On Thu, Apr 04, 2024 at 10:41:19PM +0200, Fabio Valentini wrote:
> If you really don't mind jumping through multiple hoops just because
> you want to use "fedpkg local" instead of "fedpkg mockbuild", then I
> guess I can't stop you.
>
> All I *can* do is tell you that you're not going to like the
can be run by others
to check that the included binary is legit.
Call it "Reproducible Tests" to go along with reproducible builds.
Cryptography has the same concept now, learning from the Dual EC DBRG
backdoor: https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number
So "nothing-up-my-s
On Mon, Apr 01, 2024 at 09:06:16AM +0900, Dominique Martinet wrote:
> Scott Schmit wrote on Sun, Mar 31, 2024 at 05:02:44PM -0400:
> > Deleting the tests makes no sense to me either, but it seems like a
> > mechanism that ensures the test code can't change the build outputs (or
On Sun, Mar 31, 2024 at 04:09:36PM -0400, Ben Beasley wrote:
> On 3/31/24 2:12 PM, Kevin Kofler via devel wrote:
> > But the fact is:
> >
> > What WOULD have stopped this attack: (one or more of:)
> > * Deleting ALL unit tests in %prep (and then of course not trying to run
> > them later).
>
628580 file
## ^ no change...
## data change:
$ echo test > file
$ lsattr -v file
628580 file
## ^ still no change
$ rm file
$ touch file
$ lsattr -v file
628582 ---- file
## ^ now different
--
Scott Schmit
On Fri, Jul 03, 2020 at 10:37:43AM -0600, Chris Murphy wrote:
> On Thu, Jul 2, 2020 at 10:29 PM Scott Schmit wrote:
> >
> > On Sun, Jun 28, 2020 at 03:40:11PM -0600, Chris Murphy wrote:
> > > Databases and VM images are things btrfs is bad at out of the box.
>
On Sun, Jun 28, 2020 at 03:40:11PM -0600, Chris Murphy wrote:
> Databases and VM images are things btrfs is bad at out of the box.
> Most of this has to do with fsync dependency of other file systems.
> Btrfs is equipped to deal with an fsync heavy world out of the box,
> using treelog enabled by
On Mon, Nov 04, 2019 at 03:14:34PM +0100, Dario Lesca wrote:
> Il giorno lun, 04/11/2019 alle 08.38 -0500, Neal Gompa ha scritto:
> > What defines it as experimental?
>
> https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
> > Using MIT Kerberos is still considered
On Wed, Jan 16, 2019 at 12:05:46PM +0100, Björn 'besser82' Esser wrote:
> Am Dienstag, den 15.01.2019, 23:16 -0500 schrieb Scott Schmit:
> > On Wed, Jan 02, 2019 at 04:14:59PM -0500, Ben Cotton wrote:
> > > == Documentation ==
> > > The version of the libxcrypt package
e
data silently." Especially since it appears that this will the wording
that goes into the release notes.
> == Release Notes ==
> See the paragraph about documentation above.
See objections above.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic sig
On Fri, Jun 16, 2017 at 03:35:46PM +0200, Igor Gnatenko wrote:
> > > > What does "Recommends" do on upgrade?
> > > >
> > > > In other words if Recommends was used and a new perl version had
> > > > new modules in
> > > > the core package would an upgrade of perl pull them in as you
> > > > would
On Mon, Feb 06, 2017 at 11:15:59AM +0100, Ondrej Kozina wrote:
> On 02/03/2017 05:42 PM, Nathanael D. Noblet wrote:
> >
> > Also what are the risks of enabling this?
>
> There's nice overview for it:
> http://asalor.blogspot.cz/2011/08/trim-dm-crypt-problems.html
>
> In short (beside other
On Sat, Dec 17, 2016 at 01:07:52PM -0500, Scott Schmit wrote:
> On Sat, Dec 17, 2016 at 06:05:49PM +0100, Nicolas Chauvet wrote:
> > Maybe we need to rename FUTURE by QUITE_SOON instead, because the
> > error you have pointed is about sha-1 been deprecated:
> >
> > Acc
On Sat, Dec 17, 2016 at 06:05:49PM +0100, Nicolas Chauvet wrote:
> Maybe we need to rename FUTURE by QUITE_SOON instead, because the
> error you have pointed is about sha-1 been deprecated:
>
> According to this blog, chrome will remove support for sha-1
> certificates on 1 January 2017 (it's an
On Tue, Dec 13, 2016 at 05:54:54PM +0100, Florian Weimer wrote:
> On 12/13/2016 12:17 PM, Lennart Poettering wrote:
> > On Mon, 12.12.16 21:22, Paul Wouters (p...@nohats.ca) wrote:
> > > For us (libreswan) it probably makes less sense to restrict address
> > > family in the daemon. Our daemon just
On Fri, Dec 09, 2016 at 11:29:29AM -0500, Stephen John Smoogen wrote:
> Ah thanks. I have fixed the title and added a reverse stacked graph
>
> https://smooge.fedorapeople.org/fedora-all-stacked-ma.png
What happened in late 2014?
smime.p7s
Description: S/MIME cryptographic signature
On Sat, Nov 12, 2016 at 03:33:10PM +1030, Glen Turner wrote:
> > RFC 2606[1] reserves several TLDs that may never be registered for
> > public usage. Out of those, going with
> > Fedora-.localhost
> > seems like the best bet.
>
> The *reason* localhost is a reserved name is to discourage
On Sun, Apr 24, 2016 at 01:15:15AM +0200, Lars Seipel wrote:
> On Sat, Apr 23, 2016 at 02:57:55PM +0200, Kevin Kofler wrote:
> > Matthew Garrett wrote:
> > > Remote attestation is a mechanism by which […]
> >
> > How does the remote machine know that what is answering is a physical TPM
> > and
On Fri, Jan 22, 2016 at 09:42:11AM +0100, Jan Kurik wrote:
> = Proposed Self Contained Change: Ping IPv6 =
> https://fedoraproject.org/wiki/Changes/PingIpv6#Ping_IPv6
>
> Change owner(s):
> * Jan Synacek, Nikos Mavrogiannopoulos
>
> ping should be able to work with IPv6 and IPv4 addresses,
a completely fair requirement to make, and if
> you did sign your domains then this should really mean "don't allow
> anything below my domain except what I define here or delegated".
Why would you say that? Split horizon with DNSSEC works fine -- just
sign both external
is not secured and the spoofing will still work as
long as the local name server uses the name server provided by the
router for its answers. I think this is the default as long as the
router supports recursive resolution, EDNS0, and doesn't corrupt
RRSIG/NSEC/... records.
--
Scott Schmit
smime.p
On Fri, Dec 04, 2015 at 02:54:44PM -0500, James Antill wrote:
> On Fri, 2015-12-04 at 15:55 +0100, David Tardon wrote:
> > On Thu, Dec 03, 2015 at 04:13:56PM -0500, James Antill wrote:
> > > That helps, but then what? The user understands (s)he now has to find
> > > out how to fix it, and they
On Wed, Nov 11, 2015 at 01:54:32PM -0500, Adam Jackson wrote:
> ===
> #fedora-meeting: FESCO (2015-11-11)
> ===
The meeting summary isn't showing the resolutions from the meetings
properly. Reading the summary...
> Meeting summary
On Tue, Nov 03, 2015 at 01:12:09PM -0500, Pavel Simerda wrote:
> You can of course have combinations. We can add that once we have
> specific test cases that would show importance of a standalone category
> for such a setup. Otherwise one would usually view IPv6 global and IPv6
> local
On Tue, Nov 03, 2015 at 09:50:53AM -0800, Moez Roy wrote:
> The IPv6 updates are breaking stuff (and probably increasing the
> attack surface):
>
> Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1
> in /etc/sysctl.conf
> https://bugzilla.redhat.com/show_bug.cgi?id=1231946
>
On Thu, Oct 29, 2015 at 11:15:10AM -0400, Pavel Simerda wrote:
> I am writing to Fedora development mailing lists to get opinions
> and ideas regarding our project on improving IPv6 support in
> Fedora across its components.
>
> https://fedoraproject.org/wiki/QA/Networking
>
> Most prominent
On Mon, Sep 14, 2015 at 09:09:47PM +0200, Reindl Harald wrote:
> Am 14.09.2015 um 21:04 schrieb Adam Williamson:
> >But just two posts ago you were drawing a distinction between an 'OS'
> >and a 'distribution' and saying that Fedora ought to be a distribution
> >not an OS.
> >
> >So basically
was told that router configurations
were out of scope for NM (at least, at that point in time).
Has that changed? (Or maybe I'm misremembering some nuance...)
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https
.
It seems to me that we could tweak this somewhat: only if a user
account was created OR remote users have been configured
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo
into a
release as the default init system. And I'm only counting messages on
fedora-devel.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct
/want a
password allowing standard login (though the admin will do su -
gitolite from root for initial setup or version migration).
See http://gitolite.com/gitolite/how.html for more details on how
gitolite's ssh authentication works.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic
On Sat, Jan 18, 2014 at 11:47:37PM -0500, Rahul Sundaram wrote:
On Sat, Jan 18, 2014 at 8:20 PM, Andre Robatino wrote:
I replaced the typo scriplet - scriptlet in several places in that page,
including the anchor link. Don't know if that breaks any existing links.
Thanks. I just sent out
On Sun, Jan 19, 2014 at 12:23:42PM -0500, Scott Schmit wrote:
On Sat, Jan 18, 2014 at 11:47:37PM -0500, Rahul Sundaram wrote:
On Sat, Jan 18, 2014 at 8:20 PM, Andre Robatino wrote:
I replaced the typo scriplet - scriptlet in several places in that page,
including the anchor link. Don't
?
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
On Mon, Feb 04, 2013 at 03:03:08PM +0100, Kay Sievers wrote:
On Thu, Jan 31, 2013 at 2:45 PM, Scott Schmit wrote:
Current:
em1 - enp2s0
That is expected, and actually the right thing to do. Udev cannot
apply such it looks like it is embedded heuristics for very
practical technical
, dhcp4 broke I had to set up my
network interface manually until I could get the appropriate packages
updated -- knowing which was my wired interface was really helpful then!
(And yes, upgrades don't rename anything. Imagine it was a 19 - 20
upgrade with the same problem.)
--
Scott Schmit
to easily create complex firewall rules without the knowledge
of iptables syntax.
Where is this language documented, or is it still to be designed?
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https
that route?
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
needing to rpm -e it in %post.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
slipped through the
cracks.
Just an idea...
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
not sure that is a good bargain.
Once F20 rolls out and F17 goes EOL, maintainers can simply
s/systemd_post_enable/systemd_post/ and then things won't be so ugly (or
final).
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
files, etc).
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
picking up the new macros (unless they already have
different spec files per Fedora version).
HTH
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
a bootloader password.
See pyanaconda/bootloader.py , around line 1730 (that's in the f17
branch) - write_defaults(self) .
Is there some reason this can't be refactored into a standalone
executable that is included in one of the grub* packages?
--
Scott Schmit
smime.p7s
Description: S/MIME
problems.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
is the globbing in bash and in the
whole environment working.
So ls *.foo should list the entire directory if no files match *.foo?
It's a bad habit for me to expect ls *.foo to return nothing in this
case? You're going to need to convince me.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic
to remove packages. You'll want to be careful how packages are
specified during the install: the latest upgrade of dracut no longer
requires plymouth. Since nothing else does, yum was offering to
uninstall it for me--until I changed its reason.
--
Scott Schmit
smime.p7s
Description: S/MIME
(or, will have me thinking about it when I have cycles to
spare) whether I did this well enough, but the premise is sound.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo
anyway. You do realize that
turn it off before you install is the same as turn it off before you
install a modified kernel, right? Except that you aren't forced to do
so just to use Linux at all?
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel
are available. I know that the OS can't update the trusted key set
itself -- that must be done by the user via the firmware directly.
The OS can update the blacklists without the user's help, however (but
the update must be signed with a trusted key).
--
Scott Schmit
smime.p7s
Description: S
On Fri, Feb 10, 2012 at 11:58:32AM +0100, Miloslav Trmač wrote:
The feature process is currently being revised, and at least some of
these issues have been brought up at
https://fedoraproject.org/wiki/Fixing_features . What would be
especially useful is to find ways to improve the feature
it
happen break--not because of bugs, but because unwanted features like
configuration file changes, ABI changes, etc made your stuff stop
working until you stop everything and fix whatever changed.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel
7, etc turns up nothing.
There is a man page for daemon(3), but it doesn't look like the man page
you seem to be citing.
Thanks!
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman
-0.11.0/ri/PGconn/internal_encoding%3d-i.yaml
^^^
Hence broken.
--
Scott Schmit
smime.p7s
Description: S/MIME cryptographic signature
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org
patches to GNOME3 (albeit in Javascript instead of C). That's
tantamount to saying if you don't like it, you can always fork the
code! It also ignores that not all users are developers or that not all
those who are want to rewrite/modify GNOME3.
--
Scott Schmit
--
devel mailing list
devel
). Thankfully, that's rare, but I'd argue that it's
*because of* that conservatism, not in spite of it.
--
Scott Schmit
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Thu, Jul 22, 2010 at 12:36:34PM +1000, Dave Airlie wrote:
On Thu, 2010-07-22 at 04:25 +0200, Lennart Poettering wrote:
i.e. the enable/disable commands makes some changes for the next
time they are looked at, and then adding --realize on top makes those
changes take effect immediately,
57 matches
Mail list logo