Bug#1080347: samba-common-bin: samba-tool no in backports, trixie or experimental
Package: samba-common-bin Version: 2:4.17.12+dfsg-0+deb12u1 Severity: normal Dear Maintainer, When testing trixie I found that samba-tool is not installed. Has is gone to somewhere else? This tool it required to setup an AD/DC environment. Is there any hope to get it into trixie soon? Yours Jürgen -- System Information: Debian Release: 12.7 APT prefers stable-security APT policy: (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-25-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages samba-common-bin depends on: ii libbsd00.11.7-2 ii libc6 2.36-9+deb12u8 ii libcups2 2.4.2-3+deb12u7 ii libgnutls303.7.9-2+deb12u3 ii libjansson42.14-2 ii libldap-2.5-0 2.5.13+dfsg-5 ii libncurses66.4-4 ii libpopt0 1.19+dfsg-1 ii libreadline8 8.2-1.3 ii libtalloc2 2.4.0-f2 ii libtdb11.4.8-2 ii libtevent0 0.14.1-1 ii libtinfo6 6.4-4 ii libwbclient0 2:4.17.12+dfsg-0+deb12u1 ii python33.11.2-1+b1 ii python3-samba 2:4.17.12+dfsg-0+deb12u1 ii samba-common 2:4.17.12+dfsg-0+deb12u1 ii samba-libs 2:4.17.12+dfsg-0+deb12u1 Versions of packages samba-common-bin recommends: pn samba-dsdb-modules Versions of packages samba-common-bin suggests: pn heimdal-clients ii python3-dnspython 2.3.0-1 ii python3-markdown 3.4.1-2 -- no debconf information
Bug#1068249: linux-image-6.1.0-18-amd64: ax201 iwlwifi driver creates millions of 'Unhandled alg: 0x33f0707' messages
Package: src:linux Version: 6.1.76-1 Severity: important Tags: upstream Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** The driver fills the eventlog with millions !!! of messages, see below. It otherwise works. The problem can be reproduced on different NUC systems. These are used as small servers, run a network bridge and hostapd. There is no evidence that the problem depends on hostapd. When the connection is idle the rate of reported errors goes down to a few 10 per second. A larger stream of data (2GByte or so) produces seveeral hundered tousand messages. * What led up to the situation? iwlwifi is loaded with parameters as described in the debian wiki for AX201 / Intel Nuc hardware: options iwlwifi 11n_disable=8 options iwlmvm power_scheme=1 without power_scheme it frequently drops connections, with power_scheme=1 it is stable. The effect of 11n_disable is unknown. * What exactly did you do (or not do) that was effective (or ineffective)? Needed to increase network message_cost to reduce logging: echo 128 > /proc/sys/net/core/message_cost * What was the outcome of this action? * What outcome did you expect instead? A driver that simply works. *** End of the template - remove these template lines *** -- Package-specific info: ** Version: Linux version 6.1.0-18-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40) #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) ** Command line: root=LABEL=alpha1_vol0 rootflags=subvol=/Volumes/Root-bookworm ro resume=alpha1_swap centauriswitch=static:apoint net.ifnames=0 mitigations=off security= quiet splash loglevel=3 ** Not tainted ** Kernel log: [30911.569896] BTRFS info (device sda4): disk space caching is enabled [30974.905443] net_ratelimit: 67420 callbacks suppressed [30974.905457] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.905728] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.906036] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.906356] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.906681] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.907014] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.907319] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.907576] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.908421] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [30974.908744] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.906916] net_ratelimit: 216171 callbacks suppressed [31102.906930] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.911063] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.911481] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.911817] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.912118] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.912434] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.912758] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.913054] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.913376] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31102.913728] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.911440] net_ratelimit: 221524 callbacks suppressed [31230.911453] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.911815] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.912192] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.912511] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.912895] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.913217] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.913562] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.913912] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.914255] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31230.915740] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.912228] net_ratelimit: 213726 callbacks suppressed [31358.912240] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.912554] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.912873] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.914335] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.914433] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.914948] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.915097] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.915459] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.915749] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31358.916034] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.915992] net_ratelimit: 205539 callbacks suppressed [31486.916005] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.923781] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.924153] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.924548] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.924860] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.925252] iwlwifi :00:14.3: Unhandled alg: 0x33f0707 [31486.92553
Bug#1036993: /lib/x86_64-linux-gnu/security/pam_sss.so: pam_sss passes KRB5CCNAME with sudo -i (see redhat bug/fix 1324486)
Package: libpam-sss Version: 2.8.2-4 Severity: normal File: /lib/x86_64-linux-gnu/security/pam_sss.so Dear Maintainer, * What led up to the situation? using kerberos, AD/DC, sssd and its pam module * What exactly did you do (or not do) that was effective (or ineffective)? kinit ... # to get a kerberos ticket echo $KRB5CCNAME# path to creditial cache sudo -i user2 echo $KRB5CCNAME# ORIGINAL path to creditial cache * What was the outcome of this action? kinit, klist et al fail, wrong credential cache echo $KRB5CCNAME# path from original user * What outcome did you expect instead? KRB5CCNAME must not be passed the case is described better than I can do at: https://bugzilla.redhat.com/show_bug.cgi?id=1324486 Bug fixed there in 2017. Could Debian fix it too? Thanks, Jürgen -- System Information: Debian Release: 12.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-9-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpam-sss:amd64 depends on: ii libc6 2.36-9 ii libgssapi-krb5-2 1.20.1-2 ii libpam-pwquality 1.4.5-1+b1 ii libpam-runtime1.5.2-6 ii libpam0g 1.5.2-6 Versions of packages libpam-sss:amd64 recommends: ii sssd 2.8.2-4 libpam-sss:amd64 suggests no packages. -- no debconf information
Bug#1033575: digikam: bookworm build: No 16-bit color in jpeg2000 and heif, missing gmic-qt
Package: digikam Version: 4:7.9.0-1+b2 Severity: important Dear Maintainer, Thanks for building digikam for bookworm. As you shurely know this build is quite important as recent appimage upstream builds crash on bookworm (I believe that's a know problem). The latest usable appimage for bookworm was 7.7 (7.8 loads too slow, 7.9 and 7.10 crash). The 7.7 appimage (and earlier) correctly load jpeg2000 images with more than 8-bits per color-channel (I use 10-bits for my purposes). Anyhow, the 7.9 build for bookworm loads jpeg2000 and heif only with 8-bit per color-channel (implied down-conversion). Tiffs with 16-bit per channel load correctly (unfortunately only 8/16-bit tiffs work with kde's libtiff). Needless to say that imagemagick 7.1.0 works fine with 8/10/16-bit tiff/jpeg2000/heif. Also gmic-qt is missing in the debian build (it works fine if the plugin is copied from the app-immage). gmic-qt for digikam did never support 16-bit color, but that's an upstream-bug. Yours Jürgen -- System Information: Debian Release: 12.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-6-amd64 (SMP w/12 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages digikam depends on: ii digikam-data 4:7.9.0-1 ii digikam-private-libs 4:7.9.0-1+b2 ii libc6 2.36-8 ii libgcc-s1 12.2.0-14 ii libkf5configcore5 5.103.0-1 ii libkf5coreaddons5 5.103.0-1 ii libkf5i18n5 5.103.0-1 ii libmagick++-6.q16-8 8:6.9.11.60+dfsg-1.6 ii libqt5core5a 5.15.8+dfsg-3 ii libqt5gui55.15.8+dfsg-3 ii libqt5sql55.15.8+dfsg-3 ii libqt5sql5-mysql 5.15.8+dfsg-3 ii libqt5sql5-sqlite 5.15.8+dfsg-3 ii libqt5widgets55.15.8+dfsg-3 ii libstdc++612.2.0-14 ii perl 5.36.0-7 Versions of packages digikam recommends: pn ffmpegthumbs ii firefox-esr [www-browser] 102.9.0esr-2 ii konqueror [www-browser]4:22.12.3-1 Versions of packages digikam suggests: ii breeze-icon-theme 4:5.103.0-1 pn digikam-doc ii systemsettings 4:5.27.2-1 -- no debconf information
Bug#1019939: fwupd: Not well documented, what does it actually do on Debian systems?
Package: fwupd Version: 1.8.4-2 Severity: minor Dear Maintainer, A few days ago we had press reports about updates from a specific os vendor that made some linux machines unbootable. Although that the vendor was probably well minded, this was problematic. Today, at login I had a motd message from fwupd reminding me of a very similar (or the same update) on my linux systems. Some user might have installed it already accidentially via discover. At this point I was looking for documentation about fwupd (mostly I knew about it via phoronix.com telling me how great is is). But there is very little to find in the internet (an outdated ubuntu page, or some arch linux doc). Debian neither provides sufficient documentation. Having in mind, that this february a satelite network provider distrubuted a malicious firmware update that destroied thousands of satelite modems, I choose the uninstall fwupdate on all machines. Please: The fwupdt package is very invasive and might be used maliciously. At least it should be documented in an understandable way or should be disabled by default. It should not be used for automatic updates that can be triggered by unexperienced users (like in discover) at all. Yours Jürgen -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing'), (400, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.19.0-1-amd64 (SMP w/4 CPU threads; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages fwupd depends on: ii libc6 2.34-7 ii libcurl3-gnutls7.85.0-1 ii libefiboot137-6 ii libelf10.187-2 pn libflashrom1 ii libfwupd2 1.8.4-2 pn libfwupdplugin1 pn libfwupdplugin7 ii libglib2.0-0 2.73.3-3 ii libgnutls303.7.7-2 ii libgudev-1.0-0 237-2 ii libgusb2 0.3.10-1 ii libjcat1 0.1.9-1 ii libjson-glib-1.0-0 1.6.6-1 ii libmbim-glib4 1.26.4-1 ii libmbim-proxy 1.26.4-1 ii libmm-glib01.18.10-2 ii libpolkit-gobject-1-0 0.105-33 ii libprotobuf-c1 1.4.1-1 ii libqmi-glib5 1.30.8-1 ii libqmi-proxy 1.30.8-1 pn libsmbios-c2 ii libsqlite3-0 3.39.3-1 ii libsystemd0251.4-3 ii libtss2-esys-3.0.2-0 3.2.0-1+b1 pn libxmlb1 ii libxmlb2 0.3.8-1 ii shared-mime-info 2.2-1 Versions of packages fwupd recommends: pn bolt ii dbus 1.14.0-2 pn fwupd-signed pn jq ii python33.10.6-1 pn secureboot-db ii udisks22.9.4-3 Versions of packages fwupd suggests: pn gir1.2-fwupd-2.0
Bug#1019252: bash: New "${var/ && /&&}" sed like behaviour causes severe incompatibility
Package: bash Version: 5.2~rc2-2 Severity: normal Tags: upstream Dear Maintainer, This new behaviour is documented in the upstream changelog For example: "${/ && /&&}" must now become: "${/ && /\&\&}" To work as expected. Trivial, but breaks existing scripts. At least debian should print a warning or send mail on upgrade. Thanks Jürgen -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing'), (400, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.18.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_WARN Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages bash depends on: ii base-files 12.2 ii debianutils 5.7-0.3 ii libc62.34-7 ii libtinfo66.3+20220423-2 Versions of packages bash recommends: ii bash-completion 1:2.11-6 Versions of packages bash suggests: pn bash-doc -- Configuration Files: /etc/bash.bashrc changed [not included] /etc/skel/.bash_logout changed [not included] /etc/skel/.bashrc changed [not included] /etc/skel/.profile changed [not included] -- no debconf information
Bug#983508: nfs-common: Bullseys/Kernel 5.10 SAMBA AD/DC NFSv4 Kerberos Problem with rpc.gssd
Package: nfs-common Version: 1:1.3.4-2.5+deb10u1 Severity: important Tags: upstream Dear Maintainers There is a long standing bug (or wrong documentation) in rpc.gssd Probably debian uses an outdated version (new upstream version). I consider this bug as severe because it breaks backward compa- tibility since debian bullseye. It might affect most SAMBA AD/DC setups that were working with buster and fail with bulseye. PROBLEM The point is the nfs/... SPN (service principle name) that was historically used to fill the kerberos machine credential cache. The documentation explicitly states that rpc.gssd first tries the (windows) machine account $/... then a SPN (or UPN?) root/... then some others and FINALLY the nfs/... SPN. But this is wrong, only nfs/... is recognized. This creates a problem with SAMBA AD/DCs setups. Samba uses heimdal kerberos. A difference between heimdal and MIT are the SPNs. So in SAMBA you have to add a UPN (like the before mentioned root/...) and to attach the nfs/... SPN to the UPN. This is how it looks: samba-tool user create --random-password --gid-number=100 \ --gecos="nfs user" --unix-home=/tmp --login-shell=/usr/sbin/nologin \ root/myhost.centauri.home samba-tool user setexpiry --noexpiry root/myhost.centauri.home samba-tool spn add nfs/myhost.centauri.home root/myhost.centauri.home The exported keytab works fine (until kernel 5.9) and allows NFS4 with kerberos security: samba-tool domain exportkeytab xxx.keytab --principal MYHOST$ samba-tool domain exportkeytab xxx.keytab --principal root/myhost.centauri.home samba-tool domain exportkeytab xxx.keytab --principal nfs/myhost.centauri.home But as nfs/... SPN seems to be historic SAMBA only exports weak encryption keys for nfs/... whereas the machine account and the root/... UPN have strong encryption: klist -e -k /etc/krb5.keytab.old Keytab name: FILE:/etc/krb5.keytab.old KVNO Principal -- 1 alpha1$@CENTAURI.HOME (aes256-cts-hmac-sha1-96) 1 alpha1$@CENTAURI.HOME (aes128-cts-hmac-sha1-96) 1 alpha1$@CENTAURI.HOME (arcfour-hmac) 1 alpha1$@CENTAURI.HOME (des-cbc-md5) 1 alpha1$@CENTAURI.HOME (des-cbc-crc) 2 root/alpha1.centauri.h...@centauri.home (aes256-cts-hmac-sha1-96) 2 root/alpha1.centauri.h...@centauri.home (aes128-cts-hmac-sha1-96) 2 root/alpha1.centauri.h...@centauri.home (arcfour-hmac) 2 root/alpha1.centauri.h...@centauri.home (des-cbc-md5) 2 root/alpha1.centauri.h...@centauri.home (des-cbc-crc) 2 nfs/alpha1.centauri.h...@centauri.home (arcfour-hmac) 2 nfs/alpha1.centauri.h...@centauri.home (des-cbc-md5) 2 nfs/alpha1.centauri.h...@centauri.home (des-cbc-crc) SOLUTION This was OK until kernel 5.9 only. Since 5.10 somebody disabled weak encrytion in the kernel part of GSSAPI. Now debian's old rpc.gssd fails. Probably creating a security problem as NFS mount now tries NFS 3 (without kerberos). The SAMBA documentation explains the SAMBA behaviour here: https://wiki.samba.org/index.php/Generating_Keytabs The solution is to explicitly set the supported encryption for the root/... UPN: net ads enctypes set root/myhost.centauri.home 31 A newly created keytab now contains the required encryptions for the nfs/... SPN. And now NFS4 works with 5.10 / bullseye. CONCLUSION The NFS4 / SAMBA / KERBEROS setup is extremly complacated, debian's rpc.gssd is outdated or buggy and someone tried to improve security by removing something from the kernel. NFS mounts on bullseye systems may fall back to NFS3 without kerberos. Not good. PLEASE Give users a hint, a usefull error message, or fix rpc.gssd It took me a long time to indentify the reported problem and I am thankfull for a hint that I found in the univention bug tracker. Yours Jürgen -- Package-specific info: -- rpcinfo -- program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper -- /etc/default/nfs-common -- NEED_STATD=no STATDOPTS= NEED_IDMAPD=yes NEED_GSSD=yes -- /etc/idmapd.conf -- [General] Verbosity = 0 Pipefs-Directory = /run/rpc_pipefs Domain = centauri.home [Mapping] Nobody-User = nobody Nobody-Group = nogroup -- /etc/fstab -- -- System Information: Debian Release: 10.8 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.4.0-0.bpo.4-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages nfs-common depends on: ii adduser 3.118 ii keyutils1.6-6 ii libc6 2.28-10 i
Bug#930470: baloo-kf5: baloo_file (started via xdg-autostart) does not stop with kde shutdown
Package: baloo-kf5 Version: 5.54.0-1 Severity: normal Dear Maintainer, baloo_file does not exit, this blocks the systemd --user session, and therefore keeps a couple of prossess running after kde logout. Put something like 'balooctl stop' at end end of /usr/bin/kdestartup to see that systemd works fine and all user processes stop after the kde logout. I shold mention that at-spi-dbus-bus causes the same problem, so stop it before testing the logout hack. Thanks, Jürgen -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages baloo-kf5 depends on: ii kio 5.54.1-1 ii libc62.28-10 ii libkf5baloo5 5.54.0-1 ii libkf5balooengine5 5.54.0-1 ii libkf5configcore55.54.0-1 ii libkf5coreaddons55.54.0-1 ii libkf5crash5 5.54.0-1 ii libkf5dbusaddons55.54.0-1 ii libkf5filemetadata3 5.54.0-1 ii libkf5i18n5 5.54.0-1 ii libkf5idletime5 5.54.0-1 ii libkf5kiocore5 5.54.1-1 ii libkf5solid5 5.54.0-1 ii libqt5core5a 5.11.3+dfsg1-1 ii libqt5dbus5 5.11.3+dfsg1-1 ii libqt5gui5 5.11.3+dfsg1-1 ii libqt5qml5 5.11.3-4 ii libqt5widgets5 5.11.3+dfsg1-1 ii libstdc++6 8.3.0-6 baloo-kf5 recommends no packages. baloo-kf5 suggests no packages. -- no debconf information
Bug#930120: init: Documentation error for telinit/init - does not use 'systemctl isolate xxx'
Package: init Version: 1.56+nmu1 Severity: minor Tags: upstream Dear Maintainer, The man page of telinit/init says (for 'telinit N'): Change the SysV runlevel. This is translated into an activation request for runlevel2.target, runlevel3.target, ... and is equivalent to systemctl isolate runlevel2.target, systemctl isolate runlevel3.target, ... But when using telinit 2 or init 2 (or event booting the kernel with "2" as an argument), the effective operation is: 'systemctl start runlevel2.target' ### but not 'sytemctl isolate runlevel2.target' ### as documented I also suspect that booting with "2" as a kernel commandline argument starts "multi-user.target" instead of "runlevel2.target". At least for me things work as expected when using systemd.unit=runlevel2.target at boot time, or 'systemctl isolate runlevel2.target' after boot. Systemdaemon is nice and works fine otherwise. Thanks, Jürgen Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages init depends on: ii init-system-helpers 1.56+nmu1 ii systemd-sysv 241-5 init recommends no packages. init suggests no packages. -- no debconf information
Bug#929818: sddm crashes after VT switch (but switching works fine without sddm)
Package: sddm Version: 0.18.0-1 Severity: important Concurrent X-Sessions can be started on other VTs (without sddm, just xinit) and you can switch between these without any problem. When switching back to the sddm VT (number 7) sddm crashes and so the session is lost. This behaviour is 100% reproducible on various notbooks. (1) pam modification: the pam groups module now works fine with sddm (pam was fixed since stretch, sddm was not usable with stretch anyhow). (2) here the trivial xinitrc used with startx to do testing: #!/bin/sh . /etc/X11/Xsession if [ -x /usr/bin/startkde ] ; then startkde elif [ -x /usr/bin/twm ] ; then twm & xclock -g 130x130+900+10 & xterm -g 120x35+10+10 -sb fi (3) Kernal taint: is virtual box, but the mentioned tests were run on a real machine. --- Thanks for your attention and your Debian engagement Jürgen -- System Information: Debian Release: 10.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages sddm depends on: ii adduser 3.118 ii debconf [debconf-2.0] 1.5.71 ii libc6 2.28-10 ii libgcc1 1:8.3.0-6 ii libpam0g1.3.1-5 ii libqt5core5a5.11.3+dfsg1-1 ii libqt5dbus5 5.11.3+dfsg1-1 ii libqt5gui5 5.11.3+dfsg1-1 ii libqt5network5 5.11.3+dfsg1-1 ii libqt5qml5 5.11.3-4 ii libqt5quick55.11.3-4 ii libstdc++6 8.3.0-6 ii libsystemd0 241-3 ii libxcb-xkb1 1.13.1-2 ii libxcb1 1.13.1-2 ii qml-module-qtquick2 5.11.3-4 ii x11-common 1:7.7+19 ii xnest [xserver] 2:1.20.3-1 ii xserver-xorg [xserver] 1:7.7+19 Versions of packages sddm recommends: ii haveged1.9.1-7 ii libpam-systemd 241-3 ii sddm-theme-breeze [sddm-theme] 4:5.14.5.1-1 ii sddm-theme-debian-breeze [sddm-theme] 4:5.14.5.1-1 ii sddm-theme-debian-elarun [sddm-theme] 0.18.0-1 ii sddm-theme-debian-maui [sddm-theme]0.18.0-1 Versions of packages sddm suggests: pn libpam-kwallet5 pn qtvirtualkeyboard-plugin -- Configuration Files: /etc/pam.d/sddm changed: authrequisite pam_nologin.so authrequiredpam_succeed_if.so user != root quiet_success @include common-auth auth optional pam_group.so -auth optionalpam_gnome_keyring.so -auth optionalpam_kwallet5.so @include common-account session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close session optionalpam_keyinit.so force revoke session requiredpam_limits.so session requiredpam_loginuid.so @include common-session session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open -session optional pam_gnome_keyring.so auto_start -session optional pam_kwallet5.so auto_start @include common-password session requiredpam_env.so session requiredpam_env.so envfile=/etc/default/locale user_readenv=1 -- no debconf information
Bug#928286: libpam-sss: passwd change does not prompt for new passwd unless using pam_sss.so prompt_always
Package: libpam-sss Version: 1.16.3-3.1 Severity: normal Dear Maintainer, problem: changing SAMBA AD DC passwd using SSSD with AD providers When user runs 'passwd' the old pw is prompted for and validated but not prompt for a new pw is shows. SSSD log and source code indicate that pam_sss.so returns an empty authtok. outcome: User cannot change password (unless using samba-tool). work-around: Using pam_sss.so prompt_always in common-auth. common-auth (autogenerated by pam-auth-config and patched): ... # here are the per-package modules (the "Primary" block) password[success=2 default=ignore] pam_unix.so obscure sha512 passwordsufficient pam_sss.so prompt_always #password sufficient pam_sss.so use_authtok # here's the fallback if no module succeeds -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/2 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libpam-sss depends on: ii libc6 2.28-8 ii libpam-pwquality 1.4.0-3 ii libpam-runtime1.3.1-5 ii libpam0g 1.3.1-5 Versions of packages libpam-sss recommends: pn sssd libpam-sss suggests no packages. -- no debconf information
Bug#408442: kmail: Crash by Timer (imap related, invalid cached state)
Package: kmail Version: 4:3.5.5.dfsg.1-4 Severity: normal kmails newest feature is to crash (without being touched) 1...2 minutes after being launched. The behaviour is reproducable. Backtrace #1: (no debugging symbols found) Using host libthread_db library "/lib/tls/libthread_db.so.1". (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [Thread debugging using libthread_db enabled] [New Thread -1242024256 (LWP 3238)] [New Thread -1281696848 (LWP 3242)] [New Thread -1273308240 (LWP 3241)] [New Thread -1264919632 (LWP 3240)] [New Thread -1256531024 (LWP 3239)] (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [KCrash handler] #5 0xb54f2269 in KMFolder::noContent () from /usr/lib/libkmailprivate.so #6 0xb579bd84 in KMAcctImap::processNewMail () from /usr/lib/libkmailprivate.so #7 0xb5612d90 in KMail::AccountManager::processNextCheck () from /usr/lib/libkmailprivate.so #8 0xb5612f3e in KMail::AccountManager::singleCheckMail () from /usr/lib/libkmailprivate.so #9 0xb56135ae in KMAccount::mailCheck () from /usr/lib/libkmailprivate.so #10 0xb551abb5 in KMAccount::qt_invoke () from /usr/lib/libkmailprivate.so #11 0xb551ac4b in KMail::NetworkAccount::qt_invoke () from /usr/lib/libkmailprivate.so #12 0xb57a8ff3 in KMail::ImapAccountBase::qt_invoke () from /usr/lib/libkmailprivate.so #13 0xb57a92b3 in KMAcctImap::qt_invoke () from /usr/lib/libkmailprivate.so #14 0xb7016d4f in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #15 0xb70177e0 in QObject::activate_signal () from /usr/lib/libqt-mt.so.3 #16 0xb73a1e52 in QTimer::timeout () from /usr/lib/libqt-mt.so.3 #17 0xb703e603 in QTimer::event () from /usr/lib/libqt-mt.so.3 #18 0xb6faec26 in QApplication::internalNotify () from /usr/lib/libqt-mt.so.3 #19 0xb6fb0a43 in QApplication::notify () from /usr/lib/libqt-mt.so.3 #20 0
Bug#403782: linux-source-2.6.18: realtek 8169 slow (slower than ubuntu)
Package: linux-source-2.6.18 Version: 2.6.18-8 Severity: normal Hi, the kernel I use is built from debian source and 2.6.18-8 patches are applied. The r8169 is on a dlink pci card in a SIS 671 system with a 2.4 GHz P4 CPU. Symptom: Download speed is ok (25 MB/s) but Upload, e.g. the send speed at maximum reaches 13 MB/s. This does not happend under Ubuntu 6.10 where I get 25 MB/s in both directions. You might be amused to read that the 50% send speed reduction also comes for free with window 2003 (driver from dlink cd). Cables and Hub are ok and were checked against other computers. I remember that there was a similar bug report a while ago that got closed. Please merge and reopen. Yours Juergen -- System Information: Debian Release: 4.0 APT prefers testing APT policy: (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-8-sis Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]