
On Fri, Nov 21, 2014 at 09:11:51AM +0100, Florian Weimer wrote:
The latter. We have to install authorized_keys inside the VM
anyway, so we can touch sshd_config, too.
Virt-builder has a new '--ssh-inject' feature (in F22
On Saturday, 22 November 2014 4:29 PM, Felix Schwarz wrote
I'm ok with no root login assuming that one can ssh into the machine (and
become root somehow) after an install (this is along the lines of what Harald
Reindl mentioned yesterday).
Yes, true. One would definitely need a non-user
On Saturday, 22 November 2014 9:28 PM, Rahul Sundaram wrote:
This seems pretty tricky to ensure. Anaconda doesn't enforce
an additional user because that could be done via the initial
setup or gnome initial setup. IIRC, the interactions between
them were pretty non obvious already.
Yes,
On Friday, 21 November 2014 1:24 PM, Florian Weimer wrote:
On 11/21/2014 08:34 AM, Jan Kratochvil wrote:
Almost all of my Fedora installations are test VMs where
any security is irrelevant.
Okay. But does enabling root login offer any significant benefit in that?
IOW, if it's disabled by
Hello,
Sshd(8) daemon by default allows remote users to login as root.
1. Is that really necessary?
2. Lot of users use their systems as root, without even creating a non-root
user.
Such practices need to be discouraged, not allowing remote root login
could be
useful in that.
Hello all,
See - https://fedoraproject.org/wiki/FAD_Pune_Security_1
Date: Say, 1st Nov 2014
Venue: Red Hat Inc. Tower-10, Magarpatta City, Near Hadapsar, Pune, India.
On 1st Nov 2014, we plan to host a Fedora Activity Day(FAD) geared towards
triaging security bugs in Fedora. The day would
Hello,
On Sunday, 21 September 2014 9:18 PM, Stephen Gallagher wrote:
* Salt Lake City, Utah, USA[1]
* Colorado Springs, Colorado, USA[2]
* Rochester, New York, USA[3]
* Cape Cod, Massachusetts, USA[4]
- -5: I would not want to attend Flock if it was held in this location.
0: This
Hello Chris,
On Wednesday, 10 September 2014 9:15 PM, Chris Murphy wrote:
Well I have no idea what's on the screen at the time of the hang. Maybe a
cell phone photo would be useful. Or maybe you should use the debug kernel
which
was one of Paul Wouters suggestions. Or you could go out
Hi,
On Wednesday, 10 September 2014 12:28 PM, poma wrote:
dr. acut?
Can't say for sure. I added rdshell rd.debug parameters to the boot command
line, again it throws a long list of debug messages from -
/lib/dracut-lib.sh@xxx. Messages are about trying to setup
Hello,
I've been trying to boot into kernel-3.16.0 on a F19 machine. But it just stops
after saying
...
[OK] Reached target Initrd Default target
System is not hung, but there is no activity/progress either. I did search
about it, some say it's because of SELinux. But other kernels do
Hello Daniel, Chris,
Thank you so much for sharing the links and the notes, much appreciate it.
On Wednesday, 10 September 2014 12:23 AM, Daniel J Walsh wrote:
Did you try to boot with enforcing=0?
To see if it is an SELinux issue?
Yes I tried with enforcing=0, it does not seem to
Hi,
After removing 'rhgb quiet' and adding 'systemd.log_level=debug
systemd.log_target=console' it generates a huge pile of debug messages at halts
at - Switching root.
I tried booting the _same_ 3.16.0 kernel on another F20 machine, it stops at
the same spot. :(
---
Regards
-Prasad
On Sunday, 7 September 2014 1:34 PM, Pál, László wrote:
Yes, it was yum but I have the same for dnf. The error message is installed
package is not available (both for kernel and headers). How much time needed
to able to install a package after pushed to stable?
Well, once pushed to stable, they
Hello Pal,
On Sunday, 7 September 2014 12:57 PM, Pál, László wrote:
A few weeks ago I had to upgrade my kernel due to some nvidia related issue.
Installed package kernel-headers-3.15.10-200.fc20.x86_64 (from updates) not
available.
Error: Nothing to do
What was the yum command used here?
Hello,
On Tuesday, 29 April 2014 7:22 PM, Miloslav Trmač wrote:
So what exactly happens on upgrade? Before the upgrade,
most resolv.conf files will not point to 127.0.0.1.
What will they point to after the upgrade, and if they will point to 127.0.0.1,
which package will actually do that, and
On Tuesday, 29 April 2014 7:56 PM, Matthew Miller wrote:
Can the proposal owners clarify for me how this is intended to impact the
cloud products?
Cloud products is somewhat of a hazy area(at-least for me). It's unclear how
things operate there. Any information about how we could/should
Hi,
On Tuesday, 29 April 2014 8:59 PM, Dan Williams d...@redhat.com wrote:
If NetworkManager is being used, users already don't touch resolv.conf,
they edit /etc/sysconfig/network-scripts/ifcfg-* files and use
DNS1/DNS2/DNS3 and SEARCHES to set DNS information.
Yes, true!
If
On Tuesday, 29 April 2014 9:29 PM, Paul Wouters p...@nohats.ca wrote:
Note that FreeBSD also picked unbound recently for the exact same task.
True! -
http://www.freebsdnews.net/2013/09/20/freebsd-10s-new-technologies-and-features/
---
Regards
-Prasad
http://feedmug.com
--
devel mailing
Hi,
On Tuesday, 29 April 2014 10:08 PM, Andrew Lutomirski l...@mit.edu wrote:
but the container itself runs in a network namespace, so it gets its own
loopback device. This will mean 127.0.0.1:53 points to the container itself,
not the host, so dns resolving in the container will not work.
On Wednesday, 30 April 2014 3:18 AM, Al Dunsmuir wrote:
On my home LAN, I run my own DNSSEC-enabled server using F20 bind 9.
This local server also is my DHCP and Samba server. As usual, dynamic
clients receive the LAN local domain ID and DNS server ID
automatically.
How does
Hi,
(sorry for the delayed response, I was away past few days)
2014-04-26 0:51 GMT+02:00 Chuck Anderson wrote:
Main goal is to have local DNSSEC-validating resolver.
I, as the OP, did not intend that as the goal, although I have no
problem with that as a different goal. My intent was to
Hi,
On Tuesday, 15 April 2014 4:02 PM, Petr Spacek wrote:
We need real data.
Please see - https://www.piratepad.ca/p/dnssec-requisites-configurations
I've collected the major functionalities people wish to have with a default DNS
resolver along with couple of 'unbound' configurations that
Hello Petr,
On Tuesday, 15 April 2014 4:02 PM, Petr Spacek wrote:
Instructions for testing on Fedora 20+ are available on:
https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver#How_To_Test
Please, run dnssec-trigger and let exclamations like It can't possibly
work! apart.
Hello,
Please see:
- http://www.ietf.org/mail-archive/web/dane/current/msg06469.html
- https://www.ietf.org/mail-archive/web/dane/current/msg06658.html
These two threads are about handling of Authenticated Data(AD) bit by the stub
resolvers. There two proposed solutions for this problem:
On Saturday, 12 April 2014 11:11 AM, William Brown wrote:
Say I have freshly installed my fedora system at home. I then boot it up
and start to use it. My laptop is caching DNS results all the while from
the unreliable ISP.
I then go to work and suddenly things don't work.
Having a DNS
On Saturday, 12 April 2014 12:41 PM, William Brown wrote:
PS: The unreliable ISP I perceive as:
1) They often return no query within an acceptable time period
2) They return invalid or incorrect zone data
3) They mess with TTLs or other zone data
Right.
Consider, I get home, and open my
On Saturday, 12 April 2014 4:55 PM, William Brown wrote:
This isn't how DNS works . You populate your cache from the ISP, who
queries above them and so on up to the root server.
http://technet.microsoft.com/en-us/library/cc961401.aspx
Hmmn. There are two ways a local resolver can be
Hello,
On Thursday, 10 April 2014 11:39 PM, P J P wrote:
I plan to file a feature/change request for this one. I got caught up with
other
work this past week so could not do it. Will start with it right away.
Please see -
https://fedoraproject.org/wiki/Changes
On Saturday, 12 April 2014 12:28 AM, Bruno Wolff III wrote:
I think there should be something explicitly about how this is going to
work with captive portals that lie about dns in order to get people's
web browsers to go to their sign in page.
Sorry, I did not get the question. Could you
On Saturday, 12 April 2014 12:40 AM, Bruno Wolff III wrote:
It looks like your proposal is going to break things for people using
some wifi hotspots.
Why, how?
---
Regards
-Prasad
http://feedmug.com
--
devel mailing list
devel@lists.fedoraproject.org
Hello Dan,
On Saturday, 12 April 2014 12:51 AM, Dan Williams wrote:
NM has had local caching nameserver capability built-in since Fedora 12
or something like that. Set 'dns=dnsmasq' in the [main] section
of /etc/NetworkManager/NetworkManager.conf and NM will spawn dnsmasq in
a local
Hi,
On Saturday, 12 April 2014 12:56 AM, Dan Williams wrote:
We want to make sure that any local caching nameserver that we do use
doesn't rely exclusively on file-based configuration, or if it does,
it's able to re-read that configuration file using SIGHUP or some
seamless reload
On Saturday, 12 April 2014 1:35 AM, Miloslav Trmač m...@volny.cz wrote:
The goal is to have DNSSEC validation in a system-wide, dedicated code,
trusted for that purpose; i.e. unbound does DNSSEC validation for
every application, with a centralized configuration and cache,
so no application needs
On Saturday, 12 April 2014 2:13 AM, Paul Wouters wrote:
It's rude to bypass the global DNS caching infrastructure. That would
significantly load people's DNS servers with more queries. There is no
reason not to try and use ISP's DNS caches.
You mean let local resolver forward queries to
Hello Kevin, Paul
On Saturday, 12 April 2014 2:16 AM, Kevin Fenzi wrote:
I've been running this solution on fedora for about five years now. It
works reasonably well, and anyone who is on this list surely has could
try it out. Because of lack of NM integration I would not call it
enduser
On Saturday, 12 April 2014 3:55 AM, Chuck Anderson wrote:
I think there needs to be more emphasis on the /other/ benefit, the
whole reason I brought this up this time:
Sure; I tried to cover it in the detailed description as
===
...Apart from trust, these name servers are often known to be
On Saturday, 12 April 2014 7:38 AM, Simo Sorce wrote:
Not true, in many networks you want it, for example in corporate
networks. You really want to be able to resolve the local resources and
they are only resolvable if you consult the local DNS as provided to you
by DHCP.
True. The local
On Saturday, 12 April 2014 10:33 AM, P J P wrote:
On Saturday, 12 April 2014 2:13 AM, Paul Wouters wrote:
It's rude to bypass the global DNS caching infrastructure. That would
significantly load people's DNS servers with more queries. There is no
reason not to try and use ISP's DNS caches
Hello Chuck,
Thank you so much for brining this up.
On Thursday, 10 April 2014 8:12 PM, Chuck Anderson wrote:
I think this needs to be revisited. We need an independent,
system-wide DNS cache, and always point resolv.conf to 127.0.0.1 to
solve this fundamental design problem with how name
On Tuesday, 15 October 2013 12:51 PM, Jan Zelený jzel...@redhat.com wrote:
Even though yum might handle the resolution a little better (and dnf probably
will do that, feel free to check it), the ultimate culprit here is a very
poor
packaging and both dnf and yum have only a limited set of
On Monday, 14 October 2013 8:05 PM, Eric H. Christensen
spa...@fedoraproject.org wrote:
I believe he is assuming that xchat has a direct relationship with bluez
which,
I'm guessing here as I haven't checked, probably isn't the case.
Because bluez affects something that xchat depends on
Hello
It is an often experience that I try to remove a package(ex: bluez, kernel,
gnome-bluetooth) and yum(8) prompts me to remove nearly 200-300MB worth of
critical packages, which has no connection(ex. kernel = Xchat OR bluez =
gedit etc.) with the package I want to remove. Recently I
On Saturday, 12 October 2013 10:19 PM, Reindl Harald h.rei...@thelounge.net
wrote:
that's why i get that mad if packagers careless add new deps because
they enable whatever function in a package instead split the new
ones in additional subpackages
I see. If it is a packaging error, how
On Saturday, 12 October 2013 10:31 PM, Samuel Sieb sam...@sieb.net wrote:
If there's a bug, then this is it. You should not be able to remove bluez
because there are dependencies on it.
Well, remove_leaf_only=1 restricts dependency resolution to the leaf nodes
only, that is why it allows
On Saturday, 12 October 2013 10:43 PM, Reindl Harald h.rei...@thelounge.net
wrote:
*why* should it be addressed in yum or DNF?
if a package pulls un-needed dependencies the package has
to be fixed and *not* worked around it - period
Yes, agreed. But that might probably involve fixing
On Saturday, 12 October 2013 11:23 PM, Reindl Harald h.rei...@thelounge.net
wrote:
if you want get a feeling in waht these ends type the follwoing as root
after you prepeared a rescue-disc because not rpm, nor yum nor even sshd
will work any longer and you need to copy the package files by
On Sunday, 13 October 2013 12:04 AM, Reindl Harald h.rei...@thelounge.net
wrote:
and your list possible affected packages but allow me to remove ends
*exactly* there
No, it does not. If yum is protecting users from un-installing a package
which could render the whole system unusable or
On Sunday, 13 October 2013 12:50 AM, Reindl Harald h.rei...@thelounge.net
wrote:
there is no if and but if a package has a dependency than it has one - period
Sure, it has dependency. That does not make it an _absolutely_ requirement
to have a functional system. Because the dependency
On Sunday, 13 October 2013 1:46 AM, Bruno Wolff III br...@wolff.to wrote:
Your example of removing kernel is even more esoteric. Fedora wouldn't
work at all without it.
Well, kernel one works when there are multiple kernels installed. It happens
when yum installs a new kernel update.
On Sunday, 13 October 2013 1:47 AM, Reindl Harald h.rei...@thelounge.net
wrote:
*bullshit* you have no clue what the result of a specific broken dependency
would be nor have yum, dnf or even god
Well, when no-one has a clue, assuming the worst is just _one_ way of doing
things.
says
Hello Adam,
- Original Message -
From: Adam Williamson awill...@redhat.com
Subject: Re: About F19 Firewall
That's ironic: just yesterday - without having yet read this discussion
- I used the firewalld on my laptop to lock down the 'public' zone to
allow nothing at all (not mdns
Hello Thomas,
- Original Message -
From: Thomas Woerner twoer...@redhat.com
Subject: Re: About F19 Firewall
You have to make sure where you are adding new rules. Here is a simple
example where you want to drop everything from 192.168.1.18:
If you do it wrong if could end up like
1 - 100 of 146 matches
Mail list logo