> "Adrian" == Adrian Bunk writes:
Adrian> On Thu, Feb 16, 2023 at 05:48:22PM +0100, Daniel Leidert wrote:
>> Am Donnerstag, dem 16.02.2023 um 18:37 +0200 schrieb Adrian Bunk:
>> > On Wed, Feb 15, 2023 at 12:05:41AM +0100, Daniel Leidert wrote:
>> > > ... > > Reasons: > > ...
Replying off list, because I don't think it matters much for the RT
discussion.
> "Russ" == Russ Allbery writes:
Russ> Yes, I'm probably understating the difficulty of making this
Russ> change in practice inside image building software as it's
Russ> currently constructed.
R
> "Adrian" == Adrian Bunk writes:
Adrian> Below is my attempt to give an overview of the situation,
Adrian> feel free to amend/correct if anything is missing or wrong.
I believe your summary is correct and includes the issues I am aware of.
I believe I am following things enough tha
> "Theodore" == Theodore Ts'o writes:
Theodore> So enabling what may be convenient, but ultimately an
Theodore> anti-pattern is something that hopefully in the long-term
Theodore> Debian should be trying to *avoid*.
That's certainly true.
I am not entirely convinced that using c
> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael> makes 37 affected packages in bookworm.
If I'm understanding this issue correctly, the concern would be a
package that moved from /lib/systemd/system to /usr/lib/systemd/s
>>>>> "Michael" == Michael Biebl writes:
Michael> Am 21.02.23 um 17:45 schrieb Sam Hartman:
>>>>>>> "Michael" == Michael Biebl writes:
Michael> Excluding packages that only ship overrides/drop-ins, this
Michael&
> "Antonio" == Antonio Terceiro writes:
Antonio> On Wed, Feb 22, 2023 at 09:24:29AM -0700, Scarlett Moore wrote:
>>
>> On 2/21/23 15:03, Ryan Kavanagh wrote:
>> > On Sun, Feb 19, 2023 at 09:01:56AM -0700, Scarlett Moore wrote:
>> > > Description : A tool for glamourous sh
> "Wouter" == Wouter Verhelst writes:
Wouter> On Wed, Feb 15, 2023 at 02:38:10PM -0500, Marvin Renich wrote:
>> > > > - the service fails to start in the postinst.
>>
>> This implies that "the service is running" is part of "the
>> service is configured", which is where I
> "Sean" == Sean Whitton writes:
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55AM +01, Sebastian Ramacher wrote:
>> Unless I am missing something, having dh_installsystemd look at
>> the service files in /usr/lib is the only viable solution for
>> bullseye -> bookworm. We
>>>>> "Sebastian" == Sebastian Ramacher writes:
Sebastian> On 2023-02-23 11:12:00 -0700, Sam Hartman wrote:
>> >>>>> "Sean" == Sean Whitton writes:
>>
Sean> Hello,
Sean> On Wed 22 Feb 2023 at 09:55
> "Sebastian" == Sebastian Ramacher writes:
Sebastian> Can you expand your concern? I expect that this issue
Sebastian> goes away as soon as we can assume that all systems are
Sebastian> /usr-merged. At that point I expect that we are able to
Sebastian> drop the workaround fro
>> Moreover, I suspect in a number of the cases related to this
>> current bug, replaces will be likely. I suspect that in some of
>> the cases where units have been introduced that are disabled
>> currently, but will be enabled by the dh_installsystemd change,
>> we will disco
> "Michael" == Michael Biebl writes:
Michael> If a service is not supposed to be enabled, then an
Michael> override for dh_installsystemd is the correct solution,
Michael> setting --no-enable, but not by moving it into a
Michael> subpackage.
Sorry, I was imprecise.
Imagine so
Package: gnome-shell
Version: 43.1-2
Severity: normal
Tags: a11y
I've also reproduced against 43.3-1, but it's harder to send email from that
system.
I'm blind, running gnome on X using orca as a screen reader.
In bullseye I could hit ctrl-alt-tab to switch up to the top bar, and then use
shift
> "Simon" == Simon McVittie writes:
Simon> If click-to-focus is suitable for your workflow, the focus
Simon> mode can be reset to the default with this command:
Simon> gsettings reset org.gnome.desktop.wm.preferences focus-mode
I tried running that and can still reproduce the iss
> "Simon" == Simon McVittie writes:
Simon> On the upstream issue, a bug reporter mentions that to
Simon> reproduce the bug, you need two things: the focus mode needs
Simon> to be set to "sloppy focus", and there needs to be at least
Simon> one window open on the current worksp
> "Jeremy" == Jeremy Bícha writes:
Jeremy> Open the GNOME Tweaks app. Scroll down the left sidebar to
Jeremy> the panel named Windows. In the main panel, scroll down to
Jeremy> the Window Focus section. Click to Focus should be
Jeremy> selected.
Jeremy> I haven't spent
control: severity -1 normal
> "Cyril" == Cyril Brulebois writes:
Cyril> serious & wontfix make for a strange combination…
Yeah, my bad for dropping the ball.
My intent with wontfix was to create a pause and better understand the
issue.
As I understand it,
* On first install, pam_names
Package: csound
Version: 1:6.18.1+dfsg-1
Tags: fixed-upstream, upstream
See https://github.com/csound/csound/issues/1707
I'd like to NMU a fix once things settle down on the upstream side and
I'd like to file an unblock request (or a stable update request if
this misses the bookworm release).
I'
> "Russ" == Russ Allbery writes:
Russ> krb5-config on a system without a compiler. In general, all
Russ> *-dev packages in Debian are only useful with a compiler,
Russ> since their whole purpose is to provide support for linking
Russ> new binaries with libraries. We generally
> "Andreas" == Andreas Beckmann writes:
Andreas> The fix should be easy: your package is using adduser or
Andreas> deluser from the adduser package, which is only priority
Andreas> important. Using useradd or userdel from the passwd package
Andreas> (priority required) should f
> "Luca" == Luca Boccassi writes:
Luca> It has come to my attention that there is one package in
Luca> Debian using dpkg-divert to mask a systemd configuration file
Luca> (an udev rule). Speaking as one of the maintainers, both
Luca> upstream and downstream, I find this great
> "Marc" == Marc Dequènes (duck) writes:
Marc> Quack,
Marc> Thanks for adding the feature in #1004000 but it unfortunately
Marc> does not work.
Um, yeah,:-(
I finally got a chance to look into this.
I think the following patch fixes my logic error.
I've also added autopkgtests
> "Lucas" == Lucas Nussbaum writes:
Lucas> When using config snippets in /usr/share/pam-configs/, it
Lucas> seems that 'Session-Interactive-Only: no' is equivalent to
Lucas> 'Session-Interactive-Only: yes'.
I'm not going to fix in this upload, because I don't have time to test a
> "Steve" == Steve Langasek writes:
Steve> I've therefore prepared and uploaded the attached patch to
Steve> mantic, which implements your option 1. I note you only
Steve> mentioned adding Breaks: against older libk5crypto3; a scan
Steve> of the binary packages showed many oth
> "Ansgar" == Ansgar writes:
Ansgar> And the more important question: how often do we want to
Ansgar> rehash the usrmerge discussion? At some point we should
Ansgar> stick with a decision and not endlessly restart discussions
Ansgar> (unless something really significant chang
TL;DR: I think I understand one of Ian's points. I explain, but do not
believe it is compelling as an argument to switch direction.
> "Helmut" == Helmut Grohne writes:
>> I think "package management" is the wrong term here. It's not
>> just our tools and packages that are affected.
> "Sean" == Sean Whitton writes:
Sean> - it would be good to do some accessibility testing of some
Sean> kind, at least with screenreaders. But maybe the fact that
Sean> you've based your theme on an existing, popular Sphinx theme
Sean> means this is covered?
I'm happy to te
>>>>> "Stéphane" == Stéphane Blondon writes:
Stéphane> Le ven. 3 nov. 2023 à 15:43, Sam Hartman
Stéphane> a écrit :
>> >>>>> "Sean" == Sean Whitton writes:
>>
>> I'm happy
> "Bastian" == Bastian Germann writes:
Bastian> X-Debbugs-Cc: vor...@debian.org Hi Sam and Steve,
Bastian> On Wed, 1 Mar 2023 18:34:50 +0100 Bastian Germann wrote:
Bastian> I would volunteer to provide a patch for this but only if
Bastian> it will be considered.
The patch is
Bastian> Your suggestion splitting out and removing after one
Bastian> release would be fine for me.
Helmut, I was hoping for a sanity check.
Bastian wants to split out some code from pam.
He wants to move pam_userdb.so into its own package to remove db5.3 from
the pseudo-essential set.
> "Helmut" == Helmut Grohne writes:
Helmut> pam fails to build from source in unstable, because quilt no
Helmut> longer recognizes the QUILT_PATCHES_DIR variable and
Helmut> therefore does not find a series file. Renaming it to
Helmut> QUILT_PATCHES fixes the build.
I applied
> "Lucas" == Lucas Nussbaum writes:
Lucas> Hi,
Lucas> As an additional data point, I can still reproduce this
Lucas> failure.
So, my understanding is that so far for you it always fails, and the
evidence so far suggests that it generally (or always, but I am not sure
we have long
>>>>> "Lucas" == Lucas Nussbaum writes:
Lucas> On 26/10/23 at 07:45 -0600, Sam Hartman wrote:
>> >>>>> "Lucas" == Lucas Nussbaum writes:
Lucas> Hi,
>>
Lucas> As an additional data point, I can still re
> "Samuel" == Samuel Thibault writes:
Samuel> strlcat and strlcpy were indeed added to glibc in version
Samuel> 2.38, so it's not surprising that krb5 doesn't define its
Samuel> internal versions any more, and the attached patch can
Samuel> probably be applied?
I guess I'd ne
> "John" == John Goerzen writes:
John> I am attempting to enable curl support in dar. dar provides a
John> standard binary and dar_static, which is to be used for
John> emergency system rescues.
John> Curl provides a static version (.a). Unfortunately, curl uses
John> g
> "Samuel" == Samuel Thibault writes:
Samuel> Why? Having spurious symbols doesn't break the build, and
Samuel> these are internal symbols so that shouldn't harm
Samuel> reverse-dependencies.
Actually, the way I have it configured, extra symbols should break the
build. I want th
attacker can cause
+kadmind to free an uninitialized pointer. Upstream believes remote
+code execusion is unlikely, Closes: #1043431
+
+ -- Sam Hartman Mon, 14 Aug 2023 14:06:53 -0600
+
krb5 (1.20.1-2) unstable; urgency=medium
* Tighten dependencies on libkrb5support0. This means that
) bullseye; urgency=medium
+
+ * Fixes CVE-2023-36054: a remote authenticated attacker can cause
+kadmind to free an uninitialized pointer. Upstream believes remote
+code execusion is unlikely, Closes: #1043431
+
+ -- Sam Hartman Mon, 14 Aug 2023 14:42:46 -0600
+
krb5 (1.18.3-6+deb11u3
package: nfs-utils
severity: important
justification: regression from bullseye with silent failure
version: 1:2.6.2-4
Hi.
I've noticed that since upgrading to bookworm the refer option in
/etc/exports appears to be entirely ignored.
Looking through the sources to exportd and support/export/cach
control: severity -1 important
> "Otto" == Otto Kekäläinen writes:
Otto> Seems the package already has correct depends in
Otto>
https://salsa.debian.org/debian/krb5/-/blob/master/debian/control#L354-358:
The 1.16 is coming from is libkrb5support0.symbols.
libkrb5-3 already depend
> "Matthew" == Matthew Vernon writes:
Matthew> On 15/05/2023 16:54, Bdale Garbee wrote:
>> I could.
>>
>> Can you provide an example of actual value delivered to Debian
>> from merged-/usr?
Matthew> With respect, I don't think this line of argument is going
Matth
Hi.
Off list, I wanted to try to explain what I think merged /usr has
brought us that is positive.
I want to stress that I'm not a huge fan of merged /usr, and I know
you've encouraged me not to argue from a devil's advocate position in
the past.
All the things I cite here are things I actually t
>>>>> "Sam" == Sam Hartman writes:
Sam> Hi. Off list, I wanted to try to explain what I think merged
My apology for sending a mail intended to be private to the bug. It was
not my intent to clutter an already cluttered discussion. I was really
just
equired, Closes: #1036055
+
+
+ -- Sam Hartman Mon, 15 May 2023 17:44:41 -0600
+
krb5 (1.20.1-1) unstable; urgency=high
[ Bastian Germann ]
diff --git a/debian/libkrb5support0.symbols b/debian/libkrb5support0.symbols
index 827d80898a..5c3de884f5 100644
--- a/debian/libkrb5support0.symbo
> "Steve" == Steve Langasek writes:
Steve> Hi Sam,
Steve> I've run into a problem with openldap not being
Steve> bootstrappable for the time_t transition because it
Steve> build-depends on krb5-kdc, and krb5-kdc is uninstallable on
Steve> arm* because of a hard-coded dep
> "Samuel" == Samuel Henrique writes:
Samuel> This seems to be the biggest threat to the GnuTLS switch so
Samuel> far.
Samuel> In the meantime, if any of you could provide an easy
Samuel> reproducer, it would save us a bit of time.
So, for example with a yubikey with the PIV
> "Helmut" == Helmut Grohne writes:
Helmut> In bullseye and earlier, I guess it works.
Helmut> If you start with bullseye or earlier, upgrade to bookworm
Helmut> and then to trixie, it continues to work, because the dash
Helmut> maintainer scripts preserve any diversion that
> "Daan" == Daan De Meyer writes:
Daan> Dear Maintainer, As described in
Daan> https://github.com/linux-pam/linux-pam/pull/373, unix_chkpwd
Daan> does not need to be setuid or setgid anymore if it is given
Daan> cap_dac_override via filecaps instead. I would like debian to
> "Andreas" == Andreas Tille writes:
Andreas> Are there any blockers to accept this DEP which I might
Andreas> have missed?
Honestly, the git-buildpackage default layout is good enough, and dep-14
involves change that doesn't feel like it brings enough value to me.
I.E. I think t
> "Mo" == Mo Zhou writes:
Mo> On 1/5/24 11:45, Ansgar wrote:
>> Then the package should be in main.
>>
>> We do not require external software to be free as well, be that
>> Web APIs provided by Github, Twitter, or the NVidia firmware
>> required for Nouveau, microcode
> "Anders" == Anders Jonsson writes:
Anders> Hi Martin, one change in this one (fixed spelling of
Anders> "användare").
I don't think you attached a .po file.
> "Helmut" == Helmut Grohne writes:
Helmut> Package: tech-ctte Given our discussion at the last CTTE
Helmut> meeting, I am turning my request for advice into a formal
Helmut> one.
Helmut> Most of the /usr-move that is happening via DEP17 seems to
Helmut> be working out, b
> "Russ" == Russ Allbery <[EMAIL PROTECTED]> writes:
Russ> Mark Eichin <[EMAIL PROTECTED]> writes:
>> Package: krb5-clients Version: 1.4.4-7etch1 Severity: normal
>> According to http://web.mit.edu/kerberos/mail-lists.html krb5
>> bugs should be submitted with krb5-send-pr. I
> "Russ" == Russ Allbery <[EMAIL PROTECTED]> writes:
Russ> Christian Perrier <[EMAIL PROTECTED]> writes:
>> Template: krb5-admin-server/newrealm Type: note _Description:
>> Setting up a Kerberos Realm This package contains the
>> administrative tools required to run the Kerbero
tags 422687 help
thanks
This is most strange. The input_token to that call should be a
pointer, not 0x1.
I definitely cannot reproduce the problem you are seeing either using
password auth, kerberos auth or a combination.
I've tried both on amd64 and i386.
Can I get you to try running sshd
thanks
Date: Tue, 08 May 2007 10:37:38 -0400
In-Reply-To: <[EMAIL PROTECTED]> (Jon DeVree's message of
"Tue, 8 May 2007 03:20:41 -0400")
Message-ID: <[EMAIL PROTECTED]>
User-Agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=us-asc
Package: dpkg-dev
Version: 1.13.25
Severity: normal
I have an i386 system with both i386 and amd64 libraries in
/etc/ld.so.conf. This is useful because it makes it easier to run
amd64 binaries. Modern ld.so will just skip libraries of architecture
that conflict with the executable. However, dp
Package: emacspeak
Version: 26.0-1
Severity: serious
emacs21 -batch -q -no-site-file -eval '(setq vc-handled-backends nil)' -l
/usr/share/emacs21/site-lisp/emacspeak/lisp/emacspeak-load-path.el -l
/usr/share/emacs21/site-lisp/emacspeak/lisp/emacspeak-loaddefs.el -l
/usr/share/emacs21/site-li
# Automatically generated email from bts, devscripts version 2.10.35
# via tagpending
#
# krb5 (1.6.dfsg.4~beta1-4) unstable; urgency=low
#
# * Translation Updates:
# - Dutch, Thanks Vincent Zweije, Closes: #495733
#
package krb5 krb5-admin-server krb5-user libkrb5-dbg krb5-pkinit libkrb5-d
package barnowl
severity 487113 important
thanks
It turns out this bug is only effecting two users, and happens fairly rarely so
it is not RC.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Does the code fail if you dpkg-reconfigure and tell krb5-config that
you are using DNS? My view is that the authoritative state for
whether you are using DNS (or more precisely whether you want your
kdcs in krb5.conf) lives in debconf and if you change that state, you
should run dpkg-reconfigure.
severity 510419 normal
thanks
Please write up an explanation of what you think is wrong and why with
explicit citations to policy.
Once you provide enough detail, I'll consider whether this is RC or
not. I understand you've already convinced Russ, but it is entirely
non-obvious to me.
--
T
> "Harald" == Harald Dunkel writes:
Harald> I would suggest to fix this asap. AFAICS Debian's Kerberos
Harald> installation is not supposed to be configured following
Harald> MIT's official documentation on
Harald> http://web.mit.edu/Kerberos/krb5-1.6/#documentation. If
Ha
>>>>> "Harald" == Harald Dunkel writes:
Harald> Sam Hartman wrote:
>> You could choose to use the MIT documentation if you like. I
>> personally find krb5_newrealm easier.
>>
Harald> Thats because you know what the script
severity 507072 important
thanks
According to section 10.2 of policy, non-public libraries *should* be
installed in sub-directories of /usr/lib. This i a should not a must;
as such this is not RC.
--Sam
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of
So, I've been thinking about this issue. I'm not sure I have great
solutions for the etch->lenny case. However it seems like we could do
better for the future.
Here's a possibility. When libpam failes to be able to dlopen a
module, it could look at a version epoch stored somewhere in s/etc.
package: libhid
version: 0.2.15+20060325-2.2
tags: patch
diff -N -ur libhid-0.2.15+20060325/debian/changelog
libhid-0.2.15+20060325.tabbott/debian/changelog
--- libhid-0.2.15+20060325/debian/changelog 2006-08-11 12:45:17.0
-0400
+++ libhid-0.2.15+20060325.tabbott/debian/changelog
> "Russ" == Russ Allbery <[EMAIL PROTECTED]> writes:
Russ> Sam, do you know what parts of kadmind use the random number
Russ> generator? Is it sufficient for security to seed the random
Russ> number generator before the first client connection is
Russ> handled, or does it have
Hi.
Kerberos 1.5 does include support for doing this although it is not
available all the places you would like it to be.
So I'll close this when Debian upgrades to 1.5.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: gnopernicus
Version: 1.0.5-1
Severity: serious
luminous:/usr/lib# srcore
srcore: error while loading shared libraries: libgnome-mag.so.2: cannot open
shared object file: No such file or directory
I think that libgnome-mag2 is too loose of a dependency.
Also, I cannot find which version
: #477296
# -- Sam Hartman Wed, 22 Apr 2009 09:53:15 -0400
#
package krb5-user libkrb5-dbg krb5-kdc krb5-rsh-server krb5-ftpd krb5-doc
libkadm5srv6 krb5 krb5-admin-server libk5crypto3 krb5-kdc-ldap libkrb5-dev
krb5-pkinit libkadm5clnt6 krb5-clients libkdb5-4 krb5-telnetd libkrb5support0
# Automatically generated email from bts, devscripts version 2.10.35lenny1
# via tagpending
#
# krb5 (1.7~beta1+dfsg-1) experimental; urgency=low
#
# * New upstream release
#- kadmin and related commands moved to /usr/bin, Closes: #477296
#- Kadmin headers are Public: Closes: #191616
#
I'm guessing that this is a server system that you're sshing into or a virtual
machine or something
and so the kernel is not getting a lot of random data.
I'm not entirely sure what to tell you: it's really incredibly
important that you have good random data when running krb5_newrealm.
I don't kn
> "Roman" == Roman Bojczuk writes:
Roman> I waited about 10 minutes and just randomly hit keys on the
Roman> keyboard while it was generating random data. I have an
Roman> Intel dual core 1.6 GHz machine which does not usually take
Roman> too long to generate randomness. Than
As best I can tell these symbols were only ever available with the
KRB5_PRIVATE preprocessor define set in the compilation environment.
Symbols made available by the KRB5_PRIVATE symbol are not part of the
public ABI/API of the krb5 libraries. They may be renamed, removed,
arguments changed witho
package: libauthen-krb5-admin-perl
Version: 0.11-1
Severity: important
Tags: patch
Hi. Kerberos 1.7 just entered unstable. Kerberos 1.7 makes the
admin.h interface public, so it should be possible to use the actual
upstream interface rather than an internal header taken from the
upstream sources
package: libzephyr3-krb
severity: grave
justification: cannot be installed using packages in unstable
Version: 2.1.20070719.SNAPSHOT-1.2
Hi. With the removal of libkrb53 from unstable, libzephyr3-krb can no
longer be installed in unstable.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@
severity 527353 important
tags 527353 moreinfo
thanks
"works for me" between two Debian systems. Can you please tell me the
server software, and include klist -5e output after running ssh?
If the server is Debian, make sure it is running the same version of
libgssapi-krb5-2 and libkrb5-3 (assu
*sigh* I begin to question the wizdom of agreeing that 510419 was
actually a bug.
Yes, I think an extra internal flag is the right approach. I'm going
to be mucking with kerberos-configs to get rid of krb4-configshortly and will
deal.
However if we get any more problems with 510419, I'm going b
Actually, I'm no longer convinced that a flag is the right approach.
I have a solution that involves fixing this bug along with the
wishlist bugs. An explanation is too long to fit in the margin of
this message, but will be sent out when I get to it so others can
review.
Components:
* use bind9-h
Package: heimdal-kdc
Version: 1.2.dfsg.1-4
Severity: important
Tags: upstream
Hi.As discussed in bug #527353, Heimdal fails to follow the
requirement at the top of page 35 of RFC 4120 that when an
authenticator subkey is used in the TGS request, the response needs to
be encrypted in that subkey, n
I found a test environment and have reproduced the environment.
Will keep you and the bug posted.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> "Sébastien" == Sébastien Tisserant writes:
Sébastien> Hi, I have the same problem
Sébastien> ssh gives me : debug1: Unspecified GSS failure.
Sébastien> Minor code may provide more information Decrypt
Sébastien> integrity check failed
What kerberos libraries were running on
In the interests of easing the krb5 transition I'd like to see
nfs-utils transition to testing. As best I can tell, this is not an
RC bug. If it is a bug, not a behavior change, it does not render the
package unusuable. I'd recommend important as a severity.
--Sam
--
To UNSUBSCRIBE, email
> "Eric" == Eric Dorland writes:
Eric> Client is up2date unstable, and where I reported the bug.
Eric> Server is debian stable, running the heimdal kdc, version
Eric> 1.2.dfsg.1-2.1. It doesn't have libgssapi-krb5-2 and
Eric> libkrb5-3 installed.
OK. I believe that 1.7dfsg~b
Package: cyrus-sasl2
Version: 2.1.22.dfsg1-25
Severity: normal
Hi. There is a configure test to link against libkrb5support0 even
though the distribution uses none of the symbols from that library.
This creates a dependency between libsasl2-modules-gssapi-mit and
libkrb5support0. Unfortunately,
severity 527468 serious
reassign 527468 libgssapi-krb5-2
tags 527468 moreinfo
thanks
Any chance you could see where it's segfaulting with a backtrace or
something? As is, the bug's not much to go on.
I don't have a test environment handy and will admit that I've not had
much luck getting NFS an
severity 527468 serious
reassign 527468 libgssapi-krb5-2
tags 527468 moreinfo
thanks
Any chance you could see where it's segfaulting with a backtrace or
something? As is, the bug's not much to go on.
I don't have a test environment handy and will admit that I've not had
much luck getting NFS an
>>>>> "Bastian" == Bastian Blank writes:
Bastian> On Wed, May 13, 2009 at 10:20:46AM -0400, Sam Hartman wrote:
>> Any chance you could see where it's segfaulting with a
>> backtrace or something? As is, the bug's not much to go
Thanks much.
I think I roughly understand the problem area.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
> "Simon" == Simon Josefsson writes:
8Simon> Hi. It seems the doc/krb5-protocols/ directory wasn't
Simon> removed in the upload of this *.orig.tar.gz. This is a
Simon> regression of #393380.
Yes. I screwed up the import of 1.7dfsg~beta1. I depend on the
filter feature of git
I can't reproduce this.
Password for hartm...@athena.mit.edu:
Enter new password:
Enter it again:
Password change rejected: New password is too short.
Please choose a password which is at least 6 characters long.
luminous:/# zcat /usr/share/doc/krb5-user/ |head -1
zcat: /usr/share/doc/krb5-user/ is
Paul, letting us know that it works against a lenny server but not a
sid server is very interesting. That probably means that the etype
negotiation support introduced in 1.7 is not quite doing the right
thing.
Things to check:
[I'm not saying you should check these; this is mostly for Kerberos pe
This patch would be hugely easier to review (and would thus get
reviewed much sooner and uploaded) if it were split apart into
patching describing what you were trying to do and including a small
code change that is consistent with that description. For example, if
you were to clone the git repo m
Can I get you to make sure that your krb5.conf explicitly lists the
KDCs for the realms in question, and that each KDC ends with a trailling period.
I.E.
kdc = kerberos.your.domain.
not
kdc = kerberos.your.domain
Also, do you see slowness the first time you open a location or all the time?
--
> "Marc" == Marc Dequènes (Duck) writes:
Marc> Coin, In fact, the patch is mostly identical to the previous
Marc> one, just added 3 very small chunks to solve the same thing
Marc> as the previous patch. It is a fix because PATH_MAX,
Marc> MAXHOSTNAMELEN, and MAXPATHLEN should
> "Aleksandar" == Aleksandar Kostadinov writes:
Aleksandar> It is in the form kdc = : just like the
Aleksandar> standard entries in the file. This is the same as on
Aleksandar> the fedora system which is actually a virtualbox VM
Aleksandar> (with vbox nat networking) on the de
Thanks for the updated patch. I noticed you dropped the pthread hunk;
I'm assuming that is either not needed or you'll open a separate bug
on that issue.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.deb
Can I get you to make sure you have krb5-user installed,
kinit -c KEYRING:blah
and start firefox with the KRB5CCNAME environment variable set to KEYRING:blah
(to confirm you're using the keyring cache, probably doing a kdestroy
on your normal tickets would be good)
What I'm trying to do here is
701 - 800 of 1339 matches
Mail list logo
