Bug#795880: freedombox-setup: Avahi services are installed in the wrong directory

[Sunil Mohan]

On 08/17/2015 10:14 PM, Sunil Mohan Adapa wrote:
[...]
> Avahi service files from directory avahi-services seem to be installed
> incorrectly.  According to the man page, avahi-daemon reads service files from
> /etc/avahi/services/*.service . However, freedombox-setup seems to install the
> files as /etc/avahi/service/avahi-services/*.service
> 
> I have not confirmed that this is indeed a bug that is causing the intended
> function to not work correctly.

The attached patchset fixes the problem.

In addition it also moves various configurations into files properly
instead of outputting them during setup process.  The advantage of this
approach is that we can upgrade these files properly during an upgrade
to the next version.  Remove freedombox-setup also removes all these
files properly.

Tests performed on a full build image:

- Avahi services should get installed in /etc/avahi/services/*.service

- Apache configuration should be /etc/apache2/conf-available/freedombox.conf
-- Should be enabled by default
-- Plinth should work

- /etc/sysctl.d/freedombox.conf should exist and kernel parameters
should be set

- /usr/share/lxc/templates/lxc-debian-freedombox should exist

- For /usr/share/pam-configs/access-freedombox and
/usr/share/pam-configs/mkhomedir-freedombox
-- Contents should be proper
-- /etc/pam.d/common-session should have pam_mkhomedir
-- /etc/pam.d/common-account should have pam_access
-- (admin) root fbx should be able to login
-- Others should not be able to login
-- On login home directory should get created

- /etc/sudoers.d/freedombox should exist
-- Contents should be proper
-- Users in admin group should be able to sudo

- /usr/lib/freedombox/machine-detect should exist and work

-- 
Sunil
From 5782d176928d93e8876e4bcec56e8f487c50a28c Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Thu, 27 Aug 2015 19:59:27 +0530
Subject: [PATCH 01/10] Install avahi service files properly

Accordingly the man page avahi.service(5) files must be installed as
/etc/avahi/services/*.service .  However we are installing in
/etc/avahi/services/avahi-services/*.service . Fix this.

Also move the files to a more heirarchy that is easier to understand.
---
 avahi-services/domain.service   | 12 
 avahi-services/sftp-ssh.service | 14 --
 avahi-services/ssh.service  | 12 
 avahi-services/xmpp-server.service  | 12 
 data/etc/avahi/services/domain.service  | 12 
 data/etc/avahi/services/sftp-ssh.service| 14 ++
 data/etc/avahi/services/ssh.service | 12 
 data/etc/avahi/services/xmpp-server.service | 12 
 debian/freedombox-setup.install |  2 +-
 9 files changed, 51 insertions(+), 51 deletions(-)
 delete mode 100644 avahi-services/domain.service
 delete mode 100644 avahi-services/sftp-ssh.service
 delete mode 100644 avahi-services/ssh.service
 delete mode 100644 avahi-services/xmpp-server.service
 create mode 100644 data/etc/avahi/services/domain.service
 create mode 100644 data/etc/avahi/services/sftp-ssh.service
 create mode 100644 data/etc/avahi/services/ssh.service
 create mode 100644 data/etc/avahi/services/xmpp-server.service

diff --git a/avahi-services/domain.service b/avahi-services/domain.service
deleted file mode 100644
index f6210c1..000
--- a/avahi-services/domain.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_domain._udp
-53
-  
-
-
diff --git a/avahi-services/sftp-ssh.service b/avahi-services/sftp-ssh.service
deleted file mode 100644
index bfe1a0f..000
--- a/avahi-services/sftp-ssh.service
+++ /dev/null
@@ -1,14 +0,0 @@
-
-
-
-
-  %h
-
-  
-_sftp-ssh._tcp
-22
-path=/home/fbx
-u=fbx
-  
-
-
diff --git a/avahi-services/ssh.service b/avahi-services/ssh.service
deleted file mode 100644
index 7090f20..000
--- a/avahi-services/ssh.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_ssh._tcp
-22
-  
-
-
diff --git a/avahi-services/xmpp-server.service b/avahi-services/xmpp-server.service
deleted file mode 100644
index 4dc9b06..000
--- a/avahi-services/xmpp-server.service
+++ /dev/null
@@ -1,12 +0,0 @@
-
-
-
-
-  %h
-
-  
-_xmpp-server._tcp
-5269
-  
-
-
diff --git a/data/etc/avahi/services/domain.service b/data/etc/avahi/services/domain.service
new file mode 100644
index 000..f6210c1
--- /dev/null
+++ b/data/etc/avahi/services/domain.service
@@ -0,0 +1,12 @@
+
+
+
+
+  %h
+
+  
+_domain._udp
+53
+  
+
+
diff --git a/data/etc/avahi/services/sftp-ssh.service b/data/etc/avahi/services/sftp-ssh.service
new file mode 100644
index 000..bfe1a0f
--- /dev/null
+++ b/data/etc/avahi/services/sftp-ssh.service
@@ -0,0 +1,14 @@
+
+
+
+
+  %h
+
+  
+_sftp-ssh._tcp
+22
+path=/home/fbx
+u=fbx
+  
+
+
diff --git a/data/etc/avahi/services/ssh.service b/data/etc/avahi/services/ssh.service
new file mode 100644
index 000..7090f20
--- /dev/null
++

Bug#795764: freedombox-setup: Remove provide-source script

[Sunil Mohan]

On 08/16/2015 11:55 PM, Petter Reinholdtsen wrote:
[...]
>> pere, would you please comment on whether this is okay?
> 
> I suspect Bdale might know more about it.
> 

Bdale, would you please commit on it.

-- 
Sunil



signature.asc
Description: OpenPGP digital signature

Bug#795751: Patch available in another bug

[Sunil Mohan]

The patch for this bug is available in another bug #795880.

-- 
Sunil



signature.asc
Description: OpenPGP digital signature

Bug#795764: freedombox-setup: Remove provide-source script

[Sunil Mohan]

The current status of the source package feature is as follows:

- We are no longer building images with source packages in them (don't
know who made the change).

- Only people installing 'freedombox-setup' package from a regular
Debian install are affected by this feature.  These people are expected
technically knowledgeable enough to install Debian and after that
install freedombox-setup on top.  I believe these are people who need
feature the least.  Since if they are able to get the binaries (using
apt or a GUI), they can get sources too if they want.

The attached patch proposes to at least disable getting the sources for
people installing 'freedombox-setup' package.

The have performed the following tests:

- On a fully built image, sources should be present in /usr/share/packages

- When install freedombox-setup on a regular Debian machine, sources
should be downloaded.

-- 
Sunil
From c26ff3c8762b695ce1e2ab1cbb04d3737b36e4d5 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Thu, 27 Aug 2015 22:22:21 +0530
Subject: [PATCH 1/2] Remove outdated code in fetching source

---
 setup.d/99_provide-source | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/setup.d/99_provide-source b/setup.d/99_provide-source
index 0068fde..4068ab0 100755
--- a/setup.d/99_provide-source
+++ b/setup.d/99_provide-source
@@ -4,9 +4,7 @@
 # source to be available, by providing the source of every package
 # used.
 
-# TODO Remove on 1/1/15: " || [ 'true' = "$NOSOURCE" ]"
-if [ 'false' = "$SOURCE" ] || [ 'true' = "$NOSOURCE" ] ; then
-
+if [ 'false' = "$SOURCE" ] ; then
 echo "Not adding source packages to filesystem (SOURCE=false)"
 exit 0
 else
-- 
2.5.0


From 88bb947a36f8b46175c11e20c3275f71ae032f32 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Thu, 27 Aug 2015 22:28:15 +0530
Subject: [PATCH 2/2] Default to not fetching source

---
 setup.d/99_provide-source | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/setup.d/99_provide-source b/setup.d/99_provide-source
index 4068ab0..45558a6 100755
--- a/setup.d/99_provide-source
+++ b/setup.d/99_provide-source
@@ -4,11 +4,11 @@
 # source to be available, by providing the source of every package
 # used.
 
-if [ 'false' = "$SOURCE" ] ; then
+if [ 'true' = "$SOURCE" ] ; then
+echo "Adding source packages to file system"
+else
 echo "Not adding source packages to filesystem (SOURCE=false)"
 exit 0
-else
-echo "Adding source packages to file system"
 fi
 
 targetdir=/usr/src/packages
-- 
2.5.0



signature.asc
Description: OpenPGP digital signature

Bug#792833: (no subject)

[Harlan Lieberman-Berg]

Control: tags -1 -moreinfo +patch

I've attached a debdiff of the source packages, with a changelog
describing the changes.

Sincerely,
-- 
Harlan Lieberman-Berg
~hlieberman


signature.asc
Description: PGP signature

Bug#795765: Patch available in another bug

[Sunil Mohan]

Patch for this bug is available in another bug #795880.

-- 
Sunil



signature.asc
Description: OpenPGP digital signature

Bug#797292: regina-normal: FTBFS: undefined reference to `srchilite::Utils::toupper...

[Ben Burton]

Thanks for the report; I can reproduce the error here also.

I haven’t started digging yet for a resolution, but others may be ahead of me - 
see bug #797234 for the source-highlight package (on which regina-normal 
depends, and where the linking looks to be failing).

- Ben.

Bug#792833: (no subject)

[Harlan Lieberman-Berg]

tag 792833 -moreinfo +patch
thanks

OK, I am apparently having trouble with actually writing email messages
today.  First encrypting instead of signing, then forgetting to actually
attach the file... yikes.

Here we go - third time's the charm.

-- 
Harlan Lieberman-Berg
~hlieberman


ansible.debdiff
Description: Binary data


signature.asc
Description: PGP signature

Bug#797376: freedombox-setup: Don't remove SSH keys when installing on Debian

[Sunil Mohan Adapa]

Package: freedombox-setup
Version: 0.5
Severity: normal
Tags: patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

When freedombox-setup is installed on a Debian machine, the exising SSH keys
of the machine are destroyed.  This makes freedombox-setup unsuitable on a
machine that is already under use.

The attachted patch proposes that we delete the SSH keys from the FreedomBox
images but not remove the existing SSH keys when installing on Debian.  This
patch must be accompanied by a patch to freedom-maker that ensure that the
keys are not present on a FreedomBox image.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJV4q/mAAoJEDbDYUQMm8lxSYYP/R1FRlTfSbHmuYhXgeyip2Ub
1TIYh31O82bq3mc6dUkZaP4MYKLupFE2sbSr/VO/iEU4VIgnEEPMcG0kllDAxf4h
qsNHZEfbqhjAtQEUiQxVStxKIl6g8srqKgkhDY1JhlztI3TmV4NjseJLY9JlmcfB
d99mB1gn+QoP3sKoPE06sT/KadEmJ/NA1IB3veDSi0n4G7cyVDhEw3Fp3h9z2io7
F6I30Zt9Suw/WV30+5Uc7PUjhz5ajPiCE1WcNEFqIqmr5J+GTymyzoxKT4JMkB/S
KFYEwmCMBXqhVDDR+Gh1XiCsjRjHBS4SJvof+uOOcT4eFU2DxAJozoGalRW/2+rR
XYAGfKGU+UUxDSMfOtxW6YQDPLwMlrbpu0t5jDEjm7KaocFfHdQov7r7QbgLPj9c
N/xM1r96MIBJGc6TRhAhTM3qneXLiSuXK3vFFWfJiQa9TSXYiEhIZI+cN3LzVRZf
ApRtxE3J21hrr+HaMbZ1SeGSt6hvHMCbIJKkYV99jBVTaT4bcyIVjT+RpbyYxUkx
ZsVhZ+Nq3eJFYM/sM8XvauaRnbkjIvsSBJYxHnqtO8lWCwInN+h7N/nNdeZuqDxy
kJcPH8y6ghvNhMkD7OmSSlXxbxBBQdiNOndtKg96vdfRDlvnfMBVdZm+KJX/iBD/
UzGsbjuG6v2OKIBbsBZy
=0cdk
-END PGP SIGNATURE-
>From 6065d8b0e442170c5a212b87b220457a14c8367a Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Thu, 27 Aug 2015 22:38:47 +0530
Subject: [PATCH] Don't delete SSH keys

When users install FreedomBox on a Debian system, it should not wipe out
their existing SSH server keys.  This should only happen in an pre-build
image downloadable by many people so as to not have multiple servers
having the same set of keys.

This patch complements a change to freedom-maker that makes sure the SSH
server keys are not present on a built image.
---
 first-run.d/10_ssh-keys | 1 -
 setup.d/15_ssh-keys | 6 --
 2 files changed, 7 deletions(-)
 delete mode 100755 setup.d/15_ssh-keys

diff --git a/first-run.d/10_ssh-keys b/first-run.d/10_ssh-keys
index 43e7930..83bec4c 100755
--- a/first-run.d/10_ssh-keys
+++ b/first-run.d/10_ssh-keys
@@ -3,7 +3,6 @@
 . /lib/lsb/init-functions
 
 log_action_begin_msg "Creating SSH keys"
-rm -f /etc/ssh/ssh_host_*
 if dpkg-reconfigure openssh-server ; then
 log_action_end_msg 0
 else
diff --git a/setup.d/15_ssh-keys b/setup.d/15_ssh-keys
deleted file mode 100755
index bdcc8bb..000
--- a/setup.d/15_ssh-keys
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/sh
-
-# Make sure SSH keys are unique, and do not carry the ones generated
-# in the chroots into images.
-
-rm /etc/ssh/ssh_host_*
-- 
2.5.0

Bug#796379: jessie-pu: package bareos/14.2.1+20141017gitc6c5b56-3+deb8u1

[Evgeni Golov]

Hi Adam,

On Sat, Aug 29, 2015 at 03:34:19PM +0100, Adam D. Barratt wrote:

> Thanks, please feel free to upload.

Thanks! Uploaded.

Regards
Evgeni

-- 
Bruce Schneier can read and understand Perl programs.

Bug#797359: ITP: universal-ctags -- Generates an index (or tag) file of names found in source files

[Stefano Zacchiroli]

On Sun, Aug 30, 2015 at 12:44:44AM +0200, Víctor Cuadrado Juan wrote:
> * Package name: universal-ctags
> * URL : https://ctags.io/
>  A continuation of the exuberant-ctags implementation of the ctags

Hey, can you elaborate a bit on how universal-ctags compare to
exuberant-ctags? This is by no means an objection to packaging this, but
as a heavy user of exuberant-ctags for Debsources, I'm curious about how
the two compares, specifically in terms of performances and language
support.

Thanks!
-- 
Stefano Zacchiroli  . . . . . . .  z...@upsilon.cc . . . . o . . . o . o
Maître de conférences . . . . . http://upsilon.cc/zack . . . o . . . o o
Former Debian Project Leader . . . . . @zacchiro . . . . o o o . . . o .
« the first rule of tautology club is the first rule of tautology club »


signature.asc
Description: Digital signature

Bug#797377: freedombox-setup: Don't mess with core system files

[Sunil Mohan Adapa]

Package: freedombox-setup
Version: 0.5
Severity: normal
Tags: patch

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Currently, freedombox-setup overwrite many of the core system files eventhough
it does need to.  These files are

/etc/fstab
/etc/hosts
/etc/apt/sources.list

All of these changes are currently unnecessary.  The proposed patchset removes
code that does this and also provides a rationale.

I have performed the following tests on a full build image with patches
applied:

- - Tmpfs should be mounted.

- - cgroupsfs should be mounted.

- - /etc/hosts should be exactly like before the patch.

- - Cdrom sources should not be present in images.

I found that the hosts is missing two entries:
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix

That is actually the right thing to do according to:
https://bugs.debian.org/688090

- -- 
Sunil

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBAgAGBQJV4rLyAAoJEDbDYUQMm8lxfDwQAJUDmeNlnpGwqA1Myo0pEK5Y
jH3o6406H4104/X2Sj2jkYIJNOfnbXYH2jg17fitgPuvsqavWPldbqTP+WCN1fxE
fN1ugL/htVxCoHGhuylvgn5uoEOwcpIbhyVtw2nprbjaxEc0VbuucWdL319oeeg1
lUsMUI/C3dljGzqVLkCI/DQxYlVjJfUgYmStfR6V4pXXcwulKukZ5fS4ns1X073i
fVghSlmr6+UVTpsMob+DzzO/w1B9uK20fbxJo6F81LMXkzv+n7vkssIO6zr+X52O
tf2X21knoxnJRWPZSa7TZ1LEqiNNkVc67/+0w1qf/MCvfhl7SVYmfqVlnlTyhiMI
q638JLxw8V5M6C//Z1bnolN1A78tIg6Pm62s0FjuwR2BFfdfoeV8ajDjTM5YH8Kh
WgbWi9MZmQTvgPoaUow2pXO/Wv4shOP2Z/QROhjj+TYNmilY+TQsyWkY1ZMsMbz2
wFxArDvCDCPg+h71Gs0N7YtE+7Iu805VNHk7Ha6ouYdbOJLaW7x8KkbmfsVn5RND
3mzhAPakvPBD2AgRtJgs3FIQRZz0DETRrgDbz/6MPtS+4qb0mjLQhPNtwqis5Qpy
44feQTK+Ja9uvG0RdnlChr4BXnLMeYRjKNAsPkirf+Dd2QlJXr6i3LePl9WEP9NM
i8BkzoCwPDKJ70d6x3/2
=Ilp/
-END PGP SIGNATURE-
>From 921c01fc413ff0368d3847d00983486f13fc6fd2 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 28 Aug 2015 09:39:37 +0530
Subject: [PATCH 1/4] Don't add tmpfs to fstab

Systemd automatically mounts tmpfs on /tmp even when /etc/fstab does not
contain the entry.

By removing this line we are messing up the system a bit less for people
installing the freedombox-setup on their Debian machines.
---
 setup.d/10_hardware | 13 -
 1 file changed, 13 deletions(-)

diff --git a/setup.d/10_hardware b/setup.d/10_hardware
index ab52ff9..2d674e1 100755
--- a/setup.d/10_hardware
+++ b/setup.d/10_hardware
@@ -220,19 +220,6 @@ EOF
 echo "rtc_sunxi" >> /etc/initramfs-tools/modules
 }
 
-tmp_on_tmpfs() {
-if grep -q /tmp /etc/fstab ; then
-	:
-else
-	echo "info: adding /tmp/ as tmpfs to /etc/fstab"
-	cat >> /etc/fstab > /etc/fstab
-mount /sys/fs/cgroup
-fi
-
 # The Internet router / firewall container
 #create_lxc_box internet
-- 
2.5.0


>From e2ba5f77c2daf85f2133ca2b70aba372f941e6e6 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 28 Aug 2015 09:45:30 +0530
Subject: [PATCH 3/4] Don't write /etc/hosts

The hosts file setup by Debian by default on a debootstrap image is
sufficient.

By removing this we are messing up the system a bit less for people
installing the freedombox-setup on their Debian machines.
---
 setup.d/10_hardware | 14 --
 1 file changed, 14 deletions(-)

diff --git a/setup.d/10_hardware b/setup.d/10_hardware
index 2d674e1..da99469 100755
--- a/setup.d/10_hardware
+++ b/setup.d/10_hardware
@@ -243,17 +243,3 @@ esac
 
 echo "info: prevent macchanger from running automatically"
 sed -i 's/ENABLE_ON_POST_DOWN=yes/ENABLE_ON_POST_DOWN=no/' /etc/default/macchanger
-
-echo "info: rewriting /etc/hosts, leave host specific info to libnss-myhostname."
-cat > /etc/hosts 

Bug#794538: systemd / cross-building / failure in dpkg-gencontrol

[Steve Langasek]

Hi James,

On Fri, Aug 28, 2015 at 10:09:43PM -0400, James McCoy wrote:
> On Mon, Aug 24, 2015 at 12:49:58PM +0200, Johannes Schauer wrote:
> > Quoting Michael Biebl (2015-08-24 09:56:02)
> > > Am 24.08.2015 um 08:21 schrieb Johannes Schauer:
> > > > Quoting Helmut Grohne (2015-08-24 07:32:16)
> > > >> It is not clear how to implement :native for mk-build-deps, because it 
> > > >> does
> > > >> not differentiate between build architecture and host architecture. 
> > > >> Maybe the
> > > >> simplest fix would be to s/:native// in mk-build-deps and declare cross
> > > >> support unfixably broken. Dima Kogan already observed that it does not 
> > > >> work
> > > >> at all in #794538.

> > > > This is fixable. It has to be because building a binary package to 
> > > > satisfy
> > > > dependencies already works in other situations while still being 
> > > > cross-aware,
> > > > most notably in sbuild.

> > > > Namely, what mk-build-deps should do is to copy the sbuild behaviour:

> > > >  - use libdpkg-perl to parse and process the Build-{Depends,Conflicts}* 
> > > > fields
> > > >and filter architecture and profile restrictions correctly
> > > >  - change the meaning of its --arch option (this currently does some 
> > > > magic
> > > >depending on whether the source package has architecture specific 
> > > > build
> > > >dependencies or not):

> No, --arch shouldn't be repurposed to mean "produce a deb that satisfies
> cross-build requirements".  If you want to add new functionality, that's
> fine.  Just don't break existing functionality while you're at it.

> Something like "mk-build-deps --cross --arch $hostarch" would be
> acceptable.

What existing functionality does this break?  Using the --arch option to
mk-build-deps (with a foreign arch as argument), but not using the result
for purposes of cross-building, seems like an entirely theoretical use case
to me.

I'd actually been meaning for a while to talk to you about reopening bug
#565889 because that change completely broke cross-installability of
mk-build-deps --arch packages, which prior to that point worked for a great
number of packages.  That's entirely superseded by this bug now, which I'm
perfectly happy to see even if it means I will have to use an additional
--cross argument.

Thanks,
-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: Digital signature

Bug#794826: freedombox-setup: /home/fbx/README is executable

[Sunil Mohan]

On 08/13/2015 08:29 PM, Sunil Mohan Adapa wrote:
[...]
> Removing the executable is good thing.
> 
> However, we can go one step further to this and cleanup the README file.
>  I suggest the following:
> 
> Add files to /etc/update-motd.d/ to customize the login greeter message.
>  We can add a line there mentioning that FreedomBox user manual is
> available in /usr/share/doc/freedombox-setup/.
> 

The attached patch proposes to do the above.

It also unleashes the author's awe(some|full) art skills on the world
with a FreedomBox logo (feel free ignore that part of the patch :) in motd.

I have done the following tests on the full build image:

- Login should show FreedomBox motd followed by regular motd

- Should work in ssh login also

- Should have all type of manuals in /usr/share/doc/freedombox-setup

-- 
Sunil
From bd8830ee3cdde7890c1a28d778fee8792a938f4e Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 28 Aug 2015 17:36:27 +0530
Subject: [PATCH 1/2] Add motd and remove documentation in home dir

- Remove procedure to copy documentation to 'fbx' user's home directory.

- Indicate manual path in motd.

- FreedomBox logo in motd.

- Preserve existing motd.

- Cleanly remove when freedombox-setup package is removed.
---
 data/etc/update-motd.d/50-freedombox | 17 +
 debian/freedombox-setup.docs |  5 -
 debian/freedombox-setup.postinst | 12 
 doc/Makefile |  3 ---
 setup.d/45_user-doc  | 12 
 5 files changed, 33 insertions(+), 16 deletions(-)
 create mode 100755 data/etc/update-motd.d/50-freedombox
 delete mode 100755 setup.d/45_user-doc

diff --git a/data/etc/update-motd.d/50-freedombox b/data/etc/update-motd.d/50-freedombox
new file mode 100755
index 000..91a7012
--- /dev/null
+++ b/data/etc/update-motd.d/50-freedombox
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+cat <<"EOF"
+
+ .--.__.--.
+( \  / )
+ \ /\ /
+  \_   \/   _/
+   /\
+  (/\)
+   `--'  `--'
+
+   FreedomBox
+
+FreedomBox is a pure blend of Debian GNU/Linux.  FreedomBox manual is
+available in /usr/share/doc/freedombox-setup.
+EOF
diff --git a/debian/freedombox-setup.docs b/debian/freedombox-setup.docs
index d356aa9..d317f35 100644
--- a/debian/freedombox-setup.docs
+++ b/debian/freedombox-setup.docs
@@ -1 +1,4 @@
-doc/README.fbx-home
+doc/manual-jessie.txt
+doc/manual-jessie.pdf
+doc/manual-jessie.html
+doc/manual-jessie.epub
diff --git a/debian/freedombox-setup.postinst b/debian/freedombox-setup.postinst
index 9afcf41..c729555 100644
--- a/debian/freedombox-setup.postinst
+++ b/debian/freedombox-setup.postinst
@@ -19,4 +19,16 @@ if dpkg --compare-versions "$2" le "0.0.23" &&
 rmdir /var/freedombox
 fi
 
+# Setup motd
+if [ "$1" = "configure" ] && [ -f /etc/motd ] && [ ! -L /etc/motd ] ; then
+mkdir -p /etc/update-motd.d
+echo '#!/bin/sh' > /etc/update-motd.d/80-motd
+echo 'cat <<"EOF"' >> /etc/update-motd.d/80-motd
+cat /etc/motd >> /etc/update-motd.d/80-motd
+echo 'EOF' >> /etc/update-motd.d/80-motd
+chmod +x /etc/update-motd.d/80-motd
+rm /etc/motd
+ln -s ../var/run/motd /etc/motd
+fi
+
 #DEBHELPER#
diff --git a/doc/Makefile b/doc/Makefile
index 62a0d4a..538f79c 100644
--- a/doc/Makefile
+++ b/doc/Makefile
@@ -19,7 +19,6 @@ manual-jessie.html: manual-jessie.xml
 
 manual-jessie.txt: manual-jessie.xml
 	LC_ALL=C xmlto txt $^
-	cp $@ README.fbx-home
 
 manual-jessie.epub: manual-jessie.xml
 	LC_ALL=C xmlto epub $^
@@ -42,5 +41,3 @@ lint: manual-jessie.xml
 
 clean:
 	$(RM) manual-jessie.txt manual-jessie.pdf manual-jessie.html manual-jessie.epub manual-jessie.proc
-distclean: clean
-	$(RM) README.fbx-home
diff --git a/setup.d/45_user-doc b/setup.d/45_user-doc
deleted file mode 100755
index 4e28bcd..000
--- a/setup.d/45_user-doc
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Put documentation in the fbx users home directory, if it exist
-if [ -d /home/fbx ] ; then
-zcat /usr/share/doc/freedombox-setup/README.fbx-home.gz > /home/fbx/README
-chmod a+rx /home/fbx/README
-chown fbx /home/fbx/README
-else
-echo info: Not adding /home/fbx/README.
-fi
-- 
2.5.0


From 4fcb993cafaf427f8f40a03e47407b14a25e1075 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Sat, 29 Aug 2015 16:59:44 +0530
Subject: [PATCH 2/2] Add motd file to list of files to install

---
 debian/freedombox-setup.install | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/freedombox-setup.install b/debian/freedombox-setup.install
index 8bfed71..5f3b9a7 100644
--- a/debian/freedombox-setup.install
+++ b/debian/freedombox-setup.install
@@ -9,3 +9,4 @@ sbin/interface-detect usr/sbin
 sbin/tor-get-orport usr/sbin
 lxc-templates/lxc-debian-freedombox usr/share/lxc/templates
 avahi-service

Bug#791597: Remove apache2-mpm-worker from the depends list

[Sunil Mohan]

On 08/03/2015 08:36 PM, Sunil Mohan wrote:
[...]
> Here is my understanding:
> 
> apache2 package used to and still ships with all the mpm modules.  The
> extra mpm-* modules simply used to select one module or the other.  Now,
> those packages are all gone.  Depending on a package to select an MPM
> model is not possible now.  The mod-php5 now does an 'a2enmod
> mpm_prefork' instead of depending on the package.  I assume that this
> the preferred and only way to change apache's MPM now.
> 
> Earlier we explicitly chose mpm-worker and switched to mpm-prefork when
> needed (ownCloud).  With this patch we leave apache to pick its default
> MPM and switch to mpm-prefork when needed.  In any case, mpm-* packages
> are gone and MPM is selected using a2(dis|en)mod.
> 
> Perhaps I can test for something and make sure we are still good.  If
> debootstrap doesn't work, it should be easy to catch.
> 

The attached patch proposes to select Apache MPM prefork by default.

Since FreedomBox uses many PHP applications and PHP, at least on Debian,
needs single threaded process.  When switching to prefork MPM during the
installation of PHP applications, Apache restart is requried disrupting
connections to Plinth.  So, select it by default.

I have done the following tests on fully built image:

- Apache should be running as MPM prefork

- Plinth should be accessible.

-- 
Sunil
From ad5b7af8c5e6f2bc2efef8cae65b1b6fc6a9ec35 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Fri, 28 Aug 2015 18:01:26 +0530
Subject: [PATCH 1/2] Select Apache MPM prefork by default

Since FreedomBox uses many PHP applications and PHP, at least on Debian,
needs single threaded process.  When switching to prefork MPM during the
installation of PHP applications, Apache restart is requried disrupting
connections to Plinth.  So, select it by default.
---
 setup.d/90_apache2 | 4 
 1 file changed, 4 insertions(+)

diff --git a/setup.d/90_apache2 b/setup.d/90_apache2
index 802eaa7..e03e43c 100755
--- a/setup.d/90_apache2
+++ b/setup.d/90_apache2
@@ -4,6 +4,10 @@
 
 echo "Configuring Apache..."
 
+# enable non-multithreaded Apache worker model as there a many PHP
+# applications.
+a2enmod mpm_prefork
+
 # enable miscellaneous modules.
 a2enmod rewrite
 
-- 
2.5.0


From 23d2dce84974ffaab210252b5a7eb794d8325318 Mon Sep 17 00:00:00 2001
From: Sunil Mohan Adapa 
Date: Sat, 29 Aug 2015 17:06:55 +0530
Subject: [PATCH 2/2] Disable other MPMs

---
 setup.d/90_apache2 | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/setup.d/90_apache2 b/setup.d/90_apache2
index e03e43c..585f613 100755
--- a/setup.d/90_apache2
+++ b/setup.d/90_apache2
@@ -6,6 +6,8 @@ echo "Configuring Apache..."
 
 # enable non-multithreaded Apache worker model as there a many PHP
 # applications.
+a2dismod mpm_event
+a2dismod mpm_worker
 a2enmod mpm_prefork
 
 # enable miscellaneous modules.
-- 
2.5.0



signature.asc
Description: OpenPGP digital signature

Bug#795755: freedombox-setup: Cleanup LDAP setup process

[Sunil Mohan]

On 08/16/2015 09:44 PM, Sunil Mohan Adapa wrote:
[...]
> - Move PAM configs into files: PAM configuration files that go in
>   /usr/share/pam-configs/ are written out during setup process.  Instead ship
>   them as files in .deb.  This allows for proper upgrades to happen in future.
>   Note that to avoid clashes with any other package providing files with same
>   name, we need to suffix them with -plinth

Patch for this available in another bug.

-- 
Sunil



signature.asc
Description: OpenPGP digital signature

Bug#797378: dosemu: DPMI errors in same DOS programs

[Jerzy Wolinski]

Package: dosemu
Version: 1.4.0.7+20130105+b028d3f-2
Severity: grave
Justification: renders package unusable

Dear Maintainer,

Dosemu crashes some programs 

C:\>pkzip
 
PKZIP (R)   FAST!   Create/Update Utility   Version 2.50   03-01-1999
Copr. 1989-1999 PKWARE Inc.  All Rights Reserved.   Shareware Version
PKZIP Reg. U.S. Pat. and Tm. Off.  Patent No. 5,051,745
DPMI: Unhandled Exception 0e - Terminating Client
It is likely that dosemu is unstable now and should be rebooted
C:\>
 
At Aug, 2nd 2015 it worked. Dosemu has not been changed
since. It must be something new in linux kernel or libraries.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dosemu depends on:
ii  libasound2   1.0.29-1
ii  libc62.19-19
ii  libgpm2  1.20.4-6.1+b2
ii  libsdl1.2debian  1.2.15-11
ii  libslang22.3.0-2+b1
ii  libsndfile1  1.0.25-9.1
ii  libx11-6 2:1.6.3-1
ii  libxext6 2:1.3.3-1
ii  libxxf86vm1  1:1.1.4-1
ii  xfonts-utils 1:7.7+3

dosemu recommends no packages.

dosemu suggests no packages.

-- no debconf information

Bug#786830: wheezy-pu: package debian-security-support

[Adam D. Barratt]

On Sat, 2015-08-29 at 18:51 +0200, Moritz Mühlenhoff wrote:
> On Sat, Aug 29, 2015 at 04:15:55PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Mon, 2015-05-25 at 23:13 +0200, Moritz Muehlenhoff wrote:
> > > it has been requested multiple times to also provide
> > > debian-security-support for wheezy.
> > > 
> > > All the data relevant for wheezy is already present in the version
> > > in unstable, so this boils down to a simple rebuild.
> > > 
> > > I've tested the package on a wheezy system. May I upload?
> > 
> > Please go ahead, and let us know once the package hits NEW so that we
> > can poke the ftp team.
> 
> I've just uploaded it.

Thanks.

ftp-master, please could you process debian-security-support/wheezy from
NEW?

Regards,

Adam

Bug#797346: please enable parallel builds

[Joachim Reichel]

tag 797346 + pending
thanks

With -j4 the time for "dpkg-buildpackage -us -uc" goes down by 57%. Thanks!

Joachim

Bug#792716: RFS: fdkaac/0.6.2-1 [ITP] -- command line encoder frontend for libfdk-aac

[Gianfranco Costamagna]

Control: owner -1 !

Control: tags -1 moreinfo


Hi Marius.



some nitpicks:

1) please run a meld COPYING debian/copyright

I see some differences that are MIT/Expat and some minor
differences (like spaces and so on).

Since upstream is using a machine readable copyright I suggest to keep it
bit-bit identic and move maybe the differences (e.g. debian/* packaging) to the
end.

2) upstream provides a way to generate a manpage with pandoc, can you please 
run it?

3) d/rules:
I don't see the need to run manually autoreconf and cleaning manually the files.

Aren't you satisfied with a simple
"dh $@ --with autoreconf"

default call?

(note: I'm not an auto* fan, so I might miss some missing file or similar issue)

cheers,

G.

Bug#796979: got full stacktrace

[Pirate Praveen]

full stack trace in development mode


/usr/lib/ruby/vendor_ruby/devise_lastseenable/model.rb:7:in `stamp!'
/usr/lib/ruby/vendor_ruby/devise_lastseenable/hooks/lastseenable.rb:3:in
`block in '
/usr/lib/ruby/vendor_ruby/warden/hooks.rb:14:in `call'
/usr/lib/ruby/vendor_ruby/warden/hooks.rb:14:in `block in _run_callbacks'
/usr/lib/ruby/vendor_ruby/warden/hooks.rb:9:in `each'
/usr/lib/ruby/vendor_ruby/warden/hooks.rb:9:in `_run_callbacks'
/usr/lib/ruby/vendor_ruby/warden/manager.rb:53:in `_run_callbacks'
/usr/lib/ruby/vendor_ruby/warden/proxy.rb:179:in `set_user'
devise (3.5.1) lib/devise/controllers/sign_in_out.rb:43:in `sign_in'
devise (3.5.1) lib/devise/controllers/helpers.rb:235:in
`sign_in_and_redirect'
app/controllers/registrations_controller.rb:18:in `create'
/usr/lib/ruby/vendor_ruby/action_controller/metal/implicit_render.rb:4:in
`send_action'
/usr/lib/ruby/vendor_ruby/abstract_controller/base.rb:198:in
`process_action'
/usr/lib/ruby/vendor_ruby/action_controller/metal/rendering.rb:10:in
`process_action'
/usr/lib/ruby/vendor_ruby/abstract_controller/callbacks.rb:20:in
`block in process_action'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:115:in `call'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:115:in `call'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:553:in `block (2
levels) in compile'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:503:in `call'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:503:in `call'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:88:in
`run_callbacks'
/usr/lib/ruby/vendor_ruby/abstract_controller/callbacks.rb:19:in
`process_action'
/usr/lib/ruby/vendor_ruby/action_controller/metal/rescue.rb:29:in
`process_action'
/usr/lib/ruby/vendor_ruby/action_controller/metal/instrumentation.rb:32:in
`block in process_action'
/usr/lib/ruby/vendor_ruby/active_support/notifications.rb:164:in
`block in instrument'
/usr/lib/ruby/vendor_ruby/active_support/notifications/instrumenter.rb:20:in
`instrument'
/usr/lib/ruby/vendor_ruby/active_support/notifications.rb:164:in
`instrument'
/usr/lib/ruby/vendor_ruby/action_controller/metal/instrumentation.rb:30:in
`process_action'
/usr/lib/ruby/vendor_ruby/action_controller/metal/params_wrapper.rb:250:in
`process_action'
/usr/lib/ruby/vendor_ruby/active_record/railties/controller_runtime.rb:18:in
`process_action'
/usr/lib/ruby/vendor_ruby/abstract_controller/base.rb:137:in `process'
/usr/lib/ruby/vendor_ruby/action_view/rendering.rb:30:in `process'
/usr/lib/ruby/vendor_ruby/action_controller/metal.rb:196:in `dispatch'
/usr/lib/ruby/vendor_ruby/action_controller/metal/rack_delegation.rb:13:in
`dispatch'
/usr/lib/ruby/vendor_ruby/action_controller/metal.rb:237:in `block in
action'
/usr/lib/ruby/vendor_ruby/action_dispatch/routing/route_set.rb:76:in
`call'
/usr/lib/ruby/vendor_ruby/action_dispatch/routing/route_set.rb:76:in
`dispatch'
/usr/lib/ruby/vendor_ruby/action_dispatch/routing/route_set.rb:45:in
`serve'
/usr/lib/ruby/vendor_ruby/action_dispatch/routing/mapper.rb:49:in `serve'
/usr/lib/ruby/vendor_ruby/action_dispatch/journey/router.rb:43:in
`block in serve'
/usr/lib/ruby/vendor_ruby/action_dispatch/journey/router.rb:30:in `each'
/usr/lib/ruby/vendor_ruby/action_dispatch/journey/router.rb:30:in `serve'
/usr/lib/ruby/vendor_ruby/action_dispatch/routing/route_set.rb:821:in
`call'
/usr/lib/ruby/vendor_ruby/omniauth/builder.rb:59:in `call'
/usr/lib/ruby/vendor_ruby/rack/mobile-detect.rb:164:in `call'
/usr/lib/ruby/vendor_ruby/http_accept_language/middleware.rb:14:in `call'
/usr/lib/ruby/vendor_ruby/simple_captcha/middleware.rb:26:in `call'
/usr/lib/ruby/vendor_ruby/warden/manager.rb:35:in `block in call'
/usr/lib/ruby/vendor_ruby/warden/manager.rb:34:in `catch'
/usr/lib/ruby/vendor_ruby/warden/manager.rb:34:in `call'
/usr/lib/ruby/vendor_ruby/rack/etag.rb:24:in `call'
/usr/lib/ruby/vendor_ruby/rack/conditionalget.rb:38:in `call'
/usr/lib/ruby/vendor_ruby/rack/head.rb:13:in `call'
/usr/lib/ruby/vendor_ruby/remotipart/middleware.rb:27:in `call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/params_parser.rb:27:in
`call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/flash.rb:260:in
`call'
/usr/lib/ruby/vendor_ruby/rack/session/abstract/id.rb:225:in `context'
/usr/lib/ruby/vendor_ruby/rack/session/abstract/id.rb:220:in `call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/cookies.rb:560:in
`call'
/usr/lib/ruby/vendor_ruby/active_record/query_cache.rb:36:in `call'
/usr/lib/ruby/vendor_ruby/active_record/connection_adapters/abstract/connection_pool.rb:653:in
`call'
/usr/lib/ruby/vendor_ruby/active_record/migration.rb:377:in `call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/callbacks.rb:29:in
`block
in call'
/usr/lib/ruby/vendor_ruby/active_support/callbacks.rb:84:in
`run_callbacks'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/callbacks.rb:27:in
`call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middleware/reloader.rb:73:in
`call'
/usr/lib/ruby/vendor_ruby/action_dispatch/middlew

Bug#797379: system upgrade by systemd

[Michael Banck]

Package: network-manager
Severity: wishlist

On Sun, Aug 30, 2015 at 06:46:24AM +0200, Michael Meskes wrote:
> > It’s gnome-software in sid, or g-s-d in jessie, querying PackageKit for
> > updates.
> > The default policy is to not schedule any downloads when running on
> > battery or on a modem connection.
> 
> Which is not enough IMO. (W)LAN connections cannot be expected to not
> carry a penalty for download volume. Just think about the now standard
> way of going on-line while traveling, making your cell play access
> point. And at least in my area of the world no flat rate is really flat,
> at least it will be slowed down to crazy low numbers if you reach a
> certain threshold. Even worse, if you're roaming it'll cost a fortune.
 
In that case, the WLAN access point ("FooAP" or so) should be tagged as
"modem", not sure if n-m can do that.  Am trying to file a wishlist
bug for that by BCCing submit@.

But in general I think we want that our users get security updates ASAP,
so the current default looks mostly sane to me.  Maybe somebody knows a
shell on-liner along the line of systemd-inhibit or some d-bus call
which deactivates automatic download for the time being for "power
users" and/or tags a WLAN connection as "modem".


Michael

Bug#797381: tex-common: postinst tries to create a temporary file in /

[Robert Luberda]

Package: tex-common
Version: 6.02
Severity: serious
Justification: Policy 9.1

After `chattr +i /' the package fails to be configured, because it tries
to create some temporary file in the root directory:

   > sudo LC_ALL=C dpkg --configure -a
   Setting up tex-common (6.02) ...
   /usr/sbin/update-updmap: line 252: update-tl-conffile.texmf.new:
   Permission denied
   update-updmap: cannot write to the temporary file
   'update-tl-conffile.texmf.new'
   dpkg: error processing package tex-common (--configure):
subprocess installed post-installation script returned error exit status 1
   Errors were encountered while processing:
tex-common


The comments in update-updmap before the line 252 suggests that the file
should be created in the directory created in the line 234 instead, but
the script does not switch to the directory.


Regards,
robert

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (200, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.0.0-2-686-pae (SMP w/1 CPU core)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages tex-common depends on:
ii  dpkg  1.18.1
ii  ucf   3.0030

tex-common recommends no packages.

Versions of packages tex-common suggests:
ii  debhelper  9.20150628

-- debconf information excluded

Bug#796979: diaspora dependency status - help needed

[Pirate Praveen]

On Saturday 29 August 2015 09:51 PM, Pirate Praveen wrote:
> Hi,
> 
> Diaspora upstream is very sticky about matching exact versions of
> dependencies to patch releases (= x.y.z) for official support [1]. I'd
> like to make a good effort to get official support and the situation
> right now is like this.
> 
> Major version difference:
> 
> Only ruby-messagebus-api differ by a major version. Since diaspora is
> its only reverse dependency, I propose we upload the exact version
> required by diaspora as 3.0.7+git.20130130.97b34ece-2.REALLY.1.0.3
> 
> Minor version difference:
> 
> ruby-redcarpet differ by minor version. Since its ruby 2.2 tests are
> failing I need help updating it.
> 
> ruby-roxml has a newer release in debian, but upstream is reluctant to
> update it as it is a core dependency.
> 
> Option 1: Test upstream with the new version and convince them to update it.
> Option 2: embed the required version until the issue is solved upstream.
> 
> I will try option 1 and if that does not work in a reasonable amount of
> time (say 1 month), I will go for option 2. Any help is welcome.
> 
> Tiny/Patch release difference:
> 
> rails-timeago: It seems upstream is reluctant because of a bug in the
> new version. I don't know if it is really worth embedding it.
> 
> 
> rails-assets-jquery: Need to test menus once #796979 is resolved (this
> bug needs some help in solving). It was not working earlier with jquery
> 1.7. I hope new 1.13 version works.
> 
> compass-rails, sass-rails, I hope diaspora will catch up, I will also
> check with upstream if the newer versions in debian works.
> 
> devise_lastseenable/#796979: I will test if switching
> ruby-devise-lastseenable to 0.0.4 will solve it.

Indeed this was the issue, so its all the more making sense to blindly
follow Gemfile.lock or at least Gemfile of diaspora upstream.

> sidekiq: I think current situation is okay, but I will try if older
> version can fix #796979
> 
> Except these 9 gems, 260+ dependencies (including chains) are in sync.
> 
> [1] https://wiki.debian.org/Teams/Ruby/UpstreamPledge
> 




signature.asc
Description: OpenPGP digital signature

Bug#797340: choose-mirror: use httpredir.debian.org by default

[Philipp Kern]

On Sat, Aug 29, 2015 at 01:05:07PM -0400, Michael Gilbert wrote:
> This article [0] had some extensive complaints about Debian, one of
> which is that the installer has too many screens (apparently 20 in
> their case).
> 
> Setting a default mirror without user intervention would nicely save 3
> of those steps, and httpredir.debian.org is in many ways the ideal
> mirror selection anyway.

I have seen issues with this. It might be good for the general case of
apt where you see what the failure is and can retry if needed. But in
the US it caused me some aborted installations because there was some
mirror in the rotation that was broken. debian-installer - I guess in
this case debootstrap - does not retry a broken file. (apt also doesn't
do that but it's harder to figure out in d-i what's going on.)

Kind regards
Philipp Kern


signature.asc
Description: Digital signature

Bug#794538: systemd / cross-building / failure in dpkg-gencontrol

[Jakub Wilk]

Hi Steve!

* Steve Langasek , 2015-08-30, 00:45:
No, --arch shouldn't be repurposed to mean "produce a deb that 
satisfies cross-build requirements".  If you want to add new 
functionality, that's fine.  Just don't break existing functionality 
while you're at it.


Something like "mk-build-deps --cross --arch $hostarch" would be 
acceptable.


What existing functionality does this break?  Using the --arch option 
to mk-build-deps (with a foreign arch as argument), but not using the 
result for purposes of cross-building, seems like an entirely 
theoretical use case to me.


From time to time I use mk-build-deps on my development machine, then 
install the resulting binary in a chroot, which is not necessary of the 
same architecture. I couldn't use mk-build-deps directly in the chroot, 
because there's no devscripts installed there.


If the package had architecture-specific build dependencies, then I 
would have to use -a in this scenario, even though there's no 
cross-building involved.


--
Jakub Wilk

Bug#797383: please enable more architectures (mips64, mips64el, x32)

[Helmut Grohne]

Source: libseccomp
Version: 2.2.3-1
Severity: wishlist
Tags: patch
User: helm...@debian.org
Usertags: rebootstrap

While bootstrapping new architectures I noticed that systemd should
probably depend on libseccomp-dev for more architectures, but the reason
it doesn't seems to be that libseccomp is not enabled for those. In
particular, I am missing mips64, mips64el and x32. I assume that
mips64el will become a release architecture for stretch.

Please consider applying the following patch:

sed -i '/^Architecture:/s/$/ mips64 mips64el x32/' debian/control

I tested cross building this for x32 and a look at the source indicates
that it will just work for the other two as well.

Helmut

Bug#792716: RFS: fdkaac/0.6.2-1 [ITP] -- command line encoder frontend for libfdk-aac

[Marius Gavrilescu]

New package is on mentors. As before, you can run

dget -x 
http://mentors.debian.net/debian/pool/contrib/f/fdkaac/fdkaac_0.6.2-1.dsc

to get it.

Gianfranco Costamagna  writes:

> 1) please run a meld COPYING debian/copyright
>
> I see some differences that are MIT/Expat and some minor
> differences (like spaces and so on).

Quoting from [0]:
> There are many versions of the MIT license. Please use Expat instead,
> when it matches.

Then, the COPYING file has a bug (License: BSD for src/lpc.h instead of
BSD-style). I fixed it in my d/copyright.

The only differences left are an extra newline (that I've now added in
d/copyright), and a space at the end of a line in COPYING (which is
considered bad practice, so I didn't add it in d/copyright).

[0]: http://dep.debian.net/deps/dep5/

> 2) upstream provides a way to generate a manpage with pandoc, can you
> please run it?

Done. I've also removed d/docs since the README file is the source of
the manpage and therefore there is no need to install it.

> 3) d/rules:
> I don't see the need to run manually autoreconf and cleaning manually
> the files.
>
> Aren't you satisfied with a simple
> "dh $@ --with autoreconf"
>
> default call?

I was unaware of dh-autoreconf. I've updated d/rules and d/control to
use it. Thanks for the suggestion!
-- 
Marius Gavrilescu


signature.asc
Description: PGP signature

Bug#792833: ansible 1.7.2+dfsg-2+deb8u1

[Julien Cristau]

On Sun, Aug 30, 2015 at 03:21:13 -0400, Harlan Lieberman-Berg wrote:

> ++with open(in_path, 'rb') as in_file:
> ++try:
> ++p = self._buffered_exec_command('dd of=%s bs=%s' % 
> (out_path, BUFSIZE), None, stdin=in_file)
> ++except OSError:
> ++raise errors.AnsibleError("chroot connection requires 
> dd command in the chroot")

This error message doesn't seem right.  If dd is not in the chroot,
exec("chroot") will still work, and you won't get an answer until later
when checking returncode?

Cheers,
Julien

> ++try:
> ++stdout, stderr = p.communicate()
> ++except:
> ++traceback.print_exc()
> ++raise errors.AnsibleError("failed to transfer file %s 
> to %s" % (in_path, out_path))
> ++if p.returncode != 0:
> ++raise errors.AnsibleError("failed to transfer file %s 
> to %s:\n%s\n%s" % (in_path, out_path, stdout, stderr))
> + except IOError:
> +-traceback.print_exc()
> +-raise errors.AnsibleError("failed to transfer file to %s" % 
> out_path)
> ++raise errors.AnsibleError("file or module does not exist at: 
> %s" % in_path)
> + 


signature.asc
Description: Digital signature

Bug#769542: rss2email: option for disabling certificate verification

[intrigeri]

Hi,

Jakub Wilk wrote (19 Nov 2014 13:52:42 GMT) :
>>>Please add an option to disable certificate verification.

> I forgot to mention that I would prefer if it was possible to disable 
> verification
> only for selected feeds.

Same here :)

> But if that's difficult to implement, I can live with a global
> option, too.

I personally could not: some of my feed URLs include secret tokens.

Cheers,
--
intrigeri

Bug#797384: debmirror: i18n hash sums not checked

[core]

Package: debmirror
Version: 1:2.16
Severity: normal
Tags: upstream patch

Dear Maintainer,

When I use debmirror to download i18n, files checksums are not checked.
I believe if the checksums for i18n files are available, it should be
verified.

Not failing when upstream has broken i18n files lead to such issues when
running `apt-get update`:

W: Failed to fetch http://some.custom.mirror/.../main/i18n/Translation-en
Hash Sum mismatch

Thank you!

-- System Information:
Debian Release: 8.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages debmirror depends on:
ii  bzip2   1.0.6-7+b3
pn  libdigest-md5-perl  
ii  liblockfile-simple-perl 0.208-1
ii  libnet-inet6glue-perl   0.603-1
ii  libwww-perl 6.08-1
ii  perl [libdigest-sha-perl]   5.20.2-3
ii  perl-modules [libnet-perl]  5.20.2-3
ii  rsync   3.1.1-3

Versions of packages debmirror recommends:
ii  ed 1.10-2
ii  gpgv   1.4.18-7
ii  patch  2.7.5-1

Versions of packages debmirror suggests:
ii  gnupg  1.4.18-7

-- no debconf information
Index: debmirror/debmirror
===
--- debmirror-2.15ubuntu1.orig/debmirror	2013-11-20 01:46:16.0 +
+++ debmirror-2.15ubuntu1/debmirror	2015-08-30 08:13:44.468167045 +
@@ -2420,6 +2420,9 @@
   foreach my $file (sort keys %i18n_get) {
 if (! check_i18n("$tempdir/$file", $i18n_get{$file}{size}, $i18n_get{$file}{sha1})) {
   remote_get("$file");
+  if (! check_file(filename => "$tempdir/$file", size => $i18n_get{$file}{size}, SHA1 => $i18n_get{$file}{sha1})) {
+die "Checksum incorrect for upstream file: $file";
+  }
   if ($debmarshal) {
 	link_translation_into_snapshot($file,
    $i18n_get{$file}{dist},

Bug#792871: python-daemon: signal_map ‘str’ names cause TypeError on Python 2

[Ben Finney]

Control: package python-daemon
Control: tags -1 confirmed
Control: retitle -1 python-daemon: signal_map ‘str’ names cause TypeError in 
Python 2

On 19-Jul-2015, Arthur de Jong wrote:

> The attached patch uses basestring instead of unicode for comparison
> which ensures that the correct terminate handler is installed as
> documented.

Thank you. This fix (along with new unit tests for both Python 2 and
Python 3 behaviour) has been incorporated upstream, and released as
version 2.0.6 https://pypi.python.org/pypi/python-daemon/2.0.6>.

Can you confirm that fixes the behaviour you're seeing? I will package
that version and note it corrects this bug.

-- 
 \   “Instead of having ‘answers’ on a math test, they should just |
  `\   call them ‘impressions’, and if you got a different |
_o__)   ‘impression’, so what, can't we all be brothers?” —Jack Handey |
Ben Finney 


signature.asc
Description: Digital signature

Bug#797304: jessie-pu: package rsyslog/8.4.2-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 16:24 +0200, Michael Biebl wrote:
> Am 29.08.2015 um 15:58 schrieb Adam D. Barratt:
> > Control: tags -1 + confirmed
> > 
> > On Sat, 2015-08-29 at 15:42 +0200, Michael Biebl wrote:
> >>> I'd like to make a stable upload for rsyslog.
> >>> The postgresql output plugin had a grave bug, which makes it basically
> >>> unusable [1]. The patch has been in unstable/testing for a while and is
> >>> now part of the 8.12.0 upstream release.
> >>>
> >>> Debdiff attached.
> >>
> >> Reading the debian/changelog entry again, I noticed that it is
> >> misleading, so I rephrased it a bit.
> > 
> > Please go ahead (bearing in mind that the window for 8.2 closes at some
> > point this weekend).
> 
> Uploaded.

and flagged for acceptance.

Regards,

Adam

Bug#795706: jessie-pu: package pdf.js/1.0.907+dfsg-1~deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 10:45 -0400, David Prévot wrote:
> Hi,
> 
> On Sat, Aug 29, 2015 at 03:24:57PM +0100, Adam D. Barratt wrote:
> > On Sun, 2015-08-16 at 13:45 +0200, David Prévot wrote:
> > > The latest iceweasel major update in stable broke xul-ext-pdf.js.
> 
> > Please go ahead.
> 
> Uploaded, thanks.

Flagged for acceptance.

Regards,

Adam

Bug#795491: jessie-pu: package tabmixplus/0.4.1.8-1~deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 10:57 -0400, David Prévot wrote:
> Hi,
> 
> Le 29/08/2015 10:20, Adam D. Barratt a écrit :
> > On Fri, 2015-08-14 at 18:02 +0200, David Prévot wrote:
> >> The latest iceweasel major update in stable broke tabmixplus (#795361).
> 
> > +tabmixplus (0.4.1.8-1~deb8u1) Jessie; urgency=medium
> > 
> > I'm not sure that the capitalised suite names works there. Other than
> > that, please feel free to go ahead.
> 
> Uploaded with a fixed changelog, thanks!

Flagged for acceptance.

Regards,

Adam

Bug#796379: jessie-pu: package bareos/14.2.1+20141017gitc6c5b56-3+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sun, 2015-08-30 at 09:28 +0200, Evgeni Golov wrote:
> Hi Adam,
> 
> On Sat, Aug 29, 2015 at 03:34:19PM +0100, Adam D. Barratt wrote:
> 
> > Thanks, please feel free to upload.
> 
> Thanks! Uploaded.

Flagged for acceptance.

Regards,

Adam

Bug#795271: jessie-pu: package requestpolicy/0.5.29-1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 10:55 -0400, David Prévot wrote:
> Hi,
> 
> Le 29/08/2015 10:09, Julien Cristau a écrit :
> > On Wed, Aug 12, 2015 at 14:55:39 +0200, David Prévot wrote:
> 
> >> The latest iceweasel coming from security.d.o is breaking
> >> xul-ext-requestpolicy (#786565).
> 
> > Feel free to upload to jessie.
> 
> Uploaded, thanks.

Flagged for acceptance, thanks.

Regards,

Adam

Bug#797209: jessie-pu: package grub-installer/1.117+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 17:22 +0200, Cyril Brulebois wrote:
> Adam D. Barratt  (2015-08-29):
> > Control: tags -1 + confirmed
> > 
> > On Fri, 2015-08-28 at 17:26 +0200, Cyril Brulebois wrote:
> > > Ian prepared a backport of a fix to grub-installer, which currently
> > > fails to propagate a variable to the installed system. Changelog entry:
> > > | grub-installer (1.117+deb8u1) jessie; urgency=medium
> > > | 
> > > |   [ Ian Campbell ]
> > > |   * Correctly propagate grub-installer/force-efi-extra-removable to 
> > > installed
> > > | system. (Closes: #792247).
> > > | 
> > > |  -- Cyril Brulebois   Fri, 28 Aug 2015 17:20:01 +0200
> > > 
> > > and patch attached.
> > > 
> > > Please tell us whether that looks OK and if timing for next point
> > > release still allows that.
> > 
> > If you're confident in the fix then please go ahead (bearing in mind the
> > time constraints, as you mentioned).
> 
> Uploaded; fixing the (missing) first fix (package name) in the
> debconf-set-selections call looks something sane enough to me.

Flagged for acceptance, thanks.

Regards,

Adam

Bug#797328: jessie-pu: package systemd/215-17+deb8u2

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 18:28 +0200, Michael Biebl wrote:
> Am 29.08.2015 um 18:00 schrieb Adam D. Barratt:
> > In that case, I guess we can go ahead with the targetted fix for stable;
> > thanks.
> 
> Uploaded.
> 
> Thanks for the quick response!

Flagged for acceptance, thanks.

Regards,

Adam

Bug#797201: jessie-pu: package bird/1.4.5-1+deb8u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 09:05 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Fri, 2015-08-28 at 15:27 +0200, Ondřej Surý wrote:
> > this is a simple patch that help migrate /etc/bird6.conf to
> > /etc/bird/bird6.conf as the /etc/bird6.conf was provided in bird6
> > package in wheezy (and that was dropped in jessie).  The d-m-s call
> > missed an old package name, that is fixed here.  (Courtesy of
> > Christopher Biebl)
> 
> Please go ahead, bearing in mind that the window for 8.2 closes this
> weekend.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#797213: wheezy-pu: package partconf/1.40+deb7u1

[Adam D. Barratt]

Control: tags -1 + pending

On Sat, 2015-08-29 at 09:00 +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Fri, 2015-08-28 at 17:40 +0200, Cyril Brulebois wrote:
> > A fix for a very old bug was committed during the jessie release
> > cycle, but I had been initially reluctant to pushing it for a point
> > release as it had received little testing. It's been a very long time
> > now, and I'm not aware of related regressions, so let's go for it?
> > 
> > Changelog entry:
> > | partconf (1.40+deb7u1) wheezy; urgency=low
> > | 
> > |   [ Milan Kupcevic ]
> > |   * Exclude CD/DVD drives from partition search. (thanks, Frank Fegert)
> > | Closes: #332227
> 
> Please go ahead.

Uploaded and flagged for acceptance.

Regards,

Adam

Bug#797343: git-buildpackage: Better wording in gbp-dch manpage

[Guido Günther]

Hi,
On Sat, Aug 29, 2015 at 07:59:36PM +0200, Rafael Laboissiere wrote:
> Package: git-buildpackage
> Version: 0.6.32
> Severity: minor
> Tags: patch
> 
> In the manpage for gbp-dch, there is the following sentence:
> 
> "Instead of Gbp-Dch the deprecated Git-Dch is still supported."
> 
> The preposition "instead of" sounds strange here, lending to the meaning
> that the "Git-Dch" is used in place of "Gbp-Dch".  The wording could be
> improved, for instance:
> 
> "In addition to Gbp-Dch, the deprecated Git-Dch is still supported."
> 
> as per the patch here attached.

Applied. Thanks!
 -- Guido

Bug#797343: [git-buildpackage/master] docs: improve Gbp-Dch vs Git-Dch wording

[Rafael Laboissiere]

tag 797343 pending
thanks

Date:   Sat Aug 29 19:59:36 2015 +0200
Author: Rafael Laboissiere 
Commit ID: cd6d7daa84cd3fe5e377bf3622f9e24a356cbe2a
Commit URL: 
https://honk.sigxcpu.org/gitweb/?p=git-buildpackage.git;a=commitdiff;h=cd6d7daa84cd3fe5e377bf3622f9e24a356cbe2a
Patch URL: 
https://honk.sigxcpu.org/gitweb/?p=git-buildpackage.git;a=commitdiff_plain;h=cd6d7daa84cd3fe5e377bf3622f9e24a356cbe2a

docs: improve Gbp-Dch vs Git-Dch wording

In the manpage for gbp-dch, there is the following sentence:

"Instead of Gbp-Dch the deprecated Git-Dch is still supported."

The preposition "instead of" sounds strange here, lending to the meaning
that the "Git-Dch" is used in place of "Gbp-Dch".  The wording could be
improved, for instance:

"In addition to Gbp-Dch, the deprecated Git-Dch is still supported."

Closes: #797343

A snapshot build including this change will be available at
http://honk.sigxcpu.org:8001/job/git-buildpackage/
  

Bug#790316: pinentry-gnome3: sometimes refuses to provide passphrase to agent

[Raphael Hertzog]

On Sat, 27 Jun 2015, brian m. carlson wrote:
> No window appears during the signing attempt, whether it is successful
> or unsuccessful.

Can you "sudo strace -f -s 128 -p $(pidof gpg-agent)", try to sign
something and see if you can find an error message that looks like this
one in the output ?

[pid  9901] write(2, "\n** (pinentry:9901): WARNING **: couldn't create prompt 
for gnupg passphrase: Cannot autolaunch D-Bus without X11 $DISPLAY\n", 123) = 
123

See my recent analysis in http://bugs.debian.org/795368.

My bet is that you have encountered the same problem as me.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/

Bug#795368: gnupg-agent: Fails to function as a SSH agent with smartcard

[Raphael Hertzog]

Hello,

On Thu, 13 Aug 2015, Mark Brown wrote:
> Version: 2.0.28-3

In my case I have the problem with 2.1.7-2. 

> After some recent upgrades I am no longer able to use a GnuPG smartcard
> to authenticate with remote systems using SSH.  I have gnupg-agent
> configured as my SSH and am able to see the key with ssh-add -l but if I
> try to connect to a remote system SSH displays the error "Agent admitted
> failure to sign using the key.".

I saw this only with SSH from testing, not with the SSH from unstable.
But even with the version in unstable it did not manage to use the key
even though it's correctly listed in "ssh-add -L".

I debugged this further and it seems that the problem lies in the way that
the agent is started. In my case, it's started by
/etc/X11/Xsession.d/90gpg-agent because I have "use-gpg-agent" in
/etc/X11/Xsession.options.

$ sudo cat /proc/7819/environ | sed -e "s/\x0/\n/g"
USER=rhertzog
LC_TIME=fr_FR.UTF-8
XDG_SEAT=seat0
HOME=/home/rhertzog
DESKTOP_SESSION=gnome
LC_MONETARY=fr_FR.UTF-8
LOGNAME=rhertzog
USERNAME=rhertzog
XDG_SESSION_ID=11
WINDOWPATH=7:7:7:7
PATH=/home/rhertzog/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
GDM_LANG=fr_FR.utf8
XDG_RUNTIME_DIR=/run/user/1000
DISPLAY=:1
LANG=fr_FR.utf8
XDG_CURRENT_DESKTOP=GNOME
XDG_SESSION_DESKTOP=gnome
XAUTHORITY=/var/run/gdm3/auth-for-rhertzog-C022ZV/database
SHELL=/bin/bash
GDMSESSION=gnome
LC_MEASUREMENT=fr_FR.UTF-8
XDG_VTNR=7
PWD=/home/rhertzog
XDG_DATA_DIRS=/usr/share/gnome:/usr/local/share/:/usr/share/
LC_NUMERIC=fr_FR.UTF-8
LC_PAPER=fr_FR.UTF-8

In particular it seems worth noting that the environment does
not have any DBUS_SESSION_BUS_ADDRESS yet.

Now when I enable debug log of gpg-agent I saw this:
2015-08-30 10:50:01 gpg-agent[7819] starting a new PIN Entry
2015-08-30 10:50:02 gpg-agent[7819] DBG: connection to PIN entry established
2015-08-30 10:50:02 gpg-agent[7819] DBG: error calling pinentry: Opération 
annulée 
2015-08-30 10:50:02 gpg-agent[7819] DBG: chan_7 -> CAN
2015-08-30 10:50:02 gpg-agent[7819] DBG: chan_7 <- ERR 100663573 L'appel IPC a 
été annulé 
2015-08-30 10:50:02 gpg-agent[7819] DBG: chan_7 -> CAN
2015-08-30 10:50:02 gpg-agent[7819] DBG: chan_7 <- ERR 100663571 Commande IPC 
inconnue 
2015-08-30 10:50:02 gpg-agent[7819] smartcard signing failed: Opération annulée
2015-08-30 10:50:02 gpg-agent[7819] ssh sign request failed: Opération annulée 


There are french strings here, but it says "operation canceled", "IPC call got 
canceled"...

Going further I straced gpg-agent and saw this (cleaned up a bit):
[pid  9900] write(12, "GETPIN", 6 
[pid  9901] <... read resumed> "GETPIN", 1002) = 6
[pid  9900] <... write resumed> )   = 6
[...]
[pid  9901] eventfd2(0, O_NONBLOCK|O_CLOEXEC) = 5
[pid  9901] write(5, "\1\0\0\0\0\0\0\0", 8) = 8
[...]
[pid  9901] open("/var/lib/dbus/machine-id", O_RDONLY) = 6
[pid  9901] fstat(6, {st_mode=S_IFREG|0644, st_size=33, ...}) = 0
[pid  9901] read(6, "aa07449049f342009b491bfa00cf9f19\n", 33) = 33
[pid  9901] close(6)= 0
[pid  9901] poll([{fd=5, events=POLLIN}], 1, 0) = 1 ([{fd=5, revents=POLLIN}])
[pid  9901] write(5, "\1\0\0\0\0\0\0\0", 8) = 8
[pid  9901] futex(0x10f6580, FUTEX_WAKE_PRIVATE, 2147483647) = 0
[pid  9901] write(2, "\n** (pinentry:9901): WARNING **: couldn't create prompt 
for gnupg passphrase: Cannot autolaunch D-Bus without X11 $DISPLAY\n", 123) = 
123
[pid  9901] write(1, "ERR 83886179 Op\303\251ration annul\303\251e ", 
43) = 43
[pid  9900] <... read resumed> "ERR 83886179 Op\303\251ration annul\303\251e 
", 1002) = 43
[pid  9901] write(1, "\n", 1 
[pid  9900] read(8,  
[pid  9901] <... write resumed> )   = 1
[pid  9900] <... read resumed> "\n", 959) = 1
[pid  9901] read(0,  
[pid  9900] stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=2945, ...}) = 0
[pid  9900] write(3, "2015-08-30 10:50:02 gpg-agent[7819] DBG: error calling 
pinentry: Op\303\251ration annul\303\251e \n", 2)  = 2
[pid  9900] write(12, "BYE", 3) = 3

So the problem is that /usr/bin/pinentry fails. On my GNOME 3 system
it actually points to /usr/bin/pinentry-gnome3.

And effectively I can recreate the error message with this:
$ env -u DBUS_SESSION_BUS_ADDRESS -u DISPLAY LANG=C /usr/bin/pinentry-gnome3 
--display :1
OK Pleased to meet you
GETPIN

** (pinentry-gnome3:11624): WARNING **: couldn't create prompt for gnupg 
passphrase: Cannot autolaunch D-Bus without X11 $DISPLAY
ERR 83886179 Operation cancelled 


If i restart the gpg-agent in the running session, then it works fine.  So
I just have to kill it and restart "gpg-agent --daemon" from a graphical
terminal and it works fine again.

My guess is thus that:
1/ gpg-agent drops the DISPLAY environment variable (and only passes it
   through the command line option --display)
2/ pinentry-gnome3 does not reinject it in its own environement
3/ gpg-agent keeps the DBUS_SESSION_BUS_ADDRESS variable if it's in the
   environment and effectively hides the former problem when it's started
   fro

Bug#730084: Potential removal - python-irc

[Ben Armstrong]

On 29/08/15 07:12 PM, Iain R. Learmonth wrote:
> ...
> Ben Armstrong  (xpilot-ng-common)
> ...
> I'm not familiar with these packages that are depending on python-irc, but
> if you would like to continue to have them depend on python-irc, please
> update bug #730084.
>
> As this package is now almost 2 years behind upstream and has been orphaned
> for a considerable time, I may request removal of this package unless I hear
> otherwise from you.
>

If it came down to it and python-irc were removed, xpngcc (a
python-based launcher for the game) would need to be patched to remove
or replace the 'Support and Chat' option. While that would not be ideal,
and I'd rather not have to lose functionality, I could live with it, as
it's not core functionality required by the game.

So, yes, I'm interested in seeing python-irc continue to be maintained,
if someone is available to do the work, but it's not something I'm
personally interested in taking on.

Ben

Bug#682580: [bug-gettext] Bug#682580: xgettext: fails to properly replace some placeholders in output .pot (PACKAGE, YEAR, C. HOLDER) (fwd)

[Francesco Poli]

On Thu, 27 Aug 2015 12:16:10 +0900 Daiki Ueno wrote:

> Francesco Poli  writes:
> 
> > I would definitely prefer to see xgettext changed, rather than having
> > to do sed or awk tricks to post-process its output.
> > So, to me, (4) is the least preferred option.
> 
> Sorry, I am not convinced.  Again, I am reluctant to add a new option to
> xgettext for a niche feature, without good reason.  Do you have any
> practical reason for that?

I thought the practical reason was clear: I want to automatically
generate a .pot template file from the program source, ready to be sent
to prospective translators.
xgettext seems to be a suitable tool to achieve this goal.
But the .pot template has to include the correct copyright notices,
assuming it indeed has to include any copyright notice.

Just having a .pot template file which says

  # Copyright (C) YEAR Python Software Foundation

when there are actually more copyright holders, is misleading and
confusing (and is vague with respect to the copyright years).

So, I am left with two options:

  • I post-process the .pot template generated by xgettext and insert
the correct copyright notices: this can be done by hand (boring and
error prone!) or automatically, for instance, with some sed or awk
trick (but then, why does xgettext have the --copyright-holder option
in the first place?!?)

  • I tell prospective translators to edit the fake copyright notice
and replace it with the correct copyright notices (boring for
translators and even more error prone!)


At this point I am really puzzled. The --copyright-holder option is
currently inadequate to make sure the .pot template file has the
correct copyright notices in place.

Hence, xgettext should have appropriate options to insert the correct
copyright notices.

Or, alternatively, it should drop the --copyright-holder option
entirely and produce a .pot file with

  # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER

replaced by

  # This file is copyrighted by the PACKAGE package's copyright holders
  # and by the translators listed below.

Of course, PACKAGE should be replaced by the argument of the
--package-name option, where available.

This way, we could do the following:

  $ xgettext --package-name=myapplication --package-version=0.1 \
 --language=python myapplication.py -o myapplication3.pot
  $ cat myapplication3.pot 
  # SOME DESCRIPTIVE TITLE.
  # This file is copyrighted by the myapplication package's copyright holders
  # and by the translators listed below.
  # This file is distributed under the same license as the myapplication 
package.
  # FIRST AUTHOR , YEAR.
  #
  #, fuzzy
  msgid ""
  msgstr ""
  "Project-Id-Version: myapplication 0.1\n"
  "Report-Msgid-Bugs-To: \n"
  "POT-Creation-Date: 2012-07-23 22:49+0200\n"
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
  "Last-Translator: FULL NAME \n"
  "Language-Team: LANGUAGE \n"
  "Language: \n"
  "MIME-Version: 1.0\n"
  "Content-Type: text/plain; charset=CHARSET\n"
  "Content-Transfer-Encoding: 8bit\n"

  #: myapplication.py:6
  msgid "This is a translatable string."
  msgstr ""


> 
> My reasons for preferring (4) to (3) are:
[...]
> - that fits better in the Unix philosophy, which suggests to accomplish
>   larger tasks by combining small tools

As far as I understand the Unix design philosophy, there should be
small tools that do one thing (or, at most, a few things) and do it
well.
xgettext should generate a .pot template file and generate a good one.
In my own humble opinion, xgettext is currently failing at generating a
good .pot template file, as far as copyright notices are concerned.

I hope all this makes sense to you.
Please let me know, thanks for your time and patience!   :-)



-- 
 http://www.inventati.org/frx/
 There's not a second to spare! To the laboratory!
. Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE


pgps2sfuByZqa.pgp
Description: PGP signature

Bug#795131: test deb for bug 795131

[Rene Engelhard]

Hi,

On Sat, Aug 29, 2015 at 04:34:47AM +0200, Rene Engelhard wrote:
> which is 
> http://cgit.freedesktop.org/libreoffice/core/commit/?id=e5539b0b53ebaf9b792652e4866eeacf8c10b101
> 
> Would be nice if you could retry with 
> https://people.debian.org/~rene/libreoffice/test/795131/libreoffice-gtk3_5.0.1-1_amd64.deb
>  as you know how to reproduce
> best.

Sorry, I have been to impatient to wait for an answer (because there were
other important fixes - like fixing the help... - due) so I uploaded that now.

And as I had  it already committed..

I was able to reproduce the crashes with diodon, but didn't get them anymore
with 5.0.1-1 in my quick attempts...

Reopen this if it still fails...

Regards,
 
Rene

Bug#797362: [Pkg-openssl-devel] Bug#797362: libssl-dev: man page for ASN1 section 3 missing

[Kurt Roeckx]

On Sun, Aug 30, 2015 at 01:30:29AM +0200, Alexander Koeppe wrote:
> Package: libssl-dev
> Version: 1.0.1k-3+deb8u1
> Severity: wishlist
> 
> Dear Maintainer,
> 
> I'm missing the man pages for ASN1 programming (section 3). 
> The man pages for (e.g.) BN are there though (`man bn`).
> I'm assigning this bug report to your package as it's delivering the
> C header file and on other systems, libssl-dev is the package which 
> distributes this man page onto the system (`man 3 asn1`).

There isn't an overview of ASN1 functions, but those that are
documented are availablable in the libssl-doc package, just like
the bn functions.

I'm also unsure what you would like to do with it.


Kurt

Bug#795955: Complex regular subexpression recursion limit in cruft.pm

[Niels Thykier]

On 2015-08-30 00:02, Bastien ROUCARIES wrote:
> On Sat, Aug 29, 2015 at 10:31 PM, David Prévot  wrote:
>> [...]
>>
>>> I get quite some warnings from perl:
>>> Complex regular subexpression recursion limit (32766) exceeded at 
>>> /usr/share/lintian/checks/cruft.pm line 939.
> 
> it is the remove comments regex from perlfaq 
># from perl faq strip comments
> $strip
>   =~ 
> s#/\*[^*]*\*+([^/*][^*]*\*+)*/|//([^\\]|[^\n][\n]?)*?(?=\n)|("(\\.|[^"\\])*"|'(\\.|[^'\\])*'|.[^/"'\\]*)#defined
> $3 ? $3 : ""#gse;
> 
> How can I solve this ?
> 
> Bastien
> 

It is not certain we can solve it in pure Perl.  The Perl "Regex" engine
(like many other languages's) is not a regular expression.  This means
we can exponential runtime for expressions, where a true regular
expression could do it in polynomial time[1].

We can try to help Perl by reducing the points where this can do a
backtrack (By using *+, where possibly to forbid backtracking).
Alternatively, we can reduce the input size.  But if that does not work,
we will have to remove the regex or replace it with a simpler one.
  Though, be careful with *+ (and ?+) as it can subtly change the regex
to no longer match where the old one could.

Anyway, be careful in general with adding any non-trivial regex.

Thanks,
~Niels

[1] https://swtch.com/~rsc/regexp/regexp1.html

Do note that the graph for Thompson NFA is measured in "us", while the
perl graph is in "s".





signature.asc
Description: OpenPGP digital signature

Bug#797385: iceweasel crash loading a youtube page.

[Mike Hommey]

On Sun, Aug 30, 2015 at 09:40:25AM +, Adrin wrote:
> Package: iceweasel
> Version: 38.2.1esr-1
> 
> When I open iceweasel, my default tab from previous session is a page on
> youtube, and when it tries to load it, it crashes.
> 
> This is what I get in console:
> 
> $ iceweasel
> 
> (process:3391): GLib-CRITICAL **: g_slice_set_config: assertion
> 'sys_page_size == 0' failed
> Gtk-Message: Failed to load module "canberra-gtk-module"
> console.error:
>   [CustomizableUI]
>   Custom widget with id loop-button does not return a valid node
> console.error:
>   [CustomizableUI]
>   Custom widget with id loop-button does not return a valid node
> TSTBrowser::restoreTree
>   level = 1
>   tabsToRestore = 1
> TSTBrowser::restoreTree
>   level = 1
>   tabsToRestore = 102
>   restoring member tabs = 101
> (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101)
> 2015-08-30 11:36:02: stackwalker.cc:125: INFO: Couldn't load symbols for:
> /lib/x86_64-linux-gnu/libc.so.6|33A8B4D22A5A5FA9F7CBE874643DECC60
> 2015-08-30 11:36:02: basic_code_modules.cc:88: INFO: No module at 0x0

FWIW, this doesn't look like a message a standard build of iceweasel would
display.

Anyways, your log is insufficient. Please see the instructions in
/usr/share/bug/iceweasel/presubj.

That being said, this is likely to be the same as bug 797227.

Mike

Bug#791045: transition: geos (spatialite->postgis->gdal->spatialite circular dependency)

[Julien Cristau]

On Sat, Aug 29, 2015 at 18:23:24 +0200, Sebastiaan Couwenberg wrote:

> This leaves only two packages in need of a binNMU for the geos transition:
> 
>  basemap (1.0.7+dfsg-3)
>  player  (3.0.2+dfsg-4.2)
> 
The gdal upload issue was fixed by Aurelien.  binNMUs scheduled for the
above two packages.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#795131: test deb for bug 795131

[Javier Barroso]

Hello,

On Sun, Aug 30, 2015 at 11:51 AM, Rene Engelhard  wrote:
> Hi,
>
> On Sat, Aug 29, 2015 at 04:34:47AM +0200, Rene Engelhard wrote:
>> which is 
>> http://cgit.freedesktop.org/libreoffice/core/commit/?id=e5539b0b53ebaf9b792652e4866eeacf8c10b101
>>
>> Would be nice if you could retry with 
>> https://people.debian.org/~rene/libreoffice/test/795131/libreoffice-gtk3_5.0.1-1_amd64.deb
>>  as you know how to reproduce
>> best.
>
> Sorry, I have been to impatient to wait for an answer (because there were
> other important fixes - like fixing the help... - due) so I uploaded that now.
>
> And as I had  it already committed..
>
> I was able to reproduce the crashes with diodon, but didn't get them anymore
> with 5.0.1-1 in my quick attempts...

Yesterday I was playing in another debian sid computer with XFCE
trying to reproduce the bug, but I did not get the crash.

I was waiting to have time to turn on the other computer, and compare
packages installed .. (in such laptop I'm using awesome wm (and not
xfce))

Thank you working on libreoffice at Debian !

The info on the system where it is working fine now is:

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libreoffice-writer depends on:
ii  libabw-0.1-1   0.1.1-2
ii  libc6  2.19-19
ii  libe-book-0.1-10.1.2-2
ii  libetonyek-0.1-1   0.1.3-1
ii  libgcc11:5.2.1-15
ii  libicu55   55.1-4
ii  libmwaw-0.3-3  0.3.5-1
ii  libodfgen-0.1-10.1.4-1
ii  libreoffice-base-core  1:5.0.1~rc2-1
ii  libreoffice-core   1:5.0.1~rc2-1
ii  librevenge-0.0-0   0.0.2-2
ii  libstdc++6 5.2.1-15
ii  libwpd-0.10-10 0.10.0-2+b1
ii  libwpg-0.3-3   0.3.0-3
ii  libwps-0.4-4   0.4.0-2
ii  libxml22.9.2+really2.9.1+dfsg1-0.1
ii  uno-libs3  5.0.1~rc2-1
ii  ure5.0.1~rc2-1
ii  zlib1g 1:1.2.8.dfsg-2+b1

Versions of packages libreoffice-writer recommends:
ii  libreoffice-math  1:5.0.1~rc2-1

Versions of packages libreoffice-writer suggests:
ii  default-jre [java5-runtime]   2:1.7-52
pn  fonts-crosextra-caladea   
pn  fonts-crosextra-carlito   
pn  libreoffice-base  
pn  libreoffice-gcj   
ii  libreoffice-java-common   1:5.0.1~rc2-1
ii  openjdk-6-jre [java5-runtime] 6b35-1.13.7-1
ii  openjdk-7-jre [java5-runtime] 7u79-2.5.6-1
ii  oracle-java7-jre [java5-runtime]  7u79

Versions of packages libreoffice-core depends on:
ii  fontconfig2.11.0-6.3
ii  fonts-opensymbol  2:102.6+LibO5.0.1~rc2-1
ii  libatk1.0-0   2.16.0-2
ii  libboost-date-time1.58.0  1.58.0+dfsg-3
ii  libc6 2.19-19
ii  libcairo2 1.14.2-2
ii  libclucene-contribs1v52.3.3.4-4.1
ii  libclucene-core1v52.3.3.4-4.1
ii  libcmis-0.5-5v5   0.5.0-3
ii  libcups2  2.0.3-10
ii  libcurl3-gnutls   7.44.0-1
ii  libdbus-1-3   1.8.20-1
ii  libdbus-glib-1-2  0.102-1
ii  libeot0   0.01-3
ii  libexpat1 2.1.0-7
ii  libexttextcat-2.0-0   3.4.4-1
ii  libfontconfig12.11.0-6.3
ii  libfreetype6  2.5.2-4
ii  libgcc1   1:5.2.1-15
ii  libgdk-pixbuf2.0-02.31.5-1
ii  libgl1-mesa-glx [libgl1]  10.6.4-1
ii  libglew1.10   1.10.0-3
ii  libglib2.0-0  2.44.1-1.1
ii  libgltf-0.0-0v5   0.0.2-4
ii  libglu1-mesa [libglu1]9.0.0-2
ii  libgraphite2-31.2.4-3
ii  libgtk2.0-0   2.24.28-1
ii  libharfbuzz-icu0  1.0.1-1
ii  libharfbuzz0b 1.0.1-1
ii  libhunspell-1.3-0 1.3.3-3+b1
ii  libhyphen02.8.8-2
ii  libice6   2:1.0.9-1+b1
ii  libicu55  55.1-4
ii  libjpeg62-turbo   1:1.4.1-2
ii  liblangtag1   0.5.1-3
ii  liblcms2-22.6-3+b3
ii  libldap-2.4-2 2.4.42+dfsg-1
ii  libmythes-1.2-0   2:1.2.4-1
ii  libneon27-gnutls  0.30.1-1
ii  libnspr4  2:4.10.9-2
ii  libnspr4-0d   2:4.10.9-2
ii  libnss3   2:3.20-1
ii  libnss3-1d2:3.20-1
ii  libodfgen-0.1-1   0.1.4-1
ii  libpango-1.0-01.36.8-3
ii  libpangocairo-1.0-0   1.36.8-3
ii  libpangoft2-1.0-0 1.36.8-3
ii  libpcre3  2:8.35-7.1
ii  libpng12-01.2.50-2+b2
ii  librdf0   1.0.17-1+b1
ii  libreoffice-common1:5.0.1~rc2-1
ii  librevenge-0.0-0  0.0.2-2
ii  libsm62:1.2.2-1+b1
ii  libssl1.0.0  

Bug#797386: monotone: FTBFS on ppc64el (test suite failure)

[Julien Cristau]

Source: monotone
Version: 1.1-4.1
Severity: serious
Justification: fails to build from source (but built successfully in the past)

from the build log:

> Check failed (return value): wanted -13 got 0
> stack traceback:
> [string "testlib.lua"]:114: in function 'err'
> [string "testlib.lua"]:659: in function 'post_cmd'
> [string "testlib.lua"]:759: in function 'finish'
> ...notone-1.1/test/func/log_quits_on_SIGPIPE/__driver__.lua:102: in 
> main chunk
> [C]: in function 'xpcall'
> [string "testlib.lua"]:1158: in function <[string "testlib.lua"]:1126>
> [C]: in function 'run_tests_in_children'
> [string "testlib.lua"]:1087: in function <[string "testlib.lua"]:882>
> Of 612 tests run:
> 515 succeeded
> 1 failed
> 35 had expected failures
> 0 succeeded unexpectedly
> 61 were skipped
> debian/rules:85: recipe for target 'override_dh_auto_test' failed
> make[1]: Leaving directory '/«PKGBUILDDIR»'
> debian/rules:56: recipe for target 'build-arch' failed

See the full log at
https://buildd.debian.org/status/fetch.php?pkg=monotone&arch=ppc64el&ver=1.1-4.1&stamp=1440783122

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#772179: Xmonad with Gnome

[Per Olofsson]

Hi,

On 2015-08-29 14:47, Joachim Breitner wrote:
> thanks for your findings. I would not oppose adding this configuration
> to the package, but only under the condition that someone who actually
> uses it (i.e. you) continues to feel responsible for that part (i.e.
> keeps it working, responds to bug reports etc.)
> 
> Are you interested in that?

Sure!

> If so, you can have commit access to the packaging repository and you
> can add the changes yourself, including any needed documentation and
> Recommends or Suggests.

OK, that sounds good.

-- 
Pelle

Bug#794317: fixed in sfcgal 1.1.0-3

[Julien Cristau]

Control: reopen -1

On Thu, Aug 27, 2015 at 16:16:42 +, Sven Geggus wrote:

>  sfcgal (1.1.0-3) unstable; urgency=medium
>  .
>* Make package build in unstable with boost 1.58 and gcc5
>* Change from Multi-Arch: same to foreign (Closes: #794317)
>* Update symbols for other architectures.

Making your -dev package Multi-Arch: foreign is even worse...
Please either make common files the same on all architectures, or remove
the Multi-Arch field entirely.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#797371: apt-listchanges: Fills up /tmp without noticing or offering configuration setting to avoid this

[Sandro Tosi]

control: reassign -1 apt-listdifferences

problem (if any) is in apt-listdifferences, reassigning accordingly

On Sun, Aug 30, 2015 at 7:39 AM, Axel Stammler
 wrote:
> Package: apt-listchanges
> Version: 2.85.13+nmu1
> Severity: important
>
> Dear Maintainer,
>
> on a regular run of ‘aptitude safe-upgrade’, APT List Changes filled the 
> temporary
> filesystem to capacity and kept reporting over and over and over again (* 
> literally
> thousands of times) the problem it itself had caused:
>
> […]
> Get: 2 http://security.debian.org/ jessie/updates/main iceweasel i386 
> 38.2.1esr-1~deb8u1 [41.2 MB]
> Get: 3 http://security.debian.org/ jessie/updates/main iceweasel i386 
> 38.2.1esr-1~deb8u1 [41.2 MB]
> Fetched 13.7 MB in 4min 42s (48.3 kB/s)
> Retrieving bug reports... Done
> Parsing Found/Fixed information... Done
> Reading changelogs... Done
> apt-listdifferences: fetching source packages
> Get:1 iceweasel_38.2.1esr-1~deb8u1.dsc [35.3 kB]
> Get:2 iceweasel_38.2.1esr.orig-compare-locales.tar.bz2 [29.2 kB]
> […]
> Get:92 iceweasel_38.2.1esr-1~deb8u1.debian.tar.xz [203 kB]
> Fetched 242 MB in 6s (161 kB/s)
> apt-listdifferences: skipping differences for src:bbcgetnrec - unable to 
> download sources
> tar: mozilla-esr38/dom/broadcastchannel: Cannot mkdir: No space left on device
> tar: mozilla-esr38/dom/broadcastchannel: Cannot mkdir: No space left on device
> tar: mozilla-esr38/dom/broadcastchannel/tests: Cannot mkdir: No such file or 
> directory
> [*…]
> tar: mozilla-esr38/editor/nsIDocumentStateListener.idl: Cannot open: No such 
> file or directory
> tar: mozilla-esr38/editor: Cannot mkdir: No space left on device
> tar: mozilla-esr38/editor/nsIHTMLInlineTableEditor.idl: Cannot open: No such 
> file or directory
> tar: Exiting with failure status due to previous errors
> dpkg-source: error: tar --no-same-owner --no-same-permissions --anchored 
> --no-wildcards-match-slash --exclude */.pc --exclude .pc -xf - gave error 
> exit status 2
> Use of uninitialized value $from in stat at /usr/share/perl/5.20/File/Copy.pm 
> line 211.
> Use of uninitialized value $from in string eq at 
> /usr/share/perl/5.20/File/Copy.pm line 64.
> Use of uninitialized value $from in -d at /usr/share/perl/5.20/File/Copy.pm 
> line 96.
> Use of uninitialized value $_[0] in substitution (s///) at 
> /usr/share/perl/5.20/File/Basename.pm line 180.
> fileparse(): need a valid pathname at /usr/share/perl/5.20/File/Copy.pm line 
> 51.
> apt-listdifferences: removing old src:iceweasel 38.2.0esr-1~deb8u1
> (Reading database ... 267222 files and directories currently installed.)
> Preparing to unpack .../iceweasel_38.2.1esr-1~deb8u1_i386.deb ...
> Leaving 'diversion of /usr/bin/firefox to /usr/bin/firefox.real by iceweasel'
> Unpacking iceweasel (38.2.1esr-1~deb8u1) over (38.2.0esr-1~deb8u1) ...
> […]
> Processing triggers for menu (2.1.47) ...
> Processing triggers for man-db (2.7.0.2-5) ...
> Processing triggers for hicolor-icon-theme (0.13-1) ...
> Processing triggers for desktop-file-utils (0.22-1) ...
> Processing triggers for mime-support (3.58) ...
> Setting up iceweasel (38.2.1esr-1~deb8u1) ...
> […]
> Processing triggers for menu (2.1.47) ...
> Current status: 0 updates [-2].
>
> Fortunately, it then released the space it had reserved  on /tmp.
>
> I read through /usr/share/doc/apt-listchanges/README.Debian,
> /usr/share/doc/apt-listchanges/TODO, 
> /usr/share/doc/apt-listchanges/changelog.gz,
> /etc/apt/listchanges.conf, /etc/apt/apt.conf.d/20listdifferences, but could 
> not find out
> what to do, e.g. how to set a different temporary directory.
>
> -- System Information:
> Debian Release: 8.1
>   APT prefers stable-updates
>   APT policy: (500, 'stable-updates'), (500, 'stable')
> Architecture: i386 (i686)
>
> Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores)
> Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages apt-listchanges depends on:
> ii  apt1.0.9.8
> ii  debconf [debconf-2.0]  1.5.56
> ii  debianutils4.4+b1
> ii  python 2.7.9-1
> ii  python-apt 0.9.3.11
> ii  python-support 1.0.15
> ii  ucf3.0030
>
> apt-listchanges recommends no packages.
>
> Versions of packages apt-listchanges suggests:
> ii  edbrowse [www-browser] 3.5.1-1
> ii  epiphany-browser [www-browser] 3.14.1-1
> ii  exim4-daemon-light [mail-transport-agent]  4.84-8
> ii  gnome-terminal [x-terminal-emulator]   3.14.1-1
> ii  iceweasel [www-browser]38.2.1esr-1~deb8u1
> ii  links2 [www-browser]   2.8-2+b3
> ii  mate-terminal [x-terminal-emulator]1.8.1+dfsg1-4
> pn  python-glade2  
> ii  python-gtk22.24.0-4
> ii  w3m [www-browser]  0.5.3-19
> ii  xterm [x-terminal-emulator]312-2

Bug#797251: ITP: r-cran-lsmeans -- GNU R package for obtaining least-squares means for many linear, generalized linear, and mixed models

[Jonathon Love]

yup, i was just waiting for r-cran-estimability (a dependency) to become
available before pushing this one.

it's there now.

jonathon

On 30/08/2015 8:21 am, Andreas Tille wrote:
> Hi Jonathon,
> 
> the remote git repository of this package is empty.
> 
> Kind regards
> 
>Andreas.
> 


-- 

JASP - A Fresh Way to Do Statistics
http://jasp-stats.org/

--

How happy is he born and taught,
That serveth not another's will;
Whose armour is his honest thought,
And simple truth his utmost skill

This man is freed from servile bands
Of hope to rise, or fear to fall:
Lord of himself, though not of lands,
And, having nothing, yet hath all.

  -- Sir Henry Wotton

Bug#797385: iceweasel crash loading a youtube page.

[Adrin]

On Sun, 30 Aug 2015 at 11:58 Mike Hommey  wrote:

> On Sun, Aug 30, 2015 at 09:40:25AM +, Adrin wrote:
> > Package: iceweasel
> > Version: 38.2.1esr-1
> >
> > When I open iceweasel, my default tab from previous session is a page on
> > youtube, and when it tries to load it, it crashes.
> >
> > This is what I get in console:
> >
> > $ iceweasel
> >
> > (process:3391): GLib-CRITICAL **: g_slice_set_config: assertion
> > 'sys_page_size == 0' failed
> > Gtk-Message: Failed to load module "canberra-gtk-module"
> > console.error:
> >   [CustomizableUI]
> >   Custom widget with id loop-button does not return a valid node
> > console.error:
> >   [CustomizableUI]
> >   Custom widget with id loop-button does not return a valid node
> > TSTBrowser::restoreTree
> >   level = 1
> >   tabsToRestore = 1
> > TSTBrowser::restoreTree
> >   level = 1
> >   tabsToRestore = 102
> >   restoring member tabs = 101
> >
> (1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101)
> > 2015-08-30 11:36:02: stackwalker.cc:125: INFO: Couldn't load symbols for:
> > /lib/x86_64-linux-gnu/libc.so.6|33A8B4D22A5A5FA9F7CBE874643DECC60
> > 2015-08-30 11:36:02: basic_code_modules.cc:88: INFO: No module at 0x0
>
> FWIW, this doesn't look like a message a standard build of iceweasel would
> display.
>
> Anyways, your log is insufficient. Please see the instructions in
> /usr/share/bug/iceweasel/presubj.
>
> That being said, this is likely to be the same as bug 797227.
>
> Mike
>

Not sure where those messages come from. But here's the bt. And I suppose
indeed it very well might be a duplicate of that bug.
Thanks,
Adrin.

MOZILLA_DISABLE_PLUGINS=1 gdb --args iceweasel
GNU gdb (Debian 7.9.1-1) 7.9.1
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from iceweasel...(no debugging symbols found)...done.
(gdb) set pagination off
(gdb) run
Starting program: /usr/bin/iceweasel
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

(process:7376): GLib-CRITICAL **: g_slice_set_config: assertion
'sys_page_size == 0' failed
Gtk-Message: Failed to load module "canberra-gtk-module"
process 7376 is executing new program: /usr/lib/iceweasel/iceweasel
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

(process:7376): GLib-CRITICAL **: g_slice_set_config: assertion
'sys_page_size == 0' failed
Gtk-Message: Failed to load module "canberra-gtk-module"
console.error:
  [CustomizableUI]
  Custom widget with id loop-button does not return a valid node
console.error:
  [CustomizableUI]
  Custom widget with id loop-button does not return a valid node
[New Thread 0x7fffbc7f0700 (LWP 7447)]
console.error:
  [CustomizableUI]
  Custom widget with id loop-button does not return a valid node
[New Thread 0x7fffa700 (LWP 7465)]
[New Thread 0x7fffad1ff700 (LWP 7467)]
[New Thread 0x7fffaabff700 (LWP 7471)]
[New Thread 0x7fffab5fe700 (LWP 7470)]
[New Thread 0x7fffabdff700 (LWP 7469)]
[New Thread 0x7fffac7de700 (LWP 7468)]
[New Thread 0x7fffaed73700 (LWP 7466)]
[New Thread 0x7fffd4278700 (LWP 7464)]
[New Thread 0x7fffd42b9700 (LWP 7463)]
[New Thread 0x7fffd42fa700 (LWP 7462)]
[New Thread 0x7fffb31ff700 (LWP 7461)]
[New Thread 0x7fffd23fe700 (LWP 7460)]
[New Thread 0x7fffb46ff700 (LWP 7459)]
[New Thread 0x7fffb50ff700 (LWP 7458)]
[New Thread 0x7fffb5dff700 (LWP 7457)]
[New Thread 0x7fffb6bff700 (LWP 7456)]
[New Thread 0x7fffb77ff700 (LWP 7455)]
[New Thread 0x7fffb87fd700 (LWP 7454)]
[New Thread 0x7fffb8ffe700 (LWP 7453)]
[New Thread 0x7fffb97ff700 (LWP 7452)]
[New Thread 0x7fffba1fd700 (LWP 7451)]
[New Thread 0x7fffba9fe700 (LWP 7450)]
[New Thread 0x7fffbb1ff700 (LWP 7449)]
[New Thread 0x7fffbbbe6700 (LWP 7448)]
[New Thread 0x7fffbcff1700 (LWP 7446)]
[New Thread 0x7fffbd9ff700 (LWP 7445)]
[New Thread 0x7fffbf2ff700 (LWP 7444)]
[New Thread 0x7fffc0aff700 (LWP 7443)]
[New Thread 0x7fffc95ff700 (LWP 7442)]
[New Thread 0x7fffc9f66700 (LWP 7441)]
[New Thread 0x7fffca767700 (LWP 7440)]
[New Thread 0x7fffd9bfe700 (LWP 7439)]
[New Thread 0x7fffcc1ff700 (LWP 7438)]
[N

Bug#797389: calligra: FTBFS, missing build-dep on libsoprano-dev

[Julien Cristau]

Source: calligra
Version: 1:2.8.5+dfsg-1.2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

your package no longer builds on the buildds:
> make[3]: *** No rule to make target '/usr/lib/libsoprano.so', needed by 
> 'lib/libkexiextendedwidgets.so.13.0.0'.  Stop.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#797387: insighttoolkit4: FTBFS (unsupported argument: --gccxml-gcc-options)

[Julien Cristau]

Source: insighttoolkit4
Version: 4.7.2-2
Severity: serious
Justification: fails to build from source (but built successfully in the past)

Hi,

your package no longer builds on the buildds:

> Generating vcl_complex.xml
> cd /«PKGBUILDDIR»/BUILD/Wrapping/Modules/ITKCommon && /usr/bin/gccxml 
> -fxml-start=_cable_ 
> -fxml=/«PKGBUILDDIR»/BUILD/Wrapping/Modules/ITKCommon/vcl_complex.xml 
> --gccxml-gcc-options 
> /«PKGBUILDDIR»/BUILD/Wrapping/Modules/ITKCommon/gcc_xml.inc 
> -DCABLE_CONFIGURATION -DITK_MANUAL_INSTANTIATION 
> /«PKGBUILDDIR»/BUILD/Wrapping/Modules/ITKCommon/vcl_complex.cxx
> /usr/bin/cmake -E cmake_progress_report /«PKGBUILDDIR»/BUILD/CMakeFiles 
> GCC-XML compatibility CastXML wrapper
> Error: unsupported argument: --gccxml-gcc-options
> make[3]: *** [Wrapping/Modules/ITKCommon/vcl_complex.xml] Error 1
> Wrapping/Modules/ITKCommon/CMakeFiles/ITKCommonGccXML.dir/build.make:121: 
> recipe for target 'Wrapping/Modules/ITKCommon/vcl_complex.xml' failed
> make[3]: Leaving directory '/«PKGBUILDDIR»/BUILD'
> make[2]: *** [Wrapping/Modules/ITKCommon/CMakeFiles/ITKCommonGccXML.dir/all] 
> Error 2
> make[2]: *** Waiting for unfinished jobs
> CMakeFiles/Makefile2:32315: recipe for target 
> 'Wrapping/Modules/ITKCommon/CMakeFiles/ITKCommonGccXML.dir/all' failed

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#797388: ITP: r-cran-pbapply -- GNU R package providing progress bars for vectorized R functions

[Jonathon]

Package: wnpp
Severity: wishlist
Owner: Jonathon 

* Package name: r-cran-pbapply
  Version : 1.1-1
  Upstream Author : Peter Solymos 
* URL : http://cran.r-project.org/package=pbapply
* License : GPL
  Programming Lang: R
  Description : GNU R package providing progress bars for vectorized R 
functions

 The r-cran-pbapply package is a GNU R package providing progress bars
 for vectorized R functions.

 Packaging by Jonathon Love, under the sponsorship of Andreas Tille

Bug#797390: ITP: r-cran-pbivnorm -- GNU R package providing a vectorized R function for calculating probabilities from a standard bivariate normal CDF

[Jonathon]

Package: wnpp
Severity: wishlist
Owner: Jonathon 

* Package name: r-cran-pbivnorm
  Version : 0.6.0
  Upstream Author : Brenton Kenkel 
* URL : http://cran.r-project.org/package=pbivnorm
* License : GPL
  Programming Lang: R
  Description : GNU R package providing a vectorized R function for 
calculating probabilities from a standard bivariate normal CDF

 The r-cran-pbivnorm package is a GNU R package providing a vectorized
 R function for calculating probabilities from a standard bivariate
 normal CDF

Bug#795729: [Pkg-postgresql-public] Bug#795729: libpqtypes: FTBFS under some timezones (eg. GMT+12)

[Christoph Berg]

Control: severity -1 important
Control: forwarded -1 
http://www.postgresql.org/message-id/20150830102944.ga6...@msg.df7cb.de

Re: Chris Lamb 2015-08-16 
<1439731078.1990204.357461057.748c8...@webmail.messagingengine.com>
> libpqtypes fails to build from source on unstable/amd64 under
> some timezones (eg. TZ="/usr/share/zoneinfo/Etc/GMT+12"):
> 
> %timestamptz - FAILED
[...]
>   Date & Time types: (text 'Postgres, MDY')
[...]
>   SENT:
>   
> epoch=315532800,isbc=0,yr=1979,mon=11,mday=31,jday=0,yday=0,wday=0,hr=12,min=0,sec=0,usec=0,withtz=1,isdst=0,tzabbr=GMT+12,gmtoff=-43200
>   RECV:
>   
> epoch=315489600,isbc=0,yr=1979,mon=11,mday=31,jday=2444239,yday=364,wday=1,hr=12,min=0,sec=0,usec=0,withtz=1,isdst=-1,tzabbr=USR/SHARE,gmtoff=0

Hi Chris,

thanks for the report!

(Fwiw, your build log has stdout/stderr garbled here, the FAILED line
should be just before SENT, not 50 lines above.)

Confirmed, this is actually a bug in the PostgreSQL server, though it
only shows up with datestyle=postgres (which is pretty obsolete), and
TZ=UTC+-N (which is rare). It will hopefully get fixed in 9.4.5.

I'm downgrading the ftbfs to important, as it doesn't show up when
using "real" timezones. (I'd rather not put a workaround like TZ=UTC
into debian/rules as it would just paper over the issue, and there's
nothing to fix in libpqtypes itself.)

Christoph
-- 
c...@df7cb.de | http://www.df7cb.de/


signature.asc
Description: Digital signature

Bug#742503: [Pkg-octave-devel] Bug#742503: Bug#742503: octave 3.8.1 requires java

[Rafael Laboissiere]

* Mike Miller  [2015-08-29 18:55]:


On Thu, Jul 16, 2015 at 09:59:17 +0200, Alois Schloegl wrote:

I changed the control file in the debian package (see attachments).

default-jre-headless is now not in "Depends" but in "Build-Depends" and 
"Recommends". The resulting octave-debian packages does the job.


[snip]

I have the attached patch ready to push, tested locally, any objections 
from fellow maintainers or bystanders with this change to src:octave?


None from me, go ahead.

Rafael

Bug#791961: saned won't run from systemd (bad status=22 or procnum=1)

[Jörg Frings-Fürst]

tags 791961 + moreinfo
tags 791961 + jessie
thanks

Hello,

first thanks to all for spending your time helping to make Debian
better with this bug report.
 
Please can someone testing the attached systemd fileson a jessie
system? 

Many thanks!


CU
Jörg




-- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54526 Niederkail

Threema: SYR8SJXB

IRC: j_...@freenode.net
 j_...@oftc.net

My wish list: 
 - Please send me a picture from the nature at your home.


[Unit]
Description=saned incoming socket

[Socket]
ListenStream=6566
Accept=yes
MaxConnections=1

[Install]
WantedBy=sockets.target
[Unit]
Description=Scanner Service
Requires=saned.socket

[Service]
ExecStart=/usr/sbin/saned
User=saned
Group=saned
StandardInput=null
StandardOutput=syslog
StandardError=syslog
Environment=SANE_CONFIG_DIR=/etc/sane.d
# Environment=SANE_CONFIG_DIR=/etc/sane.d SANE_DEBUG_DLL=255

[Install]
Also=saned.socket


signature.asc
Description: This is a digitally signed message part

Bug#794937: Applications crash with phonon-backend-vlc

[Felix Geyer]

On Mon, 10 Aug 2015 23:35:38 -0300 Lisandro 
=?ISO-8859-1?Q?Dami=E1n_Nicanor_P=E9rez?= Meyer
 wrote:
> retitle 794937 phonon-qt5 packages should not depend/recommend phonon-backend
> thanks
> 
> I think the problem is that the virtual package phonon-backend is provided by 
> phonon-backend-gstreamer, phonon-backend-null, phonon-backend-vlc, phonon4qt5-
> backend-gstreamer

That is a problem but not this one. I've fixed the virtual package stuff now.

This problem seems to be that vlc loads its GUI plugin.
The vlc GUI is Qt5 so this creates the conflict crashing the application.

Bug #755154 in vlc was supposed to fix this.

Michael, I supposed you have *vlc* >= 2.2.1-1 installed?
If so does reinstalling them help? Maybe the plugin cache is in some way 
corrupt.

Cheers,
Felix

Bug#797385: iceweasel crash loading a youtube page.

[Carsten Schoenert]

Hello Adrin,

On Sun, Aug 30, 2015 at 10:21:04AM +, Adrin wrote:
> MOZILLA_DISABLE_PLUGINS=1 gdb --args iceweasel
> GNU gdb (Debian 7.9.1-1) 7.9.1
> Copyright (C) 2015 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later  >
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> .
> Find the GDB manual and other documentation resources online at:
> .
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from iceweasel...(no debugging symbols found)...done.

you need to install 'iceweasel-dbg' first. The normal packages have
stripped out symbols (that's why you see here "(no debugging symbols
found)"). Without symbols a backtrace is mostly useless as there is not
see in what symbol the segfault was happen.

Please note also https://wiki.debian.org/HowToGetABacktrace there are
some hints.

Regards
Carsten

Bug#797391: debhelper: udeb -dbgsym packages are created with the wrong file extension

[Chris Lamb]

Package: debhelper
Version: 9.20150811

Hi,

(Forwarding from
http://lists.alioth.debian.org/pipermail/reproducible-builds/Week-of-Mon-20150824/003015.html)

lowmem is FTBFS in the reproducible.debian.net Jenkins setup (we
unconditionally enable ddeb support) because something in the
dh_buildeb/dpkg-deb interface is creating the -dbgsym packages without a
.udeb extension:


dpkg-deb: building package 'lowmemcheck-dbgsym' in
'../lowmemcheck-dbgsym_1.43_amd64.deb'.
dpkg-deb: building package 'lowmem' in '../lowmem_1.43_all.udeb'.
dpkg-deb: building package 'lowmemcheck' in
'../lowmemcheck_1.43_amd64.udeb'.
 dpkg-genbuildinfo  >../lowmem_1.43_amd64.buildinfo
dpkg-genbuildinfo: error: cannot fstat file
../lowmemcheck-dbgsym_1.43_amd64.udeb: No such file or directory
dpkg-buildpackage: error: dpkg-genbuildinfo 
>../lowmem_1.43_amd64.buildinfo gave error exit status 2


debian/files is:

  lowmem_1.43_all.udeb debian-installer optional
  lowmem_1.43_amd64.buildinfo debian-installer optional
  lowmemcheck-dbgsym_1.43_amd64.udeb debugsym extra
 ^^^
  lowmemcheck_1.43_amd64.udeb debian-installer optional

.. but the file is actually called lowmemcheck-dbgsym_1.43_amd64.deb
(see first line in preceding paragraph).



Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#797392: linux-image-4.1.0-0.bpo.1-amd64: VAIO keyboard does not wake up after suspend.

[Charles Plessy]

Package: src:linux
Version: 4.1.3-1~bpo8+1
Severity: normal

Dear Kernel team,

I recently installed Jessie on a new VAIO pro 13 mk2, where I encounter the
following problem: after suspend, the keyboard does not wake up.  Even the led
of the caps lock key does not light up when the key is pressed.  I tested an
external keyboard and it woke up fine.  This happens on suspend in different
Desktop environments (GNOME, fluxbox), suggesting that they are not the source
of the problem.  Upgrading to the kernel in backports.debian.org (which is
running now) did not solve the problem.

I posted at the following address the diff between dmesg, /var/log/syslog,
and /var/log/debug before and after suspension and wakeup.

  https://lists.debian.org/debian-user-french/2015/08/msg00387.html

I am a bit lost on what I can try to solve this problem.  Do you have
suggestiosns ?

Have a nice day,

-- Charles Plessy, Tsurumi, Kanagawa, Japan

-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: VAIO Corporation
product_name: VJP132
product_version: Reserved
chassis_vendor: VAIO Corporation
chassis_version: N/A
bios_vendor: Phoenix Technologies Ltd.
bios_version: R0220MA
board_vendor: VAIO Corporation
board_name: VAIO
board_version: N/A

** Network interface configuration:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Broadwell-U Host Bridge -OPI 
[8086:1604] (rev 09)
Subsystem: Device [1d19:0003]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 

00:02.0 VGA compatible controller [0300]: Intel Corporation Broadwell-U 
Integrated Graphics [8086:1616] (rev 09) (prog-if 00 [VGA controller])
Subsystem: Device [1d19:0003]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR-  [disabled]
Capabilities: 
Kernel driver in use: i915

00:03.0 Audio device [0403]: Intel Corporation Broadwell-U Audio Controller 
[8086:160c] (rev 09)
Subsystem: Device [1d19:0003]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: snd_hda_intel

00:14.0 USB controller [0c03]: Intel Corporation Wildcat Point-LP USB xHCI 
Controller [8086:9cb1] (rev 03) (prog-if 30 [XHCI])
Subsystem: Device [1d19:0003]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: xhci_hcd

00:16.0 Communication controller [0780]: Intel Corporation Wildcat Point-LP MEI 
Controller #1 [8086:9cba] (rev 03)
Subsystem: Device [1d19:0003]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: mei_me

00:1b.0 Audio device [0403]: Intel Corporation Wildcat Point-LP High Definition 
Audio Controller [8086:9ca0] (rev 03)
Subsystem: Device [1d19:0003]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: snd_hda_intel

00:1c.0 PCI bridge [0604]: Intel Corporation Wildcat Point-LP PCI Express Root 
Port #5 [8086:9c98] (rev e3) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:1c.2 PCI bridge [0604]: Intel Corporation Wildcat Point-LP PCI Express Root 
Port #3 [8086:9c94] (rev e3) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 
Kernel driver in use: pcieport

00:1c.3 PCI bridge [0604]: Intel Corporation Wildcat Point-LP PCI Express Root 
Port #4 [8086:9c96] (rev e3) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort

Bug#795131: test deb for bug 795131

[Rene Engelhard]

Hi,

On Sun, Aug 30, 2015 at 12:02:44PM +0200, Javier Barroso wrote:
> Yesterday I was playing in another debian sid computer with XFCE
> trying to reproduce the bug, but I did not get the crash.

Gtk2, afaik.

> I was waiting to have time to turn on the other computer, and compare
> packages installed .. (in such laptop I'm using awesome wm (and not
> xfce))

No Gtk at all.

So no surprise it works ;)

The bug is in the gtk3 backend. And that one only gets enabled with GNOME(3).

Regards,

Rene

Bug#797337: [Pkg-anonymity-tools] Bug#797337: torbrowser-launcher: gives misleading error on SOCKS connection failure

[intrigeri]

Control: tag -1 + upstream
Control: severity -1 minor

Hi,

Michael Gold wrote (29 Aug 2015 16:35:00 GMT) :
> An strace reveals it was trying to connect to 127.0.0.1:9050, not to the
> internet; code inspection reveals this to be a hard-coded SOCKS address.
> The preceding "Downloading https://www.torproject.org…"; message makes it
> look like it was www.torproject.org that rejected the connection.

I agree this is a UX problem, thanks for reporting it to Debian.
Do you want to report it upstream[0]? (I don't remember if the
upstream author tracks the Debian BTS.)

Note that I'm downgrading the severity a bit, because this only
affects users who have manually configured their system-wide tor
daemon to *not* listen on the default SOCKS port. I expect them to be
power-users who may be able to correlate "Updating over Tor" failing
with "I have a custom, non-default Tor configuration that
torbrowser-launcher was not able to guess".

[0] https://github.com/micahflee/torbrowser-launcher/issues/

Cheers,
-- 
intrigeri

Bug#797394: RM: fullscreen-extension/1.0.4-1

[David Prévot]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: rm

Hi,

As per #783552, “xul-ext-fullscreen 1.0.4 is unusable with  
Iceweasel 32.x”. It has already been removed from testing, and there is
no point shipping it any more in stable now that Iceweasel 38 is in.

Regards

David


signature.asc
Description: Digital signature

Bug#797393: new upstream version 1.2.1

[Steinar H. Gunderson]

Package: cubemap
Version: 1.2.0
Severity: wishlist

Hi,

I've just released Cubemap 1.2.1. Like previously mentioned, please keep in mind
that you'll need to add a new build dependency on libsystemd-dev.

-- System Information:
Debian Release: 8.1
  APT prefers stable
  APT policy: (750, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.4 (SMP w/40 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cubemap depends on:
ii  adduser  3.113+nmu3
ii  init-system-helpers  1.22
ii  libc62.19-18
ii  libgcc1  1:4.9.2-10
pn  libprotobuf7 
ii  libstdc++6   4.9.2-10
ii  lsb-base 4.1+Debian13+nmu1

cubemap recommends no packages.

Versions of packages cubemap suggests:
ii  logrotate   3.8.7-1+b1
ii  munin-node  2.0.25-1

Bug#767351: armel, armhf: symbol __aeabi_atexit@CXXABI_ARM_1.3.3 found in none of the libraries

[Daniel Leidert]

Hi,

I ran into the same issue with gnome-chemistry-utils recently. For both
armel and armhf builds dpkg-shlibdeps reports

[..] symbol __aeabi_atexit@CXXABI_ARM_1.3.3 used by [..] found in none of the 
libraries

https://buildd.debian.org/status/fetch.php?pkg=gnome-chemistry-utils&arch=armel&ver=0.14.10-2&stamp=1440893055
https://buildd.debian.org/status/fetch.php?pkg=gnome-chemistry-utils&arch=armhf&ver=0.14.10-2&stamp=1440892333

I found this bug report by the imagemagick maintainers, but no
resolution to it. I'm also wondering, how and if this is resolvable in
the upstream software code or if this is a GCC issue? If my
understanding of [1] is correct, then this is a GCC issue(?).

I was further wondering, if the culprit might be one of the build
-dependencies(?).

[1] https://gcc.gnu.org/ml/gcc/2014-07/msg00030.html

Regards, Daniel

signature.asc
Description: This is a digitally signed message part

Bug#797339: [Pkg-anonymity-tools] Bug#797339: torbrowser-launcher: assumes a hard-coded (and insecure) SOCKS port

[intrigeri]

Hi,

Michael Gold wrote (29 Aug 2015 16:55:28 GMT) :
> It is inappropriate to assume Tor is running on this port, as any local
> user could be running a service there (Debian bug #797335), possibly to
> interfere with torbrowser-launcher.

Note that torbrowser-launcher Depends: tor, so this is correct if, and
only if, the system administrator has disabled the tor service, or
configured it to not listen on the default SOCKS port.

I agree the current "little-t-tor + Tor using applications" situation
is sub-optimal from a security and UX point-of-view, e.g. torsocks and
Torbirdy are also impacted (and, transitively, anything that uses
torsocks).

Now, I don't think that filing bugs against all packages that assume
a Tor SOCKS port on 9050 will help much: that's not the place where
the root cause of this problem will be addressed, as said packages
have no means to guess that the system Tor's configuration has been
tweaked. And in the current state of things, that's simply the best
they can do (unless perhaps an unprivileged user can learn what UID
opened a port locally, and check if it's `debian-tor'?). I see that
you've also reported bug #797341, so I'm glad you are also working on
solving the core problem :)

> torbrowser-launcher should allow the user to select an alternate TCP or
> Unix-domain SOCKS address, and shouldn't connect to an unprivileged one
> without confirmation.

Given 1. the design goals of torbrowser-launcher (that is: working
out-of-the-box for non-technical users, AIUI); 2. the current state of
things as described above; and 3. the fact that in practice this is
a problem only if the system administrator tweaked torrc in a way that
ignores #2, I beg to disagree that this would be a good solution to
the (real) problem we have here.

Now, *if* the quick fix I'm suggesting above works (checking who
opened the SOCKs port before connecting to it), then it could be an
acceptable temporary fix for users who get torbrowser-launcher from
their distro.

Cheers,
-- 
intrigeri

Bug#791896: [HEADS-UP] libsystemd transition

[Craig Small]

On Thu, Aug 27, 2015 at 02:54:32AM +0200, Michael Biebl wrote:
> This is another friendly reminder that the compat libraries will be
> dropped in 2 weeks.
> Would be great if you can prepare an upload in the mean time.
Can't upload, there's that libstdc transistion blocking things.
You might want to wait for that to finish first.

 - Craig

-- 
Craig Small (@smallsees)   http://enc.com.au/   csmall at : enc.com.au
Debian GNU/Linux   http://www.debian.org/   csmall at : debian.org
GPG fingerprint:5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Bug#785415: ulogd2 fails with kernel 4.0.0-1

[Chris Boot]

Control: tag -1 pending
Control: retitle -1 Document removal of ULOG target in kernels 3.17+

On 16/05/15 00:31, hugo vanwoerkom wrote:
> Running Sid dist-upgraded on May 12 2015 which went to kernel 4.0.0-1.
> I run the firewall via Firehol and use  'FIREHOL_LOG_MODE="ULOG"'.
> Iptables then gets errors because it cannot find ULOG.
> That is because ulogd2 failed with:
> 
> May 15 11:56:39 hdbb ulogd[5785]: Can't create ULOG handle
> May 15 11:56:39 hdbb ulogd[5785]: error starting `ulog1'
> 
> When this dist-upgraded system is booted with kernel 3.16.0-4 ulogd2
> starts correctly:
> 
> May 15 15:46:24 hdbb ulogd[27455]: building new pluginstance stack:
> 'ulog1:ULOG,base1:BASE,ip2str1:IP2STR,print1:PRINTPK

Hi Hugo,

The underlying problem is that the ULOG target was removed from
iptables/ebtables in the 3.17 kernel. You will need to migrate to using
the NFLOG target instead.

It appears that from version 1.296 onwards, Firehol supports using the
NFLOG target, so you should be able to simply set
FIREHOL_LOG_MODE="NFLOG" and leave the ULOG stuff disabled in ulogd.conf.

I have added a NEWS.Debian entry documenting the change in the kernel in
commite 20a0ed299793c40e345ecee46f234423574da0b [1].

HTH,
Chris

1.
http://anonscm.debian.org/cgit/collab-maint/ulogd2.git/commit/?id=e20a0ed299793c40e345ecee46f234423574da0b

-- 
Chris Boot
bo...@bootc.net

Bug#797395: [maintainer-script-should-not-use-adduser-system-without-home] false positivies

[Jörg Frings-Fürst]

Package: lintian
Version: 2.5.36.1
Severity: important

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi,

I use at a maintainer script this line:

'adduser --home /var/lib/saned  --quiet --system --no-create-home --group saned
|| true'

Then lintian says:

N:The maintainer script apparently runs 'adduser --system' but hardcodes a
N:path under '/home' for the '--home' option or do not use the '--home'
N:option.


But I use the --ome option with /var/lib/saned and not with a directory under
/home.

CU
Jörg



- -- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (900, 'testing'), (800, 'unstable'), (500, 'testing-updates'), 
(1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-1-amd64 (SMP w/6 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lintian depends on:
ii  binutils   2.25.1-1
ii  bzip2  1.0.6-8
ii  diffstat   1.60-1
ii  file   1:5.22+15-2
ii  gettext0.19.4-1
ii  hardening-includes 2.7
ii  intltool-debian0.35.0+20060710.2
ii  libapt-pkg-perl0.1.29+b2
ii  libarchive-zip-perl1.49-1
ii  libclass-accessor-perl 0.34-1
ii  libclone-perl  0.38-1
ii  libdpkg-perl   1.18.2
ii  libemail-valid-perl1.196-1
ii  libfile-basedir-perl   0.07-1
ii  libipc-run-perl0.94-1
ii  liblist-moreutils-perl 0.413-1
ii  libparse-debianchangelog-perl  1.2.0-5
ii  libtext-levenshtein-perl   0.12-1
ii  libtimedate-perl   2.3000-2
ii  liburi-perl1.69-1
ii  man-db 2.7.2-1
ii  patchutils 0.3.4-1
ii  perl [libdigest-sha-perl]  5.20.2-6
ii  t1utils1.38-4
ii  xz-utils   5.1.1alpha+20120614-2.1

Versions of packages lintian recommends:
ii  dpkg1.18.2
ii  libperlio-gzip-perl 0.18-3+b1
ii  perl5.20.2-6
ii  perl-modules [libautodie-perl]  5.20.2-6

Versions of packages lintian suggests:
ii  binutils-multiarch 2.25.1-1
ii  dpkg-dev   1.18.2
ii  libhtml-parser-perl3.71-2
ii  libtext-template-perl  1.46-1
ii  libyaml-perl   1.13-1

- -- no debconf information

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJV4utKAAoJEAn4nzyModJdd7sP/izYGA+YBuS58T8BzWG2Zxpf
TKnz+8dUSz37TRoO3VTGcoP2o7QuzJ+RYpltfjabCw0vbka+6aU2wn0B/k/mhRG2
rozAd0GfFC7Lozw1Um2NtaOD6gWJWYz5zSV/bX2W5EhJIkvrdFAAlSDKe+SL5AxC
iCchH1I/w5/CgzRvfSx76JbIAOv+yV8QAhyvqiMvPdP1/LEo29BjTP+rhHPCLYb7
z1RQ7ip6UPCG3B6LMDqV5EALpMXU/PWuCbueeZXthkDmS7O+uacaj7wdTKb0EZUo
Mt3PLC4urinzBlFBgg/PazXvb8LdY076Sct6ZA5n0viN3+obxRP6bmhCswItrxix
UgBJhPf4bYhqQzkvdIIR9yFTKmv2/J2FdXSrsmko3GpQnHEgPUwfi78Irko07Xay
D8GfKryPAH5HU9gWoK+ZuJ6xTic++SPedtLHm6SnYJUOpL3leeE6b8TvgZnbwQiH
2uepLKMWqDIHprzIUjYoKMT1bbgDXEt+ZW0S7tF+XRt90Bj0ADTYj5byQdZUZO32
bgy5f+WQN00EZQZNaxr8GzM7pN/J/9KZa+hrFafO9ybZJ03TShSpMdhZUjepdskr
AH7gIAeac6U3n7nnLgtIANTWFKjKU2el4UQOHK5lq0pHexjejqktsHfkxH6+Z3+L
9RBJ/PeTdkRnOHf3SMvd
=7PK9
-END PGP SIGNATURE-

Bug#730084: [Python-modules-team] Potential removal - python-irc

[Sandro Tosi]

> As this package is now almost 2 years behind upstream and has been orphaned
> for a considerable time, I may request removal of this package unless I hear
> otherwise from you.

there are a couple of libraries for python and IRC, namely

python-irc
python-irclib

which seem both are packaging http://python-irclib.sourceforge.net/
(which actually is https://bitbucket.org/jaraco/irc/), dont ask why
there are 2 different packages for the same lib (and irclib has files
in a irc/ directory so it's also violating the python policy).

both are outdated, so which one are you planning to remove? I'd rather
not lose all IRC libraries at once

Regards,
-- 
Sandro Tosi (aka morph, morpheus, matrixhasu)
My website: http://matrixhasu.altervista.org/
Me at Debian: http://wiki.debian.org/SandroTosi

Bug#797397: RFS: sfcgal/1.1.0

[Sven Geggus]

Package: sponsorship-requests
Severity: normal

Hello,

I have just uploaded a new Version of sfcgal to mentors.debian.net.

In addition to the changes stated in debian/changelog this package has now
been linked against libcgal11v5.

* Package name: sfcgal
  Version : 1.1.0-4
  Upstream Author : Mickael Borne (IGN), Hugo Mercier (Oslandia), Vincent
  Mora (Oslandia), Olivier Courtin (Oslandia)
* URL : http://www.sfcgal.org/
* License : LGPL-2+
  Section : science

Sources have already been uploaded to alioth and are availabe via the
following URL:
git+ssh://git.debian.org/git/pkg-grass/sfcgal.git

Regards

Sven


signature.asc
Description: Digital signature

Bug#797326: systemd: immediately unmounts manually mounted filesystem (listed in fstab with noauto)

[Michael Biebl]

Am 29.08.2015 um 17:59 schrieb intrigeri:
> Michael Biebl wrote (29 Aug 2015 15:50:40 GMT) :
>> Could you attach the output of systemd-analyze dump
> 
> Yes and no => send privately.

I see that you have a boot.automount unit. I wonder where this unit is
coming from. I vaguely remember there was some auto-unmount feature for
the efi boot partition. Not sure if that is kicking in here.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#797298: msv: FTBFS: Failed to resolve artifact [..] junit:junit:jar:4.x

[Hans Joachim Desserud]

tags 797298 patch
thanks

Adding junit4 to build-dependencies resolves this issue, see the 
attached patch.


Build-dependencies should probably be reorganized to list one per line, 
but
if I did it, the patch became a lot harder to read. Might be natural to 
do

when adding this to the repo. :)

--
mvh / best regards
Hans Joachim Desserud
http://desserud.org

Bug#797382: udev: random crash (SIGABRT)

[Michael Biebl]

Hi Paul,

Am 30.08.2015 um 10:38 schrieb Paul Wise:
> Package: udev
> Version: 224-1
> Severity: normal
> File: /lib/systemd/systemd-udevd
> 
> I had a random crash (SIGABRT) in systemd-udevd:

[..]

thanks for your bug report. On a first glance it doesn't look like a
distro/downstream specific issue, so would be great if you can file that
upstream at https://github.com/systemd/systemd/issues.

Thanks,
Michael


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#797264: wagon: FTBFS: Missing: org.apache.maven.wagon:wagon-provider-test:jar:debian

[Hans Joachim Desserud]

Hi all

I briefly investigated this, and I believe this is probably related
to/introduced by the following commit:
http://anonscm.debian.org/cgit/pkg-java/wagon.git/commit/?id=74133634d292309cb7c2fdf34da287d1dab4e8f2

Though I'm not sure whether the fix is to revert the whole commit,
some parts of it or think of something else.

--
mvh / best regards
Hans Joachim Desserud
http://desserud.org

Bug#797298: msv: FTBFS: Failed to resolve artifact [..] junit:junit:jar:4.x

[Hans Joachim Desserud]

Now also with patch included.

Sorry about that.

--
mvh / best regards
Hans Joachim Desserud
http://desserud.orgdiff --git a/debian/control b/debian/control
index 6bdecf8..5f8d4d3 100644
--- a/debian/control
+++ b/debian/control
@@ -5,7 +5,7 @@ Maintainer: Debian Java Maintainers 
 Build-Depends: debhelper (>= 7.0.50~), maven-debian-helper, default-jdk, cdbs,
  libisorelax-java, libjdom1-java, librelaxng-datatype-java, libxalan2-java,
- libxerces2-java, libxml-commons-resolver1.1-java, ant
+ libxerces2-java, libxml-commons-resolver1.1-java, ant, junit4
 Standards-Version: 3.9.4
 Homepage: http://java.net/projects/msv
 Vcs-Git: git://anonscm.debian.org/pkg-java/msv.git

Bug#797348: ebook-speaker: Segfault if no epub in the directory

[Samuel Thibault]

MENGUAL Jean-Philippe, le Sun 30 Aug 2015 03:31:20 +0200, a écrit :
> Le 30/08/2015 03:06, Samuel Thibault a écrit :
> >MENGUAL Jean-Philippe, le Sun 30 Aug 2015 02:37:46 +0200, a écrit :
> >>Le 30/08/2015 02:23, Samuel Thibault a écrit :
> >>>Jean-Philippe MENGUAL, le Sat 29 Aug 2015 21:43:29 +0200, a écrit :
> 3. cd in a directory containing not .epub files.
> 4. Re-run ebook-speaker
> * What was the outcome of this action?
> 
> Segfault
> >>>I can't reproduce this.  What do you *have* in the directory?
> >>Various things: .txt, .doc, .pdf, .mp3, etc. There are subdirs too.
> >Then you can try to make a copy of this directory (without the subdirs),
> >check wheter it still fails there, and then try to remove files type by
> >type, and then file by file, to know which one brings the crash.
> Can you test putting in the dir a .doc file and with an accent in its name?

I tried, with no problem.

> It seems, although it's somewhat random, the crash happens with .doc files,
> or if some filenames have accents (such as élément).

Perhaps you can send me that problematic file privately.

Samuel

Bug#797400: ITP: dl-poly-classic -- General purpose molecular dynamics simulation package

[Michael Banck]

Package: wnpp
Severity: wishlist
Owner: Debichem Team 

* Package name: dl-poly-classic
  Version : 1.9
  Upstream Author : W. Smith, T.R. Forester and I.T. Todorov
* URL : http://www.ccp5.ac.uk/DL_POLY_CLASSIC/
* License : BSD
  Programming Lang: Fortran/Java
  Description : General purpose molecular dynamics simulation package

DL_POLY Classic is a general purpose (parallel and serial) molecular
dynamics simulation package.

Bug#787601: Info received (libsane 1.0.24-13 segfaults looking for network Samsung scanner SCX-4833FD)

[Jörg Frings-Fürst]

fixed 787601 1.0.25+git20150528-1
thanks

Hello,

thank you for spending your time helping to make Debian better with
this bug report. 


But the bug is fixed I close this bug.

CU
Jörg

-- 
New:
GPG Fingerprint: 63E0 075F C8D4 3ABB 35AB  30EE 09F8 9F3C 8CA1 D25D
GPG key (long) : 09F89F3C8CA1D25D
GPG Key: 8CA1D25D
CAcert Key S/N : 0E:D4:56

Old pgp Key: BE581B6E (revoked since 2014-12-31).

Jörg Frings-Fürst
D-54526 Niederkail

Threema: SYR8SJXB

IRC: j_...@freenode.net
 j_...@oftc.net

My wish list: 
 - Please send me a picture from the nature at your home.




signature.asc
Description: This is a digitally signed message part

Bug#797396: [Pkg-utopia-maintainers] Bug#797396: network-manager-openvpn: Can't connect to VPN, user nm-openvpn missing

[Michael Biebl]

Am 30.08.2015 um 13:44 schrieb Tom Rauchenwald:
> Package: network-manager-openvpn
> Version: 1.0.6-1
> Severity: grave
> Justification: renders package unusable
> 
> Hi,
> 
> after upgrading network-manager-openvpn to 1.0.6-1 I can't connect to
> a VPN anymore. The relevant part of the log:
> 
> Aug 30 13:22:02 orphu NetworkManager[572]:   Starting VPN service 
> 'openvpn'...
> Aug 30 13:22:02 orphu NetworkManager[572]:   VPN service 'openvpn' 
> started (org.freedesktop.NetworkManager.openvpn), PID 1338
> Aug 30 13:22:02 orphu NetworkManager[572]:   VPN service 'openvpn' 
> appeared; activating connections
> Aug 30 13:22:02 orphu NetworkManager[572]:   VPN plugin state changed: 
> starting (3)
> Aug 30 13:22:02 orphu NetworkManager[572]:   VPN connection 'xxx' 
> (ConnectInteractive) reply received.
> Aug 30 13:22:02 orphu NetworkManager[572]:   VPN connection 'xxx' 
> failed to connect interactively: 'User 'nm-openvpn' not found, check 
> NM_OPENVPN_USER.'.
> Aug 30 13:22:02 orphu NetworkManager[572]:   (enp2s0): device state 
> change: secondaries -> failed (reason 'secondary-connection-failed') [90 120 
> 54]
> Aug 30 13:22:02 orphu NetworkManager[572]:   NetworkManager state is 
> now DISCONNECTED
> 
> It seems that a user nm-openvpn is now needed.
> 
> As a workaround, I created this user (and put it in the group
> nm-openvpn), now everything works fine. I suspect said user should be
> created at package install time.
> 
> If the bug severity is not appropriate, please downgrade it accordingly.

No, the severity is correct. Thanks for the bug report and sorry for the
inconvenience.

Will look into that.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#797399: network-manager-openvpn-gnome: OpenVPN connections fail due to missing nm-openvpn user+group

[Andreas Olsson]

Package: network-manager-openvpn-gnome
Version: 1.0.6-1
Severity: important

Since upgrading to network-manager* 1.0.6-1 the gnome network
applet (upper right corner) won't let me enable OpenVPN connections.

Whenever I try to enable a VPN connection the state flips right back
to disabled, without there being any actual connection attempt. While
failing, this is what "journalctl -u NetworkManager" has to say.


  aug 30 13:45:10 corrino NetworkManager[740]:   Starting VPN service 
'openvpn'...
  aug 30 13:45:10 corrino NetworkManager[740]:   VPN service 'openvpn' 
started (org.freedesktop.NetworkManager.openvpn), PID 7093
  aug 30 13:45:10 corrino NetworkManager[740]:   VPN service 'openvpn' 
appeared; activating connections
  aug 30 13:45:10 corrino NetworkManager[740]:   VPN plugin state 
changed: starting (3)
  aug 30 13:45:10 corrino NetworkManager[740]:   VPN connection 'halleck' 
(ConnectInteractive) reply received.
  aug 30 13:45:10 corrino NetworkManager[740]:   VPN connection 'halleck' 
failed to connect interactively: 'User 'nm-openvpn' not found, check 
NM_OPENVPN_USER.'.
  aug 30 13:45:10 corrino NetworkManager[740]:   error disconnecting VPN: 
Could not process the request because no VPN connection was active.

Looks like there is supposed to be a nm-openvpn user?

Manually adding a nm-openvpn user instead brought on a complaint about a 
missing nm-openvpn group.

  aug 30 13:56:43 corrino NetworkManager[740]:   VPN connection 'halleck' 
failed to connect interactively: 'Group 'nm-openvpn' not found, check 
NM_OPENVPN_GROUP.'

Manually adding a nm-openvpn user and putting it in a nm-openvpn group did do 
the trick.

  # adduser --group --system nm-openvpn


See also the following bug/solution from Arch Linux

  https://bugs.archlinux.org/task/46124
  
https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/networkmanager-openvpn&id=9aa4b8be2ea71103197f1bee4e37374b8a0c60cc


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=sv_SE.UTF-8, LC_CTYPE=sv_SE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages network-manager-openvpn-gnome depends on:
ii  libatk1.0-0  2.16.0-2
ii  libc62.19-19
ii  libcairo-gobject21.14.2-2
ii  libcairo21.14.2-2
ii  libdbus-1-3  1.8.20-1
ii  libdbus-glib-1-2 0.102-1
ii  libgdk-pixbuf2.0-0   2.31.5-1
ii  libglib2.0-0 2.44.1-1.1
ii  libgtk-3-0   3.16.6-1
ii  libnm-glib-vpn1  1.0.6-1
ii  libnm-glib4  1.0.6-1
ii  libnm-gtk0   1.0.6-1
ii  libnm-util2  1.0.6-1
ii  libpango-1.0-0   1.36.8-3
ii  libpangocairo-1.0-0  1.36.8-3
ii  libsecret-1-00.18.3-1
ii  network-manager-openvpn  1.0.6-1

network-manager-openvpn-gnome recommends no packages.

network-manager-openvpn-gnome suggests no packages.

-- no debconf information

Bug#797398: FTBFS: pep8 complains about: E402 module level import not at top of file

[Michael Biebl]

Source: d-feet
Version: 0.3.9-1
Severity: serious

The latest releases of pep8 became stricter and added new tests. As a
result, d-feet now no longer passes the pep8 tests:

make[5]: Leaving directory 
'/home/michael/debian/build-area/d-feet-0.3.9/src/tests'
pep8 --max-line-length=99 --ignore=E123 
--exclude='.svn,CVS,.bzr,.hg,.git,__pycache__,.#*' ../../src/
../../src/dfeet/window.py:25:1: E402 module level import not at top of file
../../src/dfeet/window.py:26:1: E402 module level import not at top of file
../../src/dfeet/window.py:27:1: E402 module level import not at top of file
../../src/dfeet/window.py:28:1: E402 module level import not at top of file
../../src/dfeet/window.py:29:1: E402 module level import not at top of file
../../src/tests/tests.py:6:1: E402 module level import not at top of file
../../src/tests/tests.py:7:1: E402 module level import not at top of file
../../src/tests/tests.py:8:1: E402 module level import not at top of file
../../src/tests/tests.py:9:1: E402 module level import not at top of file
../../src/tests/tests.py:10:1: E402 module level import not at top of file
../../src/tests/tests.py:11:1: E402 module level import not at top of file
../../src/tests/tests.py:12:1: E402 module level import not at top of file
../../src/tests/tests.py:13:1: E402 module level import not at top of file
../../src/tests/tests.py:14:1: E402 module level import not at top of file
../../src/tests/tests.py:15:1: E402 module level import not at top of file
Makefile:821: recipe for target 'check-local' failed
make[4]: *** [check-local] Error 1
make[4]: Leaving directory 
'/home/michael/debian/build-area/d-feet-0.3.9/src/tests'



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

Bug#797399: [Pkg-utopia-maintainers] Bug#797399: network-manager-openvpn-gnome: OpenVPN connections fail due to missing nm-openvpn user+group

[Michael Biebl]

Control: reassign -1 network-manager-openvpn
Control: forcemerge 797396 -1

Am 30.08.2015 um 14:06 schrieb Andreas Olsson:
> Package: network-manager-openvpn-gnome
> Version: 1.0.6-1
> Severity: important
> 
> Since upgrading to network-manager* 1.0.6-1 the gnome network
> applet (upper right corner) won't let me enable OpenVPN connections.
> 
> Whenever I try to enable a VPN connection the state flips right back
> to disabled, without there being any actual connection attempt. While
> failing, this is what "journalctl -u NetworkManager" has to say.
> 
> 
>   aug 30 13:45:10 corrino NetworkManager[740]:   Starting VPN service 
> 'openvpn'...
>   aug 30 13:45:10 corrino NetworkManager[740]:   VPN service 'openvpn' 
> started (org.freedesktop.NetworkManager.openvpn), PID 7093
>   aug 30 13:45:10 corrino NetworkManager[740]:   VPN service 'openvpn' 
> appeared; activating connections
>   aug 30 13:45:10 corrino NetworkManager[740]:   VPN plugin state 
> changed: starting (3)
>   aug 30 13:45:10 corrino NetworkManager[740]:   VPN connection 
> 'halleck' (ConnectInteractive) reply received.
>   aug 30 13:45:10 corrino NetworkManager[740]:   VPN connection 
> 'halleck' failed to connect interactively: 'User 'nm-openvpn' not found, 
> check NM_OPENVPN_USER.'.
>   aug 30 13:45:10 corrino NetworkManager[740]:   error disconnecting 
> VPN: Could not process the request because no VPN connection was active.
> 
> Looks like there is supposed to be a nm-openvpn user?
> 
> Manually adding a nm-openvpn user instead brought on a complaint about a 
> missing nm-openvpn group.
> 
>   aug 30 13:56:43 corrino NetworkManager[740]:   VPN connection 
> 'halleck' failed to connect interactively: 'Group 'nm-openvpn' not found, 
> check NM_OPENVPN_GROUP.'
> 
> Manually adding a nm-openvpn user and putting it in a nm-openvpn group did do 
> the trick.
> 
>   # adduser --group --system nm-openvpn
> 
> 
> See also the following bug/solution from Arch Linux
> 
>   https://bugs.archlinux.org/task/46124
>   
> https://projects.archlinux.org/svntogit/packages.git/commit/trunk?h=packages/networkmanager-openvpn&id=9aa4b8be2ea71103197f1bee4e37374b8a0c60cc

Thanks for the bug report.
Merging with the existing one.


-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Bug#797401: RM: librasterlite -- ROM; Deprecated upstream, superseded by librasterlite2

[Bas Couwenberg]

Package: ftp.debian.org
Severity: normal

Please remove the librasterlite package from the archive, it has been
deprecated upstream and is superseded by librasterlite2.

librasterlite was primarily required for spatialite-gui which now uses
librasterlite2 instead of librasterlite & libgaiagraphics.

mapnik also used librasterlite, but has removed the support in 3.0.1.
Only the old mapnik packages on hurd-i386 still depend on librasterlite.

Kind Regards,

Bas

Bug#785053: jessie-pu: package nss-pam-ldapd/0.9.4-3+deb8u1

[Arthur de Jong]

On Sat, 2015-08-29 at 15:26 +0200, Julien Cristau wrote:
> Sorry for the delay in getting back to you.
> 
> Please feel free to upload 0.9.4-3+deb8u1.

Thanks. In the meantime, two more bugs arose in nss-pam-ldapd that I
would like to fix in jessie.

The first (#794686) is an RC bug with a one-line fix. The problem was
that the exit code of the init script was wrong in some cases.

I would also like to get #794068 fixed. This fixes password policy
expiration. Instead of forcing the user to change their password, a
warning message should be presented to the user instead. I have just
uploaded the fix to unstable.

Attached is a debdiff with the changes.

Thanks,

-- 
-- arthur - adej...@debian.org - http://people.debian.org/~adejong --
diff -Nru nss-pam-ldapd-0.9.4/debian/changelog nss-pam-ldapd-0.9.4/debian/changelog
--- nss-pam-ldapd-0.9.4/debian/changelog	2014-09-28 15:08:58.0 +0200
+++ nss-pam-ldapd-0.9.4/debian/changelog	2015-08-30 13:58:54.0 +0200
@@ -1,3 +1,14 @@
+nss-pam-ldapd (0.9.4-3+deb8u1) stable; urgency=low
+
+  * fix-issues-withdaemonising.patch, avoid-signal-race.patch: patches to
+fix issues with daemonising nslcd and avoid a race condition in signal
+handling during start-up (closes: #759544)
+  * ensure proper return code of init script (closes: #794686)
+  * fix-ppolicy-expiration-warnings.patch: fix password policy expiration
+warnings (closes: #794068)
+
+ -- Arthur de Jong   Sun, 30 Aug 2015 13:00:00 +0200
+
 nss-pam-ldapd (0.9.4-3) unstable; urgency=low
 
   * use-ip-range-for-tests.patch: use a different IP range for running the
diff -Nru nss-pam-ldapd-0.9.4/debian/nslcd.init nss-pam-ldapd-0.9.4/debian/nslcd.init
--- nss-pam-ldapd-0.9.4/debian/nslcd.init	2014-06-08 00:33:57.0 +0200
+++ nss-pam-ldapd-0.9.4/debian/nslcd.init	2015-08-30 13:53:17.0 +0200
@@ -174,5 +174,3 @@
   exit 1
   ;;
 esac
-
-exit 0
diff -Nru nss-pam-ldapd-0.9.4/debian/patches/avoid-signal-race.patch nss-pam-ldapd-0.9.4/debian/patches/avoid-signal-race.patch
--- nss-pam-ldapd-0.9.4/debian/patches/avoid-signal-race.patch	1970-01-01 01:00:00.0 +0100
+++ nss-pam-ldapd-0.9.4/debian/patches/avoid-signal-race.patch	2015-08-30 11:19:41.0 +0200
@@ -0,0 +1,71 @@
+From: Arthur de Jong 
+Subject: Avoid signal race condition on start-up
+
+This only restores the signal mask after signal handlers are in place
+and the daemon has completely daemonised to avoid a race condition in
+the start-up phase of nslcd where a signal could be sent to nslcd
+causing it to quit or fail to write information to the parent process.
+
+This also block signals sooner in an attempt to avoid race conditions.
+
+Origin: upstream, http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=1d3b19b1ecd3b10f36e8925e8a752a28e3e74b56
+Origin: upstream, http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=530cc24c83dd5d2d347acb40d64c3ae06a43a293
+Bug-Debian: http://bugs.debian.org/759544
+
+--- a/nslcd/nslcd.c
 b/nslcd/nslcd.c
+@@ -648,6 +648,17 @@ int main(int argc, char *argv[])
+ #ifdef HAVE_PTHREAD_TIMEDJOIN_NP
+   struct timespec ts;
+ #endif /* HAVE_PTHREAD_TIMEDJOIN_NP */
++  /* block all these signals so our worker threads won't handle them */
++  sigemptyset(&signalmask);
++  sigaddset(&signalmask, SIGHUP);
++  sigaddset(&signalmask, SIGINT);
++  sigaddset(&signalmask, SIGQUIT);
++  sigaddset(&signalmask, SIGABRT);
++  sigaddset(&signalmask, SIGPIPE);
++  sigaddset(&signalmask, SIGTERM);
++  sigaddset(&signalmask, SIGUSR1);
++  sigaddset(&signalmask, SIGUSR2);
++  pthread_sigmask(SIG_BLOCK, &signalmask, &oldmask);
+   /* close all file descriptors (except stdin/out/err) */
+   daemonize_closefds();
+   /* parse the command line */
+@@ -785,17 +796,6 @@ int main(int argc, char *argv[])
+ }
+ log_log(LOG_DEBUG, "setuid(%d) done", (int)nslcd_cfg->uid);
+   }
+-  /* block all these signals so our worker threads won't handle them */
+-  sigemptyset(&signalmask);
+-  sigaddset(&signalmask, SIGHUP);
+-  sigaddset(&signalmask, SIGINT);
+-  sigaddset(&signalmask, SIGQUIT);
+-  sigaddset(&signalmask, SIGABRT);
+-  sigaddset(&signalmask, SIGPIPE);
+-  sigaddset(&signalmask, SIGTERM);
+-  sigaddset(&signalmask, SIGUSR1);
+-  sigaddset(&signalmask, SIGUSR2);
+-  pthread_sigmask(SIG_BLOCK, &signalmask, &oldmask);
+   /* start worker threads */
+   log_log(LOG_INFO, "accepting connections");
+   nslcd_threads = (pthread_t *)malloc(nslcd_cfg->threads * sizeof(pthread_t));
+@@ -815,8 +815,7 @@ int main(int argc, char *argv[])
+   exit(EXIT_FAILURE);
+ }
+   }
+-  pthread_sigmask(SIG_SETMASK, &oldmask, NULL);
+-  /* install signalhandlers for some signals */
++  /* install signal handlers for some signals */
+   install_sighandler(SIGHUP, sig_handler);
+   install_sighandler(SIGINT, sig_handler);
+   install_sighandler(SIGQUIT, sig_handler);
+@@ -827,6 +826,8 @@ int main(int argc, char *argv[])
+   install_sighandler(SIGUSR2, SIG_IGN);
+   /* signal the starting process to exit because we can

Bug#791230: GCC5 transition and jessie-backports

[Daniel Pocock]

I started looking at updating the packages postbooks, openrpt and csvimp
to the latest upstream versions.  My intention, as with previous
updates, is to put the latest upstream releases into unstable, wait for
them to propagate to testing and then upload them to backports.

As part of the GCC5 update[1], one of the binary packages built from
openrpt has been renamed from libopenrpt1 to libopenrpt1v5 - see bug
#791230[2] - and that is the version that will be in testing.

If I understand the rules for backports correctly, backports is supposed
to contain the same thing that is in testing.

Given that unstable and testing will use GCC5 and jessie-backports
should be using the GCC 4.9 from jessie, what is supposed to happen?
Will GCC5 be available to compile for backports and should such packages
declare a dependency on the newer libstdc++?  Or is it permitted to make
uploads to jessie-backports without the "v5" suffix, so the package name
in backports won't be the same as the package name in testing?  Or
something else?


1. https://wiki.debian.org/GCC5

2. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=791230

Bug#796956: Auth: sddm-helper exited with 2

[lumat]

# service sddm status
● sddm.service - Simple Desktop Display Manager
   Loaded: loaded (/lib/systemd/system/sddm.service; enabled; vendor preset: 
enabled)
   Active: active (running) since Sun 2015-08-30 14:00:46 CEST; 13s ago
 Docs: man:sddm(1)
   man:sddm.conf(5)
  Process: 8966 ExecStartPre=/bin/sh -c [ "$(cat 
/etc/X11/default-display-manager 
2>/dev/null)" = "/usr/bin/sddm" ] (code=exited, status=0/SUCCESS)
 Main PID: 8970 (sddm)
   CGroup: /system.slice/sddm.service
   ├─8970 /usr/bin/sddm
   └─8974 /usr/bin/X :1 -auth /var/run/sddm/:1 -nolisten tcp 
-background none -
noreset vt7

Aug 30 14:00:47 wilma sddm[8970]: Socket server starting...
Aug 30 14:00:47 wilma sddm[8970]: Socket server started.
Aug 30 14:00:47 wilma sddm[8970]: Greeter starting...
Aug 30 14:00:47 wilma sddm-helper[8986]: [PAM] Starting...
Aug 30 14:00:47 wilma sddm-helper[8986]: [PAM] Authenticating...
Aug 30 14:00:47 wilma sddm-helper[8986]: [PAM] returning.
Aug 30 14:00:47 wilma sddm-helper[8986]: pam_unix(sddm-greeter:session): 
session 
opened for user sddm by (uid=0)
Aug 30 14:00:47 wilma sddm[8970]: Greeter session started successfully
Aug 30 14:00:47 wilma sddm[8970]: Auth: sddm-helper exited with 2
Aug 30 14:00:47 wilma sddm[8970]: Greeter stopped.

I think this may partly be connected:
https://github.com/sddm/sddm/issues/371[1] 

After I manually created
drwxr-xr-x  6 sddm   sddm   4096 Aug 30 14:06 sddm

sddm starts.

Btw. /var/log/sddm.log is created but doesn't seem to receive any output ...

Thank you for your work!


[1] https://github.com/sddm/sddm/issues/371

Bug#797402: RM: idjc -- RoQA; orphaned, low popcon

[Iain R. Learmonth]

Package: ftp.debian.org
Severity: normal

Hi,

idjc has low popcon and currently has no maintainer. I am looking to
request removal of python-irc which is a dependency of idjc shortly.
There are also a number of bugs, including a mayhem bug, which likely
would require an active maintainer to fix.

Thanks,
Iain.

Bug#797326: systemd: immediately unmounts manually mounted filesystem (listed in fstab with noauto)

[intrigeri]

Control: tag -1 + moreinfo

Hi,

Michael Biebl wrote (30 Aug 2015 11:46:04 GMT) :
> I see that you have a boot.automount unit. I wonder where this unit is
> coming from.

I could find no boot.automount file anywhere.
As expected, I have /run/systemd/generator/boot.mount.

> I vaguely remember there was some auto-unmount feature for
> the efi boot partition. Not sure if that is kicking in here.

My /boot is on a MBR partition.

My internal hard drive is GPT-partitioned, and has an ESP, which is
not use by this Debian system and is not referrenced in fstab. My root
filesystem is on top of LVM+LUKS on this GPT-partitioned disk, so
systemd might be thinking I'm on a EFI system (which is correct,
except I'm not using EFI for booting).

In systemd-gpt-auto-generator(8) I read:

Mount and automount units for the EFI System Partition (ESP),
mounting it to /boot are generated on EFI systems, where the boot
loader communicates the used ESP to the operating system.
Since this generator creates an automount unit, the mount will
only be activated on-demand, when accessed. On systems where /boot
is an explicitly configured mount (for example, listed in
fstab(5)) or where the /boot mount point is non-empty, no mount
units are generated.

If the code works as advertised, this should not be a problem, and
indeed `rgrep -i -E 'gpt|automount' /run/systemd/generator*` is empty.

Note that I'm using dracut, and I see:
/usr/lib/dracut/modules.d/98dracut-systemd/dracut-shutdown.service:After=local-fs.target
 boot.mount boot.automount

I guess that next step would be that I try reproducing this problem
with initramfs-tools => tagging moreinfo, so it's clear that the ball
is now in my court. Thanks for your assistance!

Cheers,
-- 
intrigeri

Bug#730084: [Python-modules-team] Potential removal - python-irc

[Iain R. Learmonth]

Hi Sandro,

On Sun, Aug 30, 2015 at 12:40:53PM +0100, Sandro Tosi wrote:
> which seem both are packaging http://python-irclib.sourceforge.net/
> (which actually is https://bitbucket.org/jaraco/irc/), dont ask why
> there are 2 different packages for the same lib (and irclib has files
> in a irc/ directory so it's also violating the python policy).

python-irclib seems to have been trying to migrate for 783 days.

> both are outdated, so which one are you planning to remove? I'd rather
> not lose all IRC libraries at once

I think at this point I would be planning to remove both.

Thanks,
Iain.

-- 
e: i...@fsfe.orgw: iain.learmonth.me
x: i...@jabber.fsfe.org t: EPVPN 2105
c: 2M0STB  g: IO87we
p: 1F72 607C 5FF2 CCD5 3F01 600D 56FF 9EA4 E984 6C49


pgpTMVfFsdGW7.pgp
Description: PGP signature