Bug#854106: speech-dispatcher: must now default to espeak-ng

[Samuel Thibault]

Package: speech-dispatcher
Version: 0.8.6-2
Severity: serious
Justification: Makes system unaccessible after installation
Tags: patch

Hello,

Now that speech-dispatcher only pulls the espeak-ng module by default,
the default synthesis must also be switched to espeak-ng, otherwise it
would remain silent, and make the installed system completely
unaccessible.  The attached patch fixes this.

Samuel

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), 
(500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages speech-dispatcher depends on:
ii  adduser  3.115
ii  libc62.24-9
ii  libdotconf0  1.3-0.2
ii  libglib2.0-0 2.50.2-2
ii  libltdl7 2.4.6-2
ii  libsndfile1  1.0.27-1
ii  libspeechd2  0.8.6-2
ii  lsb-base 9.20161125
ii  speech-dispatcher-audio-plugins  0.8.6-2

Versions of packages speech-dispatcher recommends:
pn  pulseaudio   
ii  speech-dispatcher-espeak-ng  0.8.6-2

Versions of packages speech-dispatcher suggests:
ii  libttspico-utils1.0+git20130326-5
pn  speech-dispatcher-cicero
pn  speech-dispatcher-doc-cs
pn  speech-dispatcher-espeak
pn  speech-dispatcher-festival  
pn  speech-dispatcher-flite 

-- Configuration Files:
/etc/default/speech-dispatcher changed [not included]
/etc/speech-dispatcher/speechd.conf changed [not included]

-- no debconf information

-- 
Samuel
 M.  MIMRAM  Samuel Antonin
 en voila un qui etait predestiné
 -+- #ens-mim - Quelles gueules qu'ils ont les ptits nouveaux ? -+-
commit 1e500060fbe1e08fa840bae81637884abefa4bbd
Author: Luke Yelavich 
Date:   Tue Jan 24 06:19:42 2017 +1100

Set the default output module to espeak-ng

diff --git a/debian/patches/change-default-module.patch 
b/debian/patches/change-default-module.patch
new file mode 100644
index 000..2f4efc4
--- /dev/null
+++ b/debian/patches/change-default-module.patch
@@ -0,0 +1,13 @@
+Index: speech-dispatcher/config/speechd.conf
+===
+--- speech-dispatcher.orig/config/speechd.conf
 speech-dispatcher/config/speechd.conf
+@@ -240,7 +240,7 @@ DefaultVolume 100
+ # The DefaultModule selects which output module is the default.  You
+ # must use one of the names of the modules loaded with AddModule.
+ 
+-DefaultModule espeak
++DefaultModule espeak-ng
+ 
+ # The LanguageDefaultModule selects which output modules are prefered
+ # for specified languages.
diff --git a/debian/patches/series b/debian/patches/series
index cac9c02..acbf68d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 pulse-default-latency.patch
 doc-figures
+change-default-module.patch

Bug#850802: Add s= as a command-line alias for url=https://

[Philip Hands]

Josh Triplett  writes:

> On Sat, Feb 04, 2017 at 02:46:46AM +0100, Cyril Brulebois wrote:
>> Hi,
>> 
>> Josh Triplett  (2017-01-10):
>> > Package: preseed
>> > Severity: wishlist
>> > Tags: patch
>> > 
>> > The attached patch adds s= as a command-line alias for url=https://
>> > 
>> > url=example.org will assume "http://example.org;, but specifying an 
>> > https:// URL
>> > requires typing out url=https://example.org .  Add an alias s= , mapping
>> > to the template preseed/https_url, which assumes https:// instead; this
>> > shortens the kernel command-line parameter to s=example.org .
>> 
>> Just as a comment while going through my debian-boot/ folder: This seems
>> too short/not descriptive enough to me.
>
> Do you mean the name "s"?  "short" was the primary intent here, since
> this serves as an alias; making it longer would defeat the purpose.  I
> intended 's' to stand for "secure" (and "seed").
>
> Do you have an alternate suggestion that you consider more evocative of
> its purpose, without defeating that purpose?

It strikes me as wrong to be introducing a new alias for this purpose.

The problem you want fixed is that the magic expansion is defaulting to
a protocol of http rather than https, so it seems to me that we need a
way of making it use https instead, rather than setting up a parallel
url thing that only deals with https.

I think that we should make sure that we can at some point change the
default protocol to be https, and still have a sensible result.

The two approaches that occur to me is to have some sort of flags
variable (debian-installer/flags) with an alias of flags, flg, or just f
if you're desperate to be brief.  Then a flag of 's' could make d-i
prefer secure options where available.  That way you'd just specify:

  f=s url=example.org

Alternatively, we could allow the protocol to be specified, but leave
the magic expansion in place if the : is not followed by a /, so that in
that case you'd specify:

  url=https:example.org

(I've not yet convinced myself that there are no problems with that idea
though)

That way we can decide to switch to defaulting to https for some future
release, and then tell people to either do f=i (for insecure), or
url=http:... to keep the old behaviour.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Bug#852979: [pkg-gnupg-maint] Bug#852979: gnupg: incorrect note in the man page

[Daniel Kahn Gillmor]

Control: tags 852979 + patch upstream pending

Hi Ulyanich Michael--

On Sat 2017-01-28 12:02:58 -0500, Ulyanich Michael wrote:
> from "man gpg":
> ***
>Commands not specific to the function
>
>--version
>   Print the program version and licensing information.  Note  that
>   you cannot abbreviate this command.
>
>--help
>-h Print  a  usage message summarizing the most useful command-line
>   options.  Note that you cannot abbreviate this command.
>
> ***
> But as i understand, -h is an abbrebiation of the command "--help". Thus, it
> shouldn't be the sentence "Note that you cannot abbreviate this command."

i can see why that sounds a bit confusing, but -h is a "short" command,
and --help is a "long" command.  gpg offers abbreviations of most long
commands, so that (for example) you can use "--bat" as a long-option
abbreviation for the "--batch".

So this is the manual telling you that gpg won't accept "--hel" instead
of "--help".

Confusing, though!

I'm attaching a patch which i've also pushed upstream.

   --dkg

>From 9f0a6a5d0f9e79a1f6d9d500c378ede73663f41b Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor 
Date: Sat, 4 Feb 2017 01:28:08 -0500
Subject: [PATCH 2/2] doc: Clarify abbreviation of --help.

* doc/gpg.texi: clarify abbreviation of --help.

Debian-bug-id: 852979
Signed-off-by: Daniel Kahn Gillmor 
---
 doc/gpg.texi | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/gpg.texi b/doc/gpg.texi
index 8e1a5e6fc..b79b78334 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -141,7 +141,8 @@ cannot abbreviate this command.
 @itemx -h
 @opindex help
 Print a usage message summarizing the most useful command-line options.
-Note that you cannot abbreviate this command.
+Note that you cannot arbitrarily abbreviate this command
+(though you can use its short form @option{-h}).
 
 @item --warranty
 @opindex warranty
-- 
2.11.0

Bug#853902: icinga-web: Can't locate CGI/Util.pm in @INC during installation

[Chris Lamb]

Hi,

> icinga-web: Can't locate CGI/Util.pm in @INC during installation

Can't seem to reproduce this with a:

  $ sudo env DEBIAN_FRONTEND=noninteractive apt-get install icinga-web

Any ideas? :)


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-

Bug#849987: [Pkg-fonts-devel] Bug#849987: fonts-font-awesome: Symlink in /usr/share/javascript for javascript-common

[Vasudev Kamath]

Hi Michael,

Sorry for delayed response.

Michael Fladischer  writes:

> Package: fonts-font-awesome
> Version: 4.7.0~dfsg-1
> Severity: wishlist
>
> Dear Maintainer,
>
> would it be possible to add a symlink at /usr/share/javascript/font-awesome 
> that
> points to ../fonts-font-awesome?

Doable yes!.

>
> This would provide an easy way to use this package with javascript-common and
> its apache2 integration. The FontAwesome CSS and its assets would then be
> available at URL /javascript/font-awesome/css/font-awesome.css from the
> installed apache2 instance.

Thanks for the report I will upload a updated version to experimental. 

Bug#854102: systemd-logind fails to update session's Display property after `startx` from VT

[Daniel Kahn Gillmor]

Package: systemd
Version: 232-14
Severity: normal

i start my login on this system on a text-mode console (a "VT") and
then do "exec startx" to transition to a graphical X11 session.

>From within this graphical session, if i query logind about the
Display for the login session, it is the empty string, instead of what
it should be (":0").

logind knows that i'm on "/dev/tty1", according to its TTY property,
which is correct, but it should know the Display as well, since startx
just reuses the same VT for the graphical console.

here's me debugging it:

dkg@test:~$ SESSION_OBJ_PATH=$(busctl call org.freedesktop.login1 
/org/freedesktop/login1 org.freedesktop.login1.Manager GetSessionByPID u $$ | 
awk '-F"' '/o/{ print $2 }')
dkg@test:~$ busctl get-property  org.freedesktop.login1 "$SESSION_OBJ_PATH" 
org.freedesktop.login1.Session Display
s ""
$ busctl get-property  org.freedesktop.login1 "$SESSION_OBJ_PATH" 
org.freedesktop.login1.Session TTY
s "/dev/tty1"
dkg@test:~$ 

logind should be aware when startx triggers the change and update its
conception of the use of the tty accordingly, though i'm not sure how
that would be done.

I'm looking into this because it would be nice to have anything that's
associated with the user session be able to know what the Display is
for that particular session (i care about this for gpg-agent and
pinentry, as discussed on #debian-systemd, but i'm sure there are
other use cases as well).

Thanks for maintaining systemd in debian!

 --dkg

-- Package-specific info:

-- System Information:
Debian Release: 9.0
  APT prefers testing-debug
  APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser 3.115
ii  libacl1 2.2.52-3
ii  libapparmor12.11.0-2
ii  libaudit1   1:2.6.7-1
ii  libblkid1   2.29.1-1
ii  libc6   2.24-9
ii  libcap2 1:2.25-1
ii  libcryptsetup4  2:1.7.3-3
ii  libgcrypt20 1.7.5-3
ii  libgpg-error0   1.26-2
ii  libidn111.33-1
ii  libip4tc0   1.6.0+snapshot20161117-5
ii  libkmod223-2
ii  liblz4-10.0~r131-2
ii  liblzma55.2.2-1.2
ii  libmount1   2.29.1-1
ii  libpam0g1.1.8-3.5
ii  libseccomp2 2.3.1-2.1
ii  libselinux1 2.6-3
ii  libsystemd0 232-14
ii  mount   2.29.1-1
ii  util-linux  2.29.1-1

Versions of packages systemd recommends:
ii  dbus1.10.14-1
ii  libpam-systemd  232-14

Versions of packages systemd suggests:
ii  policykit-10.105-17
ii  systemd-container  232-14
pn  systemd-ui 

Versions of packages systemd is related to:
ii  dracut   044+189-2
pn  initramfs-tools  
ii  udev 232-14

-- no debconf information

Bug#854103: grub-pc: Wrong detection of the initramfs file of Arch Linux

[Khurram Mahmood]

Package: grub-pc
Version: 2.02~beta2-22+deb8u1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?

running update-grub I get in /boot/grub/grub.cfg:
[code] initrd /boot/intel-ucode.img[/code]

The rest output seems fine.

The result is the unbootable system. Then I have to manually correct this.
The interesting thing is that I have another arch installation, which is
detected okay.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- Package-specific info:

*** BEGIN /proc/mounts
/dev/sda5 / ext4 rw,relatime,errors=remount-ro,commit=600,data=ordered 0 0
/dev/sda4 /media/hdd/sda4 ext4 rw,relatime,commit=600,data=ordered 0 0
/dev/sda2 /media/hdd/sda2 ext4 rw,relatime,commit=600,data=ordered 0 0
/dev/sda3 /media/hdd/sda3 ext4 rw,relatime,commit=600,data=ordered 0 0
/dev/sda6 /media/hdd/sda6 ext4 rw,relatime,commit=600,data=ordered 0 0
*** END /proc/mounts

*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
  set have_grubenv=true
  load_env
fi
if [ "${next_entry}" ] ; then
   set default="${next_entry}"
   set next_entry=
   save_env next_entry
   set boot_once=true
else
   set default="4"
fi

if [ x"${feature_menuentry_id}" = xy ]; then
  menuentry_id_option="--id"
else
  menuentry_id_option=""
fi

export menuentry_id_option

if [ "${prev_saved_entry}" ]; then
  set saved_entry="${prev_saved_entry}"
  save_env saved_entry
  set prev_saved_entry=
  save_env prev_saved_entry
  set boot_once=true
fi

function savedefault {
  if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
  fi
}
function load_video {
  if [ x$feature_all_video_module = xy ]; then
insmod all_video
  else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
  fi
}

if [ x$feature_default_font_path = xy ] ; then
   font=unicode
else
insmod part_gpt
insmod ext2
set root='hd0,gpt5'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt5 
--hint-efi=hd0,gpt5 --hint-baremetal=ahci0,gpt5  
b635f48f-40fe-4a54-8fac-f5953137b67e
else
  search --no-floppy --fs-uuid --set=root b635f48f-40fe-4a54-8fac-f5953137b67e
fi
font="/usr/share/grub/unicode.pf2"
fi

if loadfont $font ; then
  set gfxmode=auto
  load_video
  insmod gfxterm
  set locale_dir=$prefix/locale
  set lang=en_US
  insmod gettext
fi
terminal_output gfxterm
if [ "${recordfail}" = 1 ] ; then
  set timeout=-1
else
  if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=3
  # Fallback normal timeout code in case the timeout_style feature is
  # unavailable.
  else
set timeout=3
  fi
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
insmod part_gpt
insmod ext2
set root='hd0,gpt5'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt5 
--hint-efi=hd0,gpt5 --hint-baremetal=ahci0,gpt5  
b635f48f-40fe-4a54-8fac-f5953137b67e
else
  search --no-floppy --fs-uuid --set=root b635f48f-40fe-4a54-8fac-f5953137b67e
fi
insmod png
if background_image /usr/share/images/desktop-base/lines-grub.png; then
  set color_normal=white/black
  set color_highlight=black/white
else
  set menu_color_normal=cyan/blue
  set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu 
--class os $menuentry_id_option 
'gnulinux-simple-b635f48f-40fe-4a54-8fac-f5953137b67e' {
load_video
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
set root='hd0,gpt5'
if [ x$feature_platform_search_hint = xy ]; then
  search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt5 
--hint-efi=hd0,gpt5 --hint-baremetal=ahci0,gpt5  
b635f48f-40fe-4a54-8fac-f5953137b67e
else
  search --no-floppy --fs-uuid --set=root 
b635f48f-40fe-4a54-8fac-f5953137b67e
fi
echo'Loading Linux 3.16.0-4-amd64 ...'
linux   /boot/vmlinuz-3.16.0-4-amd64 
root=UUID=b635f48f-40fe-4a54-8fac-f5953137b67e ro  quiet
echo'Loading initial ramdisk ...'
initrd  /boot/initrd.img-3.16.0-4-amd64
}
submenu 'Advanced options for Debian GNU/Linux' 

Bug#854019: Fw: Patch for lunar.c while lunar.clock == 23

[Xie Xun]

 On Saturday, February 4, 2017 1:42 AM, usv  
wrote:
 

 Hi,  Xie Xun
-cut-here-
--- lunar/lunar.orig    2001-10-29 13:55:39.0 +0800
+++ lunar/lunar.c    2017-02-04 00:58:07.487220461 +0800
@@ -271,12 +271,18 @@
    int adj;
    Date *d;
 
-    /* A solar day begins at 12 a.m. */
-    adj = (lunar.hour == 23)? -1 : 0;
    offset = Lunar2Day();
-    solar.weekday = (offset+ adj + SolarFirstDate.weekday) % 7;
-    Day2Solar(offset + adj, );
+    solar.weekday = (offset + SolarFirstDate.weekday) % 7;
+    Day2Solar(offset, );
    solar.hour = lunar.hour;
+
+    /* A lunar day begins at 11 p.m. so this time is next lunar day */
+    if (lunar.hour == 23)
+      {
+        Day2Lunar(offset + 1, );
+        offset = Lunar2Day();
+      }
+
    CalGZ(offset, , , );
 
    jieAlert = JieDate(, );
---end-patch-
Thanks
lunar user


   

Bug#854101: lrzip: Fails to extract its own output when used as a pipe

[Ben Longbons]

Package: lrzip
Version: 0.631-1
Severity: normal

Dear Maintainer,

Sometimes, lrzip can't decode its own output. Oddly, this *only* happens
when the compressor stage is run as a pipe.

I've minimized this testcase from a larger one, in which I used the
entire script I was using to test various compressors as the input.

$ printf 'zp c1 output.1.zpaq input\nzp c2 output.2.zpaq input\nzp c3 
output.3.zpaq input\n' | lrzip | lrunzip | cat
Decompressing...
Compression Ratio: 0.023. Average Compression Speed:  0.000MB/s.
Total time: 00:00:00.06
Failed to decompress buffer - lzmaerr=1
Failed to decompress buffer - lzmaerr=1
Failed to decompress in ucompthread
Fatal error - exiting


Comparing the hexdumps, there are 2 bytes different:

--- bad.lrz.xxd 2017-02-03 21:07:23.196603674 -0800
+++ good.lrz.xxd2017-02-03 21:07:04.824412741 -0800
@@ -1,7 +1,7 @@
 : 4c52 5a49 0006 4e00      LRZI..N.
-0010:   0001  0101 0003  0803  
+0010: 5d00  0101  0101 0003  0803  ]...
 0020:  1603 0a0a  4e00  002a 56c5  N*V.
 0030: 1506 294e  3d1c 0005 3021 cb5e 79bf  ..)N..=...0!.^y.
 0040: 767e cdc4 655e b22c e460 60c9 4d1b c8e2  v~..e^.,.``.M...
 0050: 94e1 5b53 1432 49fd b1b9 e303 7700 180f  ..[S.2I.w...
 0060: 4f46 63ef ea1e 5323 cba3 b743 1d60   OFc...S#...C.`

Thanks,
-Ben


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unreleased'), (500, 'unstable'), 
(1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, x32, arm64

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages lrzip depends on:
ii  bash4.4-4
ii  libbz2-1.0  1.0.6-8.1
ii  libc6   2.24-9
ii  libgcc1 1:7-20161201-1
ii  liblzo2-2   2.08-1.2
ii  libstdc++6  7-20161201-1
ii  zlib1g  1:1.2.8.dfsg-5

lrzip recommends no packages.

lrzip suggests no packages.

-- no debconf information

Bug#718548: bcache in D-I

[Cyril Brulebois]

Hi debian-kernel,

Samuel Thibault  (2015-01-20):
> Andreas Kloeckner, le Wed 07 Jan 2015 11:44:14 -0600, a écrit :
> > Samuel Thibault  writes:
> > > Andreas Kloeckner, le Wed 07 Jan 2015 09:59:58 -0600, a écrit :
> > >> It's true that bcache is in the full kernel image package, but bcache.ko
> > >> is *not* available in D-I (without extracting the kernel package,
> > >> manually finding the .ko, insmod, ...). I would like to suggest that at
> > >> least bcache.ko be included in the installer image, so that this
> > >> annoying charade can be avoided.
> > >
> > > Will it be useful at all since bcache-tools is not available?
> > 
> > Yes, since all you need to get a preexisting bcache volume up and
> > running is:
> > 
> > modprobe bcache
> > echo /dev/sdb > /sys/fs/bcache/register
> > echo /dev/sdc > /sys/fs/bcache/register
> 
> Ok, it looks nice enough indeed.
> 
> The module is not so small (354K here), so I guess this should be
> shipped in a separate udeb to avoid filling initrds.  This udeb would
> then be available among others in the expert-mode d-i component list.
> Perhaps it could be auto-loaded at partman stage, but at least making it
> available would be way more convenient than fetching it by hand.
> 
> Ben, Bastian, do you think it could be added for Jessie?

It would probably make sense to turn this into a wishlist bug report
against src:linux so that we get an extra udeb to be used in expert mode
indeed. I'm not sure anyone is going to do more integration work on the
d-i side, so we could probably just reassign this bug report to
src:linux?


KiBi.


signature.asc
Description: Digital signature

Bug#853102: [pkg-gnupg-maint] Bug#853102: libgpgme11: downgrade gnupg2 (gnupg) dependency to Recommends:

[Daniel Kahn Gillmor]

Hi Ivan--

On Sun 2017-01-29 13:57:19 -0500, Ivan Shmakov wrote:
>   [Apologies for not actually checking if the problem described is
>   relevant to Debian testing.]

i'm not sure which exact problem is the one you think is most important,
but if this is it:

>   Long story short, I’ve recently tried to install Mutt on a
>   “headless,” tty-over-SSH-only server.  To my surprise, APT found
>   that it depends on libgtk2.0-0!  Thankfully, no, Mutt wasn’t
>   upgraded to provide a GUI; the problem was in the
>   ‘pinentry-gtk2’ package – which is required by gnupg-agent,
>   which is in turn required by gnupg2, and thus libgpgme11.
>   (JFTR, I’m aware of pinentry-curses.)

then you'll be glad to know that the depenencies in debian testing are
such that pinentry-curses is the only thing that would be installed
automatically on a headless server.  I think that's a reasonable
tradeoff.

Note that even on jessie, if you do:

apt install pinentry-curses
apt install mutt

then you dont' get the heavyweight libgtk dependency chain.

>   To make things weirder, Mutt doesn’t even /use/ GPGME in its
>   default settings (whether upstream or Debian; see below); but of
>   course being built with such support, the binary (or, rather,
>   ld.so) requires the library to run.

i believe (and hope!) that newer versions of mutt will use gpgme by
default.

>   And indeed, providing an otherwise empty, “fake” gnupg2 package
>   [1] made it possible to install and use Mutt with no obvious ill
>   effects (using [2] as the test file.)  For instance:

this seems like a lot of work, compared to just manually installing
pinentry-curses before installing mutt, no?

>   From the above, I conclude that ‘gnupg2’ is not strictly
>   necessary to run Mutt (and presumably other packages built with
>   GPGME support), and thus per [3] (quoted below) should be
>   requested with Recommends: rather than Depends:.

you're doing pretty heavy surgery on these tools in order to reach a
"graceful" failure state.  If you're ok doing that surgery, then i'm ok
with you getting to deal with the aftereffects ;)

As a maintainer, though, i'd really rather have the defaults Just Work.
I agree with you that the default dependency chain in Jessie is too
heavy (see https://bugs.debian.org/764292), but it's rather complicated
to switch that around in jessie today.  It will be better in stretch. :)

>   This issue is perhaps less relevant to Debian testing, as there
>   GnuPG 2 finally replaced GnuPG 1.  Still, it’s possible to rely
>   on the ‘gpgv’ package for OpenPGP signature validation (just as
>   ‘apt’ does), and avoid the use of the full-weight ‘gnupg’
>   package.

I don't think that's technically correct, for either mutt or for
libgpgme.  gpgv is a specially-targeted tool, which expects a
well-curated keyring and does not do any certificate validation or
management.  If there's a way that people are trying to use gpgv with
mutt, i'd like to hear about it though!

I'm going ahead and closing this bug because i think the underlying
request has already been addressed quite some time ago in testing (see
#764292, as mentioned above), but feel free to keep chatting here or on
pkg-gnupg-ma...@lists.alioth.debian.org if you want to follow up.

Thanks for the report,

--dkg


signature.asc
Description: PGP signature

Bug#826511: Aarch64 QEMU Bug

[Cyril Brulebois]

Control: tag -1 moreinfo

Hi Mike,

We're still waiting for your input, see Karsten's reply, quoted in full
below:

Karsten Merker  (2016-07-07):
> On Sun, Jun 05, 2016 at 04:22:57PM -0400, Mike wrote:
> 
> > Package: debian-installer
> > Version: 20160516+b1
> > 
> > Installing Debian using QEMU aarch64 (and looks like arm as well) requires
> > extra steps due to lack of initrd and kernel support for virtio devices. 
> > While
> > there is a workaround documented below, this seems like something that 
> > should
> > be added to the distro build to incorporate support directly.
> > 
> > https://gmplib.org/~tege/qemu.html
> > 
> > See block 14.
> 
> I have just tried running a current arm64 debian-installer build
> in qemu as described above and the network is functional there:
> 
> ~ # ip addr
> 1: lo:  mtu 65536 qdisc noqueue qlen 1
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
>valid_lft forever preferred_lft forever
> inet6 ::1/128 scope host 
>valid_lft forever preferred_lft forever
> 2: eth0:  mtu 1500 qdisc pfifo_fast qlen
> 1000
> link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff
> inet 10.0.2.15/24 scope global eth0
>valid_lft forever preferred_lft forever
> inet6 fec0::5054:ff:fe12:3456/64 scope site dynamic 
>valid_lft 86168sec preferred_lft 14168sec
> inet6 fe80::5054:ff:fe12:3456/64 scope link 
>valid_lft forever preferred_lft forever
> 
> ~ # lsmod
> Module  Size  Used by
> virtio_blk 12059  0
> virtio_net 30113  0
> virtio_mmio 7649  0
> virtio_ring16560  3 virtio_blk,virtio_net,virtio_mmio
> virtio  7902  3 virtio_blk,virtio_net,virtio_mmio
> 
> Does the problem still occur for you with a current d-i build?
> 
> The test setup was as follows:
> 
> $ wget 
> https://d-i.debian.org/daily-images/arm64/daily/netboot/debian-installer/arm64/linux
> $ wget 
> https://d-i.debian.org/daily-images/arm64/daily/netboot/debian-installer/arm64/initrd.gz
> $ qemu-img create disk.img 10G
> $ qemu-system-aarch64 -M virt -cpu cortex-a57 -m 256 -drive 
> file=disk.img,if=none,id=blk -device virtio-blk-device,drive=blk -net 
> user,hostfwd=tcp::2014-:22 -device virtio-net-device,vlan=0 -kernel linux 
> -initrd initrd.gz -append "console=ttyAMA0 --"  -nographic
> 
> Regards,
> Karsten
> -- 
> Gem. Par. 28 Abs. 4 Bundesdatenschutzgesetz widerspreche ich der Nutzung
> sowie der Weitergabe meiner personenbezogenen Daten für Zwecke der
> Werbung sowie der Markt- oder Meinungsforschung.


KiBi.


signature.asc
Description: Digital signature

Bug#839894: [patch] fix installation to system that has many disks (>= 27) (Re: Bug#839894: installation-report: Jessie installer fails to install GRUB on a large JBOD system

[Hideki Yamane]

control: reassign -1 grub-installer
control: tags -1 +patch

Hi,

On Tue, 11 Oct 2016 12:13:33 +0200 "Jonathan Quick"  wrote:
> > Probably this part of grub-installer is the problem:
> >
> > 
> > /dev/[hsv]d[a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/nvme[0-9]*n[0-9]*|/dev/ad[0-9]*|/dev/da[0-9]*)
> >
> >
> > /dev/[hsv]d[a-z0-9] will match /dev/sda through /dev/sdz, but NOT /dev/sdak.
> >
> > If it added /dev/sd[a-z][a-z] as well, it should work for you.
> >
> > So maybe:
> > 
> > /dev/[hsv]d[a-z0-9]|/dev/sd[a-z][a-z]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/nvme[0-9]*n[0-9]*|/dev/ad[0-9]*|/dev/da[0-9]*)
> >
> > Not sure if other places need fixing too.
> 
> Having edited grub-installer in-place during the install process, I can
> confirm that the above change is sufficient to fix the problem and the
> installation then completes normally.

 More tiny fix is enough for this issue. I've confirmed it by 
 s%/dev/[hsv]d[a-z0-9]%/dev/[hsv]d[a-z0-9]*% - adding one "*" in
 VirtualBox (it's easy to create such environment).
--- grub-installer.orig	2017-02-03 22:51:57.598613756 +0900
+++ grub-installer	2017-02-04 00:19:37.085153540 +0900
@@ -254,7 +254,7 @@
 /dev/mapper)
 	disc_offered_devfs="$bootfs"
 	;;
-/dev/[hsv]d[a-z0-9]|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/nvme[0-9]*n[0-9]*|/dev/ad[0-9]*|/dev/da[0-9]*)
+/dev/[hsv]d[a-z0-9]*|/dev/xvd[a-z]|/dev/cciss/c[0-9]d[0-9]*|/dev/ida/c[0-9]d[0-9]*|/dev/rs/c[0-9]d[0-9]*|/dev/mmcblk[0-9]|/dev/nvme[0-9]*n[0-9]*|/dev/ad[0-9]*|/dev/da[0-9]*)
 	disc_offered_devfs="$prefix"
 	;;
 *)

Bug#820818: partman is not able to resize nvme0n1p3 in d-i

[Cyril Brulebois]

Cyril Brulebois  (2017-02-04):
> It would be helpful if you could dig up the logs to confirm you had the
> "get_real_device: strange device name $bdev" line.

This is still welcome but probably not necessary given other bits of
your bug report. I've just pushed a totally untested patch to the
pu/resize-nvme-820818 branch:
  
https://anonscm.debian.org/cgit/d-i/partman-partitioning.git/commit/?h=pu/resize-nvme-820818=348a501524e7a2cdd3e04d5ec1c9f9d2aead3743

Would you be interested in testing an image with such an update?


KiBi.


signature.asc
Description: Digital signature

Bug#850802: Add s= as a command-line alias for url=https://

[Josh Triplett]

On Sat, Feb 04, 2017 at 02:46:46AM +0100, Cyril Brulebois wrote:
> Hi,
> 
> Josh Triplett  (2017-01-10):
> > Package: preseed
> > Severity: wishlist
> > Tags: patch
> > 
> > The attached patch adds s= as a command-line alias for url=https://
> > 
> > url=example.org will assume "http://example.org;, but specifying an 
> > https:// URL
> > requires typing out url=https://example.org .  Add an alias s= , mapping
> > to the template preseed/https_url, which assumes https:// instead; this
> > shortens the kernel command-line parameter to s=example.org .
> 
> Just as a comment while going through my debian-boot/ folder: This seems
> too short/not descriptive enough to me.

Do you mean the name "s"?  "short" was the primary intent here, since
this serves as an alias; making it longer would defeat the purpose.  I
intended 's' to stand for "secure" (and "seed").

Do you have an alternate suggestion that you consider more evocative of
its purpose, without defeating that purpose?

Bug#820818: partman is not able to resize nvme0n1p3 in d-i

[Cyril Brulebois]

Hi,

Ian Jackson  (2016-04-12):
> Package: partman-partitioning
> 
> (I'm afraid I don't know the right package name nor the version
> number.  I searched with a general web search for `reporting bugs
> debian-installer' and `reporting bugs partman', and looked on
> https://wiki.debian.org/DebianInstaller, and didn't find any
> guidance.)

Looking at the results of grep in all d-i's partman-* repositories, that
seems spot on. As for the version, you'd have found it in /var/log/syslog,
saved under /var/log/installer in the installed system.

> I asked the partitioner in the Stretch Alpha 5 amd64 debian-installer
> (firmware-stretch-DI-alpha5-amd64-netinst.iso) to resize an ext4
> partition on an NVME device.
> 
> I did this from:
> 
>   You are editing partition #3 of /dev/nvme0n1.  This partition
>   is [blah blah] ext4 [blah].
> 
> It failed, saying "Because of an unknown reason it is impossible to
> resize" etc.  The log on VC4 says:
> 
>   Apr 12 18:00:03 partman: Error running 'tune2fs -l /dev/nvme0n1'
> 
> Obviously that is not the right device name.

Wild guess, this might need an update?
| get_real_device () {
| local backupdev num
| # A weird way to get the real device path. The partition numbers
| # in parted_server may be changed and the partition table is still
| # not commited to the disk.
| backupdev=/var/lib/partman/backup/${dev#/var/lib/partman/devices/}
| if [ -f $backupdev/$oldid/view ] && [ -f $backupdev/device ]; then
| num=$(sed 's/^[^0-9]*\([0-9]*\)[^0-9].*/\1/' 
$backupdev/$oldid/view)
| bdev=$(cat $backupdev/device)
| case $bdev in
| */disc)
| bdev=${bdev%/disc}/part$num
| ;;
| /dev/[hsv]d[a-z]|/dev/xvd[a-z])
| bdev=$bdev$num
| ;;
| 
/dev/cciss/c[0-9]d[0-9]|/dev/cciss/c[0-9]d[0-9][0-9]|/dev/ida/c[0-9]d[0-9]|/dev/ida/c[0-9]d[0-9][0-9]|/dev/mmcblk[0-9])
| bdev=${bdev}p$num
| ;;
| *)
| log "get_real_device: strange device name $bdev"
| return
| ;;
| esac
| if [ ! -b $bdev ]; then
| bdev=
| fi
| fi
| }

It would be helpful if you could dig up the logs to confirm you had the
"get_real_device: strange device name $bdev" line.


KiBi.


signature.asc
Description: Digital signature

Bug#852716: tor logging should default to syslog when run under systemd, not /var/log/tor/log

[Daniel Kahn Gillmor]

On Tue 2017-01-31 07:53:12 -0500, Peter Palfrader wrote:
> On Thu, 26 Jan 2017, Daniel Kahn Gillmor wrote:
>
>> I've got a very tightly-configured machine running little but the
>> kernel and systemd and tor.  It uses journald and does not use any
>> traditional syslog.
>
> I think logging to /var/log/tor/log made sense historically, when we
> launched via sysV init script yet the default tor just wrote to stdout.
>
> I'm not averse to changing the default (unconditionally) to syslog for 3.x.

do you need a patch for this?  in src/or/config.c, it looks like it's
currently logging by default to stdout still:


  /* Special case on first boot if no Log options are given. */
  if (!options->Logs && !options->RunAsDaemon && !from_setconf) {
if (quiet_level == 0)
config_line_append(>Logs, "Log", "notice stdout");
else if (quiet_level == 1)
config_line_append(>Logs, "Log", "warn stdout");
  }


so i'm a little confused about how the debian package is defaulting to
/var/log/tor/log anyway :/

 --dkg


signature.asc
Description: PGP signature

Bug#853864: sed-4.4 released (with bugfix)

[Assaf Gordon]

Hello,

sed-4.4 with the segfault bugfix has been released:
 https://lists.gnu.org/archive/html/info-gnu/2017-02/msg1.html

Available here:
 https://ftp.gnu.org/gnu/sed/sed-4.4.tar.xz


regards,
- assaf

Bug#854094: libreswan FTBFS on x32 due to missing

[Daniel Schepler]

On Fri, Feb 3, 2017 at 5:32 PM, Daniel Kahn Gillmor
 wrote:
> hm, i don't think we want it to build for amd64 if we're doing native
> builds on x32, right?
>
> In mk/userland-cflags.mk, we have:
>
> ifeq ($(origin GCCM),undefined)
> ifeq ($(ARCH),i686)
> GCCM=-m32
> endif
> ifeq ($(ARCH),x86_64)
> GCCM=-m64
> endif
> endif
> USERLAND_CFLAGS+=$(GCCM)
>
> is ARCH defined as x86_64 for x32?  If so, is there a preferred way that
> libreswan should make this distinction?  or should i just manually set

I'm not sure exactly where ARCH comes from - but one difference you
could use is that the GNU triplet for x32 is x86_64-linux-gnux32, as
opposed to x86_64-linux-gnu for amd64.

> GCCM to -m32 in debian/rules when building for x32?

The flag would be -mx32 (-m32 would try to cross-build for i386 and
run into the same issue).  Either that, or just drop the
-m64/-m32/-mx32 flag altogether for Debian builds as it's not really
necessary anyway.
-- 
Daniel Schepler

Bug#820168: debian-installer: The Grub installation step in Debian Testing Installer fails on Gigabyte MP30-AR0

[Cyril Brulebois]

Control: tag -1 - d-i

Hi Ronald,

Ronald Maas  (2016-04-05):
> The Grub installation step in Debian Installer failed on TianoCore
> UEFI firmware. The /target/boot/efi directory is empty and the
> following error is displayed:
> 
> GRUB installation failed
> The 'grub-efi-arm64' package failed to install into /target/
> 
> Version-Release number of selected component (if applicable):
> 
> Debian Testing DVD ISO dated 28-03-2016
> 
> How reproducible:
> 
> Every time.
> 
> Steps to Reproduce:
> 
> 1. Download 
> http://cdimage.debian.org/cdimage/weekly-builds/arm64/iso-dvd/debian-testing-arm64-DVD-1.iso
> 2. Verify checksum
> 3. Copy to USB drive using Windows Win32DiskImager
> 4. Insert drive in X-Gene system
> 5. Boot X-Gene system
> 6. Navigate to UEFI Shell
> 7. Enter the following command to start the Fedora installer:
>FS1:\EFI\BOOT\BOOTAA64.EFI
> 8. In the Grub boot menu select the first menu option and hit enter
> 9. Proceed through the remaining steps of the setup procedure. Selecting
>default options where applicable. Note on the MP30-AR0 the network is not
>function (see bug report
>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820022. So skip this step
>to continue
> 10. After the GRUB installation step fails, continue without bootloader and 
> reboot
> 11. System fails to boot Debian Testing and starts the UEFI Shell instead
> 
> Actual results:
> 
> No GRUB bootloader is installed. After restarting the system, no 'debian' menu
> entry is visible in UEFI and the /boot/efi directory is empty
> 
> Expected results:
> 
> To be able to boot Debian Testing after selecting the 'debian' menu entry in
> UEFI. Also /boot/efi should contain EFI/debian/grubaa64.efi
> 
> Additional info:
> 
> Hardware
> Gigabyte MP30-AR0 motherboard with APM X-Gene 1 processor flashed with 
> TianoCore UEFI
> Kingston KVR16LE11S8/4HB 16 GB ECC DDR3 DRAM
> HGST Deskstar NAS 6 TB hard drive
> Logitech USB keyboard
> 
> The standard U-Boot firmware has been replaced by TianoCore UEFI using the 
> steps described in: 
> https://rwmj.wordpress.com/2016/03/08/gigabyte-mp30-ar0-flashing-uefi/

Any chance you could give Stretch RC 2 a try? Info/download at:
  https://www.debian.org/devel/debian-installer/


KiBi.


signature.asc
Description: Digital signature

Bug#854100: libdvbv5-0: fails to tune / scan

[Marcel Heinz]

Package: libdvbv5-0
Version: 1.12.2-2
Severity: important

Dear Maintainer,

After the upgrade from libdvbv5-0 1.10.1-1 to 1.12.2-2, any applications
using libdvbv5-0 fail to work with my DVB-S card.

Output with old dvb-tools / libdvbv5-0 1.10.1-1:

|$ dvbv5-scan -l UNIVERSAL /usr/share/dvb/dvb-s/Astra-19.2e
|Using LNBf UNIVERSAL
|Europe
|10800 to 11800 MHz and 11600 to 12700 MHz
|Dual LO, IF = lowband 9750 MHz, highband 10600 MHz
|ERRORcommand BANDWIDTH_HZ (5) not found during retrieve
|Cannot calc frequency shift. Either bandwidth/symbol-rate is unavailable (yet).
|Scanning frequency #1 12551500
|Lock   (0x1f) Signal= 85,55% C/N= 99,84% postBER= 0
| [scan runs normally from then on]

Output with new dvb-tools / libdvbv5-0 1.12.2-2:

|$ dvbv5-scan -l UNIVERSAL /usr/share/dvb/dvb-s/Astra-19.2e
|Using LNBf UNIVERSAL
|Europe
|10800 to 11800 MHz and 11600 to 12700 MHz
|Dual LO, IF = lowband 9750 MHz, highband 10600 MHz
|ERRORcommand BANDWIDTH_HZ (5) not found during retrieve
|Cannot calc frequency shift. Either bandwidth/symbol-rate is unavailable (yet).
|Scanning frequency #1 12551500
|ERRORFE_SET_PROPERTY: Invalid argument
|ERRORdvb_fe_set_parms failed: Invalid argument

Similarily, kaffeine fails to tune to any channel, or to do a scan.
Other applications not using libdvbv5-0 (mplayer, tvheadend) still
work fine with the card.

DVB device is:

|$ dmesg | grep DVB
| [8.641450] DVB: registering new adapter (FlexCop Digital TV device)
| [8.662380] b2c2_flexcop_pci :09:00.0: DVB: registering adapter 0 
frontend 0 (Conexant CX24123/CX24109)...
| [8.662664] b2c2-flexcop: initialization of 'Sky2PC/SkyStar 2 DVB-S rev 
2.8' at the 'PCI' bus controlled by a 'FlexCopIIb' complete

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libdvbv5-0 depends on:
ii  libc6 2.24-9
ii  libudev1  232-14

libdvbv5-0 recommends no packages.

libdvbv5-0 suggests no packages.

-- no debconf information

Bug#819692: debian-installer: DI doesn't connect to WPA2 network (netcfg: "Couldn't connect to wpasupplicant")

[Cyril Brulebois]

Hi,

jaimet  (2016-03-31):
> Package: debian-installer
> Version: firmware-8.3.0-i386-netinst.iso
> Severity: normal
> Tags: d-i
> 
> Dear Maintainer,
> 
> *** Reporter, please consider answering these questions, where appropriate ***
> 
>* What led up to the situation?
> 
> Trying to install jessie on an nx6110 (Intel PRO 2915ABG Calexico2 wireless 
> card).
> 
>* What exactly did you do (or not do) that was effective (or
>  ineffective)?
> 
> I got to the "Configure the network" screen. The "Select the wireless network"
> screen shows me all the wireless transmitters around me (approx 15), I choose
> my wireless network. At the next screen, I choose "WPA/WPA2 PSK". At the next
> screen ("WPA/WPA2 passphrase?"), I enter my WPA2 passphrase. 
> 
>* What was the outcome of this action?
> 
> The installer immediately sends me back to the "Choose your wireless network" 
> screen.
> 
>* What outcome did you expect instead?
> 
> I expected to be able to continue on with the installation
> 
> *** End of the template - remove these template lines ***

This seems rather strange, and I've never seen such a WPA2 issue; is it any
better with a newer Jessie or Stretch installer? We've had a bunch of releases
since then, see:
  https://www.debian.org/devel/debian-installer/


KiBi.


signature.asc
Description: Digital signature

Bug#806984: debian-installer: FTBFS: File not found:libtextwrap.so.1

[Cyril Brulebois]

Control: retitle -1 debian-installer: ftbfs because d-i needs network to build…

Holger Levsen  (2016-11-20):
> retitle -1 debian-installer: ftbfs because d-i needs network to build…
> thanks
> 
> On Sun, Nov 20, 2016 at 11:10:11AM +0100, Cyril Brulebois wrote:
> > This isn't a locale issue at all:
> [...]
> > FTBFS due to 4.7 vs. 4.8 kernel udebs is expected to be an issue (fixed
> > in master where the ABI bump happened; but failing to download any udebs
> > is a no-go, d-i needs to access a mirror during its build.
> 
> ah, ic, retitling the bug accordingly. Thanks.

Let's try again without forgetting the “Control:” bit.


KiBi.


signature.asc
Description: Digital signature

Bug#851632: cpio: Crashes when extracting tar file

[Ben Longbons]

Package: cpio
Version: 2.12+dfsg-2
Followup-For: Bug #851632

Dear Maintainer,

I'm just confirming that this still occurs with the version in
experimental. Also, it appears to be completely unrelated to whether
the tarball contains "." - I've tested several variations.

Also, here's a minimal reproducer that proves that cpio can't even
handle its own output:

$ touch empty-file; echo empty-file | cpio --format=tar --create | cpio 
--format=tar --list; rm empty-file
3 blocks
*** Error in `cpio': realloc(): invalid pointer: 0x557b4ec97440 ***
=== Backtrace: =
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7fc3fc793bcb]
/lib/x86_64-linux-gnu/libc.so.6(+0x76f96)[0x7fc3fc799f96]
/lib/x86_64-linux-gnu/libc.so.6(realloc+0x219)[0x7fc3fc79e5f9]
cpio(+0x19236)[0x557b4ea8c236]
cpio(process_copy_in+0x4bd)[0x557b4ea789dd]
cpio(+0x3e3d)[0x557b4ea76e3d]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7fc3fc7432b1]
cpio(+0x3eda)[0x557b4ea76eda]
=== Memory map: 
557b4ea73000-557b4ea96000 r-xp  fd:01 36223789   
/bin/cpio
557b4ec95000-557b4ec96000 r--p 00022000 fd:01 36223789   
/bin/cpio
557b4ec96000-557b4ec98000 rw-p 00023000 fd:01 36223789   
/bin/cpio
557b501d8000-557b501f9000 rw-p  00:00 0  [heap]
7fc3f800-7fc3f8021000 rw-p  00:00 0 
7fc3f8021000-7fc3fc00 ---p  00:00 0 
7fc3fc463000-7fc3fc479000 r-xp  fd:01 14942495   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3fc479000-7fc3fc678000 ---p 00016000 fd:01 14942495   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3fc678000-7fc3fc679000 r--p 00015000 fd:01 14942495   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3fc679000-7fc3fc67a000 rw-p 00016000 fd:01 14942495   
/lib/x86_64-linux-gnu/libgcc_s.so.1
7fc3fc6cb000-7fc3fc71c000 r--p  fd:01 38939709   
/usr/lib/locale/aa_DJ.utf8/LC_CTYPE
7fc3fc723000-7fc3fc8b8000 r-xp  fd:01 14960680   
/lib/x86_64-linux-gnu/libc-2.24.so
7fc3fc8b8000-7fc3fcab7000 ---p 00195000 fd:01 14960680   
/lib/x86_64-linux-gnu/libc-2.24.so
7fc3fcab7000-7fc3fcabb000 r--p 00194000 fd:01 14960680   
/lib/x86_64-linux-gnu/libc-2.24.so
7fc3fcabb000-7fc3fcabd000 rw-p 00198000 fd:01 14960680   
/lib/x86_64-linux-gnu/libc-2.24.so
7fc3fcabd000-7fc3fcac1000 rw-p  00:00 0 
7fc3fcac3000-7fc3fcae6000 r-xp  fd:01 14942230   
/lib/x86_64-linux-gnu/ld-2.24.so
7fc3fcb13000-7fc3fcb14000 r--p  fd:01 38971026   
/usr/lib/locale/aa_ET/LC_NUMERIC
7fc3fcb1b000-7fc3fcb1c000 r--p  fd:01 38990878   
/usr/lib/locale/en_US.utf8/LC_TIME
7fc3fcb23000-7fc3fcc96000 r--p  fd:01 38861996   
/usr/lib/locale/C.UTF-8/LC_COLLATE
7fc3fcc9b000-7fc3fcc9c000 r--p  fd:01 38987338   
/usr/lib/locale/chr_US/LC_MONETARY
7fc3fcca3000-7fc3fcca4000 r--p  fd:01 38990719   
/usr/lib/locale/en_AG/LC_MESSAGES/SYS_LC_MESSAGES
7fc3fccab000-7fc3fccac000 r--p  fd:01 38987340   
/usr/lib/locale/chr_US/LC_PAPER
7fc3fccb3000-7fc3fccb4000 r--p  fd:01 38987339   
/usr/lib/locale/chr_US/LC_NAME
7fc3fccbb000-7fc3fccbc000 r--p  fd:01 38990876   
/usr/lib/locale/en_US.utf8/LC_ADDRESS
7fc3fccc3000-7fc3fccc4000 r--p  fd:01 38987341   
/usr/lib/locale/chr_US/LC_TELEPHONE
7fc3fcccb000-7fc3f000 r--p  fd:01 38987336   
/usr/lib/locale/chr_US/LC_MEASUREMENT
7fc3fccd3000-7fc3fccda000 r--s  fd:01 38878119   
/usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache
7fc3fccdb000-7fc3fccdc000 r--p  fd:01 38990877   
/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION
7fc3fcce-7fc3fcce6000 rw-p  00:00 0 
7fc3fcce6000-7fc3fcce7000 r--p 00023000 fd:01 14942230   
/lib/x86_64-linux-gnu/ld-2.24.so
7fc3fcce7000-7fc3fcce8000 rw-p 00024000 fd:01 14942230   
/lib/x86_64-linux-gnu/ld-2.24.so
7fc3fcce8000-7fc3fcce9000 rw-p  00:00 0 
7ffc0414d000-7ffc0416e000 rw-p  00:00 0  [stack]
7ffc041f3000-7ffc041f5000 r--p  00:00 0  [vvar]
7ffc041f5000-7ffc041f7000 r-xp  00:00 0  [vdso]
[1]3725 done echo empty-file | 
   3726 done cpio --format=tar --create | 
   3727 abort (core dumped)  cpio --format=tar --list



-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unreleased'), (500, 'unstable'), 
(1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, x32, arm64

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Bug#767760: busybox: Please build selinux support

[Cyril Brulebois]

Hi,

Laurent Bigonville  (2016-12-09):
> On Thu, 13 Aug 2015 20:31:30 +0200 Laurent Bigonville 
> > Please find here a patch to add SELinux support.
> >
> > The patch is not disabling SELinux on !linux architectures, that
> > should be fixed before being pushed, but I'm not too sure how to do
> > that with the build system here.
> 
> Any feedback from my patch?

None besides “we need a busybox maintainer”, unfortunately.

> In the meantime, libselinux is now building a udeb, so I guess SELinux
> support could also be enabled in the udeb build of busybox

I'm not sure I understand why we would need SELinux within d-i.


KiBi.


signature.asc
Description: Digital signature

Bug#850802: Add s= as a command-line alias for url=https://

[Cyril Brulebois]

Hi,

Josh Triplett  (2017-01-10):
> Package: preseed
> Severity: wishlist
> Tags: patch
> 
> The attached patch adds s= as a command-line alias for url=https://
> 
> url=example.org will assume "http://example.org;, but specifying an https:// 
> URL
> requires typing out url=https://example.org .  Add an alias s= , mapping
> to the template preseed/https_url, which assumes https:// instead; this
> shortens the kernel command-line parameter to s=example.org .

Just as a comment while going through my debian-boot/ folder: This seems
too short/not descriptive enough to me.


KiBi.


signature.asc
Description: Digital signature

Bug#854094: libreswan FTBFS on x32 due to missing

[Daniel Kahn Gillmor]

over in https://bugs.debian.org/854094:
On Fri 2017-02-03 19:10:43 -0500, Daniel Schepler wrote:
> On Fri, Feb 3, 2017 at 3:29 PM, Daniel Kahn Gillmor
>  wrote:
>> Package: libreswan
>> Version: 3.19-2
>> X-Debbugs-Cc: x...@buildd.debian.org, swan-...@lists.libreswan.org
>>
>> Hi Debian x32 builders--
>>
>> I note that libreswan is failing to build from source on the x32
>> platform due to a missing sys/time.h:
>>
>> https://buildd.debian.org/status/fetch.php?pkg=libreswan=x32=3.19-2=1486146097=0
>>
>> …
>> /<>/linux/include/libreswan.h:44:22: fatal error: sys/time.h: 
>> No such file or directory
>>  #include 
>>   ^
>>
>> the code in linux/include/libreswan.h is just:
>>
>>  42 #if !defined(__KERNEL__)
>>  43
>>  44 #include 
>>  45 #include 
>>  46
>>
>> It builds on other debian platforms without a problem.  Is something
>> significantly different on x32 that we should know about?
>
> It's trying to build with -m64, which would be a cross build for amd64
> rather than a native build for x32.  (So, the immediate symptom is
> caused by the compiler looking for sys/time.h in
> /usr/include/x86_64-linux-gnu and not finding it there because
> libc6-dev-amd64 isn't installed.)

hm, i don't think we want it to build for amd64 if we're doing native
builds on x32, right?

In mk/userland-cflags.mk, we have:

ifeq ($(origin GCCM),undefined)
ifeq ($(ARCH),i686)
GCCM=-m32
endif
ifeq ($(ARCH),x86_64)
GCCM=-m64
endif
endif
USERLAND_CFLAGS+=$(GCCM)

is ARCH defined as x86_64 for x32?  If so, is there a preferred way that
libreswan should make this distinction?  or should i just manually set
GCCM to -m32 in debian/rules when building for x32?

   --dkg

PS for the libreswan folks who've just joined this thread, here's an
explanation of the x32 port on debian:

https://wiki.debian.org/X32Port


signature.asc
Description: PGP signature

Bug#853927: debian-installer: Hang in os-prober in "dmsetup create -r osprober-linux-sda1"

[Cyril Brulebois]

Hi,

Scott Leggett  (2017-02-04):
> Yep - at least, the title of the bug shows the command that was
> blocking (I waited 5 min or so for it before killing it..)

Thanks for confirming.

> > The LVM fix was about adding this codepath:
> > | elif [ "$types" = LVM2_member ]; then
> > | debug "$1 is an LVM member; skipping"
> > | exit 0
> > 
> > right after this one:
> > | elif [ "$types" = crypto_LUKS ]; then
> > | debug "$1 is a LUKS partition; skipping"
> > | exit 0
> > 
> > and we seem to have a crypto_LUKS partition as sda1, so I'm not sure why
> > the dmsetup create thing was even attempted. Adding Colin & Ivo to cc,
> > maybe they'll have an answer.
> > 
> > Direct crypto_LUKS looks like something we should be supporting, even if
> > that's not something one can achieve with a guided setup; so I'd
> > consider this less urgent than the LVM fix we needed to release Stretch
> > RC 2, yet nice to fix.
> 
> A couple more data points:
> 
> I've used the Stretch RC1 installer without issue on another
> workstation with a somewhat similar disk layout - the difference being
> that it had only one physical drive (one LVM physical volume on a
> single crypto_LUKS device).

That might come in handy if we have troubles reproducing your exact
issue. Out of curiosity: is grub able to handle unlocking the root
partition without a separate /boot partition? I haven't tried that
myself yet.

> I've also installed Jessie on several machines with a very similar
> partitioning layout as in this bug report (two drives) without issue.

The os-prober codepath you're hitting is rather new (Stretch RC 1), so
I'm not surprised that you didn't hit this issue with Jessie.


KiBi.


signature.asc
Description: Digital signature

Bug#853927: debian-installer: Hang in os-prober in "dmsetup create -r osprober-linux-sda1"

[Scott Leggett]

On 2017-02-03.13:42, Cyril Brulebois wrote:
> 
> This is rather strange. Are you sure it was hanging on the *sda1* partition?
> 

Yep - at least, the title of the bug shows the command that was blocking
(I waited 5 min or so for it before killing it..)

> The LVM fix was about adding this codepath:
> | elif [ "$types" = LVM2_member ]; then
> | debug "$1 is an LVM member; skipping"
> | exit 0
> 
> right after this one:
> | elif [ "$types" = crypto_LUKS ]; then
> | debug "$1 is a LUKS partition; skipping"
> | exit 0
> 
> and we seem to have a crypto_LUKS partition as sda1, so I'm not sure why
> the dmsetup create thing was even attempted. Adding Colin & Ivo to cc,
> maybe they'll have an answer.
> 
> Direct crypto_LUKS looks like something we should be supporting, even if
> that's not something one can achieve with a guided setup; so I'd
> consider this less urgent than the LVM fix we needed to release Stretch
> RC 2, yet nice to fix.

A couple more data points:

I've used the Stretch RC1 installer without issue on another workstation
with a somewhat similar disk layout - the difference being that it had
only one physical drive (one LVM physical volume on a single crypto_LUKS
device).

I've also installed Jessie on several machines with a very similar
partitioning layout as in this bug report (two drives) without issue.

-- 
Regards,
Scott.


signature.asc
Description: PGP signature

Bug#854099: cinnamon: Date and Time Settings --> Network Time fails (silently) without installing ntp

[Thomas Nyberg]

Package: cinnamon
Version: 2.2.16-5
Severity: normal

Dear Maintainer,

   * What led up to the situation?

My clock was displaying the wrong time.

   * What exactly did you do (or not do) that was effective (or
 ineffective)?

First I set the Date and Time Settings to use Network Time, but it doesn't
work. It appears to work, but the next time you check the settings it shows up
as OFF again. Apparently it doesn't work unless the ntp package is installed. I
installed that and it worked.

I read online that some people thought adding ntp as a dependency was a bit
heavy for this, but as it stands the error causes this to fail silently (which
is very confusing). I think at minimum a box should appear when you try to
click Network Time ON, but I'm personally not sure how I could implement that.
I could certainly attach a patch adding ntp as a dependency, but I wasn't sure
if maybe the maintainers were purposefully leaving that off.

Thanks for your work for debian.

Cheers,
Thomas

-- System Information:
Debian Release: 8.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages cinnamon depends on:
ii  caribou  0.4.15-1
ii  cinnamon-common  2.2.16-5
ii  cinnamon-control-center  2.2.11-4
ii  cinnamon-desktop-data2.2.3-3
ii  cinnamon-screensaver 2.2.4-6
ii  cinnamon-session 2.2.2-5
ii  cinnamon-settings-daemon 2.2.4.repack-7+deb8u1
ii  cjs  2.2.2-2
ii  cups-pk-helper   0.2.5-2+b1
ii  dconf-gsettings-backend [gsettings-backend]  0.22.0-1
ii  gir1.2-accountsservice-1.0   0.6.37-3+b1
ii  gir1.2-caribou-1.0   0.4.15-1
ii  gir1.2-clutter-1.0   1.20.0-1
ii  gir1.2-cmenu-3.0 2.2.0-3
ii  gir1.2-cogl-1.0  1.18.2-3
ii  gir1.2-gconf-2.0 3.2.6-3
ii  gir1.2-gdkpixbuf-2.0 2.31.1-2+deb8u5
ii  gir1.2-gkbd-3.0  3.6.0-1
ii  gir1.2-glib-2.0  1.42.0-2.2
ii  gir1.2-gnomebluetooth-1.03.14.0-2
ii  gir1.2-gnomedesktop-3.0  3.14.1-1
ii  gir1.2-gtk-3.0   3.14.5-1+deb8u1
ii  gir1.2-gtkclutter-1.01.6.0-1
ii  gir1.2-javascriptcoregtk-3.0 2.4.9-1~deb8u1
ii  gir1.2-meta-muffin-0.0   2.2.6-4
ii  gir1.2-networkmanager-1.00.9.10.0-7
ii  gir1.2-nmgtk-1.0 0.9.10.0-2
ii  gir1.2-pango-1.0 1.36.8-3
ii  gir1.2-polkit-1.00.105-15~deb8u2
ii  gir1.2-soup-2.4  2.48.0-1
ii  gir1.2-upowerglib-1.00.99.1-3.2
ii  gir1.2-webkit-3.02.4.9-1~deb8u1
ii  gkbd-capplet 3.6.0-1
ii  gnome-icon-theme-symbolic3.12.0-1
ii  gnome-session-bin3.14.0-2
ii  gnome-settings-daemon3.14.2-3
ii  gnome-themes-standard3.14.2.2-1
ii  gsettings-desktop-schemas3.14.1-1
ii  libatk1.0-0  2.14.0-1
ii  libc62.19-18+deb8u6
ii  libcairo21.14.0-2.1+deb8u1
ii  libcanberra0 0.30-2.1
ii  libcinnamon-menu-3-0 2.2.0-3
ii  libcjs0  2.2.2-2
ii  libclutter-1.0-0 1.20.0-1
ii  libcogl-pango20  1.18.2-3
ii  libcogl-path20   1.18.2-3
ii  libcogl201.18.2-3
ii  libcroco30.6.8-3+b1
ii  libdbus-glib-1-2 0.102-1
ii  libgdk-pixbuf2.0-0   2.31.1-2+deb8u5
ii  libgirepository-1.0-11.42.0-2.2
ii  libgl1-mesa-glx [libgl1] 10.3.2-1+deb8u1
ii  libglib2.0-0 2.42.1-1+b1
ii  libgstreamer1.0-01.4.4-2
ii  libgtk-3-0   3.14.5-1+deb8u1
ii  libjs-jquery 1.7.2+dfsg-3.2
ii  libmozjs185-1.0  1.8.5-1.0.0+dfsg-4.3
ii  libmuffin0   2.2.6-4
ii  libpango-1.0-0   

Bug#854098: Vnc4 is now a transitional package to tigervnc

[Ola Lundqvist]

Package: epoptes

Hi

Just a heads-up that vnc4 is not a transitional package to tigervnc.
You may want to:
1) Depend directly on tigervnc instead.
2) Test that your package actually work with tigervnc.

Best regards

// Ola

-- 
 --- Inguza Technology AB --- MSc in Information Technology 
/  o...@inguza.comFolkebogatan 26\
|  o...@debian.org   654 68 KARLSTAD|
|  http://inguza.com/Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---

Bug#854097: unblock tigervnc/1.7.0+dfsg-5

[Ola Lundqvist]

Subject: unblock: tigervnc/1.7.0+dfsg-5
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package tigervnc

The reasons for the unblock request are:
- Solving an important bug regarding default depth. #854096.
- Solving an issue preventing libvnc.so from being loaded. #851842.
  Without this one of the binary packages is essentially useless.
- Solved CVE-2017-5581 #852213.

There are also some other cleanup made in debian/rules. It is not
documented in the changelog but it was very useful when fixing
#851842.

Three debdiffs attached. One for each release after the one in testing.

unblock tigervnc/1.7.0+dfsg-5

-- 
 --- Inguza Technology AB --- MSc in Information Technology 
/  o...@inguza.comFolkebogatan 26\
|  o...@debian.org   654 68 KARLSTAD|
|  http://inguza.com/Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---


3.debdiff
Description: Binary data


2.debdiff
Description: Binary data


1.debdiff
Description: Binary data

Bug#852758: procps: pkill returns success on failure due to operation not permitted

[Craig Small]

tags 852758 upstream fixed-upstream
thankyou

On Fri, Jan 27, 2017 at 2:21 PM Adrian Riordan <
adrian.rior...@beyondcron.com> wrote:

> When trying kill a process with insufficient privileges (see blow), pkill
> displays the error message “... failed: Operation not permitted”, but
> returns 0. Surely it should return 3?

Hi Adrian,
  Thankyou for the bug report.  This is definitely inconsistent with the
other kill type programs and 0 is not the right answer!

3 isn't the right either because not being able to kill something is not
fatal; you may have 2 processes and can kill one and not the other.  The
other programs use 1 so we have used this for pkill too.

The upstream commit is at
https://gitlab.com/procps-ng/procps/commit/625d0809daa5b666d9f5834bebcdc458799221f3

 - Craig

-- 
Craig Small (@smallsees)   http://dropbear.xyz/ csmall at : enc.com.au
Debian GNU/Linux   http://www.debian.org/   csmall at : debian.org
GPG fingerprint:5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Bug#854062: xournal: Hangs upon pressing Ctrl-S (for saving)

[Carlo Segre]

Hi Philipp:

I have not observed this problem on my sid system.  I have the following 
packages installed and Ctrl-S and Ctrl-Q work fine.


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xournal depends on:
ii  ghostscript-x9.20~dfsg-1
ii  libart-2.0-2 2.3.21-2
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-9
ii  libcairo21.14.8-1
ii  libfontconfig1   2.11.0-6.7
ii  libfreetype6 2.6.3-3+b1
ii  libgdk-pixbuf2.0-0   2.36.4-1
ii  libglib2.0-0 2.50.2-2
ii  libgnomecanvas2-02.30.3-3
ii  libgtk2.0-0  2.24.31-1
ii  libpango-1.0-0   1.40.3-3
ii  libpangocairo-1.0-0  1.40.3-3
ii  libpangoft2-1.0-01.40.3-3
ii  libpoppler-glib8 0.48.0-2
ii  zlib1g   1:1.2.8.dfsg-4

It also works with kernel 4.8.0-2-amd64.  That is the only difference I 
see.


Carlo

On Fri, 3 Feb 2017, Philipp Marek wrote:


Package: xournal
Version: 1:0.4.8-1
Severity: normal

Steps to reproduce:

1) Start xournal with some PDF file
   # xournal /tmp/foo.pdf
2) Press Ctrl-S

No window asking for a filename, Ctrl-Q, the other keybindings, and the
mouse don't work anymore.

This is really awful - working without saving is worse than not working ;/


xournal did work fine in the past, so perhaps it's some other part of the
system it tries to communicate with that's not responding?!


-- System Information:
Debian Release: 9.0
 APT prefers testing
 APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable'), (1, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_AT.UTF-8, LC_CTYPE=de_AT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xournal depends on:
ii  ghostscript-x9.20~dfsg-1
ii  libart-2.0-2 2.3.21-2
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-9
ii  libcairo21.14.8-1
ii  libfontconfig1   2.11.0-6.7
ii  libfreetype6 2.6.3-3+b1
ii  libgdk-pixbuf2.0-0   2.36.4-1
ii  libglib2.0-0 2.50.2-2
ii  libgnomecanvas2-02.30.3-3
ii  libgtk2.0-0  2.24.31-1
ii  libpango-1.0-0   1.40.3-3
ii  libpangocairo-1.0-0  1.40.3-3
ii  libpangoft2-1.0-01.40.3-3
ii  libpoppler-glib8 0.48.0-2
ii  libx11-6 2:1.6.4-3
ii  zlib1g   1:1.2.8.dfsg-4

xournal recommends no packages.

xournal suggests no packages.

-- no debconf information



--
Carlo U. Segre -- Duchossois Leadership Professor of Physics
Interim Chair, Department of Chemistry
Director, Center for Synchrotron Radiation Research and Instrumentation
Illinois Institute of Technology
Voice: 312.567.3498Fax: 312.567.3494
se...@iit.edu   http://phys.iit.edu/~segre   se...@debian.org

Bug#854096: The default depth should really be changed

[Ola Lundqvist]

Package: tigervncserver
Severity: important

The default depth 32 is not really suitable for usual operation. There
are quite a few clients that bug (crashes with this) out and the
protocol get a lot of extra overhead that should not be needed.

Quote from another bug report:
"I see - how are the poor users going to work out that they need to
try -depth 24, per the warning in man xtigervnc, to get their, eg
Java, text rendered properly? "

and:
"I have tested -depth 32 with some applications and it really is a
problem, i.e., VMware workstation bugs out with this setting. I think
we should switch the default to -depth 24."

Best regards

// Ola

-- 
 --- Inguza Technology AB --- MSc in Information Technology 
/  o...@inguza.comFolkebogatan 26\
|  o...@debian.org   654 68 KARLSTAD|
|  http://inguza.com/Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---

Bug#854095: RM: tigervnc [armel armhf] -- ROM; FTBFS

[Ola Lundqvist]

Package: ftp.debian.org

I'd like you to remove some binary packages from testing as it
prevents tigervnc from entering
testing.

Please remove:
tigervnc-common
tigervnc-scraping-server
tigervnc-standalone-server
tigervnc-viewer
tigervnc-xorg-extension
from armel and armhf.

Best regards

// Ola

-- 
 --- Inguza Technology AB --- MSc in Information Technology 
/  o...@inguza.comFolkebogatan 26\
|  o...@debian.org   654 68 KARLSTAD|
|  http://inguza.com/Mobile: +46 (0)70-332 1551 |
\  gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9  /
 ---

Bug#853905: [pkg-gnupg-maint] Bug#853905: Ships incorrect /usr/lib/systemd/user/sockets.target.wants files, makes disabling impossible

[Daniel Kahn Gillmor]

On Fri 2017-02-03 09:02:47 -0500, Yuri D'Elia wrote:
> On Fri, Feb 03 2017, Michael Biebl wrote:
>>> When gpg is used via command line, the agent is started automatically
>>> and then it's left sitting there. But for a system without seats, the
>>> agent doesn't make sense. It shouldn't be running.
>>
>> That doesn't make sense. Even if you stop the sockets, once you use gpg,
>> gpg-agent will be auto-started as well, just using a different mechanism.
>
> It this also true also when --no-autostart is in use?

In this case, gpg-agent will not be automatically started, but if it
needs any information from the secret keyring (which is the only reason
it ever tries to auto-launch gpg-agent in the first place), it will
fail.

What are you doing with gpg?  if whatever you're doing needs the secret
keyring, the agent will be launched.  if it doesn't need the secret
keyring, the agent will not be launched.

With gpg-agent as a systemd user service, when the user completely logs
out of the system, any services launched (socket-activated or otherwise)
will be stopped automatically.

OTOH, if gpg-agent is auto-launched by gpg (not managed as a systemd
user service), there is no robust standard way to ensure that the agent
gets terminated at logout.

Yuri, it sounds like you've got a particular scenario that you don't
like, and you're trying lots of things to change it, but i don't
understand what the scenario is.

Can you try to distill the problem you're seeing into a repeatable
pattern?  I have a minimal server running debian testing.  when i log
into it with ssh, and use gpg with secret key material, the gpg-agent is
spawned by systemd's socket activation, and remains supervised by
systemd.

When i log out, the gpg-agent process gets terminated cleanly by
systemd.

What's the problem?

   --dkg


signature.asc
Description: PGP signature

Bug#854093: [PATCH] [ARM64] kexec fails to load compressed kernel.

[Manoj Iyer]

Attached is a patch that adds compressed kernel support for ARM64. Debian 
does not ship compressed kernels, the test results below show that 
original functionality is maintained. Please review and apply to 
kexec-tools package.


== Before Patch ==
kexec-tools (1:2.0.14-1)

root@debian:/home/ubuntu# kexec -l /boot/vmlinuz-4.9.0-1-arm64 
--initrd=/boot/initrd.img-4.9.0-1-arm64 
--append="root=UUID=010a5260-8c6d-444c-82cd-6cf9b0cbc120 ro"
root@debian:/home/ubuntu# kexec -e

Debian GNU/Linux 9 debian ttyAMA0

debian login: [   26.369875] kexec_core: Starting new kernel
[0.00] Booting Linux on physical CPU 0x0
[0.00] Linux version 4.9.0-1-arm64 (debian-ker...@lists.debian.org) 
(gcc version 6.2.1 20161124 (Debian 6.2.1-5) ) #1 SMP Debian 4.9.2-2+kexec.1 
(2017-01-25)
[0.00] Boot CPU: AArch64 Processor [510f8000]
[0.00] efi: Getting EFI parameters from FDT:
[0.00] efi: EFI v2.60 by EDK II
[0.00] efi:  SMBIOS 3.0=0x13bdb  ACPI 2.0=0x1386d  
MEMATTR=0x13af01898

[  OK  ] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 debian ttyAMA0

debian login:


== After Patch ==
kexec-tools (1:2.0.14-1.1)

root@debian:/home/ubuntu# kexec -l /boot/vmlinuz-4.9.0-1-arm64 
--initrd=/boot/initrd.img-4.9.0-1-arm64 
--append="root=UUID=010a5260-8c6d-444c-82cd-6cf9b0cbc120 ro"
root@debian:/home/ubuntu# kexec -e

Debian GNU/Linux 9 debian ttyAMA0

debian login: [ 1669.265708] kexec_core: Starting new kernel
[0.00] Booting Linux on physical CPU 0x0
[0.00] Linux version 4.9.0-1-arm64 (debian-ker...@lists.debian.org) 
(gcc version 6.2.1 20161124 (Debian 6.2.1-5) ) #1 SMP Debian 4.9.2-2+kexec.1 
(2017-01-25)
[0.00] Boot CPU: AArch64 Processor [510f8000]
[0.00] efi: Getting EFI parameters from FDT:
[0.00] efi: EFI v2.60 by EDK II
[0.00] efi:  SMBIOS 3.0=0x13bdb  ACPI 2.0=0x1386d  
MEMATTR=0x13af01898
[0.00] psci: probing for conduit method from DT.
[0.00] psci: PSCIv0.2 detected in firmware.
[0.00] psci: Using standard PSCI v0.2 function IDs
[0.00] psci: Trusted OS migration not required

.
[  OK  ] Started Update UTMP about System Runlevel Changes.

Debian GNU/Linux 9 debian ttyAMA0

debian login:

Thanks
--

Manoj Iyer
Ubuntu/Canonical
ARM Servers - Cloud
diff -Nru kexec-tools-2.0.14/debian/changelog kexec-tools-2.0.14/debian/changelog
--- kexec-tools-2.0.14/debian/changelog	2017-01-25 14:36:57.0 -0500
+++ kexec-tools-2.0.14/debian/changelog	2017-02-03 18:53:35.0 -0500
@@ -1,3 +1,9 @@
+kexec-tools (1:2.0.14-1.1) UNRELEASED; urgency=medium
+
+  * Enable compressed kernel support for ARM64 (Closes: #854093)
+
+ -- Manoj Iyer   Fri, 03 Feb 2017 18:53:35 -0500
+
 kexec-tools (1:2.0.14-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru kexec-tools-2.0.14/debian/control kexec-tools-2.0.14/debian/control
--- kexec-tools-2.0.14/debian/control	2017-01-25 14:36:57.0 -0500
+++ kexec-tools-2.0.14/debian/control	2017-02-03 18:53:35.0 -0500
@@ -3,7 +3,7 @@
 Homepage: http://kernel.org/pub/linux/utils/kernel/kexec/
 Priority: optional
 Maintainer: Khalid Aziz 
-Build-Depends: debhelper (>= 7.0.0), dh-autoreconf, gnu-efi (>=3.0a-4)[ia64], libz-dev[ia64], po-debconf
+Build-Depends: debhelper (>= 7.0.0), dh-autoreconf, gnu-efi (>=3.0a-4)[ia64], libz-dev [arm64 ia64], po-debconf
 Standards-Version: 3.9.8
 
 Package: kexec-tools

Bug#854094: libreswan FTBFS on x32 due to missing

[Daniel Schepler]

On Fri, Feb 3, 2017 at 3:29 PM, Daniel Kahn Gillmor
 wrote:
> Package: libreswan
> Version: 3.19-2
> X-Debbugs-Cc: x...@buildd.debian.org, swan-...@lists.libreswan.org
>
> Hi Debian x32 builders--
>
> I note that libreswan is failing to build from source on the x32
> platform due to a missing sys/time.h:
>
> https://buildd.debian.org/status/fetch.php?pkg=libreswan=x32=3.19-2=1486146097=0
>
> …
> /<>/linux/include/libreswan.h:44:22: fatal error: sys/time.h: No 
> such file or directory
>  #include 
>   ^
>
> the code in linux/include/libreswan.h is just:
>
>  42 #if !defined(__KERNEL__)
>  43
>  44 #include 
>  45 #include 
>  46
>
> It builds on other debian platforms without a problem.  Is something
> significantly different on x32 that we should know about?

It's trying to build with -m64, which would be a cross build for amd64
rather than a native build for x32.  (So, the immediate symptom is
caused by the compiler looking for sys/time.h in
/usr/include/x86_64-linux-gnu and not finding it there because
libc6-dev-amd64 isn't installed.)
-- 
Daniel

Bug#853935: rephrase: No more works with gpg2 and causes one pinentry popup per guess

[Daniel Kahn Gillmor]

On Fri 2017-02-03 14:46:43 -0500, Axel Beckert wrote:
> The attached patch works for me with gpg aka gpg2.
>
> I'd also upload it as NMU in case I don't hear from the Debian
> Forensics team in time before a potential removal from testing (or if
> the team prefers the NMU).

Awesome.  This is very much appreciated, Axel!

 --dkg


signature.asc
Description: PGP signature

Bug#854094: libreswan FTBFS on x32 due to missing

[Daniel Kahn Gillmor]

Package: libreswan
Version: 3.19-2
X-Debbugs-Cc: x...@buildd.debian.org, swan-...@lists.libreswan.org

Hi Debian x32 builders--

I note that libreswan is failing to build from source on the x32
platform due to a missing sys/time.h:

https://buildd.debian.org/status/fetch.php?pkg=libreswan=x32=3.19-2=1486146097=0

…
/<>/linux/include/libreswan.h:44:22: fatal error: sys/time.h: No 
such file or directory
 #include 
  ^

the code in linux/include/libreswan.h is just:

 42 #if !defined(__KERNEL__)
 43 
 44 #include 
 45 #include 
 46 

It builds on other debian platforms without a problem.  Is something
significantly different on x32 that we should know about?

  --dkg


signature.asc
Description: PGP signature

Bug#854093: [ARM64] kexec fails to load compressed kernel.

[Manoj Iyer]

Package: kexec-tools
Version: 2.0.14-1
Tags: arm64
Severity: important
Usertags: arm64

kexec-tools has a build dependency on libz-dev on ARM64 architecture. 
It can use interfaces from libz-dev to uncompress a compressed kernel. 
If this built without libz-dev kexec will not be able to uncompress a 
compressed kernel.

Bug#852285: Wrong subject, the missing lib should be in multipath-udeb

[Cyril Brulebois]

Control: reassign -1 disk-detect
Control: retitle -1 disk-detect: tries to load obsolete dm-emc module

Hi,

Allan Jacobsen  (2017-01-24):
> I looked into this a little more, and the missing lib should be in
> multipath-udeb, I have made a bugreport for this.

So that was reported as:
  #852431 -- installer broken: multipath-udeb depends on missing 
libmpathcmd.so.0

and fixed, that's why I'm stealing the bug report for the dm-emc part.

> The problem with dm-emc is easily fixed, patch is attached.

Yeah, that seems to be matching an old bug report in other components:
  https://bugs.debian.org/567014

I think I'll go for removing dm-emc right away; we can add other things
if needed.


KiBi.


signature.asc
Description: Digital signature

Bug#834303: calibre: Unhandled exception when editing books

[Douglas Perkins]

As mentioned, sometime in the last few months, this bug was fixed (at 
least for me).  Please mark it closed.  Thanks, all!

Bug#854092: Multiple security issues in libevent

[Guido Günther]

Package: libevent
Severity: important
Tags: security

Hi,

the following vulnerabilities were published for libevent.

CVE-2016-10197[0]
CVE-2016-10196[1]
CVE-2016-10195[2]

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-10197
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197
[1] https://security-tracker.debian.org/tracker/CVE-2016-10196
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196
[2] https://security-tracker.debian.org/tracker/CVE-2016-10195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195

Please adjust the affected versions in the BTS as needed.

Cheers,
 -- Guido

Bug#854091: speech-dispatcher-pico cannot be installed in unstable

[Adrian Bunk]

Package: speech-dispatcher-pico
Version: 0.8.6-1
Severity: serious


# apt-get install speech-dispatcher-pico
Reading package lists... Done
Building dependency tree   
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 speech-dispatcher-pico : Depends: speech-dispatcher (= 0.8.6-1) but it is not 
going to be installed
E: Unable to correct problems, you have held broken packages.
#


This dependency seems far to strict, it would even break on a binNMU
of either package.

Bug#854082: grub-installer: grub-xen fails to install on i386 or amd64 PV guest

[Cyril Brulebois]

Cyril Brulebois  (2017-02-03):
> Would you be interested in helping test an image with this fix
> included? I can build an amd64 netinst and upload that for your to
> try.

If you're so inclined, here's an image with grub-installer 1.137,
including the change you've suggested:
  https://mraw.org/~kibi/debian-stretch-rc2+xen.iso (~ 300 MB)

sha1sum: 61cca963a5d3bf3cbb33d802b2e337be0f16f643

[Note: This image will be removed from my server once the bug has been
addressed.]

BTW, I think the issue might have been triggered by having the following
line as the first entry of the “case” statement:

*:grub|*:grub-pc|*:grub-efi*|sparc:grub-ieee1275|ppc64el/*:grub-ieee1275)

One might not realize the first part is an “full” architecture,
following the arch/subarch formatn.

Speaking of which, the “sparc:grub-ieee1275” part probably doesn't work…


KiBi.


signature.asc
Description: Digital signature

Bug#853855: (no subject)

[Emmanuel Kasper]

Le 03/02/2017 à 23:55, Cyril Brulebois a écrit :
> Ian Campbell  (2017-02-03):
>> On Fri, 2017-02-03 at 15:51 +0100, Emmanuel Kasper wrote:
>>> Actually on further research, net.ifnames and most dot-containing
>>> parameters are not here for the kernel, but to configure on boot
>>> various systemd components,
>>
>> d-i doesn't use systemd, does it?
> 
> It certainly doesn't right now.

From
https://packages.debian.org/sid/udev-udeb

d-i has udev built from systemd source.

The parameters from
https://www.freedesktop.org/software/systemd/man/systemd-udevd.service.html#
can be be passed to the udev service of the installer (notice the
abundance of dots in those parameter :)



signature.asc
Description: OpenPGP digital signature

Bug#850982: [pkg-gnupg-maint] Bug#850982: closed by Daniel Kahn Gillmor <d...@fifthhorseman.net> (Bug#850982: fixed in gnupg2 2.1.17-6)

[Daniel Kahn Gillmor]

On Sat 2017-01-28 11:48:05 -0500, Yuri D'Elia wrote:
> On Wed, Jan 18 2017, Debian Bug Tracking System wrote:
>> Their explanation is attached below along with your original report.
>> If this explanation is unsatisfactory and you have not received a
>> better one in a separate message then please contact Daniel Kahn Gillmor 
>>  by
>> replying to this email.
>
> I'm not completely satisfied, unfortunately.
> I'd like to disable this service for *all* users by default on servers.
>
> It seems there's no systemctl command for this.

Sure there is, you can use --global to affect user services for all
users.  This creates the symlinks in /etc/systemd/user.

> You can mask the service by creating links in /etc/systemd/user/, but
> then each user session generates the following warning:
>
>   gpg-agent.socket: Cannot add dependency job, ignoring: Unit 
> gpg-agent.socket is masked.

Yes, that's true.  I'm not sure i understand your concern though, or why
you want these things masked.  Can you explain what you're aiming to
avoid?

If the user doesn't try to use the agent, no gpg-agent will be launched.
If the user tries to use the agent from gpg or related tools anyway,
then the agent will be auto-launched (by gpg!) even if you've disabled
the systemd socket.  What's the harm in leaving the sockets enabled?

--dkg


signature.asc
Description: PGP signature

Bug#854090: gcc-6: Please enable PIE hardening flags by default on sparc*

[James Clarke]

Package: gcc-6
User: debian-sp...@lists.debian.org
Usertags: sparc64
X-Debbugs-Cc: debian-sp...@lists.debian.org

Please enable PIE by default on sparc and sparc64.

Regards,
James

Bug#853855: (no subject)

[Cyril Brulebois]

Ian Campbell  (2017-02-03):
> On Fri, 2017-02-03 at 15:51 +0100, Emmanuel Kasper wrote:
> > Actually on further research, net.ifnames and most dot-containing
> > parameters are not here for the kernel, but to configure on boot
> > various systemd components,
> 
> d-i doesn't use systemd, does it?

It certainly doesn't right now.


KiBi.


signature.asc
Description: Digital signature

Bug#853855: (no subject)

[Ian Campbell]

On Fri, 2017-02-03 at 15:51 +0100, Emmanuel Kasper wrote:
> Actually on further research, net.ifnames and most dot-containing
> parameters are not here for the kernel, but to configure on boot
> various systemd components,

d-i doesn't use systemd, does it?

Ian.

Bug#854082: grub-installer: grub-xen fails to install on i386 or amd64 PV guest

[Cyril Brulebois]

Hi Sergio,

Sergio Gelato  (2017-02-03):
> Package: grub-installer
> Version: 1.136
> Severity: serious
> 
> The grub installation step reproducibly fails using the latest stretch d-i
> on both i386 and amd64 Xen PV guests. The logs indicate that grub-install is
> looking for /usr/lib/grub/i386-pc instead of /usr/lib/grub/i386-xen, and
> similarly on amd64.
> 
> I think the problem was introduced by
> commit 66f75b7069aeba05eab776b5ac18dffa6874b5f3 .
> 
> Shouldn't amd64:grub-xen and i386:grub-xen read amd64/*:grub-xen and
> i386/*:grub-xen, respectively, when matching against $ARCH:$grub_package ?

Since ARCH is set through archdetect, and since archdetect.c (in
hw-detect) has this as final code:

printf("%s/%s\n", CPU_TEXT, subarch);

… it seems to me we really should be checking for something like what
you're suggesting.

Would you be interested in helping test an image with this fix included?
I can build an amd64 netinst and upload that for your to try.


KiBi.


signature.asc
Description: Digital signature

Bug#851261: compiles but doesn't work, not our fault

[Adam Borowski]

On Fri, Feb 03, 2017 at 11:03:49AM +, Radovan Birdic wrote:
> > Do any non-ancient machines run 32-bit kernels on MIPS these days?  As far
> > as I know, they don't, thus fixing this FTBFS is rather pointless without
> > fixing COMPAT ioctls on the kernel side first.
> 
> Yes, there are 32-bit MIPS machines.
> We tested duperemove on CI20 (mipsel with 32-bit kernel) and it works
> correctly.

Right, thanks for letting us know.  Then, it joins the club with 32/32 bit
powerpc and m68k, both of which also share the FTBFS with 32-bit mips*.

I happened to do some data mining on the "System Information" part of bug
reports recently, and thus can provide some stats.  Bug reports provide
data on contributors rather than users, but that's good too.  In 2016 (plus
a smaller half of Jan 2017) on relevant archs:
powerpc (ppc)33
powerpc (ppc64)   9
mipsel (mips64)   4
mipsel (mips) 1
mips (mips64) 2
mips (mips)   0
mips on amd64 2
m68k  0
Total:13178

so especially powerpc would want this fixed.


Meow!
-- 
Autotools hint: to do a zx-spectrum build on a pdp11 host, type:
  ./configure --host=zx-spectrum --build=pdp11

Bug#854089: zpaq: missing external preprocessor for min.cfg

[Ben Longbons]

Package: zpaq
Version: 1.10-3
Severity: normal

Dear Maintainer,

The executable `lzppre` is not shipped, so using the included min.cfg
does not work. It is included in the source package, but not built or
installed.

mid.cfg (default) and max.cfg work just fine.

$ zpaq c/usr/share/doc/zpaq/examples/min.cfg output.min.zpaq input
4.264 MB memory required.
lzppre 18 20 127 2 96 input ./output.min.zpaq.zpaq.pre ... sh: 1: lzppre: not 
found
./output.min.zpaq.zpaq.pre: No such file or directory
Archive output.min.zpaq not updated
Process time 0.01 sec. Wall time 0 sec.

-Ben


-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unreleased'), (500, 'unstable'), 
(1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, x32, arm64

Kernel: Linux 4.8.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages zpaq depends on:
ii  libc6   2.24-9
ii  libgcc1 1:7-20161201-1
ii  libstdc++6  7-20161201-1

zpaq recommends no packages.

zpaq suggests no packages.

-- no debconf information

Bug#834303: calibre: Unhandled exception when editing books

[Nicholas D Steeves]

On Thu, 1 Sep 2016 19:36:26 +0200 Andreas Metzler  wrote:
>
> On 2016-08-14 Douglas Perkins  wrote:
>>
>> After an upgrade a few days ago, I can no longer edit books using Calibre.
>>
>> I open Calibre, open the editing window, and so far so good. Now I
>> double click on an xhtml file, and instead of the file opening for
>> editing, I get the following error.
> [...]
>> TypeError: connect() failed between contentsChange(int,int,int) and 
>> reformat_blocks()

> This was fixed upstream with
> https://github.com/kovidgoyal/calibre/commit/0e11f80cf6b17a4c526dd9b5ed6abb3d020bfadc

Thus it should have been fixed in upstream v2.65.0 and Debian's
2.71.0+dfsg-1.  Would someone please confirm, tag this bug as fixed
calibre/2.71.0+dfsg-1 and/or close this bug, if appropriate?  'seems
like can can be :-)

Cheers,
Nicholas

Bug#853770: unblock: pyro4

[Emilio Pozuelo Monfort]

On 31/01/17 19:18, Laszlo Boszormenyi (GCS) wrote:
> Package: release.debian.org
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Hi Release Team,
> 
> I don't want to hide that due to my mistake, pyro4 package migrated to
> Stretch without the selectors34 dependency of python2-pyro4 even
> packaged. It was only partly fixed with importing the selectors module
> instead[1] - that fixes the client mode but the multiplexed server
> still fails (the user have to change to the threadpool variant).
> 
> I see the following solutions:
> 1) Drop the python2 variant of Pyro4 and only ship the python3 one
>(worst case).
> 2) Allow the packaged selectors34 module[2] to Stretch (not yet
>uploaded) as it's an one file module.
> 3) Add the selectors34.py to the pyro4 package, debdiff to the Stretch
>version is attached.
> 4) Use the upstream commit not to fail with the import, but inform the
>user to switch to the threadpool variant with a RuntimeError[3]
>when using the Python 2 variant.
> 
> Which solution would be allowed for Stretch?

bootstrap-vz depends on python2-pyro4, so we can't just drop it.

I don't like 2, I'd rather add a new source than embed this inside pyro.

Please upload selectors34 and I'll see about granting an exception to fix this
RC bug.

Cheers,
Emilio

Bug#851667: #851667 "fix" breaks openjdk 8 on Jessie

[DJDavid98]

​For anyone else having issues with installing Java 8 now, I managed to get
back up and running by using Oracle's official version of Java.

​For convenience here's a list of commands one has to run to get Java 8
working on their Debian Jessie machine​ (until this issue gets resolved):

echo -e "deb http://ppa.launchpad.net/webupd8team/java/ubuntu xenial
main\ndeb-src http://ppa.launchpad.net/webupd8team/java/ubuntu xenial main"
> /etc/apt/sources.list.d/webupd8team-java.list
sudo apt-get update
sudo apt-get install oracle-java8-installer
echo "JAVA_HOME=\"/usr/lib/jvm/java-8-oracle\"" > /etc/environment
source /etc/environment

Bug#853809: unblock: e2fsprogs/1.43.4-2

[Cyril Brulebois]

Emilio Pozuelo Monfort  (2017-02-03):
> This seems fine to me, unblocked. Cc'ing debian-boot@/Cyril for the
> udeb unblock.

No objections in principle, but it'd be nice to have d-i tested against
the latest version. Will try to look into it over the next few days.


KiBi.


signature.asc
Description: Digital signature

Bug#851585: [Pkg-nagios-devel] Bug#851585: icinga2-ido-mysql: fails to upgrade from 'jessie': mysql said: ERROR 1067 (42000) at line 10: Invalid default value for 'status_update_time'

[Emilio Pozuelo Monfort]

Control: severity -1 important

On 31/01/17 17:41, Markus Frosch wrote:
> Hello Release team
> - top post for referencing-
> 
> I'd like to ask you about views of this bug.
> 
> We can do the following:
> 
> 1) Update icinga2 to 2.6.1 which includes some other useful changes (see 
> below)
> 2) stretch-ignore the bug, since MySQL 5.7 won't be included in stretch
>(Problem: backports might make a problem then)

If this only happens with mysql-5.7 but not with mariadb-10.1, then this is not
RC. Downgrading. Please bump again if it also happens with mariadb.

It would still be nice to fix this, obviously.

> I could also patch some of the crashing issues, but would rather prefer 2.6.1
> as a cleaner update to maintain in stretch.

Please file an unblock bug with a debdiff or a diff to the new upstream version.

Thanks,
Emilio

Bug#853089: unblock: cinnamon/3.2.7-2 cinnamon-desktop-data/3.2.4-4

[Emilio Pozuelo Monfort]

On 29/01/17 18:37, Margarita Manterola wrote:
> On 2017-01-29 18:34, Emilio Pozuelo Monfort wrote:
>>> I'm attaching the debdiff for both packages for their version currently in
>>> testing (and unstable).  I'd like to have confirmation that the packages 
>>> will be
>>> unblocked before uploading them.
>> Did you forgot to attach those?
> 
> *sigh* Indeed, I did. I have attached them now.

Go ahead.

Emilio

Bug#853260: unblock: lcmaps-plugins-voms/1.6.2-2.1

[Emilio Pozuelo Monfort]

On 30/01/17 21:53, Sebastian Andrzej Siewior wrote:
> diff -Nru lcmaps-plugins-voms-1.6.2/debian/patches/series 
> lcmaps-plugins-voms-1.6.2/debian/patches/series
> --- lcmaps-plugins-voms-1.6.2/debian/patches/series   2013-11-12 
> 16:23:41.0 +0100
> +++ lcmaps-plugins-voms-1.6.2/debian/patches/series   2017-01-29 
> 21:47:44.0 +0100
> @@ -1,2 +1,3 @@
>  
>  
> +openssl11.patch

Some ugly whitespace, and not the nicest patch, but it's debug output as you 
say...

Unblocked.

Emilio

Bug#853727: unblock: limnoria/2017.01.10-1

[Emilio Pozuelo Monfort]

On 31/01/17 12:14, Mattia Rizzolo wrote:
> Package: release.debian.org
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package limnoria.
> 
> It is a new upstream, yes, but
> 1) it's a leaf package
> 2) it has a very extensive testsuite
> 3) the changes are so minimal...
> 4) it fixes the only bug this package has ;)
> 
> Attached a debdiff against the current version in stretch.
> 
> unblock limnoria/2017.01.10-1

Done, but now you owe me two RC bug fixes.

Cheers,
Emilio

Bug#851667: #851667 "fix" breaks openjdk 8 on Jessie

[David Joseph Guzsik]

It's not like me or my users wanted to use ElasticSearch anyway...
Who on earth thought this was a good idea?!

Bug#854061: [Debian-ports-devel] Bug#854061: Lack of hardening=+pie gives unwanted, unsilenceable noisy compiler output

[Thorsten Glaser]

James Clarke dixit:

>As far as I can tell, no progress has been made on this issue since the
>few discussions on debian-devel[0]. The current state is not desirable,

I agree. I think everyone agreed that GCC should handle hardening
and dpkg should not pass the -specs= stuff any longer.

>and in fact is causing at least one crucial package, cmake, to FTBFS

Indeed. I porter-uploaded it for x32 by downgrading dpkg first
which made the build succeed.

bye,
//mirabilos
-- 
“ah that reminds me, thanks for the stellar entertainment that you and certain
other people provide on the Debian mailing lists │ sole reason I subscribed to
them (I'm not using Debian anywhere) is the entertainment factor │ Debian does
not strike me as a place for good humour, much less German admin-style humour”

Bug#853809: unblock: e2fsprogs/1.43.4-2

[Emilio Pozuelo Monfort]

On 01/02/17 04:48, Theodore Y. Ts'o wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Please unblock package e2fsprogs
> 
> 1.43.4 is the new upstream version of e2fsprogs which fixes a RC bug
> (#840733: e2fsprogs contains non-free file).  n.b., the non-free file is
> only used in a regression test and isn't actually included in any
> binary.  There are also a number of important bug fixes that I'd really
> like to get into stretch.  See the debian changelog or [1] for more
> details.
> 
> [1] http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4
> 
> Note: there is a udeb involved since this will also require a d-i
> release manager unblock.  I'm unclear whether there is a separate
> process for requesting that particlar unblock.  Please advise.
> 
> I just uploaded 1.43.4-2 to sid today, so it will be five days old when
> the Stretch Freeze hits.  So I'm filing this bug now as a heads up,
> since unless the release schedule slips, this isn't going to meet the
> mandatory 10 day delay which was announced in December.

This seems fine to me, unblocked. Cc'ing debian-boot@/Cyril for the udeb 
unblock.

Cheers,
Emilio

Bug#852959: [pkg-go] Bug#852959: prometheus FTBFS on armhf: github.com/prometheus/prometheus/storage/local fails

[Martín Ferrari]

severity 852959 important
thanks


So I finally asked ftpmaster to remove the armhf packages (#848357), to
allow prometheus to migrate and be released with Stretch. This bug still
exists, and I will fix it as soon as the current version migrates to
testing, but it does not affect the architectures that are going to be
released. So I am lowering the severity for now.

Thanks for reporting.


On 28/01/17 11:58, Adrian Bunk wrote:
> Source: prometheus
> Version: 1.5.0+ds-1
> Severity: serious
> 
> https://buildd.debian.org/status/fetch.php?pkg=prometheus=armhf=1.5.0%2Bds-1=1485604675=0
> 
> ...
> goroutine 10024 [chan receive]:
> github.com/prometheus/prometheus/storage/local.(*MemorySeriesStorage).handleEvictList.func1(0x4b165ad0)
>   
> /«BUILDDIR»/prometheus-1.5.0+ds/build/src/github.com/prometheus/prometheus/storage/local/storage.go:1075
>  +0x30
> created by 
> github.com/prometheus/prometheus/storage/local.(*MemorySeriesStorage).handleEvictList
>   
> /«BUILDDIR»/prometheus-1.5.0+ds/build/src/github.com/prometheus/prometheus/storage/local/storage.go:1077
>  +0x358
> exit status 2
> FAIL  github.com/prometheus/prometheus/storage/local  288.359s
> ...
> ___
> Pkg-go-maintainers mailing list
> pkg-go-maintain...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-go-maintainers
> 


-- 
Martín Ferrari (Tincho)

Bug#854086: unblock: commons-math3/3.6.1-2

[tony mancill]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package commons-math3

The bug addresses a FTBFS bug [1] that arose quite late in the release
cycle due to changes in the javadoc tooling.  The build error being
addressed is:

> [ERROR] Failed to execute goal
> org.apache.maven.plugins:maven-javadoc-plugin:2.10.4:jar (default-cli)
> on project commons-math3: MavenReportException: Error while generating
> Javadoc:
> [ERROR] Exit code: 1 - javadoc: error - Argument for -header contains 
> JavaScript.
> [ERROR] Use --allow-script-in-comments to allow use of JavaScript.

The source debdiff against the version in testing is attached.  The
debdiff consists of adding --allow-script-in-comments to an existing
build patch and also the updates that came 'quilt refresh' while
generating the patch.

unblock commons-math3/3.6.1-2

Thank you for your consideration!
Cheers,
tony

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852880
diff -Nru commons-math3-3.6.1/debian/changelog commons-math3-3.6.1/debian/changelog
--- commons-math3-3.6.1/debian/changelog	2016-03-26 16:43:25.0 -0700
+++ commons-math3-3.6.1/debian/changelog	2017-02-03 10:14:20.0 -0800
@@ -1,3 +1,11 @@
+commons-math3 (3.6.1-2) unstable; urgency=medium
+
+  * Team upload.
+  * Update 03_libjs-mathjax.patch to add --allow-script-in-comments to
+maven-javadoc-plugin invocation to address FTBFS. (Closes: #852880)
+
+ -- tony mancill   Fri, 03 Feb 2017 10:14:20 -0800
+
 commons-math3 (3.6.1-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru commons-math3-3.6.1/debian/patches/03_libjs-mathjax.patch commons-math3-3.6.1/debian/patches/03_libjs-mathjax.patch
--- commons-math3-3.6.1/debian/patches/03_libjs-mathjax.patch	2016-03-26 16:32:04.0 -0700
+++ commons-math3-3.6.1/debian/patches/03_libjs-mathjax.patch	2017-02-03 10:14:20.0 -0800
@@ -11,16 +11,17 @@
  
 --- a/pom.xml
 +++ b/pom.xml
-@@ -539,7 +539,7 @@
+@@ -534,7 +534,8 @@
  org.apache.maven.plugins
  maven-javadoc-plugin
  
 -  -header script type=text/javascript src=http://cdn.mathjax.org/mathjax/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML/script;
 +  -header script type=text/javascript src=file:///usr/share/javascript/mathjax/MathJax.js?config=TeX-AMS-MML_HTMLorMML/script
++  --allow-script-in-comments
  

  
-@@ -690,7 +690,7 @@
+@@ -685,7 +686,7 @@
  org.apache.maven.plugins
  maven-javadoc-plugin
  
@@ -31,7 +32,7 @@
  
 --- a/src/site/site.xml
 +++ b/src/site/site.xml
-@@ -81,7 +81,7 @@
+@@ -83,7 +83,7 @@
  
  
  


signature.asc
Description: PGP signature

Bug#854088: blender: Blender python support does not find the numpy module

[Zachary Brown]

Package: blender
Version: 2.78.a+dfsg0-4
Severity: normal

Dear Maintainer,

I'm writing blender add-ons using python. Recently I tried to import the numpy
module, but blender reported that no such module could be found. I know I have
the numpy debian package installed.

I downloaded the latest version of blender from blender.org, and it found the
numpy module just fine.

Be well,
Zack



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages blender depends on:
ii  blender-data  2.78.a+dfsg0-4
ii  fonts-dejavu  2.37-1
ii  libavcodec57  7:3.2.2-2
ii  libavdevice57 7:3.2.2-2
ii  libavformat57 7:3.2.2-2
ii  libavutil55   7:3.2.2-2
ii  libboost-atomic1.62.0 1.62.0+dfsg-4
ii  libboost-chrono1.62.0 1.62.0+dfsg-4
ii  libboost-date-time1.62.0  1.62.0+dfsg-4
ii  libboost-filesystem1.62.0 1.62.0+dfsg-4
ii  libboost-iostreams1.62.0  1.62.0+dfsg-4
ii  libboost-locale1.62.0 1.62.0+dfsg-4
ii  libboost-regex1.62.0  1.62.0+dfsg-4
ii  libboost-system1.62.0 1.62.0+dfsg-4
ii  libboost-thread1.62.0 1.62.0+dfsg-4
ii  libc6 2.24-8
ii  libfftw3-double3  3.3.5-3
ii  libfontconfig12.11.0-6.7
ii  libfreetype6  2.6.3-3+b1
ii  libgcc1   1:6.3.0-5
ii  libgl1-mesa-glx [libgl1]  13.0.3-1
ii  libglew2.02.0.0-3
ii  libglu1-mesa [libglu1]9.0.0-2.1
ii  libgomp1  6.3.0-5
ii  libilmbase12  2.2.0-11
ii  libjack-jackd2-0 [libjack-0.125]  1.9.10+20150825git1ed50c92~dfsg-4+b1
ii  libjemalloc1  3.6.0-9
ii  libjpeg62-turbo   1:1.5.1-2
ii  libopenal11:1.17.2-4
ii  libopencolorio1v5 1.0.9~dfsg0-6
ii  libopenexr22  2.2.0-11
ii  libopenimageio1.6 1.6.17~dfsg0-1+b2
ii  libopenjp2-7  2.1.2-1.1
ii  libopenvdb3.2 3.2.0-2.1
ii  libpcre3  2:8.39-2
ii  libpng16-16   1.6.28-1
ii  libpython3.5  3.5.3-1
ii  libsndfile1   1.0.27-1
ii  libspnav0 0.2.3-1
ii  libstdc++66.3.0-5
ii  libswscale4   7:3.2.2-2
ii  libtbb2   4.3~20150611-2
ii  libtiff5  4.0.7-5
ii  libx11-6  2:1.6.4-2
ii  libxi62:1.7.8-2
ii  libxml2   2.9.4+dfsg1-2.2
ii  libxxf86vm1   1:1.1.4-1
pn  python3:any   
ii  zlib1g1:1.2.8.dfsg-4

blender recommends no packages.

blender suggests no packages.

-- no debconf information

Bug#853052: widelands: Wrong names for some buildings (e.g. Ranger's Hut)

[Hans Joachim Desserud]

forwarded 853052 https://bugs.launchpad.net/widelands/+bug/1652923
thanks

Thanks for reporting. :)

As you mention, the issue seems "limited" to the en_GB translation.
This has also been reported upstream, see link above.

--
mvh / best regards
Hans Joachim Desserud
http://desserud.org

Bug#831059: lists.debian.org: Permanently banned users cannot send positive contributions to lists.debian.org

[Javier Serrano Polo]

El dv 03 de 02 de 2017 a les 11:25 -0600, Don Armstrong va escriure:
> communicated by Debian community members

Thanks for the answer, since it provides some kind of procedure.
However, bothering community members does not seem a way to improve
Debian. May I open a bug report about my case myself and elaborate?


smime.p7s
Description: S/MIME cryptographic signature

Bug#851797: Processed: RFAs are severity normal

[Axel Beckert]

Control: severity -1 wishlist

Hi Adrian,

Debian Bug Tracking System wrote:
> Processing commands for cont...@bugs.debian.org:
> > severity 851797 normal
> Bug #851797 [wnpp] RFA: dphys-config -- Tool to distribute config files by 
> fetching them
> Severity set to 'normal' from 'wishlist'

It might be the default severity of RFAs, but I'm not aware of any
rule saying that an RFA _must_ be of severity "normal".

This RFA was deliberately set to wishlist, so I'm setting back to
wishlist herewith.

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE

Bug#852398: To load extensions

[Édouard WILLISSECK]

This workaround works great thanks !

I hope we'll get a proper fix soon though.


On Wed, 01 Feb 2017 00:29:50 + Alok Singh 
wrote:
> Copying this over from #851692. A method of enabling extensions
without
> re-compiling Chromium. Not saying it is ideal
> 
> 1. Find your extensions:
> They are in
$XDG_CONFIG_DIR/chromium//Extensions//
> 
> For example, uBlock is at
>
/home/alok/.config/chromium/Default/Extensions/cjpalhdlnbpafiamejdnhcph
jbkeiagm/1.9.4_0
> 
> 2. Create a file in /etc/chromium.d/enable-extensions with the
content
> export CHROMIUM_FLAGS="$CHROMIUM_FLAGS --load-extension= from above>"
> 
> 3. You have to create multiple lines of the form above for each
profile.
> Note that you will have to update this file when the extension
version
> changes. If you have the same extension in multiple profiles, you
will have
> make explicit entries for it as per step 2.
> 
> -- 
> —
> Alok

Bug#851819: ERROR: wget failed to download http://people.debian.org/~bartm/...

[Leo L. Schwab]

Package: flashplugin-nonfree
Version: 1:3.7
Followup-For: Bug #851819

  ___ _   _   _ 
|  _ \_ _| \ | |/ ___| |
| |_) | ||  \| | |  _| |
|  __/| || |\  | |_| |_|
|_|  |___|_| \_|\(_)


$ sudo update-flashplugin-nonfree --install --verbose
options :  --install --verbose --
temporary directory: /tmp/flashplugin-nonfree.S4CJ9z75AC
importing public key ...
selected action = --install
installed version = 24.0.0.186
upstream version = 24.0.0.194
wgetoptions= -nd -P .   -v --progress=dot:default 
downloading 
http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.24.0.0.194.sha512.amd64.pgp.asc
 ...
URL transformed to HTTPS due to an HSTS policy
--2017-02-03 12:42:35--  
https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.24.0.0.194.sha512.amd64.pgp.asc
Resolving people.debian.org (people.debian.org)... 5.153.231.30, 
2001:41c8:1000:21::21:30
Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... 
connected.
HTTP request sent, awaiting response... 404 Not Found
2017-02-03 12:42:36 ERROR 404: Not Found.

cleaning up temporary directory /tmp/flashplugin-nonfree.S4CJ9z75AC ...
ERROR: wget failed to download 
http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.24.0.0.194.sha512.amd64.pgp.asc
More information might be available at:
  http://wiki.debian.org/FlashPlayer




-- Package-specific info:
Debian version: 9.0
Architecture: amd64
Package version: 1:3.7
Adobe Flash Player version: LNX 24,0,0,186
MD5 checksums:
a618a20ef0bf4f463960134486a2ed7b  
/var/cache/flashplugin-nonfree/flash_player_npapi_linux.x86_64.tar.gz
29c85bc8504422120cf89702986ff8e1  
/var/cache/flashplugin-nonfree/get-upstream-version.pl
82cd4f82b2023fad1d43092de8e002a7  
/var/cache/flashplugin-nonfree/install_flash_player_11_linux.x86_64.tar.gz
52d5e951bafcdb493d1a980a62c0f80e  
/usr/lib/flashplugin-nonfree/libflashplayer.so
Alternatives:
flash-mozilla.so - auto mode
  link best version is /usr/lib/flashplugin-nonfree/libflashplayer.so
  link currently points to 
/usr/lib/flashplugin-nonfree/libflashplayer.so
  link flash-mozilla.so is /usr/lib/mozilla/plugins/flash-mozilla.so
/usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50
lrwxrwxrwx 1 root root 34 Aug  4  2016 
/usr/lib/mozilla/plugins/flash-mozilla.so -> /etc/alternatives/flash-mozilla.so
/usr/lib/mozilla/plugins/flash-mozilla.so: symbolic link to 
/etc/alternatives/flash-mozilla.so

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages flashplugin-nonfree depends on:
ii  binutils   2.27.90.20170124-2
ii  ca-certificates20161130
ii  debconf [debconf-2.0]  1.5.60
ii  gnupg  2.1.18-3
ii  gnupg2 2.1.18-3
ii  libatk1.0-02.22.0-1
ii  libcairo2  1.14.8-1
ii  libcurl3-gnutls7.52.1-2
ii  libfontconfig1 2.11.0-6.7
ii  libfreetype6   2.6.3-3+b1
ii  libgcc11:6.3.0-5
ii  libglib2.0-0   2.50.2-2
ii  libgtk2.0-02.24.31-2
ii  libnspr4   2:4.12-6
ii  libnss32:3.26.2-1
ii  libpango1.0-0  1.40.3-3
ii  libstdc++6 6.3.0-5
ii  libx11-6   2:1.6.4-3
ii  libxext6   2:1.3.3-1
ii  libxt6 1:1.1.5-1
ii  wget   1.18-4

flashplugin-nonfree recommends no packages.

Versions of packages flashplugin-nonfree suggests:
pn  firefox-esr
ii  fonts-dejavu   2.37-1
pn  hal-flash  
pn  iceweasel  
pn  konqueror-nsplugins
ii  ttf-mscorefonts-installer  3.6
pn  ttf-xfree86-nonfree

-- no debconf information

Bug#854005: [pkg-gnupg-maint] Bug#854005: Bug#854005: ssh-agent no longer works

[Wouter Verhelst]

On Sat, Feb 04, 2017 at 01:56:08AM +0900, NIIBE Yutaka wrote:
> NIIBE Yutaka  wrote:
> > Ah... I think that I enbugged a bug for PC/SC, and scdaemon with PC/SC
> > is somehow broken in 2.1.18.  Please try with internal CCID driver of
> > GnuPG.  I mean, don't use PC/SC service.
> 
> Or, please add:
> 
>   disable-ccid
> 
> in your scdaemon.conf if you want to use PC/SC service with scdaemon of
> 2.1.18.

At first glance that doesn't seem to fix it, but I haven't tested it much.

-- 
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
   people in the world who think they really understand all of its rules,
   and pretty much all of them are just lying to themselves too.
 -- #debian-devel, OFTC, 2016-02-12

Bug#854005: [pkg-gnupg-maint] Bug#854005: ssh-agent no longer works

[Wouter Verhelst]

On Sat, Feb 04, 2017 at 01:30:52AM +0900, NIIBE Yutaka wrote:
> Wouter Verhelst  wrote:
> > wouter@gangtai:~$ cat .gnupg/scdaemon.conf
> > reader-port O2 Micro Oz776 01 00
> > log-file /home/wouter/.gnupg/scdaemon.log
> > pcsc-driver libpcsclite.so
> 
> Ah... I think that I enbugged a bug for PC/SC, and scdaemon with PC/SC
> is somehow broken in 2.1.18.  Please try with internal CCID driver of
> GnuPG.  I mean, don't use PC/SC service.

Heh.

I can try if it makes you happy, but I can't use it long-term, or my day
job will become sorely problematic :-)

> >> I'm now at NRT airport to BRU.
> >
> > Interesting. I live 10 minutes away (by train) from that airport :-)
> >
> > I take it you'll be at FOSDEM? I'll be giving a talk in the
> > IaaS/Virtualization devroom at 14:00 on saturday[1]. If it helps, I'll
> > have my laptop with me (and a few cardreaders too, probably); we can
> > then debug things face to face if you want me to.
> >
> > [1] https://fosdem.org/2017/schedule/event/iaas_netblodev/
> 
> Yes, I'll be at FOSDEM.  It's good if we can debug things after your
> talk.

Sure, I'll make sure to have all my stuff so we can look at it in
detail.

-- 
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
   people in the world who think they really understand all of its rules,
   and pretty much all of them are just lying to themselves too.
 -- #debian-devel, OFTC, 2016-02-12

Bug#854085: yash: FTBFS:

[Chris Lamb]

Source: yash
Version: 2.44-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

yash fails to build from source in unstable/amd64:

  […]

 dh_auto_test
make -j1 test VERBOSE=1
  make[1]: Entering directory '«BUILDDIR»'
  make[2]: Entering directory '«BUILDDIR»/builtins'
  make[2]: Nothing to be done for 'all'.
  make[2]: Leaving directory '«BUILDDIR»/builtins'
  make[2]: Entering directory '«BUILDDIR»/lineedit'
  make[2]: Nothing to be done for 'all'.
  make[2]: Leaving directory '«BUILDDIR»/lineedit'
  make[2]: Entering directory '«BUILDDIR»/tests'
  rm -rf alias-p.trs andor-p.trs arith-p.trs async-p.trs bg-p.trs break-p.trs 
builtins-p.trs case-p.trs cd-p.trs cmdsub-p.trs command-p.trs comment-p.trs 
continue-p.trs dot-p.trs errexit-p.trs error-p.trs eval-p.trs exec-p.trs 
exit-p.trs export-p.trs fg-p.trs fnmatch-p.trs for-p.trs fsplit-p.trs 
function-p.trs getopts-p.trs grouping-p.trs if-p.trs input-p.trs job-p.trs 
kill-p.trs lineno-p.trs nop-p.trs option-p.trs param-p.trs path-p.trs 
pipeline-p.trs ppid-p.trs quote-p.trs read-p.trs readonly-p.trs redir-p.trs 
return-p.trs set-p.trs shift-p.trs signal-p.trs simple-p.trs test-p.trs 
testtty-p.trs tilde-p.trs trap-p.trs umask-p.trs unset-p.trs until-p.trs 
wait-p.trs while-p.trs alias-y.trs andor-y.trs arith-y.trs array-y.trs 
async-y.trs bg-y.trs bindkey-y.trs brace-y.trs break-y.trs builtins-y.trs 
case-y.trs cd-y.trs cmdsub-y.trs command-y.trs complete-y.trs continue-y.trs 
dirstack-y.trs disown-y.trs dot-y.trs echo-y.trs errexit-y.trs error-y.trs 
eval-y.trs exec-y.trs exit-y.trs export-y.trs fc-y.trs fg-y.trs for-y.trs 
fsplit-y.trs function-y.trs getopts-y.trs grouping-y.trs hash-y.trs help-y.trs 
history-y.trs historyx-y.trs if-y.trs job-y.trs jobs-y.trs kill-y.trs 
lineno-y.trs option-y.trs param-y.trs pipeline-y.trs printf-y.trs prompt-y.trs 
pwd-y.trs quote-y.trs random-y.trs read-y.trs readonly-y.trs redir-y.trs 
return-y.trs set-y.trs settty-y.trs shift-y.trs signal-y.trs simple-y.trs 
startup-y.trs suspend-y.trs test-y.trs tilde-y.trs times-y.trs trap-y.trs 
typeset-y.trs ulimit-y.trs umask-y.trs unset-y.trs until-y.trs wait-y.trs 
while-y.trs
  make[3]: Entering directory '«BUILDDIR»/tests'
  ./resetsig ../yash ./run-test.sh ../yash alias-p.tst
  ../yash: parameter `LANG' is not set
  Makefile:65: recipe for target 'alias-p.trs' failed
  make[3]: *** [alias-p.trs] Error 2
  make[3]: Leaving directory '«BUILDDIR»/tests'
  Makefile:45: recipe for target 'test' failed
  make[2]: *** [test] Error 2
  make[2]: Leaving directory '«BUILDDIR»/tests'
  Makefile:116: recipe for target 'test' failed
  make[1]: *** [test] Error 2
  make[1]: Leaving directory '«BUILDDIR»'
  dh_auto_test: make -j1 test VERBOSE=1 returned exit code 2
  debian/rules:16: recipe for target 'build' failed
  make: *** [build] Error 2
  dpkg-buildpackage: error: debian/rules build gave error exit status 2

  […]

The full build log is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-


yash.2.44-1.unstable.amd64.log.txt.gz
Description: Binary data

Bug#854084: binaryornot: Non-determistically FTBFS due to unreliable timing in tests

[Chris Lamb]

Source: binaryornot
Version: 0.4.0-1
Severity: serious
Justification: fails to build from source
User: reproducible-bui...@lists.alioth.debian.org
Usertags: ftbfs
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org

Dear Maintainer,

binaryornot's testsuite appears to use method timing/benchmarking in
such a way that it will non-deterministically FTBFS:

  […]
  
  ==
  ERROR: test_never_crashes (tests.test_check.TestDetectionProperties)
  --
  Traceback (most recent call last):
File "«BUILDDIR»/tests/test_check.py", line 180, in test_never_crashes
  def test_never_crashes(self, data):
File "/usr/lib/python2.7/dist-packages/hypothesis/core.py", line 438, in 
wrapped_test
  HealthCheck.too_slow,
File "/usr/lib/python2.7/dist-packages/hypothesis/core.py", line 306, in 
fail_health_check
  raise FailedHealthCheck(message)
  FailedHealthCheck: Data generation is extremely slow: Only produced 10 valid 
examples in 0.33 seconds (0 invalid ones and 1 exceeded maximum size). Try 
decreasing size of the data you're generating (with e.g.average_size or 
max_leaves parameters).
  See https://hypothesis.readthedocs.io/en/latest/healthchecks.html for more 
information about this. If you want to disable just this health check, add 
HealthCheck.too_slow to the suppress_health_check settings for this test.
  
  --
  Ran 43 tests in 0.557s
  
  FAILED (errors=1, expected failures=1)
  Test failed: 
  error: Test failed: 
  E: pybuild pybuild:283: test: plugin distutils failed with: exit code=1: 
python2.7 setup.py test 
  dh_auto_test: pybuild --test -i python{version} -p 2.7 returned exit code 13
  debian/rules:7: recipe for target 'build' failed
  make: *** [build] Error 25
  dpkg-buildpackage: error: debian/rules build gave error exit status 2

  […]

The full build log is attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-


binaryornot.0.4.0-1.unstable.amd64.log.txt.gz
Description: Binary data

Bug#854053: coreutils: improve 2x-3x sha256sum performance on ppc64le due to current gcc optimization bug

[Mike Hodson]

Hi All,

I'm not sure if this is the bug you are referring to; it would appear to
have started 10 years ago and affects far more than 4.9>7? Or did someone
perhaps revert a patch that may have come from this?

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=32523 is the bug that was
first found in 2007... It seems to have perpetuated for quite a while if
this is the initial root instance.

Mike




On Fri, Feb 3, 2017 at 11:37 AM, Gustavo Serra Scalet <
gustavo.sca...@eldorado.org.br> wrote:

>
>
> > -Original Message-
> > From: Michael Stone [mailto:mst...@debian.org]
> > Sent: sexta-feira, 3 de fevereiro de 2017 11:38
> > To: Gustavo Serra Scalet 
> > Cc: 854...@bugs.debian.org; coreut...@gnu.org
> > Subject: Re: Bug#854053: coreutils: improve 2x-3x sha256sum performance
> > on ppc64le due to current gcc optimization bug
> >
> > On Fri, Feb 03, 2017 at 11:22:28AM -0200, Gustavo Serra Scalet wrote:
> > >The sha256sum provided by coreutils (without openssl) is performing
> > >poorly with versions >= 4.9 until 7.0 (currently under development).
> > >The reason for that is the -fschedule-insns optimization that is used
> > >with -O2. By simply deactivating it, there is a performance improvement
> > >of
> > >2 to 3 times.
> > >
> > >I'm attaching a patch that demonstrate that behavior but it lacks this
> > >condition:
> > >* If ppc64le
> > >* If gcc being used is >= 4.9 and < 7.0
> > >
> > >Notes:
> > >1) gcc-7 is not affected by this bug (verified on 20170129 snapshot).
> > >2) clang is not affected by this bug (verified on v3.8 and v3.9).
> > >3) strangely the sha512 is not affected by this.
> >
> > Sounds good in theory, just needs conditionals. :) For debian we can
> > just assume the compiler version and remove the patch when a newer
> > compiler is available as a dependency, but making it conditional on ppc
> > seems essential. Upstream would probably want some kind of compiler
> > based test.
>
> Seems good to me.
>
> > My understanding is that just adding this option to cflags
> > when building on the appropriate architecture wouldn't work, because it
> > would negatively impact other code, is that correct?
>
> Yes, I wouldn't add this CFLAG for the whole package, but only for the
> lib/sha256.o target (that's what my patch is doing).
>
> For that target, I see a better performance without that optimization than
> with it. Normally nobody shuts off optimization to improve performance but,
> as I said, it is a bug that happens on this target and it affects gcc
> versions >= 4.9 and < 7.0.
>
> If you see a different way out, or a more neat approach, please advise.
>
> >
> > Mike Stone
> >
> > (additional context quoted below)
> >
> > >Below a demonstration of how it performs:
> > >
> > >===
> > >$ (./configure && make -j9) > /dev/null && time src/sha256sum
> > >~/ubuntu-16.10-server-ppc64el.iso
> > >configure: WARNING: libacl development library was not found or not
> > usable.
> > >configure: WARNING: GNU coreutils will be built without ACL support.
> > >configure: WARNING: libattr development library was not found or not
> > usable.
> > >configure: WARNING: GNU coreutils will be built without xattr support.
> > >configure: WARNING: libcap library was not found or not usable.
> > >configure: WARNING: GNU coreutils will be built without capability
> > support.
> > >configure: WARNING: libgmp development library was not found or not
> > usable.
> > >configure: WARNING: GNU coreutils will be built without GMP support.
> > >src/who.c: In function 'print_user':
> > >src/who.c:454:20: warning: initialization discards 'const' qualifier
> > from pointer target type [-Wdiscarded-qualifiers]
> > > int   *a = utmp_ent->ut_addr_v6;
> > >^~~~
> > >d14bdb413ea6cdc8d9354fcbc37a834b7de0c23f992deb0c6764d0fd5d65408e
> > >/home/gut/ubuntu-16.10-server-ppc64el.iso
> > >
> > >real0m18.670s
> > >user0m16.566s
> > >sys 0m0.745s
> > >
> > >$ # now with the following patch:
> > >$ diff Makefile.in ../Makefile.in
> > >8989c8989
> > >< @am__fastdepCC_TRUE@  $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c
> > >-o $@ $< &&\
> > >---
> > >> @am__fastdepCC_TRUE@  $(COMPILE) $$([ "$@" == "lib/sha256.o" ] &&
> > >> echo "-fno-schedule-insns") -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@
> > >> $< &&\
> > >$ cp ../Makefile.in Makefile.in
> > >$ (./configure && make -j9) > /dev/null && time src/sha256sum
> > >~/ubuntu-16.10-server-ppc64el.iso
> > >configure: WARNING: libacl development library was not found or not
> > usable.
> > >configure: WARNING: GNU coreutils will be built without ACL support.
> > >configure: WARNING: libattr development library was not found or not
> > usable.
> > >configure: WARNING: GNU coreutils will be built without xattr support.
> > >configure: WARNING: libcap library was not found or not usable.
> > >configure: WARNING: GNU coreutils will be built without capability
> > support.
> > 

Bug#854083: fail2ban: tail option on logpath lines

[SysCo Lol]

Package: fail2ban
Version: 0.8.13-1
Severity: important

Dear Maintainer,

In jail.conf, a logpath line with a space separated 'tail' word no longer 
works, as
it worked in wheezy.

jail.conf extract:

[apache-urls]
enabled = true
filter = apache-urls
action = iptables-multiport[name=ApacheURLs, port="http,https"]
logpath = /var/log/apache2/*log tail
bantime = 900
findtime = 30
maxretry = 15


On restart, fail2ban fail to restart and syslog reads

Feb  3 20:44:57 atlas fail2ban[804]: ERROR  No file(s) found for glob 
/var/log/apache2/*log tail
Feb  3 20:44:57 atlas fail2ban[804]: ERROR  Failed during configuration: Have 
not found any log file for apache-urls jail
Feb  3 20:44:57 atlas fail2ban[804]: failed!

It works well on wheezy with standard fail2ban package.

Best regards

Lol

-- System Information:
Debian Release: 8.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

Versions of packages fail2ban depends on:
ii  lsb-base4.1+Debian13+nmu1
pn  python:any  

Versions of packages fail2ban recommends:
ii  iptables  1.4.21-2+b1
ii  python-pyinotify  0.9.4-1
ii  whois 5.2.7

Versions of packages fail2ban suggests:
ii  bsd-mailx [mailx]8.1.2-0.20141216cvs-2
ii  python-gamin 0.1.10-4.1
ii  rsyslog [system-log-daemon]  8.4.2-1+deb8u2

-- Configuration Files:
/etc/fail2ban/jail.conf changed [not included]

-- no debconf information

Bug#854082: grub-installer: grub-xen fails to install on i386 or amd64 PV guest

[Sergio Gelato]

Package: grub-installer
Version: 1.136
Severity: serious

The grub installation step reproducibly fails using the latest stretch d-i
on both i386 and amd64 Xen PV guests. The logs indicate that grub-install is
looking for /usr/lib/grub/i386-pc instead of /usr/lib/grub/i386-xen, and
similarly on amd64.

I think the problem was introduced by
commit 66f75b7069aeba05eab776b5ac18dffa6874b5f3 .
Shouldn't amd64:grub-xen and i386:grub-xen read amd64/*:grub-xen and
i386/*:grub-xen, respectively, when matching against $ARCH:$grub_package ?

Bug#853935: rephrase: No more works with gpg2 and causes one pinentry popup per guess

[Axel Beckert]

Control: tags -1 + patch

Hi,

Axel Beckert wrote:
> > the 2.1.x version of GnuPG (which is what will offer /usr/bin/gpg in
> > debian stretch) stores its secret key material in a different way
> > (~/.gnupg/private-keys-v1.d) than gpg1 does (~/.gnupg/secring.gpg).  If
> > you want rephrase to recover a partially-known passphrase against gpg
> > 2.1.x, having one that "works" against gpg1 isn't going to be useful at
> > all.
[...]
> > A better short-term fix would be to add "--pinentry-mode", "loopback" to
> > the arguments passed to the gpg invocations in rephrase.c.
> 
> I'll try to come up with a patch for that.

The attached patch works for me with gpg aka gpg2.

I'd also upload it as NMU in case I don't hear from the Debian
Forensics team in time before a potential removal from testing (or if
the team prefers the NMU).

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE
commit befaa3010553b8b3046481487200a17e560e509c
Author: Axel Beckert 
Date:   Fri Feb 3 20:22:30 2017 +0100

Add patch to unconditionally call gpg with "--pinentry-mode loopback"

Closes: #853935

diff --git a/debian/changelog b/debian/changelog
index c75e1c0..51db79c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+rephrase (0.2-1.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Add patch to unconditionally call gpg with "--pinentry-mode loopback".
+(Closes: #853935)
+
+ -- Axel Beckert   Thu, 02 Feb 2017 11:29:59 +0100
+
 rephrase (0.2-1) unstable; urgency=medium
 
   * Team upload.
diff --git a/debian/patches/02_minimal_gpg2_support.patch b/debian/patches/02_minimal_gpg2_support.patch
new file mode 100644
index 000..47f1b47
--- /dev/null
+++ b/debian/patches/02_minimal_gpg2_support.patch
@@ -0,0 +1,23 @@
+Description: Make rephrase working with gpg2
+Author: Axel Beckert  after an idea by Daniel Kahn Gillmor 
+Bug-Debian: https://bugs.debian.org/853935
+
+--- a/rephrase.c
 b/rephrase.c
+@@ -63,14 +63,14 @@
+ struct profile profiles[] = {
+   {
+ "--gpg-key",
+-{ GPG, "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL },
++{ GPG, "--pinentry-mode", "loopback", "--default-key", "%1", "--passphrase-fd", "0", "--batch", "--no-tty", "--dry-run", "--clearsign", "/dev/null", NULL },
+ 1,
+ 0,
+ -1
+   },
+   {
+ "--gpg-symmetric",
+-{ GPG, "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL },
++{ GPG, "--pinentry-mode", "loopback", "--passphrase-fd", "0", "--batch", "--no-tty", "--decrypt", "%1", NULL },
+ 1,
+ 0,
+ -1
diff --git a/debian/patches/series b/debian/patches/series
index 99e88ef..96f7bb0 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 01_fix_bin_path.patch
+02_minimal_gpg2_support.patch


signature.asc
Description: Digital signature

Bug#853990: Acknowledgement (Add prompt for iSCSI initiator name in installer)

[Philip Hands]

Kevin Otte  writes:

>> which I've just rebased and then tweaked to use a here document:
>> 
>>   
>> https://anonscm.debian.org/cgit/d-i/partman-iscsi.git/log/?h=pu/iscsi-initiator-prompt
>
> The here document needs to be left justified, lest the target file end
> up with the indentation. See finish.d/iscsi_settings:69 et al.

I'm always torn on this one.

I like pretty code, so I used <<- (which strips out leading TABs from
the here doc) so it will actually do the right thing as it is now.

However, it only takes someone that doesn't know about that subtlety to
carelessly edit the file and turn TABs into spaces to break things and
create a hard to notice bug, so perhaps I should have left the '-' and
the TABs out, as you suggest.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Bug#854081: decopy: Stops in middle of repo.

[shirish शिरीष]

Package: decopy
Version: 0.2-1
Severity: important

Dear Maintainer,
I was trying the tool in the same repo. The allacrost repo.

[$] hg paths
[1:07:30]

default = https://bitbucket.org/allacrost/allacrost

I made a /debian sub-directory to simulate that the repo. is a source
directory of a debian package.

I gave this flags while trying it out -

┌─[shirish@debian] - [~/games/allacrost] - [10086]
└─[$] decopy --debug --group-by copyright

It runs for sometime and then for some unexplicable reason it stops as
can be seen in the attached file.

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (600, 'testing'), (500, 'unstable-debug'), (500,
'testing-debug'), (1, 'experimental-debug'), (1, 'experimental'), (1,
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages decopy depends on:
ii  bzip2   1.0.6-8+b1
ii  exiv2   0.25-3
ii  python3-debian  0.1.29
ii  python3-xdg 0.25-4
pn  python3:any 
ii  xz-utils5.2.2-1.2

decopy recommends no packages.

decopy suggests no packages.

-- no debconf information


-- 
  Regards,
  Shirish Agarwal  शिरीष अग्रवाल
  My quotes in this email licensed under CC 3.0
http://creativecommons.org/licenses/by-nc/3.0/
http://flossexperiences.wordpress.com
EB80 462B 08E1 A0DE A73A  2C2F 9F3D C7A4 E1C4 D2D8
┌─[shirish@debian] - [~/games/allacrost] - [10086]
└─[$] decopy --debug --group-by copyright   
 [18:54:45]
[DEBUG] Listing .
[DEBUG] Ignoring directory .deps as requested
[DEBUG] Ignoring directory .hg as requested
[DEBUG] Listing ./mus
[DEBUG] Listing ./lib
[DEBUG] Listing ./debian
[DEBUG] Listing ./src
[DEBUG] Listing ./src/luabind
[DEBUG] Listing ./src/luabind/luabind
[DEBUG] Listing ./src/luabind/luabind/detail
[DEBUG] Listing ./src/luabind/src
[DEBUG] Listing ./src/common
[DEBUG] Listing ./src/common/gui
[DEBUG] Listing ./src/common/global
[DEBUG] Listing ./src/engine
[DEBUG] Listing ./src/engine/video
[DEBUG] Listing ./src/engine/script
[DEBUG] Listing ./src/engine/audio
[DEBUG] Listing ./src/editor
[DEBUG] Listing ./src/modes
[DEBUG] Listing ./src/modes/menu
[DEBUG] Listing ./src/modes/map
[DEBUG] Listing ./src/modes/shop
[DEBUG] Listing ./src/modes/save
[DEBUG] Listing ./src/modes/boot
[DEBUG] Listing ./src/modes/battle
[DEBUG] Listing ./game
[DEBUG] Ignoring directory .deps as requested
[DEBUG] Listing ./game/autom4te.cache
[DEBUG] Listing ./game/txt
[DEBUG] Listing ./img
[DEBUG] Listing ./img/backdrops
[DEBUG] Listing ./img/backdrops/battle
[DEBUG] Listing ./img/sprites
[DEBUG] Listing ./img/sprites/objects
[DEBUG] Listing ./img/sprites/characters
[DEBUG] Listing ./img/sprites/creatures
[DEBUG] Listing ./img/sprites/enemies
[DEBUG] Listing ./img/misc
[DEBUG] Listing ./img/misc/editor_tools
[DEBUG] Listing ./img/logos
[DEBUG] Listing ./img/tilesets
[DEBUG] Listing ./img/portraits
[DEBUG] Listing ./img/portraits/full
[DEBUG] Listing ./img/portraits/face
[DEBUG] Listing ./img/portraits/damage
[DEBUG] Listing ./img/portraits/locations
[DEBUG] Listing ./img/effects
[DEBUG] Listing ./img/icons
[DEBUG] Listing ./img/icons/actors
[DEBUG] Listing ./img/icons/actors/characters
[DEBUG] Listing ./img/icons/actors/enemies
[DEBUG] Listing ./img/icons/items
[DEBUG] Listing ./img/icons/armor
[DEBUG] Listing ./img/icons/weapons
[DEBUG] Listing ./img/icons/effects
[DEBUG] Listing ./img/icons/battle
[DEBUG] Listing ./img/fonts
[DEBUG] Listing ./img/menus
[DEBUG] Listing ./autom4te.cache
[DEBUG] Listing ./HoA.xcodeproj
[DEBUG] Listing ./lua
[DEBUG] Listing ./lua/graphics
[DEBUG] Listing ./lua/graphics/particles
[DEBUG] Listing ./lua/test
[DEBUG] Listing ./lua/data
[DEBUG] Listing ./lua/data/actors
[DEBUG] Listing ./lua/data/config
[DEBUG] Listing ./lua/data/tilesets
[DEBUG] Listing ./lua/data/skills
[DEBUG] Listing ./lua/data/maps
[DEBUG] Listing ./lua/data/effects
[DEBUG] Listing ./lua/data/inventory
[DEBUG] Listing ./lua/scripts
[DEBUG] Listing ./lua/scripts/maps
[DEBUG] Listing ./lua/scripts/battles
[DEBUG] Listing ./lua/scripts/custom
[DEBUG] Listing ./snd
[DEBUG] Listing ./txt
[DEBUG] Listing ./m4
[DEBUG] Listing ./doc
[DEBUG] Type for ./COPYING is: text/x-copying
[DEBUG] Parsed ./COPYING: [1989-1991, Free Software Foundation, Inc, 1959, 
Temple Place, Suite 330, Boston, MA 02111-1307 USA], dict_values(['GPL-2+'])
[DEBUG] Type for ./LICENSES is: text/plain
[DEBUG] Parsed ./LICENSES: [], dict_values(['GPL-2'])
[DEBUG] Type for ./shake.o is: application/x-object
[DEBUG] Parsed ./shake.o: [], dict_values([])
[DEBUG] Type for ./battle_finish.o is: application/x-object
[DEBUG] Parsed ./battle_finish.o: [], dict_values([])
[DEBUG] Type for ./main_options.o is: application/x-object
[DEBUG] Parsed 

Bug#854080: [kdevelop] crash at import of very small project

[Georg Gast]

Package: kdevelop
Version: 4:5.0.1-2
Severity: normal

--- Please enter the report below this line. ---
kdevelop crashes after it imported or started a fresh project.

When i start it in a console, i get this output

georg@hammerhead:/tmp$ kdevelop
kdevelop.documentation.qthelp: qmake query returned error: ""
Invalid return type in method "core"
Invalid return type in method "extensions"
/bin/cat:
/home/georg/.local/share/kdevelop/sessions/{8601bb00--411e-8aba-81d44578c17e}/default.sh:
Datei oder Verzeichnis nicht gefunden
Invalid return type in method "core"
Invalid return type in method "extensions"
No node found for item that was just removed:
QUrl("file:///home/georg/p1.tar.gz")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
"Allgemeine Projektverwaltung" ()
"CMake-Projektverwaltung" ("CMakeLists.txt")
"Eigenes Build-System" ()
"Projektverwaltung mit eigenem Makefile" ("GNUmakefile", "Makefile",
"makefile", "GNUmakefile.*", "Makefile.*", "makefile.*")
"QMake-Projektverwaltung" ("*.pro")
Ninja plugin installed but ninja is not installed.


kdevplatform.shell: Could not load plugin "KDevNinjaBuilder" , it
reported the error: "" Disabling the plugin now.

KCrash: crashing... crashRecursionCounter = 2


KCrash: Application Name = kdevelop path = /usr/bin pid = 24921


KCrash: Arguments: /usr/bin/kdevelop


KCrash: Attempting to start /usr/lib/x86_64-linux-gnu/libexec/drkonqi
from kdeinit

sock_file=/run/user/1000/kdeinit5__0





[1]+  Angehalten  kdevelop



--- System information. ---
Architecture: Kernel:   Linux 4.9.0-1-amd64

Debian Release: 9.0
  500 testing ftp.de.debian.org   500 stable  dl.google.com
--- Package information. ---
Depends (Version) | Installed
=-+-
kdevelop-data  (>= 4:5.0.1-2) | 4:5.0.1-2
kdevplatform10-libs(>= 5.0.1) | 5.0.3-1
libc6   (>= 2.14) | libclang1-3.8
(>= 3.8) | libgcc1
(>= 1:3.0) | libkasten3controllers3 (>= 4:14.12.0) |
libkasten3core3(>= 4:14.12.0) |
libkasten3okteta1controllers1  (>= 4:14.12.0) |
libkasten3okteta1core1 (>= 4:14.12.0) |
libkasten3okteta1gui1  (>= 4:14.12.0) | libkf5completion5
 (>= 4.97.0) | libkf5configcore5 (>=
4.98.0) | libkf5configgui5  (>= 4.97.0) |
libkf5configwidgets5  (>= 4.96.0) | libkf5coreaddons5
 (>= 5.16.0) | libkf5crash5  (>=
5.15.0) | libkf5declarative5(>= 4.96.0) |
libkf5i18n5   (>= 4.97.0) | libkf5iconthemes5
 (>= 4.96.0) | libkf5itemviews5  (>=
4.96.0) | libkf5jobwidgets5 (>= 4.96.0) |
libkf5kiocore5(>= 4.96.0) | libkf5kiowidgets5
 (>= 4.96.0) | libkf5newstuff5   (>=
4.95.0) | libkf5parts5  (>= 4.96.0) |
libkf5texteditor5 | libkf5threadweaver5
 (>= 4.98.0) | libkf5widgetsaddons5  (>=
4.96.0) | libkf5xmlgui5 (>= 4.96.0) |
libprocesscore7  (>= 4:5.3.0) | libprocessui7
 (>= 5.2.50+git) | libqt5core5a  (>=
5.6.0~beta) | libqt5dbus5(>= 5.4.0) |
libqt5gui5 (>= 5.4.0) | libqt5help5
 (>= 5.6.0~beta) | libqt5network5
(>= 5.4.0) | libqt5quickwidgets5(>= 5.3.0) |
libqt5webkit5  

Bug#853767: installation-guide_20161031_welcome: [INTL:nl] Dutch po file

[Frans Spiesschaert]

Hi Holger,

Holger Wansing schreef op do 02-02-2017 om 21:44 [+0100]:
> Hi Frans,
> 
> it's fine to see a d-i manual translation update for Dutch, after Dutch
> being orphaned for a long time.
> 
> I have activated the build for i386 in Dutch on 
> http://d-i.alioth.debian.org/manual/. Might help for proofreading or such.

Nice.

> It would be great if you could work on the Dutch d-i manual further.

I intend to do so, but at a slow pace and not specifically aiming at the
Stretch release.

> (It's probably to late for Stretch, but maybe a target for Buster?)
> 
> 
> Regards
> Holger
> 
> 
> 

-- 
Cheers,
Frans



signature.asc
Description: This is a digitally signed message part

Bug#853990: Acknowledgement (Add prompt for iSCSI initiator name in installer)

[Kevin Otte]

> which I've just rebased and then tweaked to use a here document:
> 
>   
> https://anonscm.debian.org/cgit/d-i/partman-iscsi.git/log/?h=pu/iscsi-initiator-prompt

The here document needs to be left justified, lest the target file end
up with the indentation. See finish.d/iscsi_settings:69 et al.

-- Kevin

Bug#854040: unblock: iptables/1.6.1

[Niels Thykier]

Control: tags -1 moreinfo

Arturo Borrero Gonzalez:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> 
> Dear release team,
> 
> thanks for your awesome work with Debian. I really appreciate it.
> 
> In debian stretch/sid, we currently have iptables 1.6.0+snapshot20161117-5.
> 
> Upstream has released iptables 1.6.1, but by the time of the upstream release
> I had no time to upload to unstable due to our freeze and the 10 days
> testing migration delay.
> 
> I, hereby, ask for permission to upload iptables 1.6.1 to unstable targeting
> debian stretch.
> 
> This request is previous to any effort by my side to package this new
> upstream release, so I have no debdiff or the like.
> However, I have counted that our package is ~17 commits behind the upstream
> code.
> 
> There are no hidden interests in this request. Please, decide according
> to your needs and the needs of Stretch.
> 

Hi Arturo,

Thanks for bring this up.

Without any additional information, it is hard for us to review this
request.  The easiest for us is if you attach a source debdiff between
testing and unstable plus the change log to the request.

Thanks,
~Niels

Bug#854022: Not able anymore to contact debian bts)

[Klaus Ethgen]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Am Fr den  3. Feb 2017 um 19:56 schrieb Don Armstrong:
> As near as I can tell, the certificates for the BTS are just fine:
> 
> % openssl s_client -showcerts -connect bugs.debian.org:443  x509 -text|grep -e verify -e GMT -i   
> depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
> verify return:1
> depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> verify return:1
> depth=0 CN = bugs.debian.org
> verify return:1
> DONE
> Not Before: Jan  6 10:58:00 2017 GMT
> Not After : Apr  6 10:58:00 2017 GMT

Ah, so debian changed the CA? Was that published somewhere? I do not
usually trust certificates coming from a different CA.

> So if you're getting this error, it's either that reportbug is
> connecting to the wrong URI, you don't have the appropriate CAs
> installed, or something else is going on.

Well, as I told, I do not trust CAs per default. I usually check
certificates very good. As good as possible. And I cannot find any
documentation that debian switched or want to switch.

So, yes, that might be the reason, but please do document that proper.

Regards
   Klaus
- -- 
Klaus Ethgen   http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16Klaus Ethgen 
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C
-BEGIN PGP SIGNATURE-
Comment: Charset: ISO-8859-1

iQGzBAEBCgAdFiEEMWF28vh4/UMJJLQEpnwKsYAZ9qwFAliU1aYACgkQpnwKsYAZ
9qyG/AwAmUC6bPFTaEflheY7hiW8ixBFHUzthgna1qMkE0VnMdfLHnB/xea5FAem
gnf3HgPoZxBenGWDfqjnfNIr6d8ILBntho4EpiCTPIhmOX3XQ4tKgpAa/ezgiBZv
wKWbWg3++6Ynd+2vrrgKJX8BjqOkW6nB1nB8dF/MbmWnft3GKa62sGvhHTYTXYom
OT/6nb4VaKdzOqxmr3BGFV043+U01eluUWYqwIPphs4Bs35c6B+MVfP4k2ZqyJFI
yYqyWnj6bk25PHYgsKFbMtcO6xBjXT5Myk2sA2P8Iq8oe6pqrgnh+B6STbPqx+gr
HqcgAVwvtsYnhwoLynbe0EptM9AAZG01HVfEoJmdU3bNBQuLSAF33gqUmR2GMncX
v/iYGifE9df+FqPYet5uDQ++JjEUTbKGsmyIuV/Ihfw9Lnrim6LGM00VzinLGjoO
p29mPGPFuZG+/isWTqk2Bdc1ff2voo7WqTaUbSnd0ZKZREZ9hE7kVQ+o5wcJyB9S
CZnuw35p
=0sEI
-END PGP SIGNATURE-

Bug#854079: firefox-esr: firefox dies immediately on arm64

[Aaro Koskinen]

Package: firefox-esr
Version: 45.7.0esr-1
Severity: important

Dear Maintainer,

Firefox crashes right after startup:

$ time firefox
Xlib:  extension "RANDR" missing on display ":0".
Segmentation fault

real0m12.336s
user0m10.940s
sys 0m0.703s

$ time firefox-esr -safe-mode
Xlib:  extension "RANDR" missing on display ":0".
Segmentation fault

real0m21.269s
user0m11.961s
sys 0m0.678s

$ MOZILLA_DISABLE_PLUGINS=1 firefox-esr
Xlib:  extension "RANDR" missing on display ":0".
Segmentation fault

$ gdb --args firefox-esr
GNU gdb (Debian 7.12-6) 7.12.0.20161007-git
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "aarch64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
.
Find the GDB manual and other documentation resources online at:
.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from firefox-esr...Reading symbols from 
/usr/lib/debug//usr/lib/firefox-esr/firefox-esr...done.
done.
(gdb) set pagination off
(gdb) run
Starting program: /usr/bin/firefox-esr 
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/aarch64-linux-gnu/libthread_db.so.1".

Xlib:  extension "RANDR" missing on display ":0".
[New Thread 0x7fb1aff1e0 (LWP 20176)]
[New Thread 0x7fafbff1e0 (LWP 20181)]
[New Thread 0x7fb21531e0 (LWP 20182)]
[New Thread 0x7faf3ff1e0 (LWP 20183)]
[New Thread 0x7faebff1e0 (LWP 20184)]
[New Thread 0x7fae9ff1e0 (LWP 20185)]
[New Thread 0x7fae7ff1e0 (LWP 20186)]
[New Thread 0x7fae5ff1e0 (LWP 20187)]
[New Thread 0x7fae3ff1e0 (LWP 20188)]
[New Thread 0x7fae1ff1e0 (LWP 20189)]
[New Thread 0x7fadfff1e0 (LWP 20190)]
[New Thread 0x7faddff1e0 (LWP 20191)]
[New Thread 0x7facbff1e0 (LWP 20192)]
[New Thread 0x7fabfff1e0 (LWP 20193)]
[New Thread 0x7fab7ff1e0 (LWP 20194)]

Thread 1 "firefox-esr" received signal SIGSEGV, Segmentation fault.
0x007fb7d10b08 in memcpy () from /lib/aarch64-linux-gnu/libc.so.6
(gdb) 
(gdb) bt full
#0  0x007fb7d10b08 in memcpy () from /lib/aarch64-linux-gnu/libc.so.6
No symbol table info available.
#1  0x0056b740 in memcpy (__len=304, __src=0x7fb1bf0570, 
__dest=) at /usr/include/aarch64-linux-gnu/bits/string3.h:53
No locals.
#2  huge_ralloc (oldsize=, size=, ptr=) at 
/build/firefox-esr-uN3dxy/firefox-esr-45.7.0esr/memory/mozjemalloc/jemalloc.c:5250
copysize = 304
#3  iralloc (size=312, ptr=0x7fb1bf0570) at 
/build/firefox-esr-uN3dxy/firefox-esr-45.7.0esr/memory/mozjemalloc/jemalloc.c:4944
oldsize = 304
#4  realloc (ptr=0x7fb1bf0570, size=312) at 
/build/firefox-esr-uN3dxy/firefox-esr-45.7.0esr/memory/mozjemalloc/jemalloc.c:6420
ret = 
#5  0x007fb32d7410 in g_realloc () from 
/lib/aarch64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#6  0x007fb33beb74 in ?? () from /lib/aarch64-linux-gnu/libgobject-2.0.so.0
No symbol table info available.
#7  0x007fb2a31848 in ?? ()
No symbol table info available.
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

-- Package-specific info:

-- Extensions information
Name: Default theme
Location: 
/usr/lib/firefox-esr/browser/extensions/{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Package: firefox-esr
Status: enabled

Name: Firefox Hello Beta
Location: ${PROFILE_EXTENSIONS}/l...@mozilla.org.xpi
Status: enabled

-- Plugins information

-- Addons package information
ii  firefox-esr45.7.0esr-1  arm64Mozilla Firefox web browser - Ext

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: arm64 (aarch64)

Kernel: Linux 4.9.0-rpi3-los_47cf70 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages firefox-esr depends on:
ii  debianutils   4.8.1
ii  fontconfig2.11.0-6.7
ii  libasound21.1.2-1
ii  libatk1.0-0   2.22.0-1
ii  libc6 2.24-9
ii  libcairo2 1.14.8-1
ii  libdbus-1-3   1.10.14-1
ii  libdbus-glib-1-2  0.108-2
ii  libevent-2.0-52.0.21-stable-2.1
ii  libffi6   3.2.1-6
ii  libfontconfig12.11.0-6.7
ii  libfreetype6  2.6.3-3+b1
ii  libgcc1   1:6.3.0-5
ii  libgdk-pixbuf2.0-02.36.4-1
ii  libglib2.0-0  2.50.2-2
ii  libgtk2.0-0   2.24.31-1
ii  libhunspell-1.4-0 1.4.1-2+b1
ii  libnspr4  2:4.12-6
ii  libnss3   

Bug#854078: network-manager: nm-online returns before network devices got an address

[Uwe Kleine-König]

Package: network-manager
Version: 1.4.4-1
Severity: serious
Tags: upstream
Justification: affects other packages
Control: forwarded -1 https://bugzilla.gnome.org/show_bug.cgi?id=777831

Hello,

this is to track this bug in the Debian BTS. It is already reported
upstream.

tftpd-hpa has in it's init script

Required-Start:   $local_fs $remote_fs $syslog $network

Still adding to it in do_start()

ip a > /tmp/tftpd-addr-info

results in this content of the above file

1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: wlp2s0:  mtu 1500 qdisc mq state DOWN 
group default qlen 1000
link/ether e6:82:ab:03:8f:6c brd ff:ff:ff:ff:ff:ff

That is, tftpd is started before network is ready. When I log into the
machine, network is available, so the problem is really that nm-online
doesn't block long enough.

Best regards
Uwe

Bug#854067: ITP : node-prepend-http -- Prepend `http://` to humanized URLs like todomvc.com and localhost

[Ben Finney]

Shirish Togarla  writes:

>   Description : Prepend `http://` to humanized URLs like todomvc.com
> and localhost

This is not written as a noun phrase describing the package. Also, there
is no longer description to give enough information to the reader.

When writing the ITP, please take the time to write a proper package
description. See the Debian Developer's Reference, §6.2.1 – 6.2.3.

Please note that it is often a mistake to copy the text from the
upstream work. Write the description of the Debian package to meet
Debian's guidelines.

-- 
 \ “For every complex problem, there is a solution that is simple, |
  `\   neat, and wrong.” —Henry L. Mencken |
_o__)  |
Ben Finney 

Bug#854074: gcc-6: please enable PIE hardening flags by default on kfreebsd-*

[Steven Chamberlain]

Hi,

Matthias Klose wrote:
> [CCing porters, please also leave feedback in #835148 for non-release 
> architectures]

Since that bug is done/closed/actioned, I've cloned a new one for this
request.

> On 29.09.2016 21:39, Niels Thykier wrote:
> > As agreed on during the [meeting], if there are no major concerns to
> > this proposal in general within a week, I shall file a bug against GCC
> > requesting PIE by default on all release architectures (with backing
> > porters).

I think we are ready for this now;  please enable PIE by default on
kfreebsd-* when it is practical (or rather, allow dpkg-buildflags to
enable it).

Thanks,
Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org


signature.asc
Description: Digital signature

Bug#854046: dh-make-perl: Incorrect dependencies created from List::Util

[Niko Tyni]

On Fri, Feb 03, 2017 at 12:47:10PM +, Carnë Draug wrote:
> Package: dh-make-perl
> Version: 0.93
> Severity: normal
> 
> dh-make-perl creates this weird dependency line if there is
> a dependency on List::Util:
> 
>  libperl5.24:amd64 (>= 1.45) | libscalar-list-utils-perl (>= 1.45) | 
> perl-base (>= 1.45)

Thanks.

This should read either something like

 libscalar-list-utils-perl (>= 1.45) | perl-base (>= 5.25.1)

or alternatively just

 libscalar-list-utils-perl (>= 1.45)

In particular, libperl5.xx is always wrong and should be transformed to
'perl' or 'perl-base' instead, with some version mangling as well.

Looks like Debian::Control::FromCPAN::find_debs_for_modules() needs to
be smarter about newer versions of core modules. Currently it just sees
that it's not in core for the current Perl, and goes ahead to look for
it in the package file lists, without giving any special handling to
the src:perl packages.

Sorry, no patch :)
-- 
Niko

Bug#836862: libreswan: /etc/ipsec.conf is already shipped by strongswan-starter

[Daniel Kahn Gillmor]

Control: clone 836862 -1
Control: reassign -1 src:strongswan
Control: retitle -1 strongswan-starter should Provide: ike-server, not 
strongswan-charon

On Tue 2016-09-06 11:46:29 -0400, Andreas Beckmann wrote:
> during a test with piuparts I noticed your package fails to upgrade from
> 'sid' to 'experimental'.
> It installed fine in 'sid', then the upgrade to 'experimental' fails
> because it tries to overwrite other packages files.
>
> See policy 7.6 at
> https://www.debian.org/doc/debian-policy/ch-relationships.html#s-replaces
>
>>From the attached log (scroll to the bottom...):
>
>   Selecting previously unselected package libreswan.
>   Preparing to unpack .../43-libreswan_3.18-1_amd64.deb ...
>   Unpacking libreswan (3.18-1) ...
>   dpkg: error processing archive 
> /tmp/apt-dpkg-install-za7Gyz/43-libreswan_3.18-1_amd64.deb (--unpack):
>trying to overwrite '/etc/ipsec.conf', which is also in package 
> strongswan-starter 5.5.0-1
>   dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
>
>
> Using Breaks+Replaces would most likely be the wrong solution here.
> If the conffile can be shared by both packages (hopefully it does),
> it should be factored out into a separate package instead and both
> users should add a dependency on this new package.

I'd have expected strongswan-starter to declare itself an "ike-server"
package, so that the existing breaks/replaces/provides trio would here.

ike-server is a virtual package like mail-transport-agent which is
provided by the packages:

 ike
 racoon
 isakmpd
 strongswan-charon
 libreswan

only one of these can be functional on a system at any time anyway.

I'm suprised to see that strongswan-charon is the package providing
ike-server, if stronswan-starter is the package that contains the system
integration.

Here's the current contents of strongswan-charon:

usr/share/strongswan/templates/config/strongswan.d/charon.conf
usr/share/strongswan/templates/config/strongswan.d/charon-logging.conf
usr/share/doc/strongswan-charon/copyright
usr/share/doc/strongswan-charon/changelog.gz
usr/share/doc/strongswan-charon/changelog.Debian.gz
usr/share/doc/strongswan-charon/NEWS.Debian.gz
usr/lib/ipsec/charon
etc/strongswan.d/charon.conf
etc/strongswan.d/charon-logging.conf
etc/apparmor.d/usr.lib.ipsec.charon

None of these are system integration bits, and i don't think this
package should be labeled as the thing that Provides: ike-server.  (i
note that strongswan-charon Depends: strongswan-starter, but i'm not
sure i understand why those deps are in that order instead of the other
way around.

Anyway, i'll make libreswan explicitly conflict with strongswan-starter
to resolve 836862, but hopefully this cloned bug can be resolved on the
strongswan side.

Regards,

-dkg


signature.asc
Description: PGP signature

Bug#853947: [Swan-dev] Bug#853947: libreswan FTBFS on mips and mipsel: error: "_ABI64" is not defined [-Werror=undef]

[Daniel Kahn Gillmor]

On Thu 2017-02-02 20:26:26 -0500, Paul Wouters wrote:
> Can you try the attached patch?
>
> Totally untested, because I don't have that build environment, and based
> on some random googling :)
>
> Paul
> diff --git a/lib/libswan/nss_copies.c b/lib/libswan/nss_copies.c
> index b90bbf0..16976db 100644
> --- a/lib/libswan/nss_copies.c
> +++ b/lib/libswan/nss_copies.c
> @@ -3,6 +3,10 @@
>   * file, You can obtain one at http://mozilla.org/MPL/2.0/.
>   */
>  
> +#ifdef _MIPS_SIM
> +# include 
> +#endif
> +
>  #include 
>  #include 
>  #include "nss_copies.h"

I've tried this as
bugfix-853947/0010-Try-to-include-the-correct-headers-on-MIPS.patch in
3.19-2, and it does not seem to resolve the build problems on mips and
mipsel:

https://buildd.debian.org/status/fetch.php?pkg=libreswan=mips=3.19-2=1486145635=0

ends with:

cc -g -O2 -fdebug-prefix-map=/«PKGBUILDDIR»=. -fstack-protector-strong -Wformat 
-Werror=format-security -I/«PKGBUILDDIR»/lib/libcrypto/libsha2 
-I/«PKGBUILDDIR»/lib/libcrypto/libaes_xcbc -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include -I. 
-I/«PKGBUILDDIR»/linux/net/ipsec -I/«PKGBUILDDIR»/linux/include 
-I/«PKGBUILDDIR» -DPFKEYV2  -I/usr/include/nss -I/usr/include/nspr 
-I/«PKGBUILDDIR»/include -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include 
-std=gnu99  -g -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fexceptions 
-fstack-protector-all -fno-strict-aliasing -fPIE -DPIE -DFORCE_PR_ASSERT 
-DDNSSEC -DLIBCURL -DLDAP_VER=3 -DHAVE_NM -DUSE_MD5 -DUSE_SHA2 -DUSE_SHA1 
-DUSE_AES -DUSE_3DES -DUSE_CAMELLIA -DUSE_SERPENT -DUSE_TWOFISH -DUSE_CAST 
-DUSE_RIPEMD -DFIPSPRODUCTCHECK=\"/etc/system-fips\" 
-DIPSEC_CONF=\"/etc/ipsec.conf\" -DIPSEC_CONFDDIR=\"/etc/ipsec.d\" 
-DIPSEC_NSSDIR=\"/var/lib/ipsec/nss\" -DIPSEC_CONFDIR=\"/etc\" 
-DIPSEC_EXECDIR=\"/usr/lib/ipsec\" -DIPSEC_SBINDIR=\"/usr/sbin\" 
-DIPSEC_VARDIR=\"/var\" -DPOLICYGROUPSDIR=\"/etc/ipsec.d/policies\" 
-DIPSEC_SECRETS_FILE=\"/etc/ipsec.secrets\" -DRETRANSMIT_INTERVAL_DEFAULT="500" 
-DUSE_FORK=1 -DUSE_VFORK=0 -DUSE_DAEMON=0 -DUSE_PTHREAD_SETSCHEDPRIO=1 
-DGCC_LINT -DALLOW_MICROSOFT_BAD_PROPOSAL -Werror -Wall -Wextra -Wformat 
-Wformat-nonliteral -Wformat-security -Wundef -Wmissing-declarations 
-Wredundant-decls -Wnested-externs  -I/«PKGBUILDDIR»/lib/libcrypto/libsha2 
-I/«PKGBUILDDIR»/lib/libcrypto/libaes_xcbc -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I. -I/«PKGBUILDDIR»/linux/net/ipsec 
-I/«PKGBUILDDIR»/linux/include -I/«PKGBUILDDIR» -DPFKEYV2  -I/usr/include/nss 
-I/usr/include/nspr -I/«PKGBUILDDIR»/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include 
-std=gnu99  -g -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -fexceptions 
-fstack-protector-all -fno-strict-aliasing -fPIE -DPIE -DFORCE_PR_ASSERT 
-DDNSSEC -DLIBCURL -DLDAP_VER=3 -DHAVE_NM -DUSE_MD5 -DUSE_SHA2 -DUSE_SHA1 
-DUSE_AES -DUSE_3DES -DUSE_CAMELLIA -DUSE_SERPENT -DUSE_TWOFISH -DUSE_CAST 
-DUSE_RIPEMD -DFIPSPRODUCTCHECK=\"/etc/system-fips\" 
-DIPSEC_CONF=\"/etc/ipsec.conf\" -DIPSEC_CONFDDIR=\"/etc/ipsec.d\" 
-DIPSEC_NSSDIR=\"/var/lib/ipsec/nss\" -DIPSEC_CONFDIR=\"/etc\" 
-DIPSEC_EXECDIR=\"/usr/lib/ipsec\" -DIPSEC_SBINDIR=\"/usr/sbin\" 
-DIPSEC_VARDIR=\"/var\" -DPOLICYGROUPSDIR=\"/etc/ipsec.d/policies\" 
-DIPSEC_SECRETS_FILE=\"/etc/ipsec.secrets\" -DRETRANSMIT_INTERVAL_DEFAULT="500" 
-DUSE_FORK=1 -DUSE_VFORK=0 -DUSE_DAEMON=0 -DUSE_PTHREAD_SETSCHEDPRIO=1 
-DGCC_LINT -DALLOW_MICROSOFT_BAD_PROPOSAL -Werror -Wall -Wextra -Wformat 
-Wformat-nonliteral -Wformat-security -Wundef -Wmissing-declarations 
-Wredundant-decls -Wnested-externs  -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include -I/«PKGBUILDDIR»/ports/linux/include 
-I/«PKGBUILDDIR»/ports/linux/include  \
-MMD -MF ./base64_rsa_pubkey.d \
-o ./base64_rsa_pubkey.o \
-c /«PKGBUILDDIR»/lib/libswan/base64_rsa_pubkey.c
In file included from /usr/include/nspr/prtypes.h:26:0,
 from /usr/include/nss/seccomon.h:17,
 from /usr/include/nss/nss.h:34,
 from /«PKGBUILDDIR»/lib/libswan/base64_rsa_pubkey.c:21:
/usr/include/nspr/prcpucfg.h:511:18: error: "_ABI64" is not defined 
[-Werror=undef]
 #if _MIPS_SIM == _ABI64
  ^~
cc1: all warnings being treated as errors
../../../mk/depend.mk:28: recipe for target 'base64_rsa_pubkey.o' failed


and it's the same thing on mipsel:

https://buildd.debian.org/status/fetch.php?pkg=libreswan=mipsel=3.19-2=1486145643=0

--dkg


signature.asc
Description: PGP signature

Bug#854022: Not able anymore to contact debian bts)

[Don Armstrong]

Control: reassign -1 reportbug
Control: tag -1 moreinfo
Control: severity -1 minor

On Fri, 03 Feb 2017, Axel Beckert wrote:
> Debian Bug Tracking System wrote:
> > On Fri, Feb 3, 2017 at 2:12 AM, Klaus Ethgen  wrote:
> > > Unable to connect to Debian BTS (error: "SSLError(1, '[SSL:
> > > CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)')");
> > > continue [y|N|?]?
> > 
> > sounds like a problem with the BTS, please contact them; closing as
> > invalid

As near as I can tell, the certificates for the BTS are just fine:

% openssl s_client -showcerts -connect bugs.debian.org:443 https://www.donarmstrong.com

There is no mechanical problem so difficult that it cannot be solved
by brute strength and ignorance.
 -- William's Law

Bug#846002: blends-tasks must be priority:standard and not make a mess out of tasksel menu

[Sam Hartman]

Hi, first, you've made the point that you were hoping the TC would help
the blends team and the d-i team work together.
I think that Phil's suggestions for a technical approach are quite good,
and I hope that will move forward in the buster cycle.

With regard to stretch, I honestly don't think there is anything that we
can do that we believe that we should do.
Some of us think Cyril might  being overly conservative in his initial
decision.  I suspect though that we almost all believe that now is way
too late.
Also, I think all the TC members believe that Cyril is the one who
ultimately should have made the is it too late decision for stretch.
I don't think there's more information he could have been given that
would have helped with that.

"You'll get what you want, but not in the time line you want," is a
frustrating outcome.
However, it is the kind of compromise that is often right in this
situation.


> "Ole" == Ole Streicher  writes:

Ole> Yea, I should improve my reading skills for english. This is my
Ole> misunderstanding. However, if this refers to the number of
Ole> votes within TC (right?), counting that would have been part of
Ole> the decision.

The TC has to vote in order to override someone or to use its
constitutional powers.  The TC doesn't need to "vote" in order to decide
to support an existing decision; we can do this by consensus.

We didn't need to hold a vote for me to read the discussion and have
high personal confidence that there would be insufficient votes to
support your position.  marga proposed closing the bug--deciding by
consensus.  No one on the TC .objected to doing that.  That's a fairly
good sign in our processes it is the right decision.  She ended up
deciding to call for a vote.  Based on the results of that vote it seems
fairly clear it would have been reasonable to close the vote by
consensus as well.

Votes are kind of a crappy way to  make such decisions.


signature.asc
Description: PGP signature

Bug#854053: coreutils: improve 2x-3x sha256sum performance on ppc64le due to current gcc optimization bug

[Gustavo Serra Scalet]

> -Original Message-
> From: Michael Stone [mailto:mst...@debian.org]
> Sent: sexta-feira, 3 de fevereiro de 2017 11:38
> To: Gustavo Serra Scalet 
> Cc: 854...@bugs.debian.org; coreut...@gnu.org
> Subject: Re: Bug#854053: coreutils: improve 2x-3x sha256sum performance
> on ppc64le due to current gcc optimization bug
> 
> On Fri, Feb 03, 2017 at 11:22:28AM -0200, Gustavo Serra Scalet wrote:
> >The sha256sum provided by coreutils (without openssl) is performing
> >poorly with versions >= 4.9 until 7.0 (currently under development).
> >The reason for that is the -fschedule-insns optimization that is used
> >with -O2. By simply deactivating it, there is a performance improvement
> >of
> >2 to 3 times.
> >
> >I'm attaching a patch that demonstrate that behavior but it lacks this
> >condition:
> >* If ppc64le
> >* If gcc being used is >= 4.9 and < 7.0
> >
> >Notes:
> >1) gcc-7 is not affected by this bug (verified on 20170129 snapshot).
> >2) clang is not affected by this bug (verified on v3.8 and v3.9).
> >3) strangely the sha512 is not affected by this.
> 
> Sounds good in theory, just needs conditionals. :) For debian we can
> just assume the compiler version and remove the patch when a newer
> compiler is available as a dependency, but making it conditional on ppc
> seems essential. Upstream would probably want some kind of compiler
> based test.

Seems good to me.
 
> My understanding is that just adding this option to cflags
> when building on the appropriate architecture wouldn't work, because it
> would negatively impact other code, is that correct?

Yes, I wouldn't add this CFLAG for the whole package, but only for the 
lib/sha256.o target (that's what my patch is doing).

For that target, I see a better performance without that optimization than with 
it. Normally nobody shuts off optimization to improve performance but, as I 
said, it is a bug that happens on this target and it affects gcc versions >= 
4.9 and < 7.0.

If you see a different way out, or a more neat approach, please advise.

> 
> Mike Stone
> 
> (additional context quoted below)
> 
> >Below a demonstration of how it performs:
> >
> >===
> >$ (./configure && make -j9) > /dev/null && time src/sha256sum
> >~/ubuntu-16.10-server-ppc64el.iso
> >configure: WARNING: libacl development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without ACL support.
> >configure: WARNING: libattr development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without xattr support.
> >configure: WARNING: libcap library was not found or not usable.
> >configure: WARNING: GNU coreutils will be built without capability
> support.
> >configure: WARNING: libgmp development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without GMP support.
> >src/who.c: In function 'print_user':
> >src/who.c:454:20: warning: initialization discards 'const' qualifier
> from pointer target type [-Wdiscarded-qualifiers]
> > int   *a = utmp_ent->ut_addr_v6;
> >^~~~
> >d14bdb413ea6cdc8d9354fcbc37a834b7de0c23f992deb0c6764d0fd5d65408e
> >/home/gut/ubuntu-16.10-server-ppc64el.iso
> >
> >real0m18.670s
> >user0m16.566s
> >sys 0m0.745s
> >
> >$ # now with the following patch:
> >$ diff Makefile.in ../Makefile.in
> >8989c8989
> >< @am__fastdepCC_TRUE@  $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c
> >-o $@ $< &&\
> >---
> >> @am__fastdepCC_TRUE@  $(COMPILE) $$([ "$@" == "lib/sha256.o" ] &&
> >> echo "-fno-schedule-insns") -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@
> >> $< &&\
> >$ cp ../Makefile.in Makefile.in
> >$ (./configure && make -j9) > /dev/null && time src/sha256sum
> >~/ubuntu-16.10-server-ppc64el.iso
> >configure: WARNING: libacl development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without ACL support.
> >configure: WARNING: libattr development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without xattr support.
> >configure: WARNING: libcap library was not found or not usable.
> >configure: WARNING: GNU coreutils will be built without capability
> support.
> >configure: WARNING: libgmp development library was not found or not
> usable.
> >configure: WARNING: GNU coreutils will be built without GMP support.
> >src/who.c: In function 'print_user':
> >src/who.c:454:20: warning: initialization discards 'const' qualifier
> from pointer target type [-Wdiscarded-qualifiers]
> > int   *a = utmp_ent->ut_addr_v6;
> >^~~~
> >d14bdb413ea6cdc8d9354fcbc37a834b7de0c23f992deb0c6764d0fd5d65408e
> >/home/gut/ubuntu-16.10-server-ppc64el.iso
> >
> >real0m5.903s
> >user0m5.560s
> >sys 0m0.255s
> 
> >--- Makefile.in  2016-11-30 16:34:55.0 -0200
> >+++ ../Makefile.in   2017-02-03 09:33:17.93600 

Bug#854022: closed by Sandro Tosi <mo...@debian.org> (Re: [Reportbug-maint] Bug#854022: Not able anymore to contact debian bts)

[Axel Beckert]

Control: reopen -1
Control: reassign -1 bugs.debian.org

Hi Sandro,

Debian Bug Tracking System wrote:
> On Fri, Feb 3, 2017 at 2:12 AM, Klaus Ethgen  wrote:
> > Unable to connect to Debian BTS (error: "SSLError(1, '[SSL:
> > CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:720)')");
> > continue [y|N|?]?
> 
> sounds like a problem with the BTS, please contact them; closing as invalid

That's no reason to close a bug! Next time, please reassign such bugs
accordingly instead. TIA!

Regards, Axel
-- 
 ,''`.  |  Axel Beckert , http://people.debian.org/~abe/
: :' :  |  Debian Developer, ftp.ch.debian.org Admin
`. `'   |  4096R: 2517 B724 C5F6 CA99 5329  6E61 2FF9 CD59 6126 16B5
  `-|  1024D: F067 EA27 26B9 C3FC 1486  202E C09E 1D89 9593 0EDE