Bug#1075780: update-initramfs works from command line, dpkg hangs after invoking update-initramfs.
Package: linux-image-6.1.0-22-amd64 The installation of linux-image-6.1.0-22-amd64 hung while configuring linux-image-6.1.0-22-amd64, and I have been stuck since with a half-configured linux-image with no option to resolve, preventing dpkg and apt from running. update-initramfs works if run from the command line, but dpkg freezes after invoking it. $ uname -aLinux debian 6.1.0-21-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.90-1 (2024-05-03) x86_64 GNU/Linux$ $ dpkg --list | grep linux-imageii linux-image-6.1.0-21-amd64 6.1.90-1 amd64 Linux 6.1 for 64-bit PCs (signed)iF linux-image-6.1.0-22-amd64 6.1.94-1 amd64 Linux 6.1 for 64-bit PCs (signed)rc linux-image-amd64 6.1.94-1 amd64 Linux for 64-bit PCs (meta-package)$$ sudo update-initramfs -u -v -k 6.1.0-22-amd64update-initramfs: Generating /boot/initrd.img-6.1.0-22-amd64...Calling hook cryptroot-unlockAdding script /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock/usr/share/initramfs-tools/scripts/init-premount/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-top/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-premount/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-bottom/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-block/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/panic/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/init-bottom/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/init-top/ORDER ignored: not executableBuilding cpio /boot/initrd.img-6.1.0-22-amd64.new initramfs /boot/initrd.img-6.1.0-22-amd64$ <--- Command completes after a few seonds, and I am returned to the command line prompt.$$ ll /boot | grep 6.1.0-2 -rw-r--r-- 1 root root 259504 May 3 08:36 config-6.1.0-21-amd64-rw-r--r-- 1 root root 259504 Jun 20 23:59 config-6.1.0-22-amd64-rw-r--r-- 1 root root 56512061 Jun 30 16:32 initrd.img-6.1.0-21-amd64-rw-r--r-- 1 root root 56498551 Jul 4 07:52 initrd.img-6.1.0-22-amd64-rw-r--r-- 1 root root 83 May 3 08:36 System.map-6.1.0-21-amd64-rw-r--r-- 1 root root 83 Jun 20 23:59 System.map-6.1.0-22-amd64-rw-r--r-- 1 root root 8169408 May 3 08:36 vmlinuz-6.1.0-21-amd64-rw-r--r-- 1 root root 8173504 Jun 20 23:59 vmlinuz-6.1.0-22-amd64$ When invoking dpkg, it hangs after seemingly completing update-initramfs: $ sudo dpkg --configure -a Setting up linux-image-6.1.0-22-amd64 (6.1.94-1) .../etc/kernel/postinst.d/initramfs-tools:update-initramfs: Generating /boot/initrd.img-6.1.0-22-amd64...Calling hook cryptroot-unlockAdding script /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock/usr/share/initramfs-tools/scripts/init-premount/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-top/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-premount/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-bottom/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/local-block/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/panic/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/init-bottom/ORDER ignored: not executable/usr/share/initramfs-tools/scripts/init-top/ORDER ignored: not executableBuilding cpio /boot/initrd.img-6.1.0-22-amd64.new initramfs <--- Hangs here until forcibly killed. End-result is that linux-image-6.1.0-22-amd64 remains in half-configured state: $ dpkg --list | grep linux-imageii linux-image-6.1.0-21-amd64 6.1.90-1 amd64 Linux 6.1 for 64-bit PCs (signed)iF linux-image-6.1.0-22-amd64 6.1.94-1 amd64 Linux 6.1 for 64-bit PCs (signed)rc linux-image-amd64 6.1.94-1 amd64 Linux for 64-bit PCs (meta-package)$ Have I stumbled on a bug?
Bug#1072671: apt displays different size units in space needed/available, confusing
Package: apt Version: 2.9.4 Severity: minor X-Debbugs-Cc: george.shuk...@gmail.com When apt report sizes (needed/available) it uses 'human writing' (e.g. uses MB when it's hundreds megabytes, or GB when it's hundreds gigabytes). But it uses them separately for each number, which leads to misleading (hard to read) output: Space needed: 155 MB / 154 GB available It need some attention to notice that it's 155Mb needed out of 154000Mb available. May be it's possible to use the largest size unit (e.g. GB) to display this message in the one scale: Space needed: 0.2 GB / 154 GB available Space needed: 155 MB / 154123 MB available -- Package-specific info: -- (no /etc/apt/preferences present) -- -- (no /etc/apt/preferences.d/* present) -- -- (/etc/apt/sources.list present, but not submitted) -- -- (no /etc/apt/sources.list.d/* present) -- -- System Information: Debian Release: trixie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.7.12-amd64 (SMP w/20 CPU threads; PREEMPT) Kernel taint flags: TAINT_SOFTLOCKUP Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages apt depends on: ii adduser 3.137 ii base-passwd 3.6.3 ii debian-archive-keyring 2023.4 ii gpgv2.2.43-7 ii libapt-pkg6.0t642.9.4 ii libc6 2.38-12 ii libgcc-s1 14.1.0-1 ii libgnutls30t64 3.8.5-4 ii libseccomp2 2.5.5-1 ii libstdc++6 14.1.0-1 ii libsystemd0 256~rc3-7 Versions of packages apt recommends: ii ca-certificates 20240203 Versions of packages apt suggests: pn apt-doc ii aptitude0.8.13-6 ii dpkg-dev1.22.6 iu gnupg 2.2.43-7 pn powermgmt-base ii synaptic0.91.3+b1 -- debconf-show failed
Bug#1064347: openssh-server: sshd crashes under heavy traffic
Package: openssh-server Version: 1:8.4p1-5+deb11u3 Severity: normal X-Debbugs-Cc: gkiss...@gmail.com Dear Maintainer, * What led up to the situation? We have a public facing sftp server for our customers After upgrading Debian 10 to Debian 11, sshd is crashing under heavy traffic * What exactly did you do (or not do) that was effective (or ineffective)? I tried reconfigure timeouts, keepalives etc but none worked * What was the outcome of this action? No change * What outcome did you expect instead? Not sure Very similar (or the same) with https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2043114 -- System Information: Debian Release: 11.9 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable-security'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-28-amd64 (SMP w/8 CPU threads) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages openssh-server depends on: ii adduser3.118+deb11u1 ii debconf [debconf-2.0] 1.5.77 ii dpkg 1.20.13 ii libaudit1 1:3.0-2 ii libc6 2.31-13+deb11u8 ii libcom-err21.46.2-2 ii libcrypt1 1:4.4.18-4 ii libgssapi-krb5-2 1.18.3-6+deb11u4 ii libkrb5-3 1.18.3-6+deb11u4 ii libpam-modules 1.4.0-9+deb11u1 ii libpam-runtime 1.4.0-9+deb11u1 ii libpam0g 1.4.0-9+deb11u1 ii libselinux13.1-3 ii libssl1.1 1.1.1w-0+deb11u1 ii libsystemd0247.3-7+deb11u4 ii libwrap0 7.6.q-31 ii lsb-base 11.1.0 ii openssh-client 1:8.4p1-5+deb11u3 ii openssh-sftp-server1:8.4p1-5+deb11u3 ii procps 2:3.3.17-5 ii runit-helper 2.10.3 ii ucf3.0043 ii zlib1g 1:1.2.11.dfsg-2+deb11u2 Versions of packages openssh-server recommends: ii libpam-systemd [logind] 247.3-7+deb11u4 ii ncurses-term 6.2+20201114-2+deb11u2 ii xauth1:1.1-1 Versions of packages openssh-server suggests: pn molly-guard pn monkeysphere pn ssh-askpass pn ufw -- Configuration Files: /etc/pam.d/sshd changed [not included] -- debconf information excluded kern.log:Feb 19 22:29:40 ecmif01 kernel: [ 2288.914649] traps: sshd[72022] general protection fault ip:7f6b8116d3b7 sp:7fff87eb22f0 error:0 in libc-2.31.so[7f6b8110d000+159000] kern.log:Feb 19 22:46:04 ecmif01 kernel: [ 3272.826055] traps: sshd[98328] general protection fault ip:7f5e5c0433b7 sp:7fff4d3109f0 error:0 in libc-2.31.so[7f5e5bfe3000+159000] kern.log:Feb 19 23:14:08 ecmif01 kernel: [ 4956.789461] traps: sshd[152300] general protection fault ip:7f62249523b7 sp:7ffc761c4300 error:0 in libc-2.31.so[7f62248f2000+159000] kern.log:Feb 20 01:37:02 ecmif01 kernel: [13531.048898] sshd[437092]: segfault at 5618ab5283c8 ip 7f5f0a4a937f sp 7ffd30ac6640 error 4 in libc-2.31.so[7f5f0a449000+159000] kern.log:Feb 20 01:37:02 ecmif01 kernel: [13531.049177] Code: 00 00 eb a3 0f 1f 80 00 00 00 00 ff d0 eb c5 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 83 ec 08 48 8b 4f 08 48 89 c8 48 83 e0 f8 <48> 3b 04 07 0f 85 91 00 00 00 48 8b 47 10 48 8b 57 18 48 3b 78 18 kern.log:Feb 20 02:03:10 ecmif01 kernel: [15098.671459] traps: sshd[488901] general protection fault ip:7ff8c0fb23b7 sp:7ffdc8d60140 error:0 in libc-2.31.so[7ff8c0f52000+159000] kern.log:Feb 20 02:13:08 ecmif01 kernel: [15696.975972] sshd[496790]: segfault at 562609c87458 ip 7f7645a4c37f sp 7ffe0c52ee90 error 4 in libc-2.31.so[7f76459ec000+159000] kern.log:Feb 20 02:13:08 ecmif01 kernel: [15696.976252] Code: 00 00 eb a3 0f 1f 80 00 00 00 00 ff d0 eb c5 66 66 2e 0f 1f 84 00 00 00 00 00 90 48 83 ec 08 48 8b 4f 08 48 89 c8 48 83 e0 f8 <48> 3b 04 07 0f 85 91 00 00 00 48 8b 47 10 48 8b 57 18 48 3b 78 18 kern.log:Feb 20 04:32:05 ecmif01 kernel: [24033.447133] traps: sshd[759145] general protection fault ip:7f6ebe48e3b7 sp:7ffe40a2cf30 error:0 in libc-2.31.so[7f6ebe42e000+159000] kern.log:Feb 20 04:46:01 ecmif01 kernel: [24869.466121] traps: sshd[804956] general protection fault ip:7f926c9863b7 sp:7fffdc0400a0 error:0 in libc-2.31.so[7f926c926000+159000] kern.log:Feb 20 05:16:14 ecmif01 kernel: [26682.432389] traps: sshd[871829] general protection fault ip:7f4ea598b3b7 sp:7ffd003bccf0 error:0 in libc-2.31.so[7f4ea592b000+159000] kern.log:Feb 20 05:58:09 ecmif01 kernel: [29197.006583] traps: sshd[978131] general protection fault ip:7f11eb09c3b7 sp:7ffefa5baaa0 error:0 in libc-2.31.so[7f11eb03c000+159000] kern.log:Feb 20 07:02:05 ecmif01 kernel: [33033.374881] traps: sshd[989] general protection fault ip:7fc463ef43b7 sp:7ffe79095300 error:0 in libc-2.31.so[7fc463e94000+159000] kern.log:Feb 20 07:28:04 ecmif01 kernel:
Bug#1063719: More analysis and improved patch
Hey,
Just like with the previous bug (#1026927), it looks like there's more
to this one. Trying the patch on several more systems I run into the
same symptoms on some. Again, these have the same symptoms but
differing causes (full patch included). What I found was:
On an intel system, where uCode/AMD.pm was run before uCode/Intel.pm
intel_sys1# needrestart -b
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-18-amd64
NEEDRESTART-KEXP: 6.1.0-18-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
Use of uninitialized value $ucode_vars{"CURRENT"} in concatenation (.) or
string at /usr/sbin/needrestart line 940.
NEEDRESTART-UCCUR:
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
string at /usr/sbin/needrestart line 941.
NEEDRESTART-UCEXP:
But we don't get the 'Use of uninitialized value' when run as
`needrestart -b -v`. The issue here is that nr_ucode_check keeps
going after the "eval ... ${pkg}::nr_ucode_check_real..." fails
unless $debug is set. Thus, without $debug, thi saves off the
unintialized values from AMD.pm as "the good ones", so we get the
error.
On a VM running with an AMD processor but without package
amd64-microcode, and also directly on an AMD system with a processor new enough
that it does not have a microcode version lin amd64-microcode, I get
the following identical results.
amd_vm1# needrestart -b
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-18-amd64
NEEDRESTART-KEXP: 6.1.0-18-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0xa0011d1
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
string at /usr/sbin/needrestart line 941.
NEEDRESTART-UCEXP:
amd_sys3# needrestart -b
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-18-amd64
NEEDRESTART-KEXP: 6.1.0-18-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x6006705
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
string at /usr/sbin/needrestart line 941.
NEEDRESTART-UCEXP:
This comes from AMD.pm not setting $ucode_vars{"AVAIL"} if it doesn't
find any matching available versions. compare_ucode_versions()
handles, this as expected, but leaves $ucode_vars{"AVAIL"} unset to
cause problems later when run with -b.
The attached patch fixes includes the previous patch and also fixes
these 2 issues.
Hope this helps,
George
--- /tmp/uCode.pm.dist 2024-02-13 09:20:29.236867717 -0700
+++ /usr/share/perl5/NeedRestart/uCode.pm 2024-02-13 09:33:23.099742955
-0700
@@ -152,10 +152,15 @@
# call ucode modules
foreach my $pkg (@PKGS) {
+ eval "${pkg}::nr_ucode_init();";
+ if ( $@ ) {
+ print STDERR $@ if ($debug);
+ next;
+ }
my @nvars;
eval "\@nvars = ${pkg}::nr_ucode_check_real(\$debug, \$ui,
\$processors{\$pid});";
-if ( $@ && $debug ) {
-print STDERR $@;
+if ( $@ ) {
+ print STDERR $@ if ($debug);
$ui->progress_step;
next;
}
@@ -174,6 +179,10 @@
$ui->progress_fin;
+if ( $state == NRM_CURRENT && ! grep ( ( $_ eq "AVAIL"), @vars ) ) {
+ push(@vars, "AVAIL", "unavailable");
+}
+
return ( $state, @vars );
}
Bug#1063719: needrestart -b complainst of initialized variables on some AMD and all ARM
Package: needrestart
Version: 3.6-4+deb12u1
Severity: normal
Tags: patch
Dear Maintainer,
When running 'needrestart -b' on some AMD systems I get the following
uninitialized variable warning. It also does not report the expected
microcode version (NEEDRESTART-UCEXP).
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or string
at /usr/sbin/needrestart line 941.
On ARM systems, it gives the following 2 uninitialized variable warnings.
Use of uninitialized value $ucode_vars{"CURRENT"} in concatenation (.) or
string at /usr/sbin/needrestart line 940.
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or string
at /usr/sbin/needrestart line 941.
I first thought this was a regression of bug #1026927, but find this
is actually a different bug with similar behavior.
The problem stems from NeedRestart::uCode::Intel:::nr_ucode_check_real
running "successfully" on non-intel platforms. The reason only some
AMD systems are affected is that nr_ucode_check_real() for AMD and
Intel may be run in either order, depending on the order they are
returned by findsubmod(). If AMD::nr_ucode_check_real() is run first,
the bug does not appear.
Here is sample output from 3 systems: a "failing" AMD, a "passing"
AMD, and an arm7l (banana pi). I've trimmed (w/ grep) the stderr from
these to only the pertinent lines, please let me know if you want the
entire output.
amd_sys1# needrestart -b -v 2>/tmp/a
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-17-amd64
NEEDRESTART-KEXP: 6.1.0-18-amd64
NEEDRESTART-KSTA: 3
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x600063e
NEEDRESTART-UCEXP:
amd_sys1# grep -e NeedRestart::uCode -e uninitialized /tmp/a
[ucode] using NeedRestart::uCode::Intel
[ucode] using NeedRestart::uCode::AMD
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
string at /usr/sbin/needrestart line 941.
amd_sys2# needrestart -b -v 2>/tmp/a
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-17-amd64
NEEDRESTART-KEXP: 6.1.0-18-amd64
NEEDRESTART-KSTA: 3
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x06000852
NEEDRESTART-UCEXP: 0x06000852
amd_sys2# grep -e NeedRestart::uCode -e uninitialized /tmp/a
[ucode] using NeedRestart::uCode::AMD
[ucode] using NeedRestart::uCode::Intel
arm7l_sys# needrestart -b -v 2>/tmp/a
NEEDRESTART-VER: 3.6
NEEDRESTART-KCUR: 6.1.0-17-armmp-lpae
NEEDRESTART-KEXP: 6.1.0-18-armmp-lpae
NEEDRESTART-KSTA: 3
NEEDRESTART-UCSTA: 0
NEEDRESTART-SVC: irqbalance
NEEDRESTART-SVC: lircd
NEEDRESTART-SVC: lircmd
NEEDRESTART-SVC: openbsd-inetd
NEEDRESTART-SVC: ssh
arm7l_sys# grep -e uninitial -e ucode /tmp/a
[ucode] using NeedRestart::uCode::Intel
[ucode] using NeedRestart::uCode::AMD
[ucode] #0 did not get available microcode version
Use of uninitialized value $ucode_vars{"CURRENT"} in concatenation (.) or
string at /usr/sbin/needrestart line 940.
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or
string at /usr/sbin/needrestart line 941.
The problem comes from uCode::Intel::nr_ucode_check_real() still not
dying on non-Intel processors, and actually returning a "CURRENT"
microcode version on AMD processors. This looks to be checked for in
uCode::Intel::nr_ucode_init(), but this function is never called.
The following patch adds a call to this so that nr_ucode_check_real()
is only called for architectures that successfully pass
nr_ucode_init(). An alternative would be to modify
uCode::Intel::nr_ucode_check_real() to do the equivalent checks like
uCode::AMD does.
--- /tmp/uCode.pm.dist 2024-02-11 09:28:27.051119002 -0700
+++ uCode.pm2024-02-11 10:14:26.905533440 -0700
@@ -152,6 +152,11 @@
# call ucode modules
foreach my $pkg (@PKGS) {
+ eval "${pkg}::nr_ucode_init();";
+ if ( $@ ) {
+ print STDERR $@ if ($debug);
+ next;
+ }
my @nvars;
eval "\@nvars = ${pkg}::nr_ucode_check_real(\$debug, \$ui,
\$processors{\$pid});";
if ( $@ && $debug ) {
-- Package-specific info:
needrestart output:
Your outdated processes:
emacs[9574, 6843, 10275, 3922, 6197]
-- System Information:
Debian Release: 12.0
Architecture: i386 (i686)
Kernel: Linux 6.1.0-17-686-pae (SMP w/6 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=ANSI_X3.4-1968)
(ignored: LC_ALL set to C), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages needrestart depends on:
ii binutils 2.40-2
ii dpkg 1.21.22
ii gettext-base 0.21-12
ii libintl-perl 1.33-1
ii libmodule-find-perl0.16-2
ii libmodule-scandeps-perl1.31-2
ii libproc-processtable-perl 0.634-1+b2
ii libsort-naturally-perl 1.03-4
ii libterm-readkey-perl
Bug#1060913: Re: Bug#1060913: RFS: sdaps/1.9.11-0.1 [NMU] [RC] -- scripts for data acquisition with paper-based surveys
Hi, > Here I am not a member of DebianEdu team and told if am not a member > of one team there is no reason to do team upload. > Ideally, I should contact the team to join in or tell team I am going > to fix ftbfs issue. Whether the maintainer is a team doesn't matter here (it just means I am not responsible alone for the lack of updates on the package, haha ;)). In general, you always contact the maintainer for every upload before doing an NMU, through the address from the package meta-data or by sending your changes to the BTS into the bug you are fixing. > But I got no response from there(not DebianEdu > team) in the past. Can you point me to message IDs where you requested changes to be uploaded? Ideally, you should just send the changes to the BTS bug you are fixing, and tag it "patch". -nik signature.asc Description: PGP signature
Bug#1060913: RFS: sdaps/1.9.11-0.1 [NMU] [RC] -- scripts for data acquisition with paper-based surveys
Hi, is there a reason why you are not working with the packaging team, and doing NMUs without contacting the team beforehand? -nik
Bug#1058670: python3-poetry: fail with Can't instantiate abstract class IsolatedEnv with abstract methods executable, scripts_dir
Package: python3-poetry Version: 1.7.1+dfsg-1 Severity: normal Tags: upstream X-Debbugs-Cc: george.shuk...@gmail.com poetry fails to install packages (`poetry install` for an existing lock file) or to update it (`poetry update`): Can't instantiate abstract class IsolatedEnv with abstract methods executable, scripts_dir at /usr/lib/python3/dist-packages/poetry/installation/chef.py:131 in _prepare 127│ ) -> Path: 128│ from subprocess import CalledProcessError 129│ 130│ with ephemeral_environment(self._env.python) as venv: → 131│ env = IsolatedEnv(venv, self._pool) 132│ builder = ProjectBuilder.from_isolated_env( 133│ env, directory, runner=quiet_subprocess_runner 134│ ) 135│ env.install(builder.build_system_requires) According to github bug: https://github.com/python-poetry/poetry/issues/8458 it is caused by conflict (interactions?) with python3-build package. python3-build 0.10.0-1 -- System Information: Debian Release: trixie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-5-amd64 (SMP w/20 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3-poetry depends on: ii python3 [python3-supported-min] 3.11.6-1 ii python3-build0.10.0-1 ii python3-cachecontrol 0.13.1-1 ii python3-cleo 2.1.0-2 ii python3-crashtest0.4.1-1 ii python3-dulwich 0.21.6-1+b1 ii python3-fastjsonschema 2.19.0-1 ii python3-importlib-metadata 4.12.0-1 ii python3-installer0.7.0+dfsg1-2 ii python3-keyring 24.3.0-1 ii python3-lockfile 1:0.12.2-3 ii python3-packaging23.2-1 ii python3-pexpect 4.8.0-4 ii python3-pkginfo 1.8.2-2 ii python3-platformdirs 4.1.0-1 ii python3-poetry-core 1.8.1-1 ii python3-pyproject-hooks 1.0.0-2 ii python3-requests 2.31.0+dfsg-1 ii python3-requests-toolbelt1.0.0-2 ii python3-shellingham 1.5.4-1 ii python3-tomli2.0.1-2 ii python3-tomlkit 0.12.1-1 ii python3-trove-classifiers2023.9.19-1 ii python3-virtualenv 20.25.0+ds-1 python3-poetry recommends no packages. python3-poetry suggests no packages. -- no debconf information
Bug#1055979: fwupd hangs on XPS 15 9530 with external monitor connected
Package: fwupd Version: 1.9.8-1 Severity: normal X-Debbugs-Cc: george.shuk...@gmail.com fwupd is haging (and is killed with timeout). Laptop: XPS 15 9530 with external monitor connected via USB-C -> DP. Logs: Starting fwupd.service - Firmware update daemon... FuUsbDevice failed to parse platform capability BOS descriptor: no supported platform version: did not find magic FuEngine failed to add device /sys/devices/pci:00/:00:02.0/drm/card0/card0-DP-2/drm_dp_aux2: failed to add device using on synaptics_mst: failed to enable remote control: failure writing data register: failed to write 0x5 bytes on layer:0, relative_addr:0x0 fwupd.service: start operation timed out. Terminating. fwupd.service: Failed with result 'timeout'. Failed to start fwupd.service - Firmware update daemon. strace on the hanged service shows: [pid 4203] lseek(14, 1208, SEEK_SET) = 1208 [pid 4203] write(14, "\4\0\0\0", 4)= 4 [pid 4203] lseek(14, 1202, SEEK_SET) = 1202 [pid 4203] write(14, "\244", 1)= 1 [pid 4203] lseek(14, 1202, SEEK_SET) = 1202 [pid 4203] read(14, "\0\0", 2) = 2 [pid 4203] lseek(14, 1216, SEEK_SET) = 1216 [pid 4203] write(14, "\262", 1)= 1 (in a long loop) fd 14 is /dev/drm_dp_aux5 If external monitor is disconnected, it works as expected. -- System Information: Debian Release: trixie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-4-amd64 (SMP w/20 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fwupd depends on: ii adduser3.137 ii libarchive13 3.7.2-1 ii libc6 2.37-12 ii libcbor0.100.10.2-1.1 ii libcurl3-gnutls8.4.0-2 ii libflashrom1 1.3.0-2.1 ii libfwupd2 1.9.8-1 ii libglib2.0-0 2.78.1-4 ii libgnutls303.8.1-4+b1 ii libgudev-1.0-0 238-3 ii libgusb2 0.4.5-1.1 ii libjcat1 0.1.9-1 ii libjson-glib-1.0-0 1.8.0-2 ii liblzma5 5.4.4-0.1 ii libmbim-glib4 1.30.0-1 ii libmbim-proxy 1.30.0-1 ii libmm-glib01.22.0-1 ii libpolkit-gobject-1-0 123-3 ii libprotobuf-c1 1.4.1-1+b1 ii libqmi-glib5 1.34.0-2 ii libqmi-proxy 1.34.0-2 ii libsqlite3-0 3.44.0-1 ii libsystemd0254.5-1 ii libtss2-esys-3.0.2-0 4.0.1-3 ii libxmlb2 0.3.14-2 ii shared-mime-info 2.2-1 ii zlib1g 1:1.2.13.dfsg-3 Versions of packages fwupd recommends: ii bolt 0.9.6-1 ii dbus 1.14.10-3 ii fwupd-amd64-signed [fwupd-signed] 1:1.4+1 ii jq 1.7-1 ii python33.11.4-5+b1 pn secureboot-db ii udisks22.10.1-2 Versions of packages fwupd suggests: pn gir1.2-fwupd-2.0 -- Configuration Files: /etc/fwupd/fwupd.conf [Errno 13] Permission denied: '/etc/fwupd/fwupd.conf' -- no debconf information
Bug#1055161: linux-image-6.1.55-1-amd64: Dell R650xs hangs on reboot if ipxe.efi initialized network (tg3 driver bug)
Package: linux-image-6.1.55-1-amd64 Version: 6.1.38-4 Severity: normal Tags: patch upstream X-Debbugs-Cc: george.shuk...@gmail.com When Dell R660xs server is booting using ipxe.efi (in UEFI mode), reboots are hanging because of tg3 driver. Steps to reproduce: 1. Switch server to EFI mode 2. Enable PXE on any interfaces 3. Enable PXE as first in boot order 4. Configure external dhcp/tftp server with ipxe.efi (of any version) 5. Boot. ipxe.efi will try to get loading parameters and exit, a normal linux is loaded 6. Assure tg3 driver is loaded (rmmod tg3; modprobe tg3) 7. Reboot Expected behaivor: reboot Actual behavior: system hanging after message `ACPI: PM: Preparing to enter system sleep state S5`. I belive this problem was present present for long time, but in 6.0 there was introduced commit 2ca1c94ce0b which changed the tg3_shutdown function. - if (system_state == SYSTEM_POWER_OFF) - tg3_power_down(tp); + tg3_power_down(tp); Because of that tg3_power_down now is called even when SYSTEM_RESTART. (I confirmed that it causes hangs on older kernels during power off, but it's less of the problem, because for servers it's expected to get server working back after reboot, not so much for poweroff). (ipxe.efi is important to reproduce this bug). Any network card can be used, just a presence of tg3 driver and embedded Broadcom Inc. and subsidiaries BCM57416 NetXtreme-E Dual-Media 10G RDMA Ethernet Controller is enough to trigger it. Restoring back this behavior is solving reboot problem. I've reported it to the Dell community forum: https://www.dell.com/community/en/users/647c085ec3b1ef2541ca0c64, but it's unknown if they fix EFI network driver or not. Patch to fix hanging is attached. -- System Information: Debian Release: trixie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-3-amd64 (SMP w/20 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Dell R650xs has embbedded network card with tg3 driver. If network was initialized by ipxe.efi in PXE/UEFI mode, server hangs during reboot. This is partial revert of upstream commit 2ca1c94ce0b. --- linux-6.1.38.orig/drivers/net/ethernet/broadcom/tg3.c +++ linux-6.1.38/drivers/net/ethernet/broadcom/tg3.c @@ -18082,7 +18082,8 @@ static void tg3_shutdown(struct pci_dev if (netif_running(dev)) dev_close(dev); - tg3_power_down(tp); + if (system_state == SYSTEM_POWER_OFF) + tg3_power_down(tp); rtnl_unlock();
Bug#1054459: debian-installer: Debian 12.2 amd64 netinst failes to find a kernel image for a Dell 7812
Package: debian-installer Version: debian installer found on amd64 12.2 netinst.iso Severity: important Dear Maintainer, I have several systems and have experienced this difficulty only with the Dell 7812 with an Xeon E5 CPU. The debian 12.2.0 amd64 netinst.iso boots normally and seems to start normally. When it gets to finding a kernel to install, it complains that it cannot find a suitable kernel. I had the same results with debian 12.2 adm64 dvd-1.iso and dlbd-1.iso When I booted the debian 12.2 amd64 live.iso system, its installer ran OK. I am running on the system installed from the live installer right now. This is what made the lspci. I also successfully managed to perform a dist-upgrade from an install of debian 11.6. -- System Information: Debian Release: 12.2 Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-13-amd64 (SMP w/56 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled 00:00.0 Host bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D DMI2 (rev 01) 00:01.0 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 1 (rev 01) 00:01.1 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 1 (rev 01) 00:02.0 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 2 (rev 01) 00:03.0 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 01) 00:03.1 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 01) 00:03.2 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 01) 00:03.3 PCI bridge: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D PCI Express Root Port 3 (rev 01) 00:05.0 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D Map/VTd_Misc/System Management (rev 01) 00:05.1 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D IIO Hot Plug (rev 01) 00:05.2 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D IIO RAS/Control Status/Global Errors (rev 01) 00:05.4 PIC: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D I/O APIC (rev 01) 00:11.0 Unassigned class [ff00]: Intel Corporation C610/X99 series chipset SPSR (rev 05) 00:11.4 SATA controller: Intel Corporation C610/X99 series chipset sSATA Controller [AHCI mode] (rev 05) 00:14.0 USB controller: Intel Corporation C610/X99 series chipset USB xHCI Host Controller (rev 05) 00:16.0 Communication controller: Intel Corporation C610/X99 series chipset MEI Controller #1 (rev 05) 00:19.0 Ethernet controller: Intel Corporation Ethernet Connection I217-LM (rev 05) 00:1a.0 USB controller: Intel Corporation C610/X99 series chipset USB Enhanced Host Controller #2 (rev 05) 00:1b.0 Audio device: Intel Corporation C610/X99 series chipset HD Audio Controller (rev 05) 00:1c.0 PCI bridge: Intel Corporation C610/X99 series chipset PCI Express Root Port #1 (rev d5) 00:1c.1 PCI bridge: Intel Corporation C610/X99 series chipset PCI Express Root Port #2 (rev d5) 00:1d.0 USB controller: Intel Corporation C610/X99 series chipset USB Enhanced Host Controller #1 (rev 05) 00:1f.0 ISA bridge: Intel Corporation C610/X99 series chipset LPC Controller (rev 05) 00:1f.2 RAID bus controller: Intel Corporation C600/X79 series chipset SATA RAID Controller (rev 05) 00:1f.3 SMBus: Intel Corporation C610/X99 series chipset SMBus Controller (rev 05) 03:00.0 VGA compatible controller: NVIDIA Corporation GK104GL [Quadro K5000] (rev a1) 03:00.1 Audio device: NVIDIA Corporation GK104 HDMI Audio Controller (rev a1) 09:00.0 PCI bridge: Texas Instruments XIO2001 PCI Express-to-PCI Bridge df:08.0 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 0 (rev 01) df:08.2 Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 0 (rev 01) df:08.3 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 0 (rev 01) df:09.0 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 1 (rev 01) df:09.2 Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 1 (rev 01) df:09.3 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D QPI Link 1 (rev 01) df:0b.0 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 01) df:0b.1 Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 01) df:0b.2 Performance counters: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link 0/1 (rev 01) df:0b.3 System peripheral: Intel Corporation Xeon E7 v4/Xeon E5 v4/Xeon E3 v4/Xeon D R3 QPI Link Debug
Bug#1053454: anki: Trace under Gnome3/wayland if press settings
Package: anki
Version: 2.1.15+dfsg-3
Severity: normal
X-Debbugs-Cc: george.shuk...@gmail.com
Configuration: Gnome3/wayland (Intel GPU).
When run anki and press tools->settings, following trace is captured, and no
settings are displayed.
Anki 2.1.15 (442df9d6) Python 3.11.5 Qt 5.15.10 PyQt 5.15.9
Platform: Linux
Flags: frz=False ao=False sv=2
Caught exception:
File "/usr/share/anki/aqt/main.py", line 882, in onPrefs
aqt.dialogs.open("Preferences", self)
File "/usr/share/anki/aqt/__init__.py", line 82, in open
instance = creator(*args)
^^
File "/usr/share/anki/aqt/preferences.py", line 25, in __init__
self.setupCollection()
File "/usr/share/anki/aqt/preferences.py", line 80, in setupCollection
f.lrnCutoff.setValue(qc['collapseTime']/60.0)
: setValue(self, val: int): argument 1 has unexpected type
'float'
-- System Information:
Debian Release: trixie/sid
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.5.0-1-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages anki depends on:
ii libjs-jquery3.6.1+dfsg+~3.5.14-1
ii libjs-jquery-flot 4.2.1+dfsg-6
ii libjs-jquery-ui 1.13.2+dfsg-1
ii libjs-mathjax 2.7.9+dfsg-1
ii libqt5core5a5.15.10+dfsg-3
ii python3 3.11.4-5+b1
ii python3-bs4 4.12.2-2
ii python3-decorator 5.1.1-5
ii python3-distro 1.8.0-1
ii python3-distutils 3.11.5-1
ii python3-jsonschema 4.10.3-2
ii python3-markdown3.4.4-1
ii python3-pyaudio 0.2.13-1+b1
ii python3-pyqt5 5.15.9+dfsg-2
ii python3-pyqt5.qtwebchannel 5.15.9+dfsg-2
ii python3-pyqt5.qtwebengine 5.15.6-1
ii python3-requests2.31.0+dfsg-1
ii python3-send2trash 1.8.2-1
Versions of packages anki recommends:
ii python3-matplotlib 3.6.3-1+b1
Versions of packages anki suggests:
pn dvipng
pn lame
ii mpv 0.36.0-1
-- no debconf information
Bug#1052615: gnome-shell: Keyboard layout indicator does not change when switch layouts
Package: gnome-shell Version: 44.5-1 Severity: normal X-Debbugs-Cc: george.shuk...@gmail.com Steps to reproduce: 1. Configure layout switching using Gnome tweaks as 'Caps to first layout', 'Shift-caps to second layout' 2. Switch layout Expected behavior: layout indicator displays current layout (language of layout) Actual behavior: 1. Layout switches as expected 2. Layout indicator does not change Note: Selecting language via indicator changes both layout and icon, whist keyboard shortcut does not. -- System Information: Debian Release: trixie/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'unstable'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.5.0-1-amd64 (SMP w/20 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages gnome-shell depends on: ii dconf-gsettings-backend [gsettings-backend] 0.40.0-4 ii gir1.2-accountsservice-1.0 23.13.9-4 ii gir1.2-adw-1 1.4.0-1 ii gir1.2-atk-1.0 2.50.0-1 ii gir1.2-atspi-2.0 2.50.0-1 ii gir1.2-freedesktop 1.78.1-1 ii gir1.2-gcr-3 3.41.1-3 ii gir1.2-gdesktopenums-3.0 45.0-1 ii gir1.2-gdkpixbuf-2.0 2.42.10+dfsg-1+b1 ii gir1.2-gdm-1.0 45.0.1-1 ii gir1.2-geoclue-2.0 2.7.1-1 ii gir1.2-glib-2.0 1.78.1-1 ii gir1.2-gnomebg-4.0 44.0-2 ii gir1.2-gnomebluetooth-3.042.6-1 ii gir1.2-gnomedesktop-4.0 44.0-2 ii gir1.2-graphene-1.0 1.10.8-1 ii gir1.2-gstreamer-1.0 1.22.5-1 ii gir1.2-gtk-4.0 4.12.2+ds-1 ii gir1.2-gweather-4.0 4.4.0-1 ii gir1.2-ibus-1.0 1.5.29~rc1-1 ii gir1.2-mutter-12 44.5-1 ii gir1.2-nm-1.01.44.0-1 ii gir1.2-nma4-1.0 1.10.6-1 ii gir1.2-pango-1.0 1.51.0+ds-2 ii gir1.2-polkit-1.0123-1 ii gir1.2-rsvg-2.0 2.54.7+dfsg-2 ii gir1.2-soup-3.0 3.4.3-1 ii gir1.2-upowerglib-1.01.90.2-4 ii gir1.2-webkit2-4.1 2.42.0-1 ii gnome-backgrounds45.0-1 ii gnome-settings-daemon45.0-1 ii gnome-shell-common 44.5-1 ii gsettings-desktop-schemas45.0-1 ii gstreamer1.0-pipewire0.3.80-2 ii libatk-bridge2.0-0 2.50.0-1 ii libatk1.0-0 2.50.0-1 ii libc62.37-10 ii libcairo21.18.0-1 ii libecal-2.0-23.50.0-1 ii libedataserver-1.2-273.50.0-1 ii libgcr-base-3-1 3.41.1-3 ii libgdk-pixbuf-2.0-0 2.42.10+dfsg-1+b1 ii libgirepository-1.0-11.78.1-1 ii libgjs0g 1.76.2-4 ii libgles2 1.6.0-1 ii libglib2.0-0 2.78.0-2 ii libglib2.0-bin 2.78.0-2 ii libgnome-autoar-0-0 0.4.4-2 ii libgnome-desktop-4-2 44.0-2 ii libgraphene-1.0-01.10.8-1 ii libgtk-3-0 3.24.38-5 ii libgtk-4-1 4.12.2+ds-1 ii libical3 3.0.16-1+b1 ii libjson-glib-1.0-0 1.8.0-1 ii libmutter-12-0 44.5-1 ii libnm0 1.44.0-1 ii libpango-1.0-0 1.51.0+ds-2 ii libpolkit-agent-1-0 123-1 ii libpolkit-gobject-1-0123-1 ii libpulse-mainloop-glib0 16.1+dfsg1-2+b1 ii libpulse016.1+dfsg1-2+b1 ii libsecret-1-00.21.1-1 ii libsystemd0 254.4-1 ii libx11-6 2:1.8.6-1 ii libxfixes3 1:6.0.0-2 ii python3 3.11.4-5+b1 Versions of packages gnome-shell recommends: ii bolt 0.9.6-1 ii chrome-gnome-shell 42.1-4 ii
Bug#1050621: blends-dev: Support conflicts and breaks relations in meta-packages
Package: blends-dev Version: 0.7.5 Severity: wishlist As discussed in [1], I would like to request addition of Conflicts and Breaks relationships in tasks meta-package descriptions. I ahve already started to scan the sources of blends-dev and to implement the basics for the feature in [2], which works as I want it. However, there are a few missing parts: * Packages in Conflicts or Breaks on some meta-package, but not in Requires, Recommends, Suggests or Ignore on others should be added to Avoid * The generated web pages should probably get a section for listed Conflcits and Breaks Happy to receive advice on these two or any other missing parts. [1] https://lists.debian.org/debian-blends/2023/08/msg0.html [2] https://salsa.debian.org/blends-team/blends/-/merge_requests/14
Bug#1049328: Reverting nested groups feature in Debian's GOsa²
Hi, > However, group nesting is not a feature that can be used with posixGroup > objectClass based LDAP objects (as the objectClass / schema does not support > group nesting). I really have a huge question mark about what upstream's > intention for this feature was/is... It is not a feature, but definitely possible using dynlist (we did this at Teckids before abandonning LDAP): https://www.openldap.org/faq/data/cache/1209.html Maybe GOSa expects something like that to be in place? -nik
Bug#1042906: ansible: please package new upstream version 8.x
Source: ansible Version: 7.3.0+dfsg-1 Severity: wishlist Hi Lee, Ansible upstream is currently at 8.2. In order to not having to resort to pip install, an update of Debian's ansible package would be much appreciated. Cheers, Nik
Bug#1042772: O: pam-krb5-migrate -- PAM module for migrating to Heimdal Kerberos
Package: wnpp Severity: normal X-Debbugs-Cc: pam-krb5-migr...@packages.debian.org Control: affects -1 + src:pam-krb5-migrate -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I intend to orphan the pam-krb5-migrate package. The package description is: A stackable authentication module that takes a username and password from an earlier module in the stack and attempts to transparently add the user to a Kerberos realm using the Kerberos 5 kadmin service. The module can be used to ease the administrative burdens of migrating a large installed userbase from pre-existing authentication methods to a Kerberos-based setup. . This package allows updating the database of a remote Heimdal server. As I do not rely on Kerberos anymore myself, it is hard for me to spot issues with the module. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCZMfyMDEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3YK9AP9Ks4Mh9kFp1TVf6EtRoxYD eNWJysTXIBE6+IU56kKrwQD/Y1K6xwWEA3riziSm/KqDqhqn5XU0Q51rug0C18Ji dQA= =GqUh -END PGP SIGNATURE-
Bug#1042771: O: gnome-pass-search-provider -- GNOME Shell search provider for the pass password manager
Package: wnpp Severity: normal X-Debbugs-Cc: gnome-pass-search-provi...@packages.debian.org Control: affects -1 + src:gnome-pass-search-provider -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I intend to orphan the gnome-pass-search-provider package. The package description is: This GNOME search provider integrates the pass utility into GNOME Shell. It can search password entries and copy passwords as well as arbitrary fields (username, pin, etc.) from the GNOME Shell search frontend. It also supports the OTP extension (from the pass-extension-otp package). As I do not use GNOME anymore, it is hard for me to spot when this package needs love. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCZMfw5TEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3UN9AP9PXGhSdhTD39EVf5gpO3lR x0ofjMVWBxqpImNE5Ue9dwD/SgNMGaikq0hVrAwmgPAyYI5yRI/qkrO8+yYP5+mh wAM= =IYSE -END PGP SIGNATURE-
Bug#1040003: jackd: add pipewire-jack to dependency alternativees
Package: jackd Version: 5+nmu1 Severity: wishlist The pipewire-jack package provides a JACKd implementation based on PipeWire, which I am using on my audio recording workstation. Other packages depend on jackd if they need a JACK daemon to talk to (e.g. qjackctl), and that pulls in jackd2 currently, which I do not need. Please allow pipewire-pulse to satisfy the dependency on a JACKd implementation. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.3.0-1-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages jackd depends on: pn jackd2 | jackd1 jackd recommends no packages. jackd suggests no packages.
Bug#1035733: debian -policy: packages must not use dpkg-divert to override default systemd configuraton files
> Ok, how about: "the whole project, minus naturesha...@debian.org who > appears to be unfamiliar with the concept of hyperboles, is moving > toward git and Salsa". Better? No. Your "hyperbole" very much read as "Come on, minority who cares about the mail workflow, you're weird anachronists, get onto the Salsa train already!" So that's what I am criticizing. -nik signature.asc Description: PGP signature
Bug#1035733: debian -policy: packages must not use dpkg-divert to override default systemd configuraton files
> The whole project is moving toward git and Salsa Sorry for the noise, but as you are clearly misattributing this to me (I am part of the project, so "the whole project" includes me): I am not, and do not want to, move bugs and patches to Git and Salsa. I consider it a huge advantage of Debian that I can contribute limitless with something as barrierfree as an e-mail. If you voice your opinion, please do not impose it on me. Thanks! -nik
Bug#1035108: ITP: rdflib-sqlalchemy -- RDFLib store using SQLAlchemy dbapi as back-end
Package: wnpp Severity: wishlist Owner: Dominik George X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: rdflib-sqlalchemy Version : 0.5.4 Upstream Contact: Mark Watts * URL : https://github.com/RDFLib/rdflib-sqlalchemy * License : BSD-3-clause Programming Lang: Python Description : RDFLib store using SQLAlchemy dbapi as back-end RDFlib-SQLAlchemy is a formula-aware store for RDFlib that uses SQLAlchemy to persist triples in relational databases. I will maintain the package under the Debian Python Team. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCZE15njEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3UpmAP4nttkSjVJbdmIU0ECtjWju Z00zP7ebS3KHBCGyww0XLgEA+lIczQMdcGq7n9TOKRryhAhQ8hRwdWj7uc8cCQ5R jQ8= =tzxJ -END PGP SIGNATURE-
Bug#1035100: Unrelated political statement in main UI
Package: thonny Version: 4.0.1-1 Severity: important Tags: upstream -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Thonny now has a Ukraine flag in its main UI, linking to a GitHub page about the Russian invasion. This is problematic for two reasons: * Thonny is used for education, and education should, inherently, be free of political views, if not related to the subject of the course * GitHub invades on user privacy, and the main UI should not drop users into a browser leading to a privacy-invading web platform (The second point is even worse for the Python Tutor linked from the menu, which is a shitload of tracking and advertising; will be reported separately.) The Ukraine button should be removed (even though I personally agree with the linked content. This issue is a blocker for using Thonny for its original purpose, and the context of the target group of its packaging team. Cheers, NIk - -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-6-amd64 (SMP w/20 CPU threads; PREEMPT) Locale: LANG=C.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages thonny depends on: ii mypy 1.0.1-1 ii pylint 2.16.2-2 ii python33.11.2-1+b1 ii python3-asttokens 2.2.1-1 ii python3-docutils 0.19+dfsg-6 ii python3-jedi 0.18.2-1 ii python3-mypy 1.0.1-1 ii python3-pip23.0.1+dfsg-1 ii python3-pkg-resources 66.1.1-1 ii python3-send2trash 1.8.1~b0-2 ii python3-serial 3.5-1.1 ii python3-tk 3.11.2-2 ii python3-venv 3.11.2-1+b1 ii python3-wheel 0.38.4-2 Versions of packages thonny recommends: ii xsel1.2.0+git9bfc13d.20180109-4 ii zenity 3.44.0-1 Versions of packages thonny suggests: ii python3-distro 1.8.0-1 - -- no debconf information -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCZE1EjzEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3W4iAQCDRLgBVM6VDoiHrs1KOhmb CItExlVFSHIILuWryqqZFAD9EHQLnjEttKONGgDJw84mhOnmxUn9yqh11AlSlH2l eQk= =tOF6 -END PGP SIGNATURE-
Bug#1032019: python3.11: deadlock on interpreter shutdown waiting for threads
Package: python3.11 Version: 3.11.2-4 Severity: important Tags: upstream fixed-upstream Forwarded: https://github.com/python/cpython/issues/102126 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Python 3.11.2 introduced a deadlock on interpreter shutdown when using threads, causing quite a few libraries and tools to hang on exit. https://github.com/python/cpython/issues/102126 Fixed upstream; reporting here to track for bookworm. - -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages python3.11 depends on: ii libpython3.11-stdlib 3.11.1-2 ii media-types 9.0.0 ii mime-support 3.66 ii python3.11-minimal3.11.1-2 python3.11 recommends no packages. Versions of packages python3.11 suggests: ii binutils 2.40-2 pn python3.11-doc ii python3.11-venv 3.11.1-2 - -- no debconf information -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCY/uJxjEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3Qr9AQC6ZJlTqYQ02kLfhD2oblIV 2yPkIEDk5Mbqu2pTG/eCbAD+MGLRKuibJkB6EFwcP7O8C6NgV00iGcKxGqzBp/ok IAg= =JbNH -END PGP SIGNATURE-
Bug#1030632: bugs.debian.org: cannot select picture from a local directory to use as desktop background in kde plasma
On 2/5/23 16:47, Don Armstrong wrote: Control: reassign -1 kde-plasma-desktop My guess is that this has something to do with kde-plasma-desktop, but you're going to need to provide more information about which window manager you're using, what version it is, and what you've most recently installed. Ok, thank you. I am using kwin window manager and light dm for my display manager. Here is my system data: $ neofetch _,met$gg. george@gigatribetrek ,g$$$P. ,g$$P" """Y$$.". OS: Debian GNU/Linux bookworm/sid x86_64 ,$$P' `$$$. Host: X570 AORUS ELITE WIFI -CF ',$$P ,ggs. `$$b: Kernel: 6.1.0-3-amd64 `d$$' ,$P"' . $$$ Uptime: 8 hours, 5 mins $$P d$' , $$P Packages: 3136 (dpkg) $$: $$. - ,d$$' Shell: bash 5.2.15 $$; Y$b._ _,d$P' Resolution: 2560x1440, 1920x1080, 2560x1440, 1920x1080 Y$$. `.`"YP"' DE: Plasma 5.26.5 `$$b "-.__ WM: KWin `Y$$ WM Theme: plastik `Y$$. Theme: [Plasma], Breeze [GTK2/3] `$$b. Icons: [Plasma], breeze [GTK2/3] `Y$$b. Terminal: konsole `"Y$b._ Terminal Font: Hack 11 `""" CPU: AMD Ryzen 9 5900X (24) @ 3.700GHz GPU: AMD ATI Radeon RX 6600/6600 XT/6600M Memory: 6367MiB / 32021MiB $ cat /etc/X11/default-display-manager /usr/sbin/lightdm I haven't installed any new software recently, except for reportbug, and that was after this problem came up. The only thing I have installed are the daily updates with sudo apt update and sudo apt upgrade. Here is my sources file: $ cat /etc/apt/sources.list deb http://deb.debian.org/debian/ bookworm main contrib non-free deb-src http://deb.debian.org/debian/ bookworm main contrib non-free deb http://security.debian.org/debian-security bookworm-security main contrib non-free deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free # bullseye-updates, to get updates before a point release is made; # see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports deb http://deb.debian.org/debian/ bookworm-updates main contrib non-free deb-src http://deb.debian.org/debian/ bookworm-updates main contrib non-free # enable the following in order to install the protonmail bridge, but then comment it out again # deb http://deb.debian.org/debian bullseye main Note that to install bookworm, I first installed bullseye and then changed the source names.
Bug#1030632: bugs.debian.org: cannot select picture from a local directory to use as desktop background in kde plasma
Package: bugs.debian.org Severity: important Dear Maintainer, I am using Debian testing (bookworm). I have a 4 monitor setup and my graphics card is this: 0a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Navi 23 [Radeon RX 6600/6600 XT/6600M] (rev c7) I have been running Debian testing for about 6 months and this is the first time that an update has caused something significant to stop working. When I ran an update last week and rebooted, all of a sudden the pictures that I use for my desktop slideshow would not come up as a desktop background. Instead all I get is black screen. The default menu bar panel works and my system is functional, but there is no desktop background. If I select slideshow or image and try to set an image from a local directory, it will not set a desktop background. I only get a blank screen. If I select a picture of the day so that it grabs an image from the internet, like Astronomy Picture of the Day, it sets the image. But it will not set the image from a local directory. In addition, the digital clock widget on the menu bar no longer works. If I click on the spot where the digital clock used to appear, I get this error: "file:///usr/share/plasma/plasmoids/org.kde.plasma.digitalclock/contents/ui/main.qml:80:34: Type CalendarView unavailable file:///usr/share/plasma/plasmoids/org.kde.plasma.digitalclock/contents/ui/CalendarView.qml:604:13: Cannot assign to non-existent property "eventButton"" I don't know if these 2 items are related, but the failures happened at the same time. I posted the problem in the Debian user forms at this url: https://forums.debian.net/viewtopic.php?t=153902 I was told this had to do with libkscreen.
Bug#1030341: nextcloud-desktop-cmd: nextcloudcmd contains em-dashes instead of double dashes
Package: nextcloud-desktop-cmd Version: 3.1.1-2+deb11u1 Severity: normal X-Debbugs-Cc: nicolas.geo...@ens.fr Hi. `man nextcloudcmd` says: —user, -u [user] Use user as the login name. But: $ nextcloudcmd —user george [snip] nextcloudcmd - command line Nextcloud client tool [snip usage info] $ nextcloudcmd -user george [snip] nextcloudcmd - command line Nextcloud client tool [snip usage info] $ nextcloudcmd --user george [snip] Password for user george: The man page (including its source file) contains an em-dash character U+2014 instead of a double dash. It is not limited to the --user option. -- System Information: Debian Release: 11.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.0.0-0.deb11.6-amd64 (SMP w/12 CPU threads; PREEMPT) Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages nextcloud-desktop-cmd depends on: ii libc6 2.31-13+deb11u5 ii libgcc-s1 10.2.1-6 ii libnextcloudsync0 3.1.1-2+deb11u1 ii libqt5core5a 5.15.2+dfsg-9 ii libqt5network55.15.2+dfsg-9 ii libqt5sql5-sqlite 5.15.2+dfsg-9 ii libstdc++610.2.1-6 ii nextcloud-desktop-common 3.1.1-2+deb11u1 ii nextcloud-desktop-l10n3.1.1-2+deb11u1 nextcloud-desktop-cmd recommends no packages. nextcloud-desktop-cmd suggests no packages. -- no debconf information
Bug#1029941: unattended-upgrades: unattended-upgrade hangs with 100% CPU usage
Package: unattended-upgrades
Version: 2.9.1+nmu3
Severity: normal
X-Debbugs-Cc: george.shuk...@gmail.com
Dear Maintainer,
I found that unattended-upgrade process consumed more than 37 hours (took me a
while to notice).
In strace there is an endless loop:
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_sid_non-free_binary-
all_Packages.zst", 0x7ffdbcd64c70, 0) = -1 ENOENT (No such file or directory)
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_sid_non-free_binary-
all_Packages.uncompressed", 0x7ffdbcd64c70, 0) = -1 ENOENT (No such file or
directory)
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_sid_non-
free_i18n_Translation-en", {st_mode=S_IFREG|0644, st_size=624211, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_sid_non-
free_i18n_Translation-en", {st_mode=S_IFREG|0644, st_size=624211, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_source_Sources",
{st_mode=S_IFREG|0644, st_size=2313105, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_contrib_source_Sources",
{st_mode=S_IFREG|0644, st_size=3188, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_non-
free_source_Sources", {st_mode=S_IFREG|0644, st_size=24493, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-
amd64_Packages", {st_mode=S_IFREG|0644, st_size=2503499, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-
amd64_Packages", {st_mode=S_IFREG|0644, st_size=2503499, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-i386_Packages",
{st_mode=S_IFREG|0644, st_size=2359788, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-i386_Packages",
{st_mode=S_IFREG|0644, st_size=2359788, ...}, 0) = 0
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-
all_Packages", 0x7ffdbcd64c70, 0) = -1 ENOENT (No such file or directory)
[pid 633721] newfstatat(AT_FDCWD,
"/var/lib/apt/lists/debian.otenet.gr_debian_dists_experimental_main_binary-
all_Packages.xz", 0x7ffdbcd64c70, 0) = -1 ENOENT (No such file or directory)
There is no specific log entires in the journal (just start event) and this is
the last message in the logs:
2023-01-29 00:08:26,889 INFO Starting unattended upgrades script
2023-01-29 00:08:26,889 INFO Allowed origins are:
origin=Debian,codename=bookworm,label=Debian,
origin=Debian,codename=bookworm,label=Debian-Security,
origin=Debian,codename=bookworm-security,label=Debian-Security
2023-01-29 00:08:26,889 INFO Initial blacklist:
2023-01-29 00:08:26,889 INFO Initial whitelist (not strict):
-- System Information:
Debian Release: bookworm/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable'), (500, 'oldstable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-1-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages unattended-upgrades depends on:
ii debconf [debconf-2.0] 1.5.82
ii lsb-base 11.5
ii lsb-release12.0-1
ii python33.10.6-3+b1
ii python3-apt2.5.0
ii python3-dbus 1.3.2-4
ii python3-distro-info1.3
ii sysvinit-utils [lsb-base] 3.06-2
ii ucf3.0043
ii xz-utils 5.4.1-0.0
Versions of packages unattended-upgrades recommends:
ii anacron 2.3-36
ii cron [cron-daemon] 3.0pl1-156
ii systemd-sysv252.4-1
Versions of packages unattended-upgrades suggests:
pn bsd-mailx
ii needrestart3.6-3
ii nullmailer [mail-transport-agent] 1:2.2-3+b1
ii powermgmt-base 1.37
ii python3-gi 3.42.2-3
-- debconf-show failed
Bug#1029076: [pkg-uWSGI-devel] Bug#1029076: Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: Bug#1029076: uwsgi-plugin-python3: built against non-defaul
> Since this issue only emerges during transitions (and possibly for > downstream derivative distros supporting multiple concurrent Python > versions in their final user-exposed distro releases), this issue is not > considered urgent to fix, and is not planned to do before this upcoming > freeze. So, what about Python 3.11 most likely not going to be the default Python in bookworm? Using your choice of words, bookworm is currently in a transition, and will probably be released with this transition ongoing. So, as I take it, your plan is to live with the issue, even though this means uWSGI's Python 3 support will not be properly usable for third-party applications for a full stable release lifetime? signature.asc Description: PGP signature
Bug#1029076: [pkg-uWSGI-devel] Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.
Jonas, > If you want me to not share my views here, then I shall stop waste my > time on that. I cannot see where I said, or implied, that I do not want you to share your views here. > If you want to be understood, then I suggest you try elaborate, taking > the views shared by your opponent into account, instead of simply > insisting that what you said initially is the truth and adequate for > understanding your truth. So, how about trying to read my elaborate mail instead of complaining about my style? As often when interacting with you, I have a very strong feeling of rejection, because your biggest interest seems to be educating others on how to interact with you. From my point of view, I do not want you to do anything in particular, I simply want a working Linux distribution with as few bugs as possible, and I always try to assume that this goal is shared among all Debian Developers. -nik signature.asc Description: PGP signature
Bug#991462: Please update etcd to 3.5.5
Hi Thomas, Shengjing, et al, I am currently investigating if, and how, we could get etcd 3.5.7 into Debian bookworm. It is already very short before the freeze, but yet… let's at least discuss it. It looks like Shengjing is working on the package, but recently uploaded 3.4.23. Shengjing, can you provide an update on your plans for bookworm? The Git repository has a version 3.5.5 which according to the changelog should have been uploaded to experimental, where I cannot find it. Thomas, do you remember where this version went? COncerning the reverse dependencies of golang-etcd-server-dev, are there any known incompatibilities that would prevent a move to etcd 3.5.5? Kind regards, Nik signature.asc Description: PGP signature
Bug#1029076: [pkg-uWSGI-devel] Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.
Hi Jonas, > Please describe what exactly fails, to aid in understanding what we are > talking about and aid in testing. So, consider the following example of how to use uWSGI (it is actually the msot common and basic example, so I would expect you to test it): 1. Create a virtual environment: python3 -m venv /srv/fooenv 2. Install whatever WSGI app you like into the venv → note that at this point, all packages isntalled into the venv will be versioned for python3.10 in testing! 3. Configure a uWSGI app to use the environment (by setting virtualenv = /srv/fooenv and referring to a script exposing a WSGI app there) 4. Start uWSGI → note that at this point, all imports from packages in the venv fail, because the WSGI script is run using Python 3.11 while the venv uses Python 3.10, which is the default Python) -nik signature.asc Description: PGP signature
Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.11 / should always build agains
> Seems to me you are looking at a policy for Python modules. Yes, as I said. And also as I said, I still think it applies here. -nik signature.asc Description: PGP signature
Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.11 / should always build agains
I'd say what the Python policy says for modules also applies here: https://www.debian.org/doc/packaging-manuals/python-policy/index.html#dependencies Specificically, dependencies on versioned Python runtime packages are forbidden. As I see it, uwsgi-plugin-python3 needs to build a versioned package against all supported Python versions, and build a meta-package depending on the current default Python version. A less elaborate fix would be adding a dependency on python3 (>= 3.11~), which would prevent migration to testing before the default Python in testing being changed.
Bug#1029076: closed by Jonas Smedegaard (reply to 1029...@bugs.debian.org) (Re: [pkg-uWSGI-devel] Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.11 / should a
Control: reopen -1 > Sorry, but I fail to see any problem here. > > uwsgi _does_ build against the default Python. Yes, but the default Python it builds against in unstable is not necessarily the default Python in testing. Right now, it is built against Python 3.11, while the default Python in testing is 3.10. Hence, it does not work in testing (have you actually tried that after my bug report?).
Bug#1029077: debian-edu-config: leaks first user password in Debconf answers
Source: debian-edu-config Version: 2.12.25 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 It was discovered that the password for the first user (GOSa); and root user if using the Debian Edu installer, is not cleared from the Debconf answers database. It is also therefore available unencrypted in the system memory on tjener, at least after the first ever debconf run. The database is generally not world-readable, and regular users cannot access arbitrary system memory, so this is not a critical security bug. I still propose to clear the password from the Debconf database "as soon as possible", as per the Debconf Programmer's Tutorial [1]: You should consider clearing that value out of the database as soon as is possible. - -nik [1] http://www.fifi.org/doc/debconf-doc/tutorial.html#AEN34 -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCY8ahVDEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3aIyAQCOlYlZt6REMchQ9DSak5JD 5PmdwnD89Uc0K4U+feDu4QD6A8WwWgnV7ov3VJ0wupphIVopqGcnIxJrZH8LnYaW cAY= =Vrqx -END PGP SIGNATURE-
Bug#1029076: uwsgi-plugin-python3: built against non-default libpython3.11 / should always build against the defalt Python in testing
Package: uwsgi-plugin-python3 Version: 2.0.21-3+b1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: debian-pyt...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Currently, the uWSGI Python 3 plugin is built against Python 3.11, and depends on libpython3.11. This is, to some extent, fine, as Python 3.11 is already in Debian. However, Python 3.10 is still the default Python in bookworm, and as it stands this will not change [1]. In practice, this means that without changing the interpreter and manually ensuring that the Python 3.11 environment is fully available, apps run through uWSGI do not work. So, the uWSGI plugin should in general always build against the default Python IMHO. - -nik [1] https://lists.debian.org/debian-python/2023/01/msg00010.html - -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-6-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages uwsgi-plugin-python3 depends on: ii libc6 2.36-8 ii libpython3.11 3.11.1-2 ii uwsgi-core 2.0.21-3+b1 uwsgi-plugin-python3 recommends no packages. Versions of packages uwsgi-plugin-python3 suggests: pn python3-uwsgidecorators - -- no debconf information -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCY8aedTEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3ZDoAQCYW8oE4ZgiBKkgo1lge2Az 7/qTIXGHgKAAF5kmuGTB5QD+NiuAOboj6I6ZvxRZF4o1D3vXCBr1HkqYz+piZMQO Fgc= =Y+XX -END PGP SIGNATURE-
Bug#1026927: More analysis and improved patch
Hey,
I think I found why you still get the error after applying the patch.
The same thing happened to me on another of my systems. The
difference was whether the package amd64-microcode was installed or
not. I think I have a patch (attached) for both. Here's what I found.
It looks like there are actually 2 related bugs here. The first one
(which my original patch for line 182 addresses) applies when there is
microcode available. The second, when there is not. Here's what I've
found:
Both of these are exposed on line 904 of /usr/sbin/needrestart
print "NEEDRESTART-UCEXP: $ucode_vars{AVAIL}\n";
when $ucode_vars{AVAIL} never gets set. There are 2 ways this can
happen. The second (which I just found), comes when AMD.pm finds an
AMD cpu, but does not find microcode for it (namely _scan_ucodes does
not find a matching file in /lib/firmware/amd-ucode/microcode_*.bin).
This will, under -v, print
"$LOGPREF #$info->{processor} no ucode updates available\n"
and return NRM_CURRENT (indicating no reboot for microcode needed),
but still leave $ucode_vars{AVAIL} unset. The fix is to make sure
that it is set even when there are no microcode updates available (on
line 176).
The first (original patch) bug comes when needrestart finds a matching
microcode. There, on line 182 of /usr/share/perl5/NeedRestart/uCode/AMD.pm
the line ends with a comma (,) instead of a semicolon (;), which means
that the assignment to $ucode_vars{AVAIL} is subsumed under the if ($debug)
condoling the printing of microcode version under. Thus,
$ucode_vars{AVAIL} is only set under needrestart -v.
The attached patch fixes both of these cases.
Thanks,
George
--- /tmp/AMD.pm 2023-01-14 09:09:28.324414456 -0700
+++ /usr/share/perl5/NeedRestart/uCode/AMD.pm 2023-01-14 09:11:39.210705528
-0700
@@ -173,13 +173,13 @@
_scan_ucodes();
}
-my %vars = ( CURRENT => sprintf( "0x%08x", $ucode ), );
+my %vars = ( CURRENT => sprintf( "0x%08x", $ucode ), AVAIL =>
"unavailable");
# check for microcode updates
if ( exists( $_ucodes->{cpuid}->{$cpuid} ) ) {
my $prid = $_ucodes->{cpuid}->{$cpuid};
if ( exists( $_ucodes->{prid}->{$prid} ) ) {
-$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} ),
+$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} );
print STDERR "$LOGPREF #$info->{processor} found ucode
$vars{AVAIL}\n" if ($debug);
if ( $_ucodes->{prid}->{$prid} > $ucode ) {
Bug#1026927: needrestart -b on AMD processors complains of perl uninitialized variable
On Fri, 06 Jan 2023 01:56:33 -0700, Patrick Matthäi wrote:
> Thanks for your investigation. I have tested it on my (sid/unstable) AMD
> notebook and I can reproduce your issue with needrestart from stable.
> But your patch does not produce another result for me. Are you sure,
> that you didnt changed something else?
Color me confused. That file (in fact that one character) is all I
changed. I tried it again and the patch seems to work for me. What I
did was:
apt-get install --reinstall needrestart
needrestart -b
# error message
apply patch
needrestart -b
# no error here
I'm attaching a full `script` of that attempt in case there's
something significant in there that the above summary leaves out.
That also has md5sum of AMD.pm before and after the patch in case that
helps point to "what's different" between our two runs.
If there's any more info I can supply, please let me know. Thanks for
looking into this.
Thanks,
George
Script started on 2023-01-09 12:32:39-07:00 [TERM="xterm" TTY="/dev/pts/0"
COLUMNS="80" LINES="24"]
root@xecty# PS1='# '
# apt-get install --reinstall needrestart
Reading package lists... 0%
Reading package lists... 100%
Reading package lists... Done
Building dependency tree... 0%
Building dependency tree... 0%
Building dependency tree... 50%
Building dependency tree... 50%
Building dependency tree... Done
Reading state information... 0%
Reading state information... 0%
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
Need to get 0 B/62.4 kB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 59046 files and directories currently installed.)
Preparing to unpack .../needrestart_3.5-4+deb11u2_all.deb ...
Unpacking needrestart (3.5-4+deb11u2) over (3.5-4+deb11u2) ...
Setting up needrestart (3.5-4+deb11u2) ...
Processing triggers for man-db (2.9.4-2) ...
NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.10.0-20-amd64
NEEDRESTART-KEXP: 5.10.0-20-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x0327
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or string
at /usr/sbin/needrestart line 904.
NEEDRESTART-UCEXP:
#
#
# needrestart -b
NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.10.0-20-amd64
NEEDRESTART-KEXP: 5.10.0-20-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x0327
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or string
at /usr/sbin/needrestart line 904.
NEEDRESTART-UCEXP:
# cd /usr/share/perl5/NeedRestart/uCode/
# cat ~ghr/needrestart.patch
--- /tmp/AMD.pm 2022-12-22 11:00:14.589106185 -0700
+++ /usr/share/perl5/NeedRestart/uCode/AMD.pm 2022-12-22 11:00:24.329046436
-0700
@@ -179,7 +179,7 @@
if ( exists( $_ucodes->{cpuid}->{$cpuid} ) ) {
my $prid = $_ucodes->{cpuid}->{$cpuid};
if ( exists( $_ucodes->{prid}->{$prid} ) ) {
-$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} ),
+$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} );
print STDERR "$LOGPREF #$info->{processor} found ucode
$vars{AVAIL}\n" if ($debug);
if ( $_ucodes->{prid}->{$prid} > $ucode ) {
# md5sum AMD.pm
aa911d7cb8c97f464db89f0252ecaf73 AMD.pm
# patch -p6 <~ghr/needrestart.patch
patching file AMD.pm
# md5sum AMD.pm
2be0d48086c482f6425e9626f73afbb9 AMD.pm
# needrestart -b
NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.10.0-20-amd64
NEEDRESTART-KEXP: 5.10.0-20-amd64
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x0327
NEEDRESTART-UCEXP: 0x0327
# exit
Script done on 2023-01-09 12:33:54-07:00 [COMMAND_EXIT_CODE="0"]
Bug#1026927: needrestart -b on AMD processors complains of perl uninitialized variable
Package: needrestart
Version: 3.5-4+deb11u2
Severity: normal
Dear Maintainer,
When running 'needrestart -b' on an AMD system, I get the following
uninitialized variable warning. It also does not report the expected
microcode version (NEEDRESTART-UCEXP). See output: section below for
example output of needrestart -b.
Use of uninitialized value $ucode_vars{"AVAIL"} in concatenation (.) or string
at /usr/sbin/needrestart line 904.
This perl warning disappears when adding the -v option (needrestart -b -v),
and the correct value is reported for NEEDRESTART-UCEXP.
The processor, in this system, is:
vendor_id : AuthenticAMD
cpu family : 18
model : 1
model name : AMD A4-3400 APU with Radeon(tm) HD Graphics
stepping: 0
microcode : 0x327
It looks to me like the problem is that line 182 of
/usr/share/perl5/NeedRestart/uCode/AMD.pm ends in a comma (,) instead
of a semicolon (;). This means that assignment is subsumed into the
next line which is under if ($debug).
See the attached patch.
It also looks to me like this is similar symptoms with a different
root cause from bug #973050.
Thanks,
George Robbert
-- Package-specific info:
needrestart output:
-- System Information:
Debian Release: 11.1
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-20-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=ANSI_X3.4-1968)
(ignored: LC_ALL set to C), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages needrestart depends on:
ii binutils 2.35.2-2
ii dpkg 1.20.12
ii gettext-base 0.21-4
ii libintl-perl 1.26-3+deb11u1
ii libmodule-find-perl0.15-1
ii libmodule-scandeps-perl1.30-1
ii libproc-processtable-perl 0.59-2+b1
ii libsort-naturally-perl 1.03-2
ii libterm-readkey-perl 2.38-1+b2
ii perl 5.32.1-4+deb11u2
ii xz-utils 5.2.5-2.1~deb11u1
Versions of packages needrestart recommends:
ii libpam-elogind [libpam-systemd] 246.10-2
ii sysvinit-core2.96-7+devuan2
Versions of packages needrestart suggests:
pn iucode-tool
pn needrestart-session | libnotify-bin
-- Configuration Files:
/etc/apt/apt.conf.d/99needrestart changed:
DPkg::Post-Invoke {"test -x /usr/lib/needrestart/apt-pinvoke &&
/usr/lib/needrestart/apt-pinvoke -b || true"; };
/etc/needrestart/hook.d/20-rpm [Errno 2] No such file or directory:
'/etc/needrestart/hook.d/20-rpm'
-- no debconf information
--- /tmp/AMD.pm 2022-12-22 11:00:14.589106185 -0700
+++ /usr/share/perl5/NeedRestart/uCode/AMD.pm 2022-12-22 11:00:24.329046436
-0700
@@ -179,7 +179,7 @@
if ( exists( $_ucodes->{cpuid}->{$cpuid} ) ) {
my $prid = $_ucodes->{cpuid}->{$cpuid};
if ( exists( $_ucodes->{prid}->{$prid} ) ) {
-$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} ),
+$vars{AVAIL} = sprintf( "0x%08x", $_ucodes->{prid}->{$prid} );
print STDERR "$LOGPREF #$info->{processor} found ucode
$vars{AVAIL}\n" if ($debug);
if ( $_ucodes->{prid}->{$prid} > $ucode ) {
Bug#1026827: xrdp: initially xrdp worked ok, but later it broke, and the problem was /etc/xrdp/startwm.sh that changed
Control: tags -1 + moreinfo Control: severity -1 normal Hi, > Severity: critical > Justification: breaks the whole system I doubt that very much. Are you sure that the whole system stopped working because you could not start a session in xrdp? As in, no login on the tty possible, the kernel crashing, boot failed, or the like? >* What led up to the situation? What did yo udo *before* the file was renamed? I am pretty certain that this is not something the package did. How is the syste mmanaged? Did the change happen in correlation with a package update? -nik signature.asc Description: PGP signature
Bug#1025025: ImportError: cannot import name 'Application' from 'cleo'
close 1025025 I've used debian:bookworm Docker image. I rechecked it now, and problem seems to be solved: docker run --rm -ti debian:bookworm # apt update && apt install -y python3-poetry # /usr/bin/poetry config virtualenvs.create false # Thank you very much for help. On 12/14/22 19:49, Emmanuel Arias wrote: Hi George, Thanks for the report. I assume that you are in testing. Please can you try again? python-cleo was migrated to testing yesterday [0] [0] https://tracker.debian.org/news/1398131/python-cleo-100a5-3-migrated-to-testing/ Please, let me know. Cheers, Emmanuel On Fri, Dec 9, 2022 at 2:21 PM George Shuklin wrote: Unfortunately, 1.2.2+dfsg-1didn't fixed the problem: dpkg -l|grep poetr ii python3-poetry 1.2.2+dfsg-1 /usr/bin/poetry config virtualenvs.create false Traceback (most recent call last): File "/usr/bin/poetry", line 5, in from poetry.console.application import main File "/usr/lib/python3/dist-packages/poetry/console/application.py", line 13, in from cleo.events.console_events import COMMAND ModuleNotFoundError: No module named 'cleo.events'
Bug#1025025: ImportError: cannot import name 'Application' from 'cleo'
Unfortunately, 1.2.2+dfsg-1didn't fixed the problem: dpkg -l|grep poetr ii python3-poetry 1.2.2+dfsg-1 /usr/bin/poetry config virtualenvs.create false Traceback (most recent call last): File "/usr/bin/poetry", line 5, in from poetry.console.application import main File "/usr/lib/python3/dist-packages/poetry/console/application.py", line 13, in from cleo.events.console_events import COMMAND ModuleNotFoundError: No module named 'cleo.events'
Bug#1023680: ITP: django-jsonstore -- Expose JSONField data as a virtual django model fields
Hi, > * License : GPL-3 Please mind that this library is licensed under AGPL. Therefore, we deem it unfit for release in a free software product, and will replace it in AlekSIS. -nik
Bug#1022042: linux-image-5.10.0-19-amd64: amd computers with integrated graphics (ryzen 5 3400G) don't boot with this kernel version
Package: src:linux Version: 5.10.149-1 Followup-For: Bug #1022042 X-Debbugs-Cc: m...@duck.com Dear Maintainer, I just updated to the new kernel linux-image-5.10.0-19-amd64 (ver 5.10.149-1) And when the system was trying to boot(but never did), I just got this messages: [14.020140] [drm:drm_atomic_helper_wait_for_flip_done [drm_dkms_helper]] *ERROR* [CRTC:62:crtc-0] flip_done timed out [24.260069] [drm:drm_atomic_helper_wait_for_flip_done [drm_dkms_helper]] *ERROR* [CRTC:65:crtc-1] flip_done timed out [34.500079] [drm:drm_atomic_helper_wait_for_dependencies [drm_dkms_helper]] *ERROR* [CRTC:62:crtc-0] flip_done timed out [44.740026] [drm:drm_atomic_helper_wait_for_dependencies [drm_dkms_helper]] *ERROR* [CRTC:62:crtc-1] flip_done timed out [54.980073] [drm:drm_atomic_helper_wait_for_dependencies [drm_dkms_helper]] *ERROR* [PLANE:48:plane-2] flip_done timed out [65.220054] [drm:drm_atomic_helper_wait_for_dependencies [drm_dkms_helper]] *ERROR* [PLANE:52:plane-3] flip_done timed out [75.460064] [drm:drm_atomic_helper_wait_for_flip_done [drm_dkms_helper]] *ERROR* [CRTC:62:crtc-0] flip_done timed out [85.700050] [drm:drm_atomic_helper_wait_for_flip_done [drm_dkms_helper]] *ERROR* [CRTC:65:crtc-1] flip_done timed out /dev/nvme0n1p2: clean, 354739/1831424 files, 4384360/7324160 blocks I restarted the system twice later but got nothing more than a black screen. I backed off to the previous kernel linux-image-5.10.0-17-amd64 (5.10.136-1) The system boots again with no issues, I'll keep using this kernel version (linux-image-5.10.0-17-amd64) until a new one gets released and try it. Thanks for your great work. -- Package-specific info: ** Kernel log: boot messages should be attached ** Model information sys_vendor: BIOSTAR Group product_name: A32M2 product_version: chassis_vendor: BIOSTAR Group chassis_version: bios_vendor: American Megatrends Inc. bios_version: 5.14 board_vendor: BIOSTAR Group board_name: A32M2 board_version: ** PCI devices: 00:00.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Raven/Raven2 Root Complex [1022:15d0] Subsystem: Advanced Micro Devices, Inc. [AMD] Raven/Raven2 Root Complex [1022:15d0] Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- 00:01.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h (Models 00h-1fh) PCIe Dummy Host Bridge [1022:1452] Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:01.3 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Raven/Raven2 PCIe GPP Bridge [6:0] [1022:15d3] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:08.0 Host bridge [0600]: Advanced Micro Devices, Inc. [AMD] Family 17h (Models 00h-1fh) PCIe Dummy Host Bridge [1022:1452] Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx- Status: Cap- 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:08.2 PCI bridge [0604]: Advanced Micro Devices, Inc. [AMD] Raven/Raven2 Internal PCIe GPP Bridge 0 to Bus B [1022:15dc] (prog-if 00 [Normal decode]) Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- Reset- FastB2B- PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn- Capabilities: Kernel driver in use: pcieport 00:14.0 SMBus [0c05]: Advanced Micro Devices, Inc. [AMD] FCH SMBus Controller [1022:790b] (rev 61) Subsystem: Biostar Microtech Int'l Corp FCH SMBus Controller [1565:370b] Control: I/O+ Mem+ BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap- 66MHz+ UDF- FastB2B- ParErr- DEVSEL=medium >TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- TAbort- SERR- Kernel driver in use: xhci_hcd Kernel modules: xhci_pci 01:00.1 SATA controller [0106]: Advanced Micro Devices, Inc. [AMD] Device
Bug#1016730: ITP: netbird -- VPN management platform built on top of WireGuard
Package: wnpp Severity: wishlist Owner: Dominik George X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: netbird Version : 0.8.5 Upstream Author : * URL : https://netbird.io/ * License : BSD-3-clause Programming Lang: Go Description : VPN management platform built on top of WireGuard NetBird is an open-source VPN management platform built on top of WireGuard® making it easy to create secure private networks for your organization or home. It requires zero configuration effort leaving behind the hassle of opening ports, complex firewall rules, VPN gateways, and so forth. NetBird creates an overlay peer-to-peer network connecting machines automatically regardless of their location (home, office, datacenter, container, cloud or edge environments) unifying virtual private network management experience. I intend to maintain netbird inside the Go packaging team. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCYu5UAzEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3X/lAP9wV67BD4AD0G9CDKjzkJyx HFObmtNenmFGmk2C8bNy4wD/cxm+p6/Iq/xaKKxiw9J9goMPsO4o7qQCNC431FZr 3wY= =pDtN -END PGP SIGNATURE-
Bug#1016548: linux-image-5.19.0-rc6-amd64: Corrupted cursor and broken resume with amdgpu driver with Radeon RX 6600
Package: linux-image-5.19.0-rc6-amd64 Version: 5.19~rc6-1~exp1 Severity: important X-Debbugs-Cc: george.shuk...@gmail.com Dear Maintainer, After upgrade from 5.18.0-3-amd64 to 5.19.0-rc6-amd64 video subsystem start misbehave: * Visual artefacts after cursor * Hangs when X is active * Unable to show anything after resume on DisplayPort monitor (but working otherwise, like ssh). Following kernel trace was observed: [ 193.941836] [drm:amdgpu_dm_atomic_commit_tail [amdgpu]] *ERROR* Waiting for fences timed out! [ 199.061275] [drm:amdgpu_dm_atomic_commit_tail [amdgpu]] *ERROR* Waiting for fences timed out! [ 199.071242] [drm:amdgpu_job_timedout [amdgpu]] *ERROR* ring gfx_0.0.0 timeout, signaled seq=3956, emitted seq=3958 [ 199.071340] [drm:amdgpu_job_timedout [amdgpu]] *ERROR* Process information: process Xorg pid 2028 thread Xorg:cs0 pid 3062 [ 199.071424] amdgpu :0a:00.0: amdgpu: GPU reset begin! [ 199.491788] amdgpu :0a:00.0: [drm:amdgpu_ring_test_helper [amdgpu]] *ERROR* ring kiq_2.1.0 test failed (-110) [ 199.491863] [drm:gfx_v10_0_hw_fini [amdgpu]] *ERROR* KGQ disable failed [ 199.767776] [drm:gfx_v10_0_hw_fini [amdgpu]] *ERROR* failed to halt cp gfx [ 199.781910] [drm] free PSP TMR buffer [ 199.827452] CPU: 11 PID: 81 Comm: kworker/u64:7 Not tainted 5.19.0-rc6-amd64 #1 Debian 5.19~rc6-1~exp1 [ 199.827454] Hardware name: System manufacturer System Product Name/PRIME X570-P, BIOS 3405 02/01/2021 [ 199.827455] Workqueue: amdgpu-reset-dev drm_sched_job_timedout [gpu_sched] [ 199.827460] Call Trace: [ 199.827461] [ 199.827463] dump_stack_lvl+0x45/0x5e [ 199.827467] amdgpu_do_asic_reset+0x28/0x434 [amdgpu] [ 199.827576] amdgpu_device_gpu_recover_imp.cold+0x628/0x8fc [amdgpu] [ 199.827672] amdgpu_job_timedout+0x153/0x190 [amdgpu] [ 199.827765] drm_sched_job_timedout+0x76/0x110 [gpu_sched] [ 199.827767] process_one_work+0x1e5/0x3b0 [ 199.827770] worker_thread+0x50/0x3a0 [ 199.827772] ? rescuer_thread+0x390/0x390 [ 199.827773] kthread+0xe8/0x110 [ 199.827774] ? kthread_complete_and_exit+0x20/0x20 [ 199.827775] ret_from_fork+0x22/0x30 [ 199.827778] [ 199.827779] amdgpu :0a:00.0: amdgpu: MODE1 reset [ 199.827781] amdgpu :0a:00.0: amdgpu: GPU mode1 reset [ 199.827855] amdgpu :0a:00.0: amdgpu: GPU smu mode1 reset [ 200.341240] amdgpu :0a:00.0: amdgpu: GPU reset succeeded, trying to resume [ 200.341406] [drm] PCIE GART of 512M enabled (table at 0x00800030). [ 200.341430] [drm] VRAM is lost due to GPU reset! [ 200.341435] [drm] PSP is resuming... ... [ 200.897511] amdgpu :0a:00.0: amdgpu: GPU reset(2) succeeded! [ 200.906284] amdgpu_cs_ioctl: 16 callbacks suppressed [ 200.906286] [drm:amdgpu_cs_ioctl [amdgpu]] *ERROR* Failed to initialize parser -125! [ 200.906954] [drm:amdgpu_cs_ioctl [amdgpu]] *ERROR* Failed to initialize parser -125! [ 200.907311] [drm:amdgpu_cs_ioctl [amdgpu]] *ERROR* Failed to initialize parser -125! Xorg log is clean (no errors observed). Reverting back to 5.18.0-3-amd64 fix the problem. GPU details: Radeon 6600. lspci data: 0a:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Navi 23 [Radeon RX 6600/6600 XT/6600M] (rev c7) (prog-if 00 [VGA controller]) Subsystem: Micro-Star International Co., Ltd. [MSI] Navi 23 [Radeon RX 6600/6600 XT/6600M] Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort+ SERR-
Bug#1014908: ITP: gender-guesser -- Guess the gender from first name
Hi, what practical use, except for direct discriminatory attempts against non-binaries and probably even many cis people, does such a package have? -nik
Bug#1010593: fai-server - fai-diskimage must call losetup -P
Package: fai-server Version: 5.10.3 Followup-For: Bug #1010593 -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 I can confirm this issue. I cannot find any hints on why and when the behaviour changed, but I had to add -P to losetup today as well to get fai-diskimage back to a working state. - -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.17.0-3-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fai-server depends on: ii debootstrap 1.0.126+nmu1 ii e2fsprogs1.46.5-2 ii fai-client 5.10.3 ii xz-utils 5.2.5-2.1 Versions of packages fai-server recommends: ii dosfstools4.2-1 pn isc-dhcp-server ii libproc-daemon-perl 0.23-2 ii mtools4.0.33-1+really4.0.32-1 ii nfs-kernel-server 1:2.6.1-2 ii openbsd-inetd [inet-superserver] 0.20160825-5 ii openssh-client1:9.0p1-1+b1 ii openssh-server1:9.0p1-1+b1 ii tftpd-hpa 5.2+20150808-1.2 Versions of packages fai-server suggests: ii binutils 2.38.50.20220615-4 pn debmirror ii fai-setup-storage 5.10.3 pn grub2 ii perl-tk1:804.036-1 ii qemu-utils 1:7.0+dfsg-7 pn reprepro ii squashfs-tools 1:4.5.1-1 ii xorriso1.5.4-2 - -- no debconf information -BEGIN PGP SIGNATURE- iL8EARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCYrIvNzEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3evkAPioiwmA7CCgwL9BbOuwLVsc LrRa+9QZnAsGPdxmbdm5AQDunHEtldkdrsRREbixA8yAhH62axYxuKpVJxJKePO4 Dw== =sqlb -END PGP SIGNATURE-
Bug#1011642: fai-client: softupdate should unmount tmpfs on /var/lib/fai
Package: fai-client Version: 5.10.3 Severity: normal When using a remote configspace (using FAI_CONFIG_SRC=https://…/foo.tar.xz), fai softupdate mounts a tmpfs on /var/lib/fai (thanks forthat behaviour, that is really helpful!). This mount is never cleaned up, neither after a successful run nor after a failed run. Even worse, on the next fai softupdate, another tmpfs is mounted at the same location, slowly accumulatiing squillions of mounts on /var/lib/fai… -- System Information: Debian Release: 11.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-14-amd64 (SMP w/1 CPU thread) Locale: LANG=en_US.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages fai-client depends on: ii debconf-utils1.5.77 ii file 1:5.39-3 ii iproute2 5.10.0-4 ii libapt-pkg-perl 0.1.39 ii libfile-lchown-perl 0.02-2+b7 ii perl 5.32.1-4+deb11u2 ii procps 2:3.3.17-5 Versions of packages fai-client recommends: ii fdisk 2.36.1-8+deb11u1 pn libgraph-perl ii util-linux 2.36.1-8+deb11u1 Versions of packages fai-client suggests: pn logtail -- Configuration Files: /etc/fai/fai.conf changed [not included] -- no debconf information
Bug#1011387: ITP: inkscape-silhouette -- An extension to drive Silhouette vinyl cutters (e.g. Cameo, Portrait series) from within inkscape
Package: wnpp Severity: wishlist Owner: Dominik George X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: inkscape-silhouette Version : 1.25 Upstream Author : Fab Lab Region Nuernberg e. V. * URL : https://github.com/fablabnbg/inkscape-silhouette * License : GPL-2.0+ Programming Lang: Python Description : An extension to drive Silhouette vinyl cutters (e.g. Cameo, Portrait series) from within inkscape inkscape-silhoute is an extension to drive a Silhoutte Cameo and similar plotter devices from within Inkscape. It is 100% pure Python, and works on top of the libusb backend. The folloiwing devices are supported: Silhouette Portrait Silhouette Portrait 2 (working confirmed) Silhouette Portrait 3 Silhouette Cameo Silhouette Cameo 2 Silhouette Cameo 3 Silhouette Cameo 4 Silhouette Cameo 4 Pro Silhouette Curio (partial success confirmed in #36) Craft Robo CC200-20 Craft Robo CC300-20 Silhouette SD 1 Silhouette SD 2 I intend to maintain the package withing the Debian Multimedia Packaing team. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCYoj8hzEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3XQtAQDAvFmiq7DlhRHnE1sp3vqs k/oarTee00VEqQiXaO98BQD/aFer8iH+x+adpQFYdxReIc8T4idZhv67v5M3arwW DwQ= =99Q0 -END PGP SIGNATURE-
Bug#1010670: libgoogle-gson-java: CVE-2022-25647 Deserialization of Untrusted Data via the writeReplace method
Hi, > Thank you for uploading to old-old-stable [1]. Are you interested in > doing the same for old-stable and stable? (If not, I plan to. I'm > asking only to avoid duplication of effort.) I was actually planning to ask you whether I shall handle that. So if you want, I will take that up as well. Cheers, Nik
Bug#1008772: xrdp: Please integrate NMUs and gitlab MR
Hi, > I have just uploaded an NMU prepared by a Kali contributor (in the NM > queue). Please find the relevant "git am" patches attached. (The two > patches by Arnaud are also in https://salsa.debian.org/arnaudr/xrdp) > > It fixes CVE-2022-23613 and nothing else. Thanks a lot! > I noticed that you have open MR on Gitlab that it would be good to handle. > There's a former NMU that was never acked and that doesn't appear in > debian/changelog. > > https://salsa.debian.org/debian-remote-team/xrdp/-/merge_requests Yep, I am clearly behind on my maintenance work… I am resolving all of that with the next upload based on the current upstream version 0.9.19. -nik signature.asc Description: PGP signature
Bug#940398: RFA: golang-github-nats-io-go-nats
Hi, On Sun, Sep 15, 2019 at 06:38:01PM -0400, Alexandre Viau wrote: > I'd like to find new maintainers for some of my packages because I have > had less time for Debian. I'd like to focus the small amount of time > that I have for Debian on other things. > > For now, I intend to do my best to keep maintaining this package. > However, I will probably retitle this bug with the 'O:' prefix at some > point, indicating that I have orphaned it. > > Feel free to upload a new version of the package and remove me from the > uploaders in debian/control. On Mon, Jun 22, 2020 at 01:53:45PM +0200, Badreddin Aboubakr wrote: > I would like to take the maintainership for the NATS packages. I am currently working on packaging nextcloud-spreed-signaling, which depends on NATS. It seems the pckage has by now been renamed to nats.go and has go.mod support. SO I would package the new package in the Go packaging team under the new name, and then file a removal request for this package. Any objections? Cheers, Nik signature.asc Description: PGP signature
Bug#1002544: mpc 0.34 is not compatible with older servers
Package: mpc Version: 0.34-1 Severity: normal Dear Maintainer, mpc 0.34 from Debian Bookworm/sid is not compatible with older versions of the server or protocol. For example: cigaes@aimlin ~ $ mpc -h 10.0.1.19 version warning: MPD 0.21 required mpd version: 0.19.0 cigaes@aimlin ~ $ mpc -h 10.0.1.19 ls warning: MPD 0.21 required MPD error: wrong number of arguments for "tagtypes" zsh: exit 1 mpc -h 10.0.1.19 ls (10.0.1.19 is running mopidy 2.2.2-1 from Buster; upgrading it is desirable but not an option right now.) Compare with mpc 0.33 on Bullseye: cigaes@hellroy ~ $ mpc -h 10.0.1.19 ls Files If mpc 0.34 cannot be made to work with a 0.19 server, then Debian should offer the possibility to install mpc 0.33 in parallel, since users may not control the version of the server they want to connect. Regards, -- Nicolas George -- System Information: Debian Release: bookworm/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'testing'), (500, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages mpc depends on: ii libc6 2.33-1 ii libmpdclient2 2.20-1 mpc recommends no packages. Versions of packages mpc suggests: pn mpd -- no debconf information signature.asc Description: PGP signature
Bug#1000957: rkhunter: Problem executing scripts DPkg::Post-Invoke
Package: rkhunter Version: 1.4.6-10 Severity: important Dear Maintainer, After running apt-get dist-upgrade, I receive the following message: [ Rootkit Hunter version 1.4.6 ] File updated: searched for 182 files, found 160, broken links 1 E: Problem executing scripts DPkg::Post-Invoke 'if [ -x /usr/bin/rkhunter ] && grep -qiE '^APT_AUTOGEN=.?(true|yes)' /etc/default/rkhunter; then /usr/share/rkhunter/scripts/rkhupd.sh; fi' E: Sub-process returned an error code The statement in error should be 'if test -x /usr/bin/rkhunter && grep -qiE '^APT_AUTOGEN=.?(true|yes)' /etc/default/rkhunter; then /usr/share/rkhunter/scripts/rkhupd.sh; fi' -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.15.0-1-amd64 (SMP w/2 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=el_GR.UTF-8, LC_CTYPE=el_GR.UTF-8 (charmap=UTF-8), LANGUAGE=el:en_US Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) Versions of packages rkhunter depends on: ii binutils 2.37-10 ii debconf [debconf-2.0] 1.5.79 ii file 1:5.41-2 ii lsof 4.93.2+dfsg-1.1 ii net-tools 1.60+git20181103.0eebece-1 ii perl 5.32.1-6 ii ucf3.0043 Versions of packages rkhunter recommends: ii bsd-mailx [mailx] 8.1.2-0.20180807cvs-2 ii curl 7.79.1-2 ii e2fsprogs 1.46.4-1 ii exim4-daemon-heavy [mail-transport-agent] 4.95-2 ii iproute2 5.15.0-1 ii unhide 20130526-4 ii unhide.rb 22-6 ii wget 1.21.2-2+b1 Versions of packages rkhunter suggests: ii liburi-perl 5.10-1 ii libwww-perl 6.58-1 ii powermgmt-base 1.36 -- Configuration Files: /etc/default/rkhunter changed: CRON_DAILY_RUN="yes" CRON_DB_UPDATE="yes" DB_UPDATE_EMAIL="false" REPORT_EMAIL="root" APT_AUTOGEN="yes" NICE="0" RUN_CHECK_ON_BATTERY="false" /etc/logcheck/ignore.d.server/rkhunter [Errno 13] Άρνηση πρόσβασης: '/etc/logcheck/ignore.d.server/rkhunter' -- debconf information: rkhunter/cron_db_update: yes rkhunter/cron_daily_run: yes rkhunter/apt_autogen: yes
Bug#998664: Acknowledgement (libntl43: undefined reference to `NTL::sub(NTL::ZZ&, NTL::ZZ const&, long))
This calling/type signature worked with buster that had libntl version 10.5.0. I'm faced with several workaround choices: a) custom install libntl 10.5.0 in /usr/local/lib and change the compiler and linker commands to search this directory first b) revert to buster which implements 10.5.0 c) recode source to not use this calling signature d) run bullseye with libntl35 package installed; have not tried this since choice 1) is so much easier for me On 11/5/21 4:03 PM, Debian Bug Tracking System wrote: Thank you for filing a new Bug report with Debian. You can follow progress on this Bug here: 998664: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998664. This is an automatically generated reply to let you know your message has been received. Your message is being forwarded to the package maintainers and other interested parties for their attention; they will reply in due course. As you requested using X-Debbugs-CC, your message was also forwarded to d...@its.caltech.edu (after having been given a Bug report number, if it did not have one). Your message has been sent to the package maintainer(s): Debian Science Maintainers If you wish to submit further information on this problem, please send it to 998...@bugs.debian.org. Please do not send mail to ow...@bugs.debian.org unless you wish to report a problem with the Bug-tracking system.
Bug#998664: libntl43: undefined reference to `NTL::sub(NTL::ZZ&, NTL::ZZ const&, long)
Package: libntl43
Version: 11.4.3-1+b1
Severity: normal
X-Debbugs-Cc: d...@its.caltech.edu
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exactly did you do (or not do) that was effective (or
ineffective)?
* What was the outcome of this action?
* What outcome did you expect instead?
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 11.1
APT prefers stable-security
APT policy: (500, 'stable-security')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-9-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libntl43 depends on:
ii libc62.31-13+deb11u2
ii libgcc-s1 [libgcc1] 10.2.1-6
ii libgf2x3 1.3.0-1+b1
ii libgmp10 2:6.2.1+dfsg-1
ii libstdc++6 10.2.1-6
libntl43 recommends no packages.
libntl43 suggests no packages.
-- no debconf information
Here is the program that reproduces the problem when compiled:
#include
#include
#include
int bugdemo(NTL::ZZ & result, const NTL::ZZ , long right) {
result = left - right;
return 0;
}
int main(int argc, char* argv[]) {
NTL::ZZ u,v;
long w;
v = 4;
w = 4;
bugdemo(u,v,w);
}
Bug#995958: ITP: aleksis-core -- Free School Information System (Core)
Package: wnpp Severity: wishlist Owner: Dominik George X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: aleksis-core Version : 2.0 Upstream Author : The AlekSIS Team * URL : https://aleksis.org/ * License : EUPL-1.2 Programming Lang: Python Description : Free School Information System (Core) AlekSIS is a web-based school information system (SIS) which can be used to manage and/or publish organisational subjects of educational institutions. . AlekSIS is a platform based on Django, that provides central funstions and data structures that can be used by apps that are developed and provided seperately. The AlekSIS team also maintains a set of official apps which make AlekSIS a fully-featured software solutions for the information management needs of schools. . By design, the platform can be used by schools to write their own apps for specific needs they face, also in coding classes. Students are empowered to create real-world applications that bring direct value to their environment. The package shall be maintained within the Debian Edu Packaging Team, which intends to ship it with the Debian Edu Pure Blend as management console. -BEGIN PGP SIGNATURE- iMAEARYKAGgWIQSk6zxRYJYchegBkTEK5VTlRg4b3QUCYWDL/DEaaHR0cHM6Ly93 d3cuZG9taW5pay1nZW9yZ2UuZGUvZ3BnLXBvbGljeS50eHQuYXNjGBxuYXR1cmVz aGFkb3dAZGViaWFuLm9yZwAKCRAK5VTlRg4b3XskAP4m42U+GZlTQI0rN2P/p+5z 2xR38ENk6OOUM6eNSiTpRwD/dKU6WmXb4LCKbOdg4xWne5FoozOeNjUp9ibI1OpO Ugs= =ON11 -END PGP SIGNATURE-
Bug#995893: python3-django-uwsgi-ng: should install .egg-info alias for django-uwsgi
Package: python3-django-uwsgi-ng Version: 1.1.2-1 Severity: important Tags: newcomer The new django-uwsgi-ng package is a drop-in replacement for django-uwsgi, and some dependent packages using it might rely on it being findable as django-uwsgi through pkg_resources as well. Thus, the .egg-info directory should be duplicated, to ensure the package can be found under the old name in Python.
Bug#995840: ITP: golang-github-vmware-vmw-ovflib --
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: golang-github-vmware-vmw-ovflib Version : 0.0~git20200204.53a0e9f-1 Upstream Author : VMware, Inc. * URL : https://github.com/vmware/vmw-ovflib * License : Apache-2.0 Programming Lang: Go Description : parse OVF (open Virtualization Format) data in Go Needed for ignition.
Bug#972409: spdx-licenses diff for #972409
> Sorry, I never had the impression that you meant for our conversation to > be kept secret - only that you found it a more convenient platform. Aren't you the person signing all their mail with explicit consent? Considering that, I find it hard to believe that you don't know the concept of explicit consent to publication of written words. I would welcome it very much if we could get back to technical discussions and, if asked a simple question via a Medium you officially promote on your website, you give a simple answer in the future. I don't think that that is too much to ask for in a setting where everyone donates their free time and not want to waste time writing full blown mails to everyone and there dog for a quick question no one will care about later. While you are technically correct on this issue, I consider it socially inadequate to not point me to the issue you knew of very well when you had the chance. Maybe if we can agree that there are more helpful ways to interact right from the start, we could find a way forward in the other bug report -nik
Bug#972409: spdx-licenses diff for #972409
Hi Jonas, > For the record this conversation began in a Matrix chatroom like this: Thanks for sharing conversations I did not consent to make public to a public forum. I will seek legal advice on that. For the record: * I asked on Matrix to get a quick "Go" or "Stop", no more, no less. You refused to give me a quick answer, which would have been helpful, instead of asking me to waste time on a far more elaborate means of communication for a quick question no one else cares about * I did ask the same question by mail after you refused to give a simple answer. You chose not to respond to that either. A quick "Stop, you will need to fix the other bug first" would have been helpful, instead of waiting until I wasted hours of work on your package Now, never mind, I will not waste more time on your package. I will just make a new package for my needs, and if anyone asks why we need two, I will point them to this conversation. Thanks for being such a pedantic^Wvery helpful fellow contributor! -nik
Bug#972409: spdx-licenses diff for #972409
> Sorry, but I consider the NMU as drafted useless since it does not > account for release-critical bug#975120. Thanks for your kind words. As can be seen by the fact that we are communicating in this bug report, my question for feedback is about this bug, not some other bugs. Looking at the Maintainer field of the package, it also seems this is **your** package. If it is a requirement to solve all issues with your package to get a single bug fixed, then sorry, I find that unacceptable. If "useless" is everything you have to say about the work of a contributor, then please reconsider your involvement in a community of developers. Are you able to provide feedback concerning the questions at hand, on top of judging the work I do because you ignored it for several years? Thanks, Nik
Bug#972409: spdx-licenses diff for #972409
Hi, the attached diff to the dbeian/ directory adds the RDF/Turtle, RDF/XML, and JSON formatted files to the package. The package is not ready to upload yet, because I need to align d/copyright with the new upstream verison. Please note that in order to keep the file list in d/install maintainable, I chose to change from explicitly listing each file there to installing the full directories. The intention of listing the single files was to not install any license texts missing in d/copyright, which IMHO is wrong because d/copyright is about the source package, rather than the binary package. So I removed the general wildcard from d/copyright, so that now we can rely on lintian reporting missing files: W: spdx-licenses source: file-without-copyright-information debian/copyright text/389-exception.txt W: spdx-licenses source: file-without-copyright-information debian/copyright text/AAL.txt W: spdx-licenses source: file-without-copyright-information debian/copyright text/ANTLR-PD-fallback.txt W: spdx-licenses source: file-without-copyright-information debian/copyright text/ANTLR-PD.txt […] Before I get down to updating d/copyright (quite a few additions upstream…), I ask the maintainer to approve of the changes to how the package is built. -nik diff -Npru spdx-licenses-3.8+dfsg/debian/README.Debian spdx-licenses-3.14+dfsg/debian/README.Debian --- spdx-licenses-3.8+dfsg/debian/README.Debian 1970-01-01 01:00:00.0 +0100 +++ spdx-licenses-3.14+dfsg/debian/README.Debian 2021-10-05 13:50:46.395165638 +0200 @@ -0,0 +1,5 @@ +The Debian version of the JSON format files has the detailsUrl field +changed to point to the relative paths within the Debian package. The +original values are linking to https://spdx.org/licenses/*.json. + + -- Dominik George , Tue, 5 Oct 2021 13:50:46 +0200 diff -Npru spdx-licenses-3.8+dfsg/debian/changelog spdx-licenses-3.14+dfsg/debian/changelog --- spdx-licenses-3.8+dfsg/debian/changelog 2021-04-07 09:12:25.0 +0200 +++ spdx-licenses-3.14+dfsg/debian/changelog 2021-10-05 14:18:31.688460612 +0200 @@ -1,3 +1,19 @@ +spdx-licenses (3.14+dfsg-0.1) unstable; urgency=medium + + * Non-maintainer upload. + * Include JSON and RDF formats. (Closes: #972409) ++ Rework d/install and d/copyright to ease tracking of + license files; i.e. install by glob, and remove wildcard + from d/copyright to make lintian complain on new files + instead of tracking each file in d/install. ++ Add README.Debian describing differences in the data + files in Debian. ++ Build-Depend on jq and xml-twig-tools to rebuild compiled + license files for JSON and RDF formats. + * Align d/watch with new GitHub tag URLs. + + -- Dominik George Tue, 05 Oct 2021 13:29:29 +0200 + spdx-licenses (3.8+dfsg-3) unstable; urgency=medium * friendly takeover; diff -Npru spdx-licenses-3.8+dfsg/debian/control spdx-licenses-3.14+dfsg/debian/control --- spdx-licenses-3.8+dfsg/debian/control 2021-04-07 09:09:38.0 +0200 +++ spdx-licenses-3.14+dfsg/debian/control 2021-10-05 14:15:23.946432016 +0200 @@ -2,7 +2,10 @@ Source: spdx-licenses Section: doc Priority: optional Maintainer: Jonas Smedegaard -Build-Depends: debhelper-compat (= 12) +Build-Depends: + debhelper-compat (= 12), + jq, + xml-twig-tools Standards-Version: 4.5.0 Vcs-Browser: https://github.com/Debian/spdx-licenses Vcs-Git: https://github.com/Debian/spdx-licenses.git @@ -18,4 +21,7 @@ Description: Collection of license data and provided by SPDX Workgroup, a Linux Foundaition Project. This package makes most of these license texts available to Debian systems. . + In addition to the license texts, the collection data ist supplied in + JSON and RDF formats. + . Note: License texts have NOT been evaluated against DFSG. diff -Npru spdx-licenses-3.8+dfsg/debian/copyright spdx-licenses-3.14+dfsg/debian/copyright --- spdx-licenses-3.8+dfsg/debian/copyright 2020-12-05 03:33:11.0 +0100 +++ spdx-licenses-3.14+dfsg/debian/copyright 2021-10-05 14:03:05.842506105 +0200 @@ -2,87 +2,99 @@ Format: https://www.debian.org/doc/packa Upstream-Name: license-list-data Upstream-Contact: https://github.com/spdx/license-list-data/issues Source: https://github.com/spdx/license-list-data -Files-Excluded: website template html json jsonld rd* - -Files: * +Files-Excluded: website template html jsonld rdfa rdfnt + rdfturtle/licenses.turtle + rdfxml/licenses.rdf + +Files: CONTRIBUTING.md + README.md + accessingLicenses.md + licenses.md + json/exceptions.json + json/licenses.json Copyright: 2020 SPDX Workgroup 2016 Gary O'Neall License: CC-BY-3.0 Files: debian/* Copyright: 2020 Michael Lustfield + 2021 Dominik George License: CC-BY-3.0 -Files: text/0BSD.txt +Files: json/exceptions/* +License: none +Comment: Used in combination with licenses + +Files: */0BSD.* Copyright: 2006 Rob Landley License: none -Files: text/Abstyles.txt +Files: */Abstyles.* Copyright: 1991, 1992 Hans-Hermann
Bug#995767: ITP: golang-github-pin-tftp -- TFTP server and client library for Golang
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: golang-github-pin-tftp Version : 2.2.0-1 Upstream Author : Dmitri Popov * URL : https://github.com/pin/tftp * License : Expat Programming Lang: Go Description : TFTP server and client library for Golang TFTP server and client library for Golang . Implements: * RFC 1350 (https://tools.ietf.org/html/rfc1350) - The TFTP Protocol (Revision 2) * RFC 2347 (https://tools.ietf.org/html/rfc2347) - TFTP Option Extension * RFC 2348 (https://tools.ietf.org/html/rfc2348) - TFTP Blocksize Option . Partially implements (tsize server side only): * RFC 2349 (https://tools.ietf.org/html/rfc2349) - TFTP Timeout Interval and Transfer Size Options . Set of features is sufficient for PXE boot support. Needed for the ignition package.
Bug#995766: ITP: golang-github-vincent-petithory-dataurl -- Data URL Schemes in Golang
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: golang-github-vincent-petithory-dataurl Version : 0.0~git20191104.d1553a7-1 Upstream Author : Vincent Petithory * URL : https://github.com/vincent-petithory/dataurl * License : Expat Programming Lang: Go Description : Data URL Schemes in Golang This package parses and generates Data URL Schemes for the Go language, according to RFC 2397 (http://tools.ietf.org/html/rfc2397). . Data URLs are small chunks of data commonly used in browsers to display inline data, typically like small images, or when you use the FileReader API of the browser. Needed for the ignition package.
Bug#995765: ITP: golang-github-coreos-vcontext -- A library for validating json and yaml configs in Go
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: golang-github-coreos-vcontext Version : 0.0~git20210903.c22998b-1 Upstream Author : CoreOS * URL : https://github.com/coreos/vcontext * License : Apache-2.0 Programming Lang: Go Description : A library for validating json and yaml configs in Go vcontext: Validation with context vcontext is a library supporting validation of config files parsed from yaml or json with support for giving context as to where errors occur. Needed for the ignition package.
Bug#995764: ITP: ignition -- First boot installer and configuration tool
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: ignition Version : 2.12.0-1 Upstream Author : CoreOS * URL : https://github.com/coreos/ignition * License : Apache-2.0 Programming Lang: Go Description : First boot installer and configuration tool Ignition is the utility used by Fedora CoreOS and RHEL CoreOS to manipulate disks during the initramfs. This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.), and configuring users. On first boot, Ignition reads its configuration from a source of truth (remote URL, network metadata service, hypervisor bridge, etc.) and applies the configuration. Usage Odds are good that you don't want to invoke Ignition directly. In fact, it isn't even present in the root filesystem. Take a look at the Getting Started Guide (docs/getting-started.md) for details on providing Ignition with a runtime configuration.
Bug#995763: ITP: golang-github-coreos-go-json -- Modified version of go's encoding/json library which allows decoding to a Node struct with offset information
Package: wnpp
Severity: wishlist
Owner: Dominik George
* Package name: golang-github-coreos-go-json
Version : 0.0~git20200220.5ae6071-1
Upstream Author : CoreOS
* URL : https://github.com/coreos/go-json
* License : TODO
Programming Lang: Go
Description : Modified version of go's encoding/json library which allows
decoding to a Node struct with offset information
This is a fork of go's encoding/json library. It adds the a third target for
unmarshalling, json.Node.
Unmarshalling to a Node behaves similarilarly to unmarshalling to an
interface{}, except it also records
the offsets for the start and end of the value that was unmarshalled and, if
the value was part of a json
object, it also records the offsets of the start and end of the object's key.
The Value field of the Node
will be unmarshalled to the same types as if it were an interface{}, except in
the case of arrays and
objects. In those case it will be unmarshalled to a []Node or map[string]Node
instead []interface{} or
map[string]interface{} for arrays and objects, respectively.
(Maybe) needed for ignition, but clarifying upstream whether this fork is
really still needed.
Bug#995762: ITP: golang-github-vmware-vmw-guestinfo --
Package: wnpp Severity: wishlist Owner: Dominik George * Package name: golang-github-vmware-vmw-guestinfo Version : 0.0~git20200218.687661b-1 Upstream Author : VMware * URL : https://github.com/vmware/vmw-guestinfo * License : Apache-2.0 Programming Lang: Go Description : provides access to the guestinfo variables exposed to a VMware virtual machine. Needed for the ignition package.
Bug#995758: ITS: move to the Python Packaging Team
Source: pyrhon-requests-oauthlib Version: 1.3.0+ds-0.1 Severity: important X-Debbugs-Cc: Simon Fondrie-Teitler , Debian Python Team Hi, I would like to salvage this package, and doing so, move it under team maintenance by the Python Packaging Team. Reasons for salvaging eligibility: * The last upload by the maintainer was in June 2018, more than three years ago * An NMU from September 2019 went unacknowledged for two years * Upstream versions were pending for more than three years * The package was broken by the upload of python-oauthlib 3.0.0 in September 2019, which would have been fixed by a new upstream version of python-requests-oauthlib I will move the package to the Python Packaging Team starting in 21 days, as per the Salvaging policy, keeping the original maintainer as Uploader. Cheers, Nik
Bug#995702: TypeError: Cannot read property 'prefix_exceptions' of undefined
Control: reassign -1 node-caniuse-lite 1.0.30001224+dfsg-2 Control: retitle -1 Broken exports in index.js Control: affects -1 node-autoprefixer Control: tags -1 + upstream fixed-upstream Control: forwarded -1 https://github.com/browserslist/caniuse-lite/issues/70 > Proposal: > > 1. Add a patch to node-autoprefixer to use the old API > 2. Add a version constraint to the node-caniuse-lite dependency in > node-autoprefixer (<< 1.0.30001226~) > 3. Report a bug against node-caniuse-lite to update to the current > upstream version, with a gentle hint on what will break if updated > 4. Once updated, drop the patch, and remove the version constraint Actually, all rdepends seem to use another import mechanism, which was not broken. Thus, reassigning to node-caniuse-lite to get it updated. -nik signature.asc Description: PGP signature
Bug#995702: TypeError: Cannot read property 'prefix_exceptions' of undefined
> - let autoprefixerData = { browsers: agents, prefixes: dataPrefixes }
> + let autoprefixerData = { browsers: agents.agents, prefixes: dataPrefixes }
It's
https://github.com/browserslist/caniuse-lite/commit/fde289588b2ccb129ba3d1552134be2c78fee8b7
So, this happened with a recent update of node-autoprefixer, because
the new autoprefixer relies on the new API of caniuse-lite.
caniuse-lite should, and will at some point, be updated in Debian as
well. However, this will break node-browserslist, because that relies
on the old API. Oh the joy!
Proposal:
1. Add a patch to node-autoprefixer to use the old API
2. Add a version constraint to the node-caniuse-lite dependency in
node-autoprefixer (<< 1.0.30001226~)
3. Report a bug against node-caniuse-lite to update to the current
upstream version, with a gentle hint on what will break if updated
4. Once updated, drop the patch, and remove the version constraint
@ JavaScript team, shall I proceed with that?
-nik
signature.asc
Description: PGP signature
Bug#995702: TypeError: Cannot read property 'prefix_exceptions' of undefined
Package: node-autoprefixer
Version: 10.3.1.0+dfsg1+~cs14.6.19-1
Severity: grave
Justification: renders package unusable
autoprefixer currently does not work because it handles the agents
imported from caniuse-lite wrongly:
/usr/share/nodejs/autoprefixer/lib/browsers.js:64
let prefix = data.prefix_exceptions && data.prefix_exceptions[version]
^
TypeError: Cannot read property 'prefix_exceptions' of undefined
at Browsers.prefix (/usr/share/nodejs/autoprefixer/lib/browsers.js:64:23)
at /usr/share/nodejs/autoprefixer/lib/prefixes.js:193:54
at Array.map ()
at Prefixes.select (/usr/share/nodejs/autoprefixer/lib/prefixes.js:193:31)
at new Prefixes (/usr/share/nodejs/autoprefixer/lib/prefixes.js:133:53)
at loadPrefixes
(/usr/share/nodejs/autoprefixer/lib/autoprefixer.js:111:22)
at Object.prepare
(/usr/share/nodejs/autoprefixer/lib/autoprefixer.js:121:22)
at /usr/share/nodejs/postcss/lib/lazy-result.js:133:39
at Array.map ()
at new LazyResult (/usr/share/nodejs/postcss/lib/lazy-result.js:131:43)
The problem comes from /usr/share/nodejs/autoprefixer/lib/autoprefixer.js:
let { agents } = require('caniuse-lite')
The object loaded here contains another object called agents. For me, changing
line 10
fixes the issue:
- let autoprefixerData = { browsers: agents, prefixes: dataPrefixes }
+ let autoprefixerData = { browsers: agents.agents, prefixes: dataPrefixes }
I have no idea how this problem came to be, and how to properly fix it. Might be
an incompatibility between the versions of autoprefixer and canisue-lite?
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8),
LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages node-autoprefixer depends on:
ii node-browserslist 4.17.0+~cs5.6.76-1
ii node-caniuse-lite 1.0.30001224+dfsg-2
ii node-normalize-range 0.1.2-2
ii node-postcss [node-colorette] 8.2.1+~cs5.3.23-8
ii node-postcss-value-parser 4.1.0-2
ii nodejs 12.22.5~dfsg-5
node-autoprefixer recommends no packages.
node-autoprefixer suggests no packages.
-- no debconf information
Bug#995417: bug is RC
Control: severity -1 grave This is actually an RC bug as the requests-oauthlib version currently in Debian does not work with the oauthlib version currently in Debian. signature.asc Description: PGP signature
Bug#995417: python-requests-oauthlib: please update to current upstream version 1.3.0
Source: python-requests-oauthlib Version: 1.0.0-1.1 Severity: wishlist Please update this package to the current upstream version. I would also like to suggest moving this to team maintenance under the Python Packaging team. Thanks, Nik -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
Bug#995398: RM: midori -- ROM; upstream made software unusable
Package: ftp.debian.org Severity: normal As reported in #977263, the upstream of midori decided that it could be a great idea to write a web browser in JavaScript running in a browser (i.e. use Electron to run a browser). I follow the proposal in the aforementioned bug report and ask to remove Midori from the unstable distribution.
Bug#995363: python-jwcrypto: do not drop egg-info
Source: python-jwcrypto Version: 1.0.0-1 Severity: important Trying to build a package depending on python3-jwcrypto, I discovered that you explicitly drop the egg-info file from the package. Please do not do that, as it breaks Python's pkg_resources and related when discovering distributions.
Bug#993988: debian-edu-config: consider to drop diskless workstation support as default for Main-Server+LTSP-Server profile
Hi, > Like reported in #993935, a local admin might install additional > packages on a combined server causing potential leakage of sensible data > in the SquashFS image file for diskless workstations. > > It would be quite easy to drop the diskless workstation support (done by > default at first boot of a combined server), only provide thin client > support on the combined server and leave the (site specific) setup for > diskless ws to the local admin. (The manual should then contain hints > how to do this.) I take it that by "drop support", you mean "not install by default"? Diskless workstations are one (probably the) Unique Selling Point of Debian Edu, so I would like to make very clear that dropping support for it in general would be problematic. -nik -- Dominik George (1. Vorstandsvorsitzender, pädagogischer Leiter) Teckids e.V. — Digitale Freiheit mit Jugend und Bildung https://www.teckids.org/ signature.asc Description: PGP signature
Bug#993935: debian-edu-ltsp-install: Netboot image exposes private data and crypto keys
Package: debian-edu-config Version: 2.11.56 Severity: critical Tags: security Justification: root security hole X-Debbugs-Cc: Debian Security Team The LTSP netboot image produced by debian-edu-ltsp-install includes full copies of files that should never leave the Debian Edu main server, if run on a so-called "combined server" (a system using the Main Server and Terminal Server profiles, as done in small installations). Among these files are full copies of, among others: - /var/lib/ldap, containing the full, unencrypted LDAP database with all private information on all users, password hashes, and Kerberos keys - /etc/krb5-kdc, containing information on decrypting Kerberos data in the LDAP database - /etc/gosa, containing the (encrypted) LDAP manager credentials, plus the key to decrypt it Any user with access to the local terminal server network can acquire the netboot image, unauthenticated, and extract the listed information from it. The issue is caused by the new LTSP system using the LTSP PnP system now in all cases, thus packing the entire mai nserver filesystem in squashfs image. The debian-edu-ltsp-install script produces a list of files to exclude from the image, which is not sufficient, most probably because it was tailored to the use case where the image is produced from a dedicated Terminal Server instead of a combined server. IMHO, the use case of the combined server cannot be fixed. The new LTSP system de facto disallows any use of a combiend server – even if we make a very carefully curated list of excluded files, any administrator would have to take care to add their own excludes for just about any file they place on the main server that was not palced there by the Debian Edu software. In fact, the whole new LTSP system seems unfit to be used on any server that is not limited to producing LTSP images, and supporting netbooting them. For now, the issue should be mitigated by carefully adding all relevant paths that are known to exist only on the main server to the exclude list, but I do not think that is a viable fix in the long term.
Bug#992011: libsixel-dev: libsixel-config is in libsixel-bin, should be in libsixel-dev
Package: libsixel-dev Version: 1.8.6-2 Severity: normal Dear Maintainer, The program libsixel-config is meant to provide to build environment the options necessary to compile and link a program using libsixel. As such, it should be in the libsixel-dev package instead of the libsixel-bin package as now. It would match the various *-config programs: libcurl4-openssl-dev, libgcrypt20-dev, libpng-dev, libpcre3-dev, etc. Regards, -- Nicolas George -- System Information: Debian Release: 11.0 APT prefers testing-security APT policy: (500, 'testing-security'), (500, 'stable-updates'), (500, 'testing'), (500, 'stable'), (50, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-8-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_FIRMWARE_WORKAROUND Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages libsixel-dev depends on: ii libsixel1 1.8.6-2 libsixel-dev recommends no packages. libsixel-dev suggests no packages. -- no debconf information signature.asc Description: PGP signature
Bug#991920: Acknowledgement (please demote pkg-config to Recommends)
On Thu, Aug 05, 2021 at 10:21:30PM +0200, Michael Banck wrote: > I've run "dracut --no-kernel" in a minimal lxc container, once with > pkg-config and once without and then diffoscope'd the two generated > initrds. Most of what diffoscope complains about are timestamp > differences in directories and symlinks which I don't know how to get > rid of, but there's some changes in etc/conf.d/systemd.conf that I have > attached. Not sure whether those are problematic? Given that /usr/lib is the canonical path for these directories, and /lib happens to be a symlink there, this should not be a problem. If Thomas consents, I would make the change in experimental as well and we will see how it works out. I do not see any reason not to demote pkg-config. Cheers, Nik -- Dominik George Berater PostgreSQL / Datenbanken Telefon: +49 2166 9901-192 Telefax: +49 2166 9901-100 E-Mail: dominik.geo...@credativ.de PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296 https://www.credativ.de/ credativ GmbH, HRB Mönchengladbach 12080 USt-ID-Nummer: DE204566209 Trompeterallee 108, 41189 Mönchengladbach Geschäftsführung: Dr. Michael Meskes, Sascha Heuer, Geoff Richardson, Peter Lilley Unser Umgang mit personenbezogenen Daten unterliegt folgenden Bestimmungen: https://www.credativ.de/datenschutz
Bug#991918: dracut: new upstream version 055
Source: dracut
Version: 051
Severity: minor
Tags: patch
Hi Thomas, et al,
the attached debdiff updates the debian/ directory to work with
upstream version 055.
Thanks to Andre Russ for preparing the patch updates; thanks to
credativ for sponsoring Debian work!
Thomas, if you are ok, I would upload to experimental.
Cheers,
Nik
diff -Nru dracut-051/debian/changelog dracut-055/debian/changelog
--- dracut-051/debian/changelog 2020-12-15 16:23:33.0 +0100
+++ dracut-055/debian/changelog 2021-08-05 13:31:22.0 +0200
@@ -1,3 +1,20 @@
+dracut (055-1) UNRELEASED; urgency=medium
+
+ [ Dominik George ]
+ * Team upload.
+ * New upstream version
+
+ [ Andre Russ ]
+ * Refresh patches for dracut 055
++ systemd needs more users in Debian
++ crc32c patch was applied upstream
++ several minor changes
+ * Update installed files
++ Several docs were moved upstream
++ mkinitrd was removed
+
+ -- Dominik George Thu, 05 Aug 2021 13:31:22 +0200
+
dracut (051-1) unstable; urgency=low
* new upstream version
diff -Nru dracut-051/debian/dracut-core.docs dracut-055/debian/dracut-core.docs
--- dracut-051/debian/dracut-core.docs 2020-12-15 15:29:17.0 +0100
+++ dracut-055/debian/dracut-core.docs 2021-08-05 13:31:22.0 +0200
@@ -1,10 +1,8 @@
AUTHORS
-HACKING
-NEWS
+docs/HACKING.md
+NEWS.md
README.md
-README.cross
-README.generic
-README.kernel
-README.modules
-TODO
+docs/README.cross
+docs/README.generic
+docs/README.kernel
dracut.html
diff -Nru dracut-051/debian/dracut-core.install
dracut-055/debian/dracut-core.install
--- dracut-051/debian/dracut-core.install 2020-12-15 15:29:17.0
+0100
+++ dracut-055/debian/dracut-core.install 2021-08-05 13:31:22.0
+0200
@@ -1,6 +1,5 @@
usr/bin/dracut
usr/bin/dracut-catimages
-usr/bin/mkinitrd
usr/bin/lsinitrd
usr/lib/dracut/dracut-functions
usr/lib/dracut/dracut-functions.sh
@@ -19,7 +18,6 @@
debian/90overlay-root usr/lib/dracut/modules.d
modules.d/00dash usr/lib/dracut/modules.d
modules.d/00bash usr/lib/dracut/modules.d
-modules.d/00bootchart usr/lib/dracut/modules.d
modules.d/00systemdusr/lib/dracut/modules.d
modules.d/01fips usr/lib/dracut/modules.d
modules.d/01systemd-initrd usr/lib/dracut/modules.d
diff -Nru dracut-051/debian/dracut-core.manpages
dracut-055/debian/dracut-core.manpages
--- dracut-051/debian/dracut-core.manpages 2020-12-15 15:29:17.0
+0100
+++ dracut-055/debian/dracut-core.manpages 2021-08-05 13:31:22.0
+0200
@@ -1,9 +1,8 @@
-dracut.8
-dracut.conf.5
-dracut.modules.7
-dracut.bootup.7
-dracut.cmdline.7
-dracut-catimages.8
-lsinitrd.1
-mkinitrd.8
+man/dracut.8
+man/dracut.conf.5
+man/dracut.modules.7
+man/dracut.bootup.7
+man/dracut.cmdline.7
+man/dracut-catimages.8
+man/lsinitrd.1
debian/tmp/usr/share/man/man8/*
diff -Nru dracut-051/debian/dracut-network.install
dracut-055/debian/dracut-network.install
--- dracut-051/debian/dracut-network.install2020-12-15 15:29:17.0
+0100
+++ dracut-055/debian/dracut-network.install2021-08-05 13:31:22.0
+0200
@@ -1,5 +1,5 @@
debian/etc/11-ifcfg.conf etc/dracut.conf.d
-modules.d/02systemd-networkd usr/lib/dracut/modules.d
+modules.d/01systemd-networkd usr/lib/dracut/modules.d
modules.d/35network-manager usr/lib/dracut/modules.d
modules.d/35network-legacy usr/lib/dracut/modules.d
modules.d/40networkusr/lib/dracut/modules.d
diff -Nru dracut-051/debian/patches/crc32c dracut-055/debian/patches/crc32c
--- dracut-051/debian/patches/crc32c2020-12-15 15:29:17.0 +0100
+++ dracut-055/debian/patches/crc32c1970-01-01 01:00:00.0 +0100
@@ -1,11 +0,0 @@
a/modules.d/99fs-lib/module-setup.sh
-+++ b/modules.d/99fs-lib/module-setup.sh
-@@ -38,7 +38,7 @@
- include_fs_helper_modules() {
- local dev=$1 fs=$2
- case "$fs" in
--xfs|btrfs|ext4)
-+xfs|btrfs|ext4|ext3)
- instmods crc32c
- ;;
- f2fs)
diff -Nru dracut-051/debian/patches/dev-shm-mount
dracut-055/debian/patches/dev-shm-mount
--- dracut-051/debian/patches/dev-shm-mount 2020-12-15 15:29:17.0
+0100
+++ dracut-055/debian/patches/dev-shm-mount 2021-08-05 13:31:22.0
+0200
@@ -1,14 +1,14 @@
--- a/modules.d/99base/init.sh
+++ b/modules.d/99base/init.sh
-@@ -57,11 +57,6 @@
- mount -t devpts -o gid=5,mode=620,noexec,nosuid devpts /dev/pts >/dev/null
+@@ -55,11 +55,6 @@
+ mount -t devpts -o gid=5,mode=620,noexec,nosuid devpts /dev/pts >
/dev/null
fi
-if ! ismounted /dev/shm; then
--mkdir -m 0755 /dev/shm
--mount -t tmpfs -o mode=1777,noexec,nosuid,nodev,strictatime tmpfs
/dev/shm >/dev/null
+-mkdir -m 0755 -p /dev/shm
+-mount -t tmpfs -o mode=1777,noexec,nosuid,nodev,strictatime tmpfs
/dev/shm > /dev/null
-fi
-
if ! ismounted /run; then
- mkdir -m 0755 /newrun
+ mkdir -m 0755 -p /newrun
Bug#960305: matrix-synapse: No instructions on setting up TLS
Mikko Rasa (12020-05-11): > Debian's homeserver configuration contains a https listener with certificate > files stored under /etc/matrix-synapse. However these files are not supplied > nor generated by the package and there's no instructions on how to generate > them. Due to this the server won't start and it's not immediately obvious > what should be done to correct the situation. Hi. I am running in the same problem, and gave up considering this project "not mature enough". I have a tidbit of information to add: The systemd service configuration says: ExecStartPre=/usr/bin/python3 -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys The "--generate-keys" exists in the source code Python files. Yet if I run this command explicitly, it does nothing at all, and strace shows it does nothing about the keys. Regards, -- Nicolas George signature.asc Description: PGP signature
Bug#989962: proceeding with bullseye checking using debian-bullseye-DI-rc1-amd64-DVD-1.iso and apt-mark hold shim-signed
To whom it may concern: I decided not to wait for updated version of shim-signed that runs on the very old Dell T1600 I'm proceeding with bullseye checkout using shim-signed package found on debian-bullseye-DI-rc1-amd64-DVD-1.iso This version of shim-signed works with me T1600 and its Xeon E3. Others can take advantage of this too. Procedure: install the abovementioned dvd without any ethernet connection to get working shim-signed apt-mark hold shim-signed (keeps old dvd-1 copy of shim-signed intact) connect the ethernet modify sources.list to refer to the debian online repository apt-get update Now I can check out the packages that really matter to me: gcc, g++, cython3, python3-numpy, libntl-dev, etc.
Bug#989962: update to the version of shim-signed(Re: Bug#989962: shim-signed 1.36~1+deb10u1 fails to boot some systems)
Updated: the email is incorrect: this is the version shown in Debian 10 security : shim-signed (1.36~1+deb10u2+15.4-5~deb10u1) On 6/28/21 9:19 AM, David George Henderson III wrote: Hello Steve, I generally install Debian off of DVD or a *.iso copied to flash rather than an online repository. That way I get a reproducible install. Recently, I found that my Debian 10.9 amd64 dvd-1 install stopped working on the Dell T1600 boot in UEFI mode. This is the machine that does not support secure boot. The symptoms were that the install went as expected, but the boot failed complaining about MOK list being exhausted. What I discovered was that security updates were being applied during the install off dvd: I noticed the message 'applying security updates' that flashed by briefly during the install from DVD. I surmise that the version of shim-signed in security.debian.org was being applied when the ethernet to the cable modem was plugged in. (the web site shows shim-signed (1.36~1+deb10u1+15.4-5~deb10u1) in Debian 10 security ) An install if 10.9 off of the same dvd without the ethernet cable plugged in installed and booted normally. I'm surprised at this behavior. I would have expected that these updates would be applied after booting the installed system rather than during the install. Using the Dell T1600 and the system installed with no ethernet cable connection: I copied the shim-signed file from the attachment below into /boot/efi/EFI/debian. Then I shut down and rebooted. I could not tell if a MOK message came up because something flashed by very quickly. Debian 10.9 booted up as expected. I hope this fix makes it into the online security repository. David David On 6/22/21 2:36 PM, Steve McIntyre wrote: On Tue, Jun 22, 2021 at 09:20:36PM +0200, Grzegorz Szymaszek wrote: On Tue, Jun 22, 2021 at 01:35:51PM +0200, Grzegorz Szymaszek wrote: I have recently upgraded several buster amd64 machines; shim-signed went up from 1.33 to 1.36~1+deb10u1. […] FWIW, upgrading to 1.36~1+deb10u2 brings the problem back. Looks like the same as #990158. Yes, it's the same problem. I'm testing a fix now. Could you please verify if this new build fixes the problem you're seeing on your hardware? https://people.debian.org/~93sam/shim/ has a new *unsigned* amd64 shim binary, and a checksum file. If you would be so kind, please copy that shimx64.efi binary into place on your system and test it boots OK. It may still complain about resource failures and "import_mok_state() failed", but should then boot anyway in non-secure mode.
Bug#989962: debian-bullseye-DI-rc2-amd64-DVD-1.iso image on flash media flash fails to boot on a system that does not support secure boot
Steve, I goofed on the model number, its a T1600, not a T1200. I've created a text file from /proc/cpuinfo; see attachment. The T1600 has a 11.rc1 system that installs OK but does not directly boot off the disk drive; what does work is EFI booting an existing Debian 10.9 system and placing the 11.rc1 grub stanza inside the 10.9 /etc/grub.d/40_custom file ; see Bug#989962 I have performed an 11.rc2 install via bios mode booting 11.rc2 media and performing an install without any use of EFI All my laptops boot in secure boot mode; this is greatly appreciated. I perform test installs to this T1600 system to emulate the laptop configuration. What matters the most to me is the compiler/library configuration. At the moment I'm using gnu gcc/g++ because the llvm and clang compilers on Debian 10 failed to execute some intricate c++ code. In the big picture, it does not matter very much if the T1600 boots bios mode or UEFI mode. David On 6/17/21 5:27 PM, Steve McIntyre wrote: Control: reassign -1 shim-signed Control: reassign 989810 shim-signed Hi David! On Wed, Jun 16, 2021 at 01:50:51PM -0700, David George Henderson III wrote: Package: grub-efi-amd64 The system is a Dell Precision T1200 E3, 16GB of memory,booting off flash copy of debian-bullseye-DI-rc2-amd64-DVD-1.iso Booting the rc2 version flash drive fails to go into the normal menus. (note bug 989810 my experiences with rc1 ; it installed as expected but the installed system failed to boot) The delivers the following messages and halts(I had only a few seconds to capture the gist): MoklistRT out of resources MoklistXRT out of resources import moc state() -- didn't have time to even get the gist of this error message OK. These messages are from shim, which runs before GRUB on a Secure Boot setup. Your problem isn't that your system does not support SB, it's just that it's running out of EFI variable storage space. Shim is trying to store copies of some of its internal variables, and that's failing. That's painful. :-( Google is refusing to find me anything about your system, which is surprising. Could you give me an idea of its age and the rest of its specs please? As a workaround for your installed system: if you're not wanting / trying to use SB, you could try booting with older bullseye media in Rescue mode. Get into the booted system and run # apt-get remove --purge shim-signed # grub-install and that should let you get in OK after that. processor : 0 vendor_id : GenuineIntel cpu family : 6 model : 42 model name : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz stepping: 7 microcode : 0x2f cpu MHz : 1600.719 cache size : 8192 KB physical id : 0 siblings: 8 core id : 0 cpu cores : 4 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts md_clear flush_l1d vmx flags : vnmi preemption_timer invvpid ept_x_only flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest bugs: cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit bogomips: 6584.98 clflush size: 64 cache_alignment : 64 address sizes : 36 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 6 model : 42 model name : Intel(R) Xeon(R) CPU E31240 @ 3.30GHz stepping: 7 microcode : 0x2f cpu MHz : 1623.585 cache size : 8192 KB physical id : 0 siblings: 8 core id : 1 cpu cores : 4 apicid : 2 initial apicid : 2 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm epb pti ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid xsaveopt dtherm ida arat pln pts md_clear flush_l1d vmx flags : vnmi preemption_timer invvpid ept_x_only flexpriority tsc_offset vtpr mtf vapic ept vpid unrestricted_guest bugs: cpu_meltdown spectre_v1 spectre_v2
Bug#989962: shim-signed 1.36~1+deb10u1 fails to boot some systems
Hello Steve, I generally install Debian off of DVD or a *.iso copied to flash rather than an online repository. That way I get a reproducible install. Recently, I found that my Debian 10.9 amd64 dvd-1 install stopped working on the Dell T1600 boot in UEFI mode. This is the machine that does not support secure boot. The symptoms were that the install went as expected, but the boot failed complaining about MOK list being exhausted. What I discovered was that security updates were being applied during the install off dvd: I noticed the message 'applying security updates' that flashed by briefly during the install from DVD. I surmise that the version of shim-signed in security.debian.org was being applied when the ethernet to the cable modem was plugged in. (the web site shows shim-signed (1.36~1+deb10u1+15.4-5~deb10u1) in Debian 10 security ) An install if 10.9 off of the same dvd without the ethernet cable plugged in installed and booted normally. I'm surprised at this behavior. I would have expected that these updates would be applied after booting the installed system rather than during the install. Using the Dell T1600 and the system installed with no ethernet cable connection: I copied the shim-signed file from the attachment below into /boot/efi/EFI/debian. Then I shut down and rebooted. I could not tell if a MOK message came up because something flashed by very quickly. Debian 10.9 booted up as expected. I hope this fix makes it into the online security repository. David David On 6/22/21 2:36 PM, Steve McIntyre wrote: On Tue, Jun 22, 2021 at 09:20:36PM +0200, Grzegorz Szymaszek wrote: On Tue, Jun 22, 2021 at 01:35:51PM +0200, Grzegorz Szymaszek wrote: I have recently upgraded several buster amd64 machines; shim-signed went up from 1.33 to 1.36~1+deb10u1. […] FWIW, upgrading to 1.36~1+deb10u2 brings the problem back. Looks like the same as #990158. Yes, it's the same problem. I'm testing a fix now. Could you please verify if this new build fixes the problem you're seeing on your hardware? https://people.debian.org/~93sam/shim/ has a new *unsigned* amd64 shim binary, and a checksum file. If you would be so kind, please copy that shimx64.efi binary into place on your system and test it boots OK. It may still complain about resource failures and "import_mok_state() failed", but should then boot anyway in non-secure mode.
Bug#989962: debian-bullseye-DI-rc2-amd64-DVD-1.iso image on flash media flash fails to boot on a system that does not support secure boot
Package: grub-efi-amd64 The system is a Dell Precision T1200 E3, 16GB of memory,booting off flash copy of debian-bullseye-DI-rc2-amd64-DVD-1.iso Booting the rc2 version flash drive fails to go into the normal menus. (note bug 989810 my experiences with rc1 ; it installed as expected but the installed system failed to boot) The delivers the following messages and halts(I had only a few seconds to capture the gist): MoklistRT out of resources MoklistXRT out of resources import moc state() -- didn't have time to even get the gist of this error message
Bug#989810: debian 11 rc1 boot sequence fails attempting to run secure boot code on a system that does not support secure boot
Package: grub-efi-amd64 Summary: The defect occurs on a bullseye.rc1 install ; install went normally using bullseye rc1; booting the installed system fails the UEFI boot sequence on a system that doesn't support secure boot fails trying to access owner MOK Hello Debian bullseye boot sequence team, I dont have a screen grab and the message only stayed up a few seconds. The system is a Dell Precision T1200 E3, 16GB of memory, SSD, installing off CDROM to an encrypted LVM with dedicated /boot and encrypted LVM partitions. The bullseye system was installed using the bullseye rc1 system for an amd64 target. Installation went normally; the difficulty lies when attempting to boot the installed system off the ssd. Again, the boot time error message that briefly showed on the screen is that the MOK machine owner key could not be accessed. I found a workaround using a previously installed Buster 10.9 system with a similar configuration: a) boot Buster 10.9 dvd in recovery mode b) rewrite the SSD bootstrap so the Buster 10.9 system boots c) reboot into Buster 10.9 to diagnose what was going on I ran : mokutil --disable-validation the error message returned was 'this system does not support secure boot' d) update buster /etc/grub.d/40_custom so it has the bullseye rc1 boot stanza e) update grub f) shutdown the system g) boot the buster grub and select the bullseye 11 rc1 boot stanza present in 40_custom bullseye rc1 now runs
Bug#988560: Package should be in contrib, as it depends on non-free software
Package: pygithub Version: 1.43.7-1 Severity: normal Pygithub is completely dependent on Github API, which is a proprietary software. I believe this package must be in contrib section (instead of main). Debian Policy chapter2.2.2 says that 'wrapper packages or other sorts of free accessories for non-free programs' should be in contrib section of the Archive. pygithub is clearly 'free accessory' for 'non free' Github server.
Bug#937234: pam-python: Python2 removal in sid/bullseye
Hi, > I wonder what the state of this issue is. > > I looked at the code and somehow it has a few hints on (at least > partial?) Python 3 compatibility. > > Russell, can you give me a short update on how far this got? Can we > somehow get to the goal of making this fully work with Python 3? Maybe > even for bullseye… Never mind, I just realised that pam-python is licensed under AGPL and is thus not suitable for Debian Edu IMHO. @Mike, @Petter: Did you realise that pam-python is AGPL? It means that we cannot provide terminal servers or netbooting in Debian Edu without placing a prominent link to pam-python's sources on the desktop… @Russell: Can you please relicence pam-python under a less insane licence? If the latter fails, we should either rewrite such a module under a less restrictie licence, or rewrite libpam-mklocaluser in C or Rust, or get rid of the need for libpam-mklocaluser (probably by using sssd). Looking forward to everyone's thoughts, Nik
Bug#937234: pam-python: Python2 removal in sid/bullseye
Hi, I wonder what the state of this issue is. I looked at the code and somehow it has a few hints on (at least partial?) Python 3 compatibility. Russell, can you give me a short update on how far this got? Can we somehow get to the goal of making this fully work with Python 3? Maybe even for bullseye… It seems I completely missed that Python 2 is still in bullseye, and spent the last few hours writing a new PAM module in Python, and used Python 3 features all over the place with the assumption that Python 2 is gone, then I found that libpam-python is linked against libpython2.7. If there is some kind of to-do list with open points to make it use Python 3, I will see whether I can help. It would be very sad if I had to backport my module to Python 2 for bullseye… Cheers, Nik signature.asc Description: PGP signature
Bug#984497: weasels and doves
On Mon, 8 Mar 2021 at 12:36, Andrius Merkys wrote: > Hi, > > On 2021-03-08 15:44, Albert van der Horst wrote: > > I don't see the problem here. If there is a bug in an old version > supplied with Debian, the bug report lands with Debian. > > Not necessary. Many users cannot tell whether a bug is caused by > upstream code or Debian packaging. Many users do not know about Debian > BTS. Thus Debian-specific bugs land in upstream trackers, and some > upstreams do not want to provide support outside what they consider > "canonical" use of their software. > > > Then Debian can solve the bug report by renewing upstream. Sot that bug > report is not against the package, but against the packaging. > > True, but this might be slowed down by the update process in stable. > > > If it persists in the newest version, the bug can be passed to > > upstream. > > Again - if the report ends up in Debian BTS. > > > Bug reports will not land at the developpers desk, or Debian has to take > measures that they don't, e.g. by replacing e-mail addresses. No reasonable > upstream developer will object to such an arrangement. > > Many users will not look into e-mail addresses. They will search online > using the name of the software, and will arrive at the same developers' > desk. This might be offset by renaming entire pieces of software, but > renamed packages become hardly visible and all valuable online material > related to the original name becomes hidden from users. > Renaming should be like "debian-sid-" for supported by Debian packages. There are, however, use-cases where packaging is not helpful to users: 1. a package that relies on "customized" configurations of widely used libraries (hdf4 and gdal are examples of libraries with many optional extensions). 2. a package whose purpose is to provide highly optimized versions of common libraries for low volume hardware (such as large HPC systems). There are many potential hardware configurations with new configurations being released multiple times a year. There are complicated issues of reproducibility and testing that don't have one size fits all answers. -- George N. White III
Bug#983514: cockpit-ws: cockpit tries to write in /etc
Package: cockpit-ws Version: 238-1 Severity: normal Dear Maintainer, When trying for a read-only root filesystem, I am blocked by the fact that cockpit tries to write in /etc at startup: Feb 03 17:12:09 kruppe systemd[1]: Starting Cockpit Web Service... Feb 03 17:12:09 kruppe remotectl[693]: remotectl: couldn't set certificate permissions: /etc/cockpit/ws-certs.d/0-self-signed.cert: Read-only file system Feb 03 17:12:09 kruppe systemd[1]: cockpit.service: Control process exited, code=exited, status=1/FAILURE The permissions of this file should be set once and for all when it is generated, and not changed later. And in fact, they are already correct, so this program should not try to write and fail. Regards, -- Nicolas George -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (500, 'testing') Architecture: arm64 (aarch64) Kernel: Linux 4.19.118-Re4son-v8l+ (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_CRAP Locale: LANG=C, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages cockpit-ws depends on: ii adduser 3.118 ii glib-networking 2.66.0-2 ii libc6 2.31-9 ii libcrypt1 1:4.4.17-1 ii libglib2.0-02.66.7-1 ii libgnutls30 3.7.0-5 ii libgssapi-krb5-21.18.3-4 ii libjson-glib-1.0-0 1.6.0-3 ii libkrb5-3 1.18.3-4 ii libpam0g1.4.0-4 ii libsystemd0 247.3-1 ii openssl 1.1.1j-1 ii systemd 247.3-1 cockpit-ws recommends no packages. Versions of packages cockpit-ws suggests: pn sssd-dbus -- no debconf information signature.asc Description: PGP signature
Bug#980287: ITP: python-telethon -- asyncio Python 3 MTProto library
Package: wnpp Severity: wishlist Owner: Dominik George X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: python-telethon Version : 1.19.0 Upstream Author : Lonami Exo * URL : https://github.com/LonamiWebs/Telethon * License : MIT Programming Lang: Python Description : asyncio Python 3 MTProto library Telethon is an asyncio Python 3 MTProto library to interact with Telegram's API as a user or through a bot account (bot API alternative). It is needed for the matrix-telegram bridge, and I intend to maintain it within the Python packaging team. -BEGIN PGP SIGNATURE- iQJ+BAEBCgBoFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAmAEGhIxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxgcbmF0dXJl c2hhZG93QGRlYmlhbi5vcmcACgkQt5o8FqDE8paEMBAAtXnCL6kJDvDSgcIEDG30 53Vaaa2e9DpI56u/cLyvc31gAw+33ooyIDiR9qxhVpsN50DpqQc7UYqEEImSj8Ik 9RjnsUhr/ZSE+R+D5mIvnVW779xMlHepBfxrV+1giKvdI8ufG94eOHCjEq80CgfF J9RgqR6/bg2ocExmTGN76y43QZL/FpZyfnM4dvS6s5wBIb31ZdhikL6FxuafJOeY vB+cm0aeIKaEK2IXoqi/upoZIZPqLgXtD1NMnMhYeye3bjy2Srcw3eL8paM9m3Nr l5IWRkF9F0d8IGR7i53BJj9KWhREurqF4bbmkdgTWNnBdaoUbQTV4gJ+Aov0uQCB XwOB8W+7fqPm4VRQt/rj30sGunQgPe2CGTNuJvRss/BnTWkw8NIpbOk/ms+X+Mld xjBzvksnNZ3xVfA0odzgdg8yUpHMEvBLudisgQq363uimJe8almTFkseysBsBvA+ +Raz8vvvphAFbKHC2KHDVeHHnphCdvfyRhY3QcsebhXOnwtrump+nVAORLyYfJqn J+ii90otMjPbUHVIonRng4yxfZC2etJxIjwOXs/0gqKlTUd04Ul+b0AJbcc+DScY 17i2qgVDBztMB7eKcnzI86PwA7HntQHnH/wwjDg+ZTh2h6EOwdPPeqE1WjV2TGcH sFnaMAcGlRKFGV2MGHGx63I= =E9Tb -END PGP SIGNATURE-
Bug#980286: RFP: signald -- A daemon that facilitates communication via Signal Private Messenger
Package: wnpp Severity: wishlist X-Debbugs-Cc: debian-de...@lists.debian.org -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: signald Version : 0.11.1 Upstream Author : Finn Herzfeld * URL : https://gitlab.com/signald/signald * License : GPL Programming Lang: Java Description : A daemon that facilitates communication via Signal Private Messenger signald is needed for mautrix-signal, the Matrix to Signal bridge, which I intend to package. -BEGIN PGP SIGNATURE- iQJ+BAEBCgBoFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAmAEF4cxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxgcbmF0dXJl c2hhZG93QGRlYmlhbi5vcmcACgkQt5o8FqDE8pbOtQ//VIIw3d2WuiClPHthWPsE hhKA4Y+Za9YBHuUZGdRjMwjxABovM+xyZxVTnUPiEGGQQKWfctne7NqQnzfsqXrh 2l1i6ZS8HHcyuouRHjjw2NVRsVDxu9cCwsEPcEtKgVxCb3e5Ktn6+YwwwBeMjNZk HFUb3qL8DD220gin8SZgK0YDxUg3VV1YWCkHbm4iTZ5Esh1j1ioYuQOYu0JScUW4 l6HVvydPWV+H2Ab+dqvkiFIsd0pS2RgyZ3bDdpG2SL++XN4F7edznqB1YR1V85w/ 9L4Aq0l6P7j/m7yMUdp5nJsWq2EcDNK4SrXqR9ISiYM4aedlhomXC2lqVDqIcqf8 begby2PeC3fOmy2GyD4JbxjDfs29+qW6krs2OPvsMzN4jpoi2mlAaSQoruxXdPXG jv75XuoJtxV6MX/ijGoZADcriZKHkwvD2eUFOmnJsH9AoIxgTk6LDHDJ557XQwY5 N8ywcBkXxCPQ2Lia9WzmE6WQJrZ6fc78rkiGEMGqMYWKICyJZGudYBGuA/kc5IFI nzomrjMn//BDY2Mwxtmj7vao5vvmzrt2gw19KkIlCmdv+xgzlPZmgzq7zOgYGoO3 J+BodntYvL8aauvY8gtXKcu3wEKmtolK8ZeuEm5cDUoptf08R88IFm2QsxmzQeau 7y7eiirgCrNzO0YL97oyhaI= =RA69 -END PGP SIGNATURE-
Bug#977988: /usr/bin/spectacle: does not start (libkImageAnnotator.so.0.3.2 not found)
Package: kde-spectacle Version: 20.12.0-1 Severity: grave File: /usr/bin/spectacle Justification: renders package unusable -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 After a recent update, spectacle stoppede working, and errors out on start with: spectacle: error while loading shared libraries: libkImageAnnotator.so.0.3.2: cannot open shared object file: No such file or directory Maybe it needs a binNMU? - -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-4-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=nb_NO.UTF-8, LC_CTYPE=nb_NO.UTF-8 (charmap=UTF-8), LANGUAGE=nb_NO:nb:no_NO:no:nn_NO:nn:da:sv Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages kde-spectacle depends on: ii kio5.77.0-2 ii libc6 2.31-6 ii libkf5configcore5 5.77.0-2 ii libkf5configgui5 5.77.0-2 ii libkf5configwidgets5 5.77.0-2 ii libkf5coreaddons5 5.77.0-2 ii libkf5dbusaddons5 5.77.0-2 ii libkf5globalaccel-bin 5.77.0-2 ii libkf5globalaccel5 5.77.0-2 ii libkf5i18n55.77.0-2 ii libkf5kiocore5 5.77.0-2 ii libkf5kiogui5 5.77.0-2 ii libkf5kiowidgets5 5.77.0-2 ii libkf5kipi32.0.0 4:20.08.0-1 ii libkf5newstuff55.77.0-3 ii libkf5notifications5 5.77.0-2 ii libkf5purpose-bin 5.77.0-2 ii libkf5purpose5 5.77.0-2 ii libkf5service-bin 5.77.0-2 ii libkf5service5 5.77.0-2 ii libkf5waylandclient5 4:5.77.0-2 ii libkf5widgetsaddons5 5.77.0-4 ii libkf5windowsystem55.77.0-2 ii libkf5xmlgui5 5.77.0-2 ii libkimageannotator00.4.0-1 ii libqt5core5a 5.15.2+dfsg-2 ii libqt5dbus55.15.2+dfsg-2 ii libqt5gui5 5.15.2+dfsg-2 ii libqt5printsupport55.15.2+dfsg-2 ii libqt5widgets5 5.15.2+dfsg-2 ii libqt5x11extras5 5.15.2-2 ii libstdc++6 10.2.1-1 ii libxcb-cursor0 0.1.1-4 ii libxcb-image0 0.4.0-1+b3 ii libxcb-util1 0.4.0-1+b1 ii libxcb-xfixes0 1.14-2 ii libxcb11.14-2 ii qdbus-qt5 5.15.2-3 kde-spectacle recommends no packages. kde-spectacle suggests no packages. - -- no debconf information -BEGIN PGP SIGNATURE- iQJ+BAEBCgBoFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAl/jtdYxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxgcbmF0dXJl c2hhZG93QGRlYmlhbi5vcmcACgkQt5o8FqDE8pavGQ/+LbBxRuQdz7GeHZabCmTo GlYBc/60XxcqG7y1SIJdkuxPKoLz5TJrG+87Qy2U6O701g+CIgWCEUhrGWjnXuEC E2uRQj66m2R9UbIz7s4mgEV9fxfZVZwwQafEH1RXXuvWkSbaslVQuNTbgC1P5zaw C5YFNtiLuN3BAlJSa3lAi0hZUnD5+KcTzxWYKNKq2fCKd8Wex/tAd+YAeD623htS OR/CwklxtUrtPPCapMPWBhMzk5dvWpunD4A7j1WF3nptkKA2nk+Jio1qbbqUwlW/ ha/p6LByqwT9CRI4JAyFxwy62nOP1pVfraaOrB9/7fxABJmxsS0wNNUL0Hxsx5we NSO80AqM34JwRp5ho7f4ZKn9jviAIr7UvInUo46Ng3RjX8hRRw04Y/R43lv+vYQD aq2gts5t+MQB2HwM+p+4Qz/6Vn+xwkQSh4reQixIo2UoSjNsyMc0GstDzdB8ZHyc ulyFA0FEvz4AoJiSDCRuJ6tgVXqP4EI2DkdDck4H31bt7WZwYOV5MJzX93U9QXyd pt0Q8Aav4ya+A3lfRjwAvCPpDqH8PgiT5XLLF/rUB2W7z50MNO3LonJKz2UGxtgu TvzHNDPosEx0BnbX5Li0u8OgRHizttC23IbR9hld4A0o8C/iz07IbMSP8nqED6CT gNlsZMEbF2LYl9GutLcbq44= =KbJh -END PGP SIGNATURE-
Bug#975977: tor generates invalid adress for hiddenservice when runninf on armv5tel architectures
Bernhard Übelacker writes: > Hello Peter, > > Am 16.12.20 um 11:08 schrieb Peter Palfrader: >> Hi Bernhard! > >> Can you try to rebuild tor with __attribute__((aligned(8))) for the >> keccak_state as suggested in >> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975977#44 >> and then let us know if the issue is still there? >> > > I rebuilt the tor package with this change [1] below (I hope I > placed it correctly). > > With this I found "disassemble /r keccak_finalize" produces the > exact same instructions, but now the pointer given to keccak_finalize > seems to be aligned at a 8 byte boundary. > > Now the strd placed at armv5tel the same sequence as > on armv7 to the "a" member [3]. > > And I guess hostname contains now the expected value: > > $ cat hs/hostname > upxkcswnvepfls7vcy5vuixy54hlugfjnzhvl5ygfbjtm7znkyahcvad.onion > > Kind regards, > Bernhard > Thanks a lot for the diagnosis and testing, Bernhard and Arnd. I submitted a patch for this here: https://gitlab.torproject.org/tpo/core/tor/-/merge_requests/243 Thanks again!
