Bug#1081730: Fixed in uploaded version
fixed 1081730 12.1 thanks This bug was fixed in version 12.1 but debian/changelog did not include the proper statement to close it automatically: [ Joost van Baal-Ilić ] (...) * Update releases. Thanks Étienne Mollier for reporting This mail aims to fix that mistake :) Regards Javier signature.asc Description: PGP signature
Bug#990696: unblock: netselect/0.3.ds1-29
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package netselect [ Reason ] Netselect-apt is not able to properly parse the URLs in the mirror list available in the Debian website. This version fixes the bug in parsing which makes it work again. [ Impact ] If the unblock is not implemented users will not be able to use netselect-apt [ Tests ] I have run manually tests in my unstable system to confi [ Risks ] The change is very simple. This is a package which is used by a small number of users. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock netselect/0.3.ds1-29 -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 5.10.0-1-686-pae (SMP w/4 CPU threads) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru netselect-0.3.ds1/debian/changelog netselect-0.3.ds1/debian/changelog --- netselect-0.3.ds1/debian/changelog 2021-07-05 00:14:53.0 +0200 +++ netselect-0.3.ds1/debian/changelog 2021-07-04 23:04:35.0 +0200 @@ -1,3 +1,14 @@ +netselect (0.3.ds1-29) unstable; urgency=high + + * netselect-apt: +- Fix bug that makes it output some hosts with negative value (Closes: 920907) +- Fix bug in the Pelr parsing which prevented it from processing properly + the mirrors listed in the Debian website (Closes: 989674) + * debian/control: Move curl to depends as it is required by netselect-apt + (Closes: 788793) + + -- Javier Fernández-Sanguino Peña Sun, 04 Jul 2021 23:04:35 +0200 + netselect (0.3.ds1-28) unstable; urgency=medium * Use debhelper files properly to relocation binaries and diff -Nru netselect-0.3.ds1/debian/control netselect-0.3.ds1/debian/control --- netselect-0.3.ds1/debian/control2021-07-05 00:14:53.0 +0200 +++ netselect-0.3.ds1/debian/control2021-07-04 23:04:35.0 +0200 @@ -22,8 +22,7 @@ Package: netselect-apt Architecture: all -Depends: wget, netselect (>= 0.3.ds1-17), ${misc:Depends} -Recommends: curl +Depends: wget, netselect (>= 0.3.ds1-17), curl, ${misc:Depends} Enhances: apt Suggests: dpkg-dev Description: speed tester for choosing a fast Debian mirror diff -Nru netselect-0.3.ds1/netselect-apt netselect-0.3.ds1/netselect-apt --- netselect-0.3.ds1/netselect-apt 2021-07-05 00:14:53.0 +0200 +++ netselect-0.3.ds1/netselect-apt 2021-07-04 23:04:35.0 +0200 @@ -35,7 +35,7 @@ # Default distribution distro="stable" # Default protocol -protocol="HTTP" +protocol="http" # Number of fastest hosts that will be validated test_hosts="10" # URL where the mirror list is retrieved from @@ -120,7 +120,7 @@ # Second test: do we have the test file we are looking for? [ -n "$DEBUG" ] && log "DEBUG: Checking if the file '$test_file' is available in site" -temp=`tempfile` +temp=`mktemp` [ ! -e "$temp" ] && return 0 # Return without error if we cannot create # a temporary file curl -m 2 -q -s "$host/$test_file" >$temp 2>&1 @@ -156,12 +156,14 @@ SEARCH="$1" PROTO="$2" hosts=$(cat "$infile" \ - | perl -n -e ' + | perl -n -e ' +use warnings; +use strict; $/=""; -$country_name = ".*"; -$country_iso = ".."; -$country = "'"$country"'"; -$my_country = 1; +my $country_name = ".*"; +my $country_iso = ".."; +my $country = "'"$country"'"; +my $my_country = 1; if ( $country ne "" ) { $my_country = 0; if ( $country =~ /^\w{2}$/ ) { @@ -184,7 +186,7 @@ next if $_ !~ /Site:/; if( ( /Includes architectures:.+'"$arch"'.+/i || $_ !~ /Includes architectures:/ ) && - m@'"$SEARCH"':.*@i && $my_country == 1 + m@'"$SEARCH"':.*@i && $my_country == 1
Bug#989425: unblock: libpam-chroot/0.9-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package libpam-chroot [ Reason ] This version includes fixes to build properly the package including: - Installing the PAM module in the correct location (#980047) - Supporting cross bulding of source (949080) - Document that libpam-chroot is not recommended to be used with OpenSSH as it is difficult to setup and there are better alternatives (527564) [ Impact ] Users cannot use the package as it is as the pam_chroot library is not installed in the correct location. Users trying to follow the instructions in the README file to setup OpenSSH will end up with a non-working setup. If the unblock is not granted this is not, however, a major issue as not many users use this package and chroot functionalities are, in general, not that much used anymore as people have in general now moved to containers. [ Tests ] Tested locally in the developer's machine. [ Risks ] Very low risk changes introduced in the package. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock libpam-chroot/0.9-5 Thank you for your support, Javier diff -u libpam-chroot-0.9/Makefile libpam-chroot-0.9/Makefile --- libpam-chroot-0.9/Makefile +++ libpam-chroot-0.9/Makefile @@ -5,6 +5,8 @@ CPPFLAGS=-I. LDFLAGS=-shared DESTDIR=/ +LIBDIR=$(DESTDIR)/lib/security +INSTALL?=install OUT=pam_chroot.so CONF=chroot.conf @@ -20,3 +22,3 @@ install: - install -s -o0 -g0 -m755 $(OUT) $(DESTDIR)/lib/security + $(INSTALL) -s -o0 -g0 -m755 $(OUT) $(LIBDIR) install -m640 $(CONF) $(DESTDIR)/etc/security diff -u libpam-chroot-0.9/debian/README.Debian libpam-chroot-0.9/debian/README.Debian --- libpam-chroot-0.9/debian/README.Debian +++ libpam-chroot-0.9/debian/README.Debian @@ -73,15 +73,22 @@ Setting up OpenSSH with libpam-chroot - +!!! WARNING !! NOTE: OpenSSH supports, since the 4.9 release, the definition of chrooted enviroments. For more information see the 'ChrootDirectory' -directive in sshd_config (5). +directive in sshd_config (5). + +Setting up OpenSSH libpam-chroot is *not* recommended and most likely will not +work. The following information is provided for those users that want to tinker +with pam-chroot and SSH. + + WARNING !! Many systems want to setup a restricted remote access to a system in which users are confined to their user directories, but are unable to -"see" the whole system. If you want to develop this using OpenSSH you -will need to: +"see" the whole system. If you want to develop this using OpenSSH +and libpam-chroot you will need to: 0) Setup a chroot environment for your users. Make sure that environment includes the standard tools they will need (like their @@ -147,7 +154,29 @@ pam-chroot at all. +4) In order for chroots to work with newer OpenSSH versions the chroot +directory of a user needs to include both the /proc filesystem and +the /dev/pts + +- If /proc is not mounted in the chroot, SSH access will be interrupted + with the message: + + Connection reset by peer + Connection to closed. + + To mount /proc do the following: + mount -t proc /proc /proc + +- If /dev/pts is not mounted, the SSH login will freeze after + authentication with the message: + + PTY allocation request failed on channel 0 + + To mount /dev do the following: + mount --rbind /dev /dev + + -- Javier Fernandez-Sanguino - Wed, 27 Oct 2010 02:01:26 +0200 + Thu, 03 Jun 2021 13:26:58 +0200 diff -u libpam-chroot-0.9/debian/changelog libpam-chroot-0.9/debian/changelog --- libpam-chroot-0.9/debian/changelog +++ libpam-chroot-0.9/debian/changelog @@ -1,3 +1,19 @@ +libpam-chroot (0.9-5) unstable; urgency=high + + * debian/rules: Install the PAM module in the right location +(Closes: #980047) + * Fix FTCBFS: (Closes: #949080, #437385) ++ Let dh_auto_build pass cross tools to make. ++ Make install substitutable. ++ Pass a non-stripping install to make install. +Thanks Helmut Grohne for the patch + * debian/README.Debian: discourage users from using this module with +OpenSSH as this feature is available already in the daemon (see option +ChrootDirectory) and the setup might not work due to changes in OpenSSH +(Closes: #527564) + + -- Javier Fernandez-Sanguino Pen~a Thu, 03 Jun 2021 12:57:43 +0200 + libpam-chroot (0.9-4.3) unstable; urgency=medium * Non-maintainer upload. diff -u libpam-chroot-0.9/debian/dirs libpam-chroot-0.9/debian/dirs --- libpam-chroot-0.9/debian/dirs +++ libpam-chroot-0.9/debian/dirs @@ -1,2 +1 @@ etc/security -lib/security diff -u libpam-chroot-0.9/debian/rules libpam-chroot-0
Bug#989412: unblock: ifupdown-extra/0.32
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock package ifupdown-extra [ Reason ] There is a bug (#987310) in the package in testing which prevents the static-routes script (/etc/network/if-up.d/20static-routes) from working properly when the package is configured to include them. I have also taken the opportunity to: - fix the script so it exits gracefully if called directly (i.e. when the interface to act on is not set) - fix the script so that the 'status' check works properly when the gateways have a defined name in the /etc/hosts - update the documentation (README) to warn users about the behaviour of one script. [ Impact ] If the package is not unblocked users installing this package and trying to set static routes will have their routes added to the 'blackhole' configuration instead. [ Tests ] Tested locally in developer's machine with different configuration variations. The script runs as expected (adding, removing and checking the status of routes added in /etc/network/routes [ Risks ] Changes in the package are trivial, there is very low risk [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing unblock ifupdown-extra/0.32 -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 5.10.0-1-686-pae (SMP w/4 CPU threads) Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -Nru ifupdown-extra-0.31/debian/changelog ifupdown-extra-0.32/debian/changelog --- ifupdown-extra-0.31/debian/changelog2020-09-19 09:09:41.0 +0200 +++ ifupdown-extra-0.32/debian/changelog2021-06-03 08:13:30.0 +0200 @@ -1,3 +1,16 @@ +ifupdown-extra (0.32) unstable; urgency=high + + * if-up-scripts/static-routes: + - Fix syntax error in script which causes routes added to be converted + into "blackhole" routes (Closes: 987310) + - Fail properly if the inteface (IFACE) is not defined when the script + is called + - Use route -n instead of 'route' to properly identify status of routes + when the gateways are in the hosts file + * debian/README: Describe caveats related to network link tests + + -- Javier Fernández-Sanguino Peña Thu, 03 Jun 2021 08:13:30 +0200 + ifupdown-extra (0.31) unstable; urgency=medium * Fix some network scripts to adapt to the naming scheme introduced diff -Nru ifupdown-extra-0.31/debian/README ifupdown-extra-0.32/debian/README --- ifupdown-extra-0.31/debian/README 2020-09-19 09:09:37.0 +0200 +++ ifupdown-extra-0.32/debian/README 2021-06-03 08:13:30.0 +0200 @@ -16,8 +16,12 @@ submit it as a bug report to the package. -Known limitations - +Known limitations: +-- + +--- +Interface names +--- Starting with v197, systemd/udev creates predictable network interface names for all local Ethernet, WLAN and WWAN interfaces. However, system @@ -42,6 +46,22 @@ systemd.net-naming scheme: https://www.freedesktop.org/software/systemd/man/systemd.net-naming-scheme.html +-- +Network link checks +-- + +The script that tests the network link is run inmediately after an interface is +administratively configured up. However, the underlying hardware sometime it +takes some time to establish and negotiate a link. This is heavily dependant on +the hardware itself and the system it is connected to (e.g. if auto negotiation +of an interface is enabled or the duplex/mode are forced in the interface). + +Due to this time interval for the link to fully stablise it is possible that +the check-network-cable might generate false negative error messages on +systems. + +If this is your case, you are encourage to disable the script by editing +/etc/default/network-test and changing the variable DO_CABLETEST to 'no' -- Javier Fernández-Sanguino diff -Nru ifupdown-extra-0.31/if-up-scripts/static-routes ifupdown-extra-0.32/if-up-scripts/static-routes --- ifupdown-extra-0.31/if-up-scripts/static-routes 2020-08-15 01:30:37.0 +0200 +++ ifupdown-extra-0.32/if-up-scripts/static-routes 2021-06-03 08:13:30.0 +0200 @@ -51,6 +51,11 @@ # Default value VERBOSITY=${VERBOSITY:-0} +[ "$IFACE" ] || { +$OUTPUT "ERROR: Variable IFACE not set in environment" +exit 1 +} + # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901612 if [ ${IFACE} = "--all" ]; then IFACE="[[:alnum:]]+"; fi @@ -80,7 +85,7 @@ cat $ROUTEFILE | egrep "^[^#].*[[:space:]]${IFACE}[[:space:]]*$" |
Bug#986908: unblock: snort 2.9.15.1-5
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Hello, Could it be possible to unblock snort 2.9.15.1-5? [Reason] This version fixes a RC bug (#984614) that generated a dpkg prompt when users where upgrading from older versions. It also fixes three additional bugs: - a bug that prevents Snort log files from being rotated properly (discovered during testing, not reported in BTS) - a bug fixing issues when building the package (LP: #1906572) - a bug fixing parsing of network packets (633066) [ Impact ] There is minimal impact by the above changes. [ Tests ] Package upgrades/downgrades have been tested in several chroots and the bugs are confirmed as fixed. [ Risks ] [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] Hopefully this request can be accepted! unblock snort/2.9.15.1-5 Best regards Javier $ debdiff snort_2.9.15.1-4_i386.deb snort_2.9.15.1-5_i386.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Depends: snort-common-libraries (>= [-2.9.15.1-4),-] {+2.9.15.1-5),+} snort-rules-default (>= [-2.9.15.1-4),-] {+2.9.15.1-5),+} snort-common (>= [-2.9.15.1-4),-] {+2.9.15.1-5),+} debconf (>= 0.5) | debconf-2.0, rsyslog | system-log-daemon, logrotate, net-tools, lsb-base, libc6 (>= 2.30), libdaq2 (>= 2.0.7), libdumbnet1 (>= 1.8), liblzma5 (>= 5.1.1alpha+20120614), libnetfilter-queue1, libnghttp2-14 (>= 1.5.0), libpcap0.8 (>= 1.0.0), libpcre3, libssl1.1 (>= 1.1.0), zlib1g (>= 1:1.1.4) Version: [-2.9.15.1-4-] {+2.9.15.1-5+} $ debdiff snort-common_2.9.15.1-4_all.deb snort-common_2.9.15.1-5_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Conflicts: snort (<< [-2.9.15.1-4)-] {+2.9.15.1-5)+} Installed-Size: [-519-] {+522+} Pre-Depends: adduser (>= [-3.11)-] {+3.11), dpkg (>= 1.17.14)+} Version: [-2.9.15.1-4-] {+2.9.15.1-5+} $ debdiff snort-rules-default_2.9.15.1-4_all.deb snort-rules-default_2.9.15.1-5_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Version: [-2.9.15.1-4-] {+2.9.15.1-5+} $ debdiff snort-doc_2.9.15.1-4_all.deb snort-doc_2.9.15.1-5_all.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Version: [-2.9.15.1-4-] {+2.9.15.1-5+} $ debdiff snort-common-libraries_2.9.15.1-4_i386.deb snort-common-libraries_2.9.15.1-5_i386.deb [The following lists of changes regard files as different if they have different names, permissions or owners.] Files in second .deb but not in first - -rw-r--r-- root/root /usr/lib/debug/.build-id/39/3558c32ca8d48f3de5673db0496869cb112938.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/40/e94d0baaefe540c618da94eb888f032c5a1f79.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/c6/49b10979e88a857a4e42b1f78b5c9352a094a3.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/c6/61fc7794c21ed0211a17cf762d1e62f9ff618f.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/cf/523d1c167cb54f099cce54ecd8ddc37ca53e09.debug Files in first .deb but not in second - -rw-r--r-- root/root /usr/lib/debug/.build-id/34/c8e8ca361a44fdaa05ca46235585f7342d8999.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/78/5f93750fd367fa5b29b45a8a31347224722498.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/d4/e19c810ddefba362805ecb2f24bfbd064c2367.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/ea/2ad91c60e90e48f59ed33e31b2be14b26f425e.debug -rw-r--r-- root/root /usr/lib/debug/.build-id/ff/24c75759a1335e9247f00279ded2ea0fd03c8f.debug Control files: lines which differ (wdiff format) Build-Ids: [-34c8e8ca361a44fdaa05ca46235585f7342d8999 785f93750fd367fa5b29b45a8a31347224722498 d4e19c810ddefba362805ecb2f24bfbd064c2367 ea2ad91c60e90e48f59ed33e31b2be14b26f425e ff24c75759a1335e9247f00279ded2ea0fd03c8f-] {+393558c32ca8d48f3de5673db0496869cb112938 40e94d0baaefe540c618da94eb888f032c5a1f79 c649b10979e88a857a4e42b1f78b5c9352a094a3 c661fc7794c21ed0211a17cf762d1e62f9ff618f cf523d1c167cb54f099cce54ecd8ddc37ca53e09+} Depends: snort (= [-2.9.15.1-4)-] {+2.9.15.1-5)+} Installed-Size: [-2309-] {+2308+} Version: [-2.9.15.1-4-] {+2.9.15.1-5+} $ debdiff snort-common-libraries_2.9.15.1-4_i386.deb snort-common-libraries_2.9.15.1-5_i386.deb File lists identical (after any substitutions) Control files: lines which differ (wdiff format) Installed-Size: [-4832-] {+5027+} Version
Bug#984736: RFH: cron -- new maintainer need
Package: wnpp Version: N/A; reported 2021-07-03 Severity: wishlist A new an active maintainer is required for the cron package. Cron is a basic system utility that runs programs periodically in the system, it is used by multitude of packages and is part of the core OS debian tools. The package is maintained in Salsa (https://salsa.debian.org/debian/cron). I picked up the package in 2005 and have been trying to maintain it and fix bugs in it and keep it more or less current. In 2014, Christian Kastner joined as co-maintainer and has been done the bulk of the job in mantaining / improving it. He recently did a fantastic job in converting the package to 3.0 (quilt). He also provided its replacement, cronie, in experimental (package available at https://salsa.debian.org/debian/cronie, upstream available at https://github.com/cronie-crond/cronie) Cron has been dead for years upstream, Debian still uses it instead of Cronie as over the years the package has received many changes that are Debian-specific. Ideally a maintainer willing to help cron move forward would support the next major task to be done: moving the Debian-specific patches into cronie and providing an updated package for cronie replacement that can eventually replace cron. Please contact the current maintainer if you can help in maintaining and improving cron. Best regards, Javier Fernández-Sanguino signature.asc Description: PGP signature
Bug#984734: RM: manpages-es-extra -- ROM;abandoned upstream
Package: ftp.debian.org Severity: normal The manpages-es-extra package only contains outdated manpages as the upstream project (PAMELI) has been dead now for many, many years (since 2005). It does not make any more sense to distribute this package as there is no real way to identify which manpages are still valid Please remove this package so the extra manpages for the Spanish language can be provided by the manpages-l10n package (which already provides 'manpages-es'). This new package introduces a gettext (PO-based) system which will make it possible to provide manpages in Spanish highlighting which content is not up to date. Thank you for your help, Javier Fernández-Sanguino signature.asc Description: PGP signature
Bug#981479: Sysvinit: Updated Spanish debconf template translation
Package: sysvinit Version: 2.96-5 Priority: wishlist Tags: l10n patch Dear maintainer, Please find attached an updated debconf translation for your package. Thank you for including it in your next package upload. Best regards, Javier Fernández-Sanguino # sysvinit po-debconf translation to Spanish # Copyright (C) 2009 Software in the Public Interest # This file is distributed under the same license as the sysvinit package. # # Changes: # - Initial translation # Francisco Javier Cuadrado , 2009 # - Translation update # Javier Fernández-Sanguino , 2012, 2020 # # Traductores, si no conocen el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # msgid "" msgstr "" "Project-Id-Version: sysvinit 2.87dsf-5\n" "Report-Msgid-Bugs-To: sysvi...@packages.debian.org\n" "POT-Creation-Date: 2018-10-26 08:14+\n" "PO-Revision-Date: 2021-01-31 19:43+0100\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian l10n Spanish \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: sysv dpkg SUGGESTION rc libexec console inittab\n" "X-POFile-SpellExtra: sysvinit getty new old Hurd hurd\n" #. Type: boolean #. Description #: ../sysvinit-core.templates:1001 msgid "Update getty pathnames and add hurd-console?" msgstr "¿Actualizar las rutas de getty y añadir «hurd-console»?" #. Type: boolean #. Description #: ../sysvinit-core.templates:1001 msgid "" "Your /etc/inittab seems to use /libexec/getty as getty and/or to miss hurd-" "console entry. The default inittab has been changed, however your /etc/" "inittab has been modified. Note that sysvinit has not been used to boot an " "Hurd system for long, so any errors in that file would not have shown up " "earlier." msgstr "Su «/etc/inittab» parece que utiliza /libexec/getty como getty y/o no tiene la entrada «hurd-console». El fichero «inittab» por omisión ha cambiado, pero su «/etc/inittab» no se ha modificado. Tenga en cuenta que sysvinit no se ha utilizado para arrancar un sistema Hurd desde hace mucho, por lo que los problemas en ese fichero no se podían haber mostrado antes." #. Type: boolean #. Description #: ../sysvinit-core.templates:1001 msgid "" "If you allow this change, a backup will be stored in /etc/inittab.dpkg-old." msgstr "Se guardará una copia de seguridad del fichero en «/etc/inittab.dpkg-old» si permite que se realice este cambio." #. Type: boolean #. Description #: ../sysvinit-core.templates:1001 msgid "" "If you don't allow this change, an updated inittab will be written to /etc/" "inittab.dpkg-new. Please review the changes and update your /etc/inittab " "accordingly." msgstr "Si no quiere hacer esta modificación, se generará un fichero inittab actualizado en «/etc/inittab.dpkg-new». Revise los cambios y actualice su fichero «/etc/inittab» como sea necesario." #~ msgid "Unable to migrate to dependency-based boot system" #~ msgstr "" #~ "No se ha podido migrar al sistema de arranque basado en dependencias" #~ msgid "" #~ "Problems in the boot system exist which are preventing migration to " #~ "dependency-based boot sequencing:" #~ msgstr "" #~ "Existen los siguientes problemas en el sistema de arranque que impiden la " #~ "migración a la secuencia de arranque basada en dependencias:" #~ msgid "" #~ "If the reported problem is a local modification, it needs to be fixed " #~ "manually. These are typically due to obsolete conffiles being left after " #~ "a package has been removed, but not purged. It is suggested that these " #~ "are removed by running:" #~ msgstr "" #~ "Debe solucionar manualmente el problema reportado si se trata de una " #~ "modificación local. Habitualmente estos problemas se deben a ficheros de " #~ "configuración obsoletos que se mantienen tras haber borrado, pero no " #~ "purgado, un paquete. Se sugiere eliminar éstos ejecutando:" #~ msgid "${SUGGESTION}" #~ msgstr "${SUGGESTION}" #~ msgid "" #~ "Package installation can not continue until the above problems have been " #~ "fixed. To reattempt the migration process after these problems have been " #~ "fixed, run \"dpkg --configure sysv-rc\"." #~ msgstr "" #~ "El paquete de instalación no puede continuar hasta que los problemas se " #~ "hayan arreglado. Para reintentar el proceso de migración una vez estos " #~ "problemas se hayan so
Bug#981478: tasksel: Updated Spanish debconf template translation
Package: tasksel Version: 3.63 Severity: wishlist Tags: l10n patch Dear maintainer, Please find attached an updated Spanish debconf template translation for your package. Thank you for including it in your next package upload. Best regards Javier Fernández-Sanguino # # Spanish translation for tasksel/debian # Copyright (C) 2000-2020 Software in the Public Interest, Inc. # # Translated by Javier Fernandez-Sanguino msgid "" msgstr "" "Project-Id-Version: tasksel 2.04\n" "Report-Msgid-Bugs-To: task...@packages.debian.org\n" "POT-Creation-Date: 2018-05-23 01:37+0200\n" "PO-Revision-Date: 2021-01-31 19:26+0100\n" "Last-Translator: Javier Fernandez-Sanguino \n" "Language-Team: Debian Spanish Team \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=iso-8859-1\n" "Content-Transfer-Encoding: 8-bit\n" #. Type: multiselect #. Description #. Type: multiselect #. Description #: ../templates:1001 ../templates:2001 msgid "Choose software to install:" msgstr "Elegir los programas a instalar:" #. Type: multiselect #. Description #: ../templates:1001 msgid "" "At the moment, only the core of the system is installed. To tune the system " "to your needs, you can choose to install one or more of the following " "predefined collections of software." msgstr "" "De momento s�lo est� instalado el sistema b�sico. Puede escoger la " "instalaci�n de las siguientes colecciones predefinidas de programas para " "adaptar m�s la instalaci�n a sus necesidades." #. Type: multiselect #. Description #: ../templates:2001 msgid "" "You can choose to install one or more of the following predefined " "collections of software." msgstr "" "Puede elegir instalar una o m�s de las siguientes colecciones de programas " "predefinidas." #. Type: multiselect #. Description #: ../templates:3001 msgid "This can be preseeded to override the default desktop." msgstr "Esto puede ser preconfigurado para anular el escritorio por omisi�n." #. Type: title #. Description #: ../templates:4001 msgid "Software selection" msgstr "Selecci�n de programas" #~ msgid "${ORIGCHOICES}" #~ msgstr "${CHOICES}" #~ msgid "${CHOICES}, manual package selection" #~ msgstr "${CHOICES}, selecci�n manual de paquetes" signature.asc Description: PGP signature
Bug#916892: [l10n] Updated Spanish translation for d-i
Package: debian-instaler Version: 20181220 Tags: l10n patch Please update the d-i in Salsa with the attached updated Spanish translation (for level 1 and level 3). Best regards Javier Fernández-Sanguino diff --git a/packages/po/sublevel1/es.po b/packages/po/sublevel1/es.po index 1c77cdfc12..5bb2d2bc2e 100644 --- a/packages/po/sublevel1/es.po +++ b/packages/po/sublevel1/es.po @@ -1,5 +1,5 @@ # Spanish messages for debian-installer. -# Copyright (C) 2003-2007 Software in the Public Interest, Inc. +# Copyright (C) 2003-2018 Software in the Public Interest, Inc. # This file is distributed under the same license as debian-installer. # # Contributors to the translation of debian-installer: @@ -12,7 +12,7 @@ # Enrique Matias Sanchez (aka Quique) , 2005 # Rubén Porras Campo , 2005 # Omar Campagne , 2010 -# Javier Fernández-Sanguino , 2003-2012, 2014-2017 +# Javier Fernández-Sanguino , 2003-2012, 2014-2018 # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: @@ -54,7 +54,7 @@ msgstr "" "Project-Id-Version: debian-installer\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: \n" -"PO-Revision-Date: 2017-11-26 22:38+0100\n" +"PO-Revision-Date: 2018-12-19 23:44+0100\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian Spanish \n" "Language: es\n" @@ -997,21 +997,11 @@ msgstr "" #. Type: select #. Description #: ../pkgsel.templates:9002 -#, fuzzy -#| msgid "" -#| "By default, security updates are automatically installed by the " -#| "unattended-upgrades package. Alternatively, you can opt-out from this " -#| "system and apply updates manually using standard package management tools." msgid "" "By default, security updates are not automatically installed, as security " "advisories should be reviewed before manual installation of the updates " "using standard package management tools." -msgstr "" -"Por omisión, las actualizaciones de seguridad se instalan automáticamente " -"mediante el paquete «unattended-upgrades» («actualizaciones desatendidas», " -"N. del T.). También puede optar no utilizar este sistema y aplicar " -"actualizaciones manualmente usando las herramientas de gestión de paquetes " -"estándar." +msgstr "Por omisión, las actualizaciones de seguridad no se instalan automáticamente. Deben revisarse los avisos de seguridad antes de instalar manualmente estas actualizaciones usando las herramientas de gestión de paquetes estándar." #. Type: select #. Description @@ -1023,7 +1013,7 @@ msgid "" "services provided by this machine in the rare cases where the update is not " "fully backward-compatible, or where the security advisory requires the " "administrator to perform some other manual operation." -msgstr "" +msgstr "Alternativamente, puede instalar el paquete el paquete «unattended-upgrades» («actualizaciones desatendidas», N. del T.), que instalará las actualizaciones automáticamente. Debe tener en cuenta que las instalaciones automáticas de actualizaciones podrían ocasionar la indisponibilidad de servicios ofrecidos por este sistema en aquellos raros casos en los que las actualizaciones no sean compatibles hacia atrás, o cuando una actualización de seguridad requiere que el administrador realice alguna operación manual." #. Type: text #. Description diff --git a/packages/po/sublevel3/es.po b/packages/po/sublevel3/es.po index f1592b2ff3..996e35c27b 100644 --- a/packages/po/sublevel3/es.po +++ b/packages/po/sublevel3/es.po @@ -1,5 +1,5 @@ # Spanish messages for debian-installer. -# Copyright (C) 2003-2007 Software in the Public Interest, Inc. +# Copyright (C) 2003-2018 Software in the Public Interest, Inc. # This file is distributed under the same license as debian-installer. # # Contributors to the translation of debian-installer: @@ -12,7 +12,7 @@ # Enrique Matias Sanchez (aka Quique) , 2005 # Rubén Porras Campo , 2005 # Omar Campagne Polaino , 2010 -# Javier Fernández-Sanguino , 2003-2012, 2014, 2017 +# Javier Fernández-Sanguino , 2003-2012, 2014, 2018 # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: @@ -45,7 +45,7 @@ msgstr "" "Project-Id-Version: debian-installer\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: \n" -"PO-Revision-Date: 2017-04-07 16:50+0200\n" +"PO-Revision-Date: 2018-12-19 23:49+0100\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian Spanish \n" "Language: es\n" @@ -164,10 +164,8 @@ msgstr "# Cirílico - lenguas no Eslavas" #. Choices #. :sl3: #: ../console-setup.templates:5001 -#, fuzzy -#| msgid "# Cyrillic - non-Slavic languages" msgid ". Cyrillic - non-Slavic languages (for blind users)" -msgstr "# Cirílico - lenguas no Eslavas" +msgstr ". Cirílico - lenguas no Eslavas (para usuarios invidentes)" #. Type: select #. Choices @@ -180,10 +178,8 @@ msgstr "# Cirílico - Lenguas Eslavas (también el Latino Serbio y Bosnio)" #. Choices #. :sl3: #: ../console-setup.templates:5001 -#, fuzzy -#|
Bug#892793: stretch-pu: package cron/128+deb9u2
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu Fix bugs in cron that prevents it from working properly in environments where centralised user databases are used (e.g. LDAP, Windows AD). The changes introduce a dependency in the init.d file (for sssd) and in the service unit file to ensure that cron is started after these services are operative. Please review and, if possible, accept this version for stretch. Best regards Javier Fernandez-Sanguino diff -u cron-3.0pl1/debian/changelog cron-3.0pl1/debian/changelog --- cron-3.0pl1/debian/changelog +++ cron-3.0pl1/debian/changelog @@ -1,3 +1,17 @@ +cron (3.0pl1-128+deb9u2) stretch; urgency=medium + + * debian/cron.init: Add sssd to the services that should be started/stopped +before/after cron + * debian/cron.service: Add a dependency on remote-fs.target (Closes: #815088) + * debian/cron.service: Add dependency on nss-user-lookup.target in the +definition which properly fixes the issues when cron is started +before centralised user repositories are available (e.g. LDAP +or Active Directory). This should avoid errors in syslog similar to +the following: "crond[PID]: (CRON) bad username (/etc/cron.d/JOBNAME)" +(Closes: #767016, #801384, #783665) (LP: #1593317) + + -- Javier Fernández-Sanguino Peña Sun, 11 Mar 2018 22:32:18 +0100 + cron (3.0pl1-128+deb9u1) stretch; urgency=medium * Non-maintainer upload. diff -u cron-3.0pl1/debian/cron.init cron-3.0pl1/debian/cron.init --- cron-3.0pl1/debian/cron.init +++ cron-3.0pl1/debian/cron.init @@ -5,8 +5,8 @@ # Provides: cron # Required-Start:$remote_fs $syslog $time # Required-Stop: $remote_fs $syslog $time -# Should-Start: $network $named slapd autofs ypbind nscd nslcd winbind -# Should-Stop: $network $named slapd autofs ypbind nscd nslcd winbind +# Should-Start: $network $named slapd autofs ypbind nscd nslcd winbind sssd +# Should-Stop: $network $named slapd autofs ypbind nscd nslcd winbind sssd # Default-Start: 2 3 4 5 # Default-Stop: # Short-Description: Regular background program processing daemon diff -u cron-3.0pl1/debian/cron.service cron-3.0pl1/debian/cron.service --- cron-3.0pl1/debian/cron.service +++ cron-3.0pl1/debian/cron.service @@ -1,6 +1,7 @@ [Unit] Description=Regular background program processing daemon Documentation=man:cron(8) +After=remote-fs.target nss-user-lookup.target [Service] EnvironmentFile=-/etc/default/cron signature.asc Description: PGP signature
Bug#823099: mariadb-10.0: Updated Spanish PO translation
Package: mariadb-10.0 Version: 10.0.24-7 Priority: wishlist Tags: l10n Please find attached an updated translation of this package into Spanish. I would appreciate if you include it in your next package upload. Thanks Javier # mariadb translation to spanish # Copyright (C) 2005-2016 Software in the Public Interest, SPI Inc. # This file is distributed under the same license as the mariadb package. # # Changes: # - Initial translation # Jesus Aneiros, 2006 # - Updated # Javier Fernandez-Sanguino, 2006-2007, 2012, 2016 # - Revision # Nacho Barrientos Arias # Fernando Cerezal # David Martínez Moreno # Ricardo Mones # Carlos Galisteo # Javier Fernandez-Sanguino # # # Traductores, si no conoce el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de # traducción de Debian al español () msgid "" msgstr "" "Project-Id-Version: mysql-dfsg-5.1_5.0.24-3\n" "Report-Msgid-Bugs-To: mariadb-1...@packages.debian.org\n" "POT-Creation-Date: 2016-04-13 11:44+0300\n" "PO-Revision-Date: 2016-04-30 21:26+0200\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian l10 Spanish \n" "Language: Spanish\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: YP mariadb lib ej server flag mysqldump mysql var NIS\n" "X-POFile-SpellExtra: MariaDB\n" #. Type: note #. Description #: ../mariadb-server-10.0.templates:2001 msgid "The old data directory will be saved at new location." msgstr "Se guardará el directorio antiguo de datos a la nueva ubicación." #. Type: note #. Description #: ../mariadb-server-10.0.templates:2001 msgid "" "A file named /var/lib/mysql/debian-*.flag exists on this system. The number " "indicated a database binary format version that cannot automatically be " "upgraded (or downgraded)." msgstr "Se ha encontrado un archivo «/var/lib/mysql/debian-*.flag» en el sistema. Este número indica una versión de base de datos en formato binario que no puede ser subirse (o bajarse) de versión automáticamente." #. Type: note #. Description #: ../mariadb-server-10.0.templates:2001 msgid "" "Therefore the previous data directory will be renamed to /var/lib/mysql-* " "and a new data directory will be initialized at /var/lib/mysql." msgstr "Por tanto, el archivo de datos anterior se renombrará a «/var/lib/mysql-*» y se inicializará un nuevo directorio de datos en «/var/lib/mysql»." #. Type: note #. Description #: ../mariadb-server-10.0.templates:2001 msgid "" "Please manually export/import your data (e.g. with mysqldump) if needed." msgstr "Si lo necesita, tendrá que exportar e importar sus datos manualmente (p.ej. con mysqldump)." #. Type: note #. Description #: ../mariadb-server-10.0.templates:3001 msgid "Important note for NIS/YP users" msgstr "Nota importante para los usuarios de NIS/YP" #. Type: note #. Description #: ../mariadb-server-10.0.templates:3001 msgid "" "Using MariaDB under NIS/YP requires a mysql user account to be added on the " "local system with:" msgstr "" "Para utilizar MariaDB bajo NIS/YP es necesario añadir una cuenta de usuario " "mysql en el sistema local con:" #. Type: note #. Description #: ../mariadb-server-10.0.templates:3001 msgid "" "You should also check the permissions and ownership of the /var/lib/mysql " "directory:" msgstr "" "También debería comprobar los permisos y el propietario del directorio /var/" "lib/mysql:" #. Type: boolean #. Description #: ../mariadb-server-10.0.templates:4001 msgid "Remove all MariaDB databases?" msgstr "¿Desea eliminar todas las bases de datos MariaDB?" #. Type: boolean #. Description #: ../mariadb-server-10.0.templates:4001 msgid "" "The /var/lib/mysql directory which contains the MariaDB databases is about " "to be removed." msgstr "" "El directorio /var/lib/mysql contiene bases de datos MariaDB que van a " "eliminarse." #. Type: boolean #. Description #: ../mariadb-server-10.0.templates:4001 msgid "" "If you're removing the MariaDB package in order to later install a more " "recent version or if a different mariadb-server package is already using it, " "the data should be kept." msgstr "" "Debería mantener los datos si tiene planificado instalar una versión de " "M
Bug#779316: paxtest: incomplete output with standard kernel
On Thu, Feb 26, 2015 at 11:07:59PM +0100, Yann Dirson wrote: > Using the plain Debian 3.16.0-4-amd64 kernel, "paxtest kiddie" shows: (...) Hello there, I recently upgraded the paxtest package to version 0.9.14 and I am unable to reproduce this issue. Could you please confirm that the bug has been fixed with this new version? Thanks Javier signature.asc Description: PGP signature
Bug#821313: apache2-data: Remove links in default site page to manpages.debian.org
Package: apache2-data Version: 2.4.20-1 Severity: normal Tags: patch Dear maintainer, Apache2 default site page includes links to manpages.debian.org. This is not a very good idea since many sites are left unconfigured by default and there are many (badly programmed) robots roaming the Internet and indexing sites. Last Monday 11th, DSA had to disable the 'manpages.debian.org' vhost service in glinka.debian.org because it was consuming continuously a large amount of CPU and affecting other services. Upon investigation, we have found that the service is being queried constantly for the following pages: (a2ensite, a2dissite, a2enmod, a2dismod, and a2ensite). The number of daily queries have ranged from 6000 to 11000 thousand and, starting May 8th, this has spiked to 93.000 to 141.000 daily queries! (you can see the details in the attached text file) These queries are distributed, in a single day we have identified at least 590 distinct hosts making them based on at least 309 misconfigured web servers. The culprit seems to be some strange script (programmed in GO, since the user agent is 'Go-http-client/1.1') which looks for websites and traverses them. When they hits sites like http://teplosnab24.ru/ they start traversing all URLs, including external connections. We have enhanced the service configuration used so that we can withstand the excess of (useless) queries for these manpages (as described in [1]). The issue does not exactly lie on the apache2-data current page, as these are scripts that are going awry, but this page is the "detonator" that has translated this problem into a service problem. Both DSA and I believe that the Apache2 default configuration should avoid this misbehaviour by not including links to external sites. Please find attached a patch that removes those links from the index.html page which is added by default to all Apache sites installed in Debian. Alternatively, if you consider the manual pages to be useful, I would suggest they are included (in HTML format) as part of the Apache2-data package itself instead of linking to the external manpages.debian.org service. This change will at least prevent our service from getting hammered by these misconfigured robots. Thanks for your help, Javier Fernandez-Sanguino [1] https://lists.debian.org/debian-doc/2016/04/msg00055.html -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 4.4.0-1-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- index.html.orig 2016-04-17 16:41:46.0 +0200 +++ index.html 2016-04-17 16:42:41.0 +0200 @@ -293,17 +293,17 @@ *-available/ counterparts. These should be managed by using our helpers -http://manpages.debian.org/cgi-bin/man.cgi?query=a2enmod";>a2enmod, -http://manpages.debian.org/cgi-bin/man.cgi?query=a2dismod";>a2dismod, +a2enmod, +a2dismod, -http://manpages.debian.org/cgi-bin/man.cgi?query=a2ensite";>a2ensite, -http://manpages.debian.org/cgi-bin/man.cgi?query=a2dissite";>a2dissite, +a2ensite, +a2dissite, and -http://manpages.debian.org/cgi-bin/man.cgi?query=a2enconf";>a2enconf, -http://manpages.debian.org/cgi-bin/man.cgi?query=a2disconf";>a2disconf +a2enconf, +a2disconf . See their respective man pages for detailed information. Logs of queries to the manpages.debian.org service associated with Apache2 manual pages. The list below marks the number of access and the HTTP answer codes returned. This information has been extracted by running, in glinka's /var/log/apache2, the following code: ~ (for i in manpages.debian.org-access.log-*gz ; do echo -n "$i: "; zgrep "query=a2" $i | wc -l; zcat $i |grep "query=a2" | awk '{print $12" "$9}' | sort | uniq -c | sort -nr | head -5 ; done ) 2>&1 - manpages.debian.org-access.log-20160331.gz: 9467 9464 "-" 200 3 "-" 304 manpages.debian.org-access.log-20160401.gz: 9582 9578 "-" 200 3 "-" 304 1 "-" 206 manpages.debian.org-access.log-20160402.gz: 11784 11783 "-" 200 1 "-" 304 manpages.debian.org-access.log-201604
Bug#775578: Reproduceable issue - spamassasin does not enable the service systemd when it was enabled for Sysvinit
Dear all, I also had the same issue (spamassasin would not start after boot on upgrade). I believe this bug is the same as Ubuntu's bug 1503611: https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/1503611 (see there for other similar issues and the fix) In my case, I run fetchmail and procmail in a user, and that user runs a spamassasin filter ('| /usr/bin/spamc'). Spamc could not connect to Spamassasin and I was getting a lot of the errors below in the /var/log/mail.log file: Apr 10 08:15:14 silicio spamc[3785]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused Apr 10 08:15:14 silicio spamc[3785]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused Apr 10 08:15:14 silicio spamc[3794]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused Apr 10 08:15:14 silicio spamc[3794]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused These errors when away as soon as I would start the service (/etc/init.d/spamassassin start) but if they went undetected they would fill up my /var/log/ partition quite fast. Basicly I think the issue can be summarised as follows: - The default status of spamassasin for SysV rc is not run on boot (ENABLED=0 in /etc/default/spamassassin) - Some users (like me) that want it to have it started set ENABLED=1 in that configuration file and the service will start on boot - On upgrade to systemd, that flag is not considered and service is not started by default. The "ENABLED" flag setting is now unused To fix this bug, spamassasin should check, on upgrade: - is ENABLED=1 in the configuration file set? - is the service started? If it is, then it should assume that the service should also be enabled on systemd, by running: 'systemctl enable spamassassin.service' Currently, this is something the admininistrator has to detect and do manually. It could be easily programmed into sa's postinst, however. At the very minimum, this needs to be documented in the NEWS.Debian file. It is documented in the configuration file /etc/default/spamassassin, but that need not be reviewed by an administrator during an upgrade. Best regards Javier signature.asc Description: PGP signature
Bug#790894: More info
tag 790894 upstream confirmed thanks On Thu, Jul 02, 2015 at 07:30:57PM +, Shai Ayal wrote: > Further investigation turns out that this error only happens when using the > -N, --auto-nets > command line option. If connecting without this option (which forces > manually specifying the list of subnets to route over the VPN) sshuttle > works I have done tests with the 0.54 and the 0.70 (and 0.71) version and this indeed is a bug in the latest upstream's version. From what I've seen the control agent does not send the firewall agent a "GO" after sending the ROUTES and just sends it a stream of newlines that cause the firewall agent to panic. I have investigating it but have not yet found a fix to this issue. In any case, I will forward this issue upstream. Regards Javier signature.asc Description: Digital signature
Bug#788361: debian-faq: several suggestions (typos, missing dots and commas, ...)
On Wed, Jun 10, 2015 at 05:58:13PM +0200, Holger Wansing wrote: > I have just updated the german translation of the debian-faq, > and during that, I found several typos, missing words, dots or commas, > outdated paragraphs etc. Thank you for the patch. I will review and apply to it to SVN Regards Javier signature.asc Description: Digital signature
Bug#780438: fortunes: Please add quotes from Terry Pratchett
Package: fortunes Version: 1:1.99.1-7 Severity: wishlist In honor of the late Terry Pratchett, who left this Discworld to meet his friend Death yesterday, please find attached a patch adding some of Terry Pratchett's best quotes. The patch add these quotes to the several files: humorists, people and magic. It would be great if you could add this to the Debian package -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages fortunes depends on: ii fortunes-min 1:1.99.1-7 Versions of packages fortunes recommends: ii fortune-mod 1:1.99.1-7 fortunes suggests no packages. -- no debconf information diff -Nru fortune-mod-1.99.1.old/debian/patches/series fortune-mod-1.99.1/debian/patches/series --- fortune-mod-1.99.1.old/debian/patches/series 2013-08-15 05:33:08.0 +0200 +++ fortune-mod-1.99.1/debian/patches/series 2015-03-13 22:30:04.395289967 +0100 @@ -24,3 +24,4 @@ lawyers.diff politics.diff off-wrong-man.diff +terry-pratchett.diff diff -Nru fortune-mod-1.99.1.old/debian/patches/terry-pratchett.diff fortune-mod-1.99.1/debian/patches/terry-pratchett.diff --- fortune-mod-1.99.1.old/debian/patches/terry-pratchett.diff 1970-01-01 01:00:00.0 +0100 +++ fortune-mod-1.99.1/debian/patches/terry-pratchett.diff 2015-03-13 22:29:29.638910425 +0100 @@ -0,0 +1,207 @@ +Description: Add quotes from the late Terry Pratchett, +Author: Javier Fernandez-Sanguino +Last-Update: 2015-03-15 + +--- a/datfiles/humorists b/datfiles/humorists +@@ -1030,3 +1030,147 @@ + + All: (laughter) + % ++The whole of life is just like watching a film. Only it’s as though you always ++get in ten minutes after the big picture has started, and no-one will tell you ++the plot, so you have to work it out all yourself from the clues. ++ -- Terry Pratchett, "Moving Pictures" ++% ++Real stupidity beats artificial intelligence every time. ++ -- Terry Pratchett, "Hogfather" ++% ++I’d rather be a rising ape than a falling angel. ++ -- Terry Pratchett ++% ++It’s not worth doing something unless someone, somewhere, would much rather ++you weren’t doing it. ++ -- Terry Pratchett ++% ++Stories of imagination tend to upset those without one. ++ -- Terry Pratchett ++% ++Fantasy is an exercise bicycle for the mind. It might not take you anywhere, ++but it tones up the muscles that can. ++ -- Terry Pratchett ++% ++The presence of those seeking the truth is infinitely to be preferred to the ++presence of those who think they’ve found it. ++ -- Terry Pratchett, "Monstrous Regiment" ++% ++There are times in life when people must know when not to let go. Balloons are ++designed to teach small children this. ++ -- Terry Pratchett ++% ++The entire universe has been neatly divided into things to (a) mate with, (b) ++eat, (c) run away from, and (d) rocks. ++ -- Terry Pratchett ++% ++If you don’t turn your life into a story, you just become a part of someone ++else’s story. ++ -- Terry Pratchett, "The Amazing Maurice and His Educated Rodents" ++% ++The truth may be out there, but the lies are inside your head. ++ -- Terry Pratchett ++% ++Goodness is about what you do. Not who you pray to. ++ -- Terry Pratchett, "Snuff" ++% ++I have no use for people who have learned the limits of the possible. ++ -- Terry Pratchett ++% ++A marriage is always made up of two people who are prepared to swear that only ++the other one snores ++ -- Terry Pratchett ++% ++Geography is just physics slowed down, with a couple of trees stuck in it ++ -- Terry Pratchett ++% ++Give a man a fire and he's warm for the day. But set fire to him and he's warm ++for the rest of his life ++ -- Terry Pratchett ++% ++In ancient times cats were worshipped as gods. They have not forgotten this. ++ -- Terry Pratchett ++% ++The space between the young readers eyeballs and the printed page is a holy ++place and officialdom should trample all over it at their peril ++ -- Terry Pratchett ++% ++Dickens, as you know, never got round to starting his home page ++ -- Terry Pratchett ++% ++I once absent-mindedly ordered Three Mile Island dressing in a restaurant and, ++with great presence of mind, they brought Thousand Island Dressing and a bottle ++of chili sauce ++ -- Terry Pratchett ++% ++It is said that your life flashes before your eyes just before you die. That is true, it's called Life ++ -- Terry Pratchett ++% ++Only in our dreams are we free. The rest of the time we need wages. ++ -- Terry Pratchett ++% ++The trouble with having an open mind, of course, is that people will insist on ++coming along and trying to put things in it. ++ -- Terry Pratchett ++% ++Taxation is just a sophisticated way of demanding money with menaces. ++ -- Terry Pratchett ++% ++The pen is mightier
Bug#776441: harden-nids: Alternative to snort is not NIDS software
Source: harden Version: 0.1.38+nmu1 Severity: important Tags: patch The harden-nids package claims to provide a network intrusion detection upon installation but depends on: 'snort | ntop' Snort is a network intrusion detection program, but ntop is not. Ntop is a network traffic probe that makes it possible to do traffic analysis but it does not have any capabilities to detect malicious network traffic either through behavioural or signature-based mechanisms (an upstream does not claim it to). Ntop does not comply with the package description definition either: " A network intrusion detection system is a tool that analyzes network packets and logs anomalies or known crack attempts. " I would suggest the package to remove ntop and include 'suricata' instead which *is* a network intrusion system. Attached is a patch that does just that. I'm setting the severity to 'important' since currently, in testing, Snort is not available (due to a removal from the Release Managers in December) and users installing this package currently in testing (and possibly in the 'jessie' release) would be just installing 'ntop' and not really an NIDS. In that way, the package description would be completely misleading. -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.16.0-4-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.utf8, LC_CTYPE=es_ES.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) --- control.orig 2015-01-28 02:06:09.0 +0100 +++ control 2015-01-28 02:06:36.0 +0100 @@ -111,7 +111,7 @@ Package: harden-nids Architecture: all -Depends: snort | ntop +Depends: snort | suricata Recommends: logcheck Description: Harden a system by using a network intrusion detection system This package helps you to install a network intrusion detection system.
Bug#775472: checkrestart never completes on systems with large number of open files
tags 775472 pending thanks On Fri, Jan 16, 2015 at 03:50:58PM +1100, Ian Bissett wrote: > Package: debian-goodies > Version: 0.64 > > lsof takes a long time to return on systems with a large number of > files, causing checkrestart to take several minutes to run. lsof also > uses lots of CPU resources on systems with a large number of open > files. () Thanks a lot for your patch. I have done some tests and it does seem to produce the exact same results as with using Lsof. I have included it in a modified version in the GIT repository. I have kept the code to run lsof, however, and it is still the default behaviour. I would like to do wider testing of the new code before making it the default. As this patch makes checkrestart independent of lsof I have done the required changes to use it if lsof is not available (IIRC some *BSD systems do not have it). With a little bit more testing I can think we can make this the default behaviour (and have 'lsof' as an option, to have the option for users to use it in case this fails). Regards Javier signature.asc Description: Digital signature
Bug#758711: debian-goodies: checkrestart reports services which have open files with name including deleted as to be restarted
tag 758711 pending thanks On Wed, Aug 20, 2014 at 02:42:44PM +0200, Roman Pertl wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Package: debian-goodies > Version: 0.61 > Severity: normal > > On our mysql server we have a table called "upload_tmp_deleted" which > let checkrestart think that mysql should be restarted, probably > because checkrestart does not check the string deleted in lsof output > strictly enough. This false positive in checkrestart has been recently fixed in the GIT repository. A fix will be uploaded shortly. Best regards Javier signature.asc Description: Digital signature
Bug#767332: False positive Checkrestart Results.
tag 767332 pending thanks On Thu, Oct 30, 2014 at 10:12:52AM +0100, Antonio Javier Rodriguez Barrios wrote: > When I invoke `checkrestart` without arguments from an ordinary shell > prompt it prints "processes using old versions of upgraded files" but itś a > false positive. I have just recently fixed this false positive in the checkrestart GIT repository. A fix will be uploaded to Debian soon. Thanks for you bug report, Javier signature.asc Description: Digital signature
Bug#678366: checkrestart: if systemd is running, use cgroups and systemctl instead of the init script mechanisms
On Thu, Jun 21, 2012 at 03:40:42PM +0800, Paul Wise wrote: > Package: debian-goodies > Version: 0.61 > Severity: wishlist > File: /usr/sbin/checkrestart > X-Debbugs-CC: syst...@packages.debian.org > > systemd (the alternative to sysvinit) uses Linux cgroups to group > processes according to the service they belong to, even if the services > spawns child processes and so on. Please detect if cgroups are > available, if the systemd cgroups are active and for the processes that > need restarting, which systemd service they belong to. Some information > about the cgroups used by systemd is below. If systemd cgroups are > active then the initscripts mechanism should not be used. > > Normal services have the a cgroup file like this and can be restarted > using `systemctl restart exim4.service` or similar. Hi Paul, I've just have added preliminary support for systemd in checkrestart and committed it to GIT. Instead of using cgroups I have just modified checkrestart to point to users to running 'systemctl restart' + service file, if a process belongs to a package and that package provides systemd service files (instead of suggesting using 'service ' + init.d file) Adding cgroups requires some more extensive changes in the code, handling different exceptions. We will consider this for the next iteraction. If you have time and can provide a patch to add support for cgroups that would be great though :) Best regards Javier signature.asc Description: Digital signature
Bug#773095: cron: please don't purge /etc/cron.{allow|deny} when systemd-cron is present
On Sun, Dec 14, 2014 at 09:45:33AM +0100, Alexandre Detiste wrote: > Please apply this little patch that makes cron & systemd-cron play nice > together. As indicated by Christian, I'm afraid we cannot accept this patch. We can either close it or, if you agree, we change this into a "wishlist" patch asking cron to provide its conffiles in a separate package. As discussed in the thread you started in debian-devel [1] Bear in mind, moving conffiles from a package to another one is not that simple and is quite error-prone. I'm not sure we want to introduce such a big change during the freeze (and even if we do it might not be accepted by RMs). Also please note that if system-crond starts manipulating cron's postrm files it could be considered a serious bug (and policy violation). Please don't go through that road... Best regards Javier [1] https://lists.debian.org/debian-devel/2014/12/msg00287.html signature.asc Description: Digital signature
Bug#771825: [Fwd: Re: Bug#771825: release-notes: Update information on non-systemd Jessie upgrades and installations]
On Wed, Dec 03, 2014 at 05:13:38PM +0100, Svante Signell wrote: > Hi Osamu, > > I will make a modified proposal to the actual document. However there > is no installation-guide on this page: > https://anonscm.debian.org/viewvc/ddp/manuals/trunk/ > > Where is it? The sources for the installation guide are available at https://anonscm.debian.org/viewvc/d-i/trunk/manual/en/ The web builds for the guide are available here: https://www.debian.org/releases/jessie/installmanual These might be useful for you in order to get a feeling of its structure and determine where chapter/section should your contributions go to. Best regards Javier signature.asc Description: Digital signature
Bug#771461: /var/state/samhain/
On Tue, Dec 02, 2014 at 01:23:13AM +0100, Andrea Claudi wrote: > Hi, > This patch should fix the problem, moving the non-volatile state for the > samhain package to /var/lib/samhain. The patch creates the directory for new installations but it is worth noticing that the /var/state/samhain/ contains valid information that has to be preserved over upgrades (otherwise, the integrity database would be regenerated and not kept). > Please, tell me if I need to fix something to make this acceptable. I'm committing your patch to Samhain's GIT but have made some adjustments. I will test upgrades from previous versions and if all goes well I'll upload a new package soon. Regards Javier signature.asc Description: Digital signature
Bug#771825: release-notes: Update information on non-systemd Jessie upgrades and installations
On Tue, Dec 02, 2014 at 11:01:16PM +0100, Svante Signell wrote: > > * The second "hunk" of the patch seems better suited for the > >installation-guide. The release notes concerns itself with upgrades > >and does not cover the debian-installer. > > Somebody was complaining that changing the installation-guide was a lot > of work, e.g. translations work, and did not want the changes to be made > there https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765803#40 > I don't mind getting the second part included there instead. Translators (and I'm one of them) will have to update the installation-guide before the release. I think it's better to have the document where it should be and also agree that the Release Notes is not the place for that chunk. Best regards Javier signature.asc Description: Digital signature
Bug#771847: debconf: [INTL:es] Updated program translation to Spanish
Package: debconf Version: 1.5.54 Severity: wishlist Tags: l10n patch Please find attached an updated translation of this program into Spanish. Thanks for including it in your next package upload, Javier # Traducción de los mensajes del programa debconf de Debian al español. # Translation of the debconf messages to Spanish. # # Copyright (C) 2003 Free Software Foundation, Inc. # # This file is distributed under the same license as the debconf package. # # Current translator: # # Javier Fernandez-Sanguino , 2004-2006, 2010, 2014 # # Past Translators and reviewers: # # - Enrique Zanardi , 2000. # - Jordi Mallach , 2001. # - Carlos Valdivia Yague , 2003. # # Traductores, si no conoce el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # https://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # https://www.debian.org/intl/spanish/notas # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de # traducción de Debian al español () msgid "" msgstr "" "Project-Id-Version: debconf 1.2.39\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2014-04-22 20:04-0400\n" "PO-Revision-Date: 2014-12-02 21:57+0100\n" "Last-Translator: Javier Fernandez-Sanguino \n" "Language-Team: Debian Spanish Team \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: debconf drop frontend unseen utils Sigils apt\n" "X-POFile-SpellExtra: Template owner force ReadLine desactualizadas TERM\n" "X-POFile-SpellExtra: preconfigurar reload outdated ll priority only\n" "X-POFile-SpellExtra: Smileys emacs po localhost templates Term http\n" "X-POFile-SpellExtra: communicate Element Dialog debs dpkg mergetemplate\n" "X-POFile-SpellExtra: Debconf desactualizado extracttemplates default stdin\n" "X-POFile-SpellExtra: old desactualizada Preconfigurando dialog root\n" #: ../Debconf/AutoSelect.pm:76 #, perl-format msgid "falling back to frontend: %s" msgstr "probando ahora la interfaz: %s" #: ../Debconf/AutoSelect.pm:84 #, perl-format msgid "unable to initialize frontend: %s" msgstr "no se pudo inicializar la interfaz: %s" #: ../Debconf/AutoSelect.pm:90 #, perl-format msgid "Unable to start a frontend: %s" msgstr "No se puede arrancar una interfaz: %s" #: ../Debconf/Config.pm:130 msgid "Config database not specified in config file." msgstr "" "No se ha especificado una base de datos de configuración en el fichero de " "configuración." #: ../Debconf/Config.pm:134 msgid "Template database not specified in config file." msgstr "" "No se ha especificado una base de datos de plantillas en el fichero de " "configuración." #: ../Debconf/Config.pm:139 msgid "" "The Sigils and Smileys options in the config file are no longer used. Please " "remove them." msgstr "" "Ya no se utilizan las opciones «Sigils» y «Smileys» en el fichero de " "configuración. Por favor, elimínelas." #: ../Debconf/Config.pm:153 #, perl-format msgid "Problem setting up the database defined by stanza %s of %s." msgstr "" "Se produjo un problema al configurar la base de datos definida por la " "instancia %s de %s." #: ../Debconf/Config.pm:228 msgid "" " -f, --frontend\t\tSpecify debconf frontend to use.\n" " -p, --priority\t\tSpecify minimum priority question to show.\n" " --terse\t\t\tEnable terse mode.\n" msgstr "" " -f, --frontend\t\tIndica a debconf la interfaz que debe usar.\n" " -p, --priority\t\tEspecifica la prioridad mínima a mostrar.\n" " --terse\t\t\tActiva el modo resumido.\n" #: ../Debconf/Config.pm:308 #, perl-format msgid "Ignoring invalid priority \"%s\"" msgstr "Se ignorará la prioridad inválida «%s»" #: ../Debconf/Config.pm:309 #, perl-format msgid "Valid priorities are: %s" msgstr "Las prioridades válidas son: %s" #: ../Debconf/Element/Editor/Boolean.pm:30 #: ../Debconf/Element/Editor/Multiselect.pm:31 #: ../Debconf/Element/Editor/Select.pm:31 msgid "Choices" msgstr "Opciones" #: ../Debconf/Element/Editor/Boolean.pm:30 #: ../Debconf/Element/Editor/Boolean.pm:36 #: ../Debconf/Element/Editor/Boolean.pm:59 #: ../Debconf/Element/Teletype/Boolean.pm:28 msgid "yes" msgstr "sí" #: ../Debconf/Element/Editor/Boolean.pm:30 #: ../Debconf/Element/Editor/Boolean.pm:39 #: ../Debconf/Element/Editor/Boolean.pm:62 #: ../Debconf/Element/Teletype/Boolean.pm:29 msgid "no" msgstr "no" #: ../Debconf/Element/Editor/Multiselect.pm:32 msgid "" "(Enter zero or more items separated by a comma followed by a space (', ').)" msgstr "" "(Introduzca cero o más elementos separados por una coma seguida de un " "esp
Bug#749602: samhain: sends mail to root on installation
On Wed, May 28, 2014 at 05:15:48PM +0200, Holger Levsen wrote: > DSA informed me that testing samhain for piuparts.debian.org causes mails to > root@$slave which are very irritating to them, as they do use samhain as well. > > Copies of these mails can be found at > http://www.palfrader.org/volatile/2014-05-28-wVnu9SVZFqw/piuparts currently. These mails are sent by samhain indeed. > As starting samhain is prevented via invoke-rc.d, I believe the culprit must > be within samhain's initscript, in these lines: > > if [ ! -f /var/state/samhain/samhain_file ] ; then > [ -f /var/log/samhain/samhain-init.log ] && rm -f > /var/log/samhain/samhain-init.log > echo "Creating samhain's file integrity database (this can take some > minutes)" > samhain -t init >/var/log/samhain/samhain-init.log 2>&1 > fi This is probably the culprit. The samhain integrity database is required for samhain to start. I'm not sure how to tackle this issue. It never has been a problem for other samhain users. I guess I could defer the initialisation database to the first time samhain is started (through init) or I could add a debconf prompt to ask the admin user if he wants the integrity database to be initialised. For the time being, you could have in piuparts a samhainrc file that disables sending email. > What surprises me though, is that no other package (out of 40k packages) > doesnt produce mails to root - could you think of anything else producing > these mails? No, these look like samhain's emails. Regards Javier signature.asc Description: Digital signature
Bug#747253: [Ddp-commits] r10388 - /manuals/trunk/java-faq/po4a/po/fr.po
On Fri, May 16, 2014 at 06:56:32PM -0400, David Prévot wrote: > Le 16/05/2014 18:15, j...@users.alioth.debian.org a écrit : > > > URL: http://svn.debian.org/wsvn/ddp/?sc=1&rev=10388 > > Log: > > > > French translation done by Kilic Ali-Firat > > and provided in > > https://lists.debian.org/debian-l10n-french/2014/05/msg00043.html > > > > This commit fixes java-common bug #747253 > > No, this commit won’t fix #747253, since the FAQ is now maintained in > the java-common package (and has been for a while). Can you please > delete the useless (and error-prone) copy from the DDP to avoid further > mistakes (and eventually upstream any improvements to be included in the > java-common package), or replace it by a README pointing to the accurate > repository. Dear David, I seem to have missed something. I'm the original author of the document and, for quite a long time in the past, its sole maintainer. I always believed the java-common package contained a *copy* of the DDP document. If you take a look at https://www.debian.org/doc/user-manuals#java-faq, you will see that the DDP version is the one pointed to for this documents' sources. The document itself at https://www.debian.org/doc/manuals/debian-java-faq/ doesn't point otherwise. As you can see in other past bugs (such as #449282) the java-common was in the past manually updated from the DDP when required. I don't recall being notified (by java-common maintainers or anyone else up to now) that the java-common version was to be considered the "upstream version" now. Unfortunately, it seems that the new maintainers have taken the java-common version as "upstream" and made changes there. Since I see that the SGML version in java-common contains some changes not available in the DDP. There seems to have been a comunication error somewhere. Anyway, I will contact them and suggest doing the following: 0.- We should sync both versions (DDP and java-common). I've made extensive changes to the DDP version to allow for translations using PO files which, I believe, are quite useful. 1.- the java-common package should just copy the contents from the DDP and include *there* a README indicating that the java-faq sources are in the DDP. This should also be stated in the document. 2.- the java-common should be updated with whatever is in the DDP. Note: It is my current understanding that the contents from https://www.debian.org/doc/manuals/debian-java-faq/ are generated based on the java-common package nowadays. Is this correct? Best regards Javier signature.asc Description: Digital signature
Bug#748055: debian-goodies: checkrestart false positive for MySQL
tag 748055 unreproducible thanks On Tue, May 13, 2014 at 04:53:59PM +, Etienne Levesque Guitard wrote: > The checkrestart utility in debian-goodies will falsly report MySQL as > needing a restart starting with jessie. The same happens in Ubuntu 14.04, > presumably because it is based on Debian testing. In order to diagnose this issue, please send, attached, the output of 'checkrestart -v' Please note that I'm not able to reproduce this issue using sid which uses the same version (debian-goodies version 0.63). I just followed the same steps you indicated and could not get any false positives with checkrestart. I'm consequently marking this as 'notreproducible'. If I get more comments from other users to this bug, duplicating the issue, I will remove that flag. Thanks, Javier signature.asc Description: Digital signature
Bug#355238: rhythmbox: A user cannot see why he cannot "share" music
On Thu, Mar 06, 2014 at 02:22:25PM +, althaser wrote: > Hey, > > Could you please still reproduce this issue with newer rhythmbox version > like 2.97-2.1 or 3.0.1-1+b2 ? I have 3.0.1-1+b1 installed but I'm unable to find the "Preferences" in order to setup sharing in the GUI. Where is it now? Regards Javier signature.asc Description: Digital signature
Bug#738199: on /security/oval
On Mon, Feb 10, 2014 at 07:27:06PM +0100, Luciano Bello wrote: > I think your contribution is necessary. Would you like to comment something > out > here? :) As Raphael said, the OVAL script generation code is broken but can be fixed. I just either need spare time to be able to work on this and/or help from a colleague maintainer to recover this. For more information please see https://lists.debian.org/debian-www/2011/10/msg00046.html Please notice that the definitions pre-2010 are OK and can be used. The problem is in the definitions after that time. When will it be fixed? I really can't tell, I'm swamped with work (real life and Debian-related) and some other issues are ahead in the priority queue. We are still listed in the OVAL page [1] as an "OVAL content repository" but we should really fix this. Now, if there are people actively using OVAL in the field (and using the OVAL language interpreter packaged in Debian [2]) it would be really great if they stepped in and helped with this issue (and the bugs surrounding the interpreter). Regards Javier [1] https://oval.mitre.org/repository/about/other_repositories.html [2] http://packages.debian.org/sid/ovaldi signature.asc Description: Digital signature
Bug#688808: Fixed in GIT repository
tags 688808 pending thanks I have committed the patch for this bug in debian-goodies' GIT repository. Sorry for the delay. Regards Javier signature.asc Description: Digital signature
Bug#724248: Fixed in GIT repository
tag 724248 pending thanks Thanks for the patch you submitted to this bug report, I have committed it to our repository. The bug should be fixed in the next package upload. Regards Javier Fernandez-Sanguino -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#737513: debmany(1) manpage says /dev/shm is used as temp dir
tags 737513 pending thanks On Mon, Feb 03, 2014 at 12:45:09PM +0100, Jakub Wilk wrote: > The debmany(1) manpage says: “The manpages are temporarily extracted > to /dev/shm (if the directory exists)”. But this is no longer true: > see bug #679457. I have just fixed this in the GIT repository, the fix should be available with the next package upload. Thanks Javier signature.asc Description: Digital signature
Bug#737512: debmany(1) manpage: typo: /use/share/doc -> /usr/share/doc
tags 737512 pending thanks I have just fixed in the GIT repository. It will be fixed in the next package upload. Thanks Javier signature.asc Description: Digital signature
Bug#615965: chntpwd: New version available
On Mon, Jan 27, 2014 at 04:00:30PM +0800, Paul Wise wrote: > I wasn't able to get the current version to work with Windows 7 and had > to resort to the i386 0.99.5-0+nmu1 package from snapshot.d.o, based on > the complaining of various Ubuntu users around the net. There is a new > upstream version that looks like it should be much more robust based on > the changelog, please update the package. I wasn't able to try it yet > due to the patch updates that are needed. Actually, the problem lies in a patch I took from Fedora that fixed some issues but also introduced a bug. Please see #705292 I've just uploaded the latest upstream release to Debian, refreshing the patches, but I'm not sure when I will be able to test it out. Could you help testing it? Regards Javier PS: I've not been able to see any of the complaininig of Ubuntu users, and I have not found any bug in Launchpad. Care to share some pointers? It might be useful to tell those users to test the latest version in Debian too. signature.asc Description: Digital signature
Bug#736375: init script broken start behavior
tag 736375 pending thanks On Wed, Jan 22, 2014 at 10:34:55PM +0100, Peter Palfrader wrote: > the samhain in stable-updates has an init script that fails on "start" > if the service is already running: I have made improvements to the init.d script and uploaded a preliminary fix for this bug into unstable. The fix for this is attached and I will make an upload to stable-updates if RM allows. Regards Javier diff --git a/debian/changelog b/debian/changelog index f54f8f9..5d8800e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +samhain (2.8.3a-1+deb7u2) stable; urgency=medium + + * debian/samhain.init: Improve the init script + - Do not fail in 'start' if the daemon is already started, use --oknodo +(Closes: #736375) + - Do not try to stop the daemon (and wait for it to stop) if it is not +running + - If the pidfile has been lost, try to determine the status using the +process name instead + + -- Javier Fernández-Sanguino Peña Thu, 23 Jan 2014 03:45:25 +0100 + samhain (2.8.3a-1+deb7u1) stable; urgency=medium * Backport fixes from unstable version to fix serious/important bugs diff --git a/debian/samhain.init b/debian/samhain.init index 30cffab..c9e5828 100644 --- a/debian/samhain.init +++ b/debian/samhain.init @@ -30,14 +30,17 @@ set -e # Check if a daemon is running running() { -# No pidfile, probably no daemon present -# -[ ! -f "$PIDFILE" ] && return 1 -pid=`cat $PIDFILE` -# No pid, probably no daemon present -[ -z "$pid" ] && return 1 - -pidofproc -p $PIDFILE +# Check with pidfile first, if available +if [ -r "$PIDFILE" ] ; then + pid=`cat $PIDFILE` +# No pid, probably no daemon present + if [ -n "$pid" ] ; then + pidofproc -p $PIDFILE + return $? + fi +fi +# Try to find the daemon by name +pidof $DAEMON >/dev/null return $? } @@ -46,7 +49,7 @@ case "$1" in start) [ ! -e /var/run/${NAME} ] && mkdir -p /var/run/${NAME} log_begin_msg "Starting $DESC: $NAME" -start-stop-daemon --start --quiet --exec $DAEMON +start-stop-daemon --start --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON log_end_msg $? ;; stop) @@ -55,27 +58,39 @@ case "$1" in log_end_msg $? ;; reload) -log_begin_msg "Reloading $DESC configuration files: $NAME" -start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON -log_end_msg $? + log_begin_msg "Reloading $DESC configuration files: $NAME" + if running ; then + start-stop-daemon --stop --signal 1 --quiet --exec $DAEMON + log_end_msg $? + else + log_daemon_msg " ERROR: $DAEMON is not running." + log_end_msg 1 + fi + ;; restart|force-reload) log_begin_msg "Restarting $DESC: $NAME" -start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME -for i in 1 2 3 ; do -if ! running; then break ; fi -sleep 1 -done + if running; then + start-stop-daemon --stop --quiet --retry 5 --oknodo --pidfile $PIDFILE --name $NAME + for i in 1 2 3 ; do + if ! running; then break ; fi + sleep 1 + done + fi if ! running ; then -start-stop-daemon --start --quiet --exec $DAEMON +start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON log_end_msg $? else -log_daemon_msg " ERROR: $DAEMON did not die in the expected time, will not reload" +log_daemon_msg " ERROR: $DAEMON did not die in the expected time, will not restart/force-reload" log_end_msg 1 fi ;; status) -status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? + if [ -e $PIDFILE ] ; then + status_of_proc -p $PIDFILE $DAEMON $NAME && exit 0 || exit $? + else + status_of_proc $DAEMON $NAME && exit 0 || exit $? + fi ;; *) N=/etc/init.d/${0##*/} signature.asc Description: Digital signature
Bug#736375: init script broken start behavior
On Wed, Jan 22, 2014 at 10:34:55PM +0100, Peter Palfrader wrote: > Package: samhain > Version: 2.8.3a-1+deb7u1 > Severity: serious > > Hi, > > the samhain in stable-updates has an init script that fails on "start" > if the service is already running: This was not a bug introduced in the update. The bug was already present in the stable version (and in sid) > [I wouldn't be surprised if this issue was also present in testing/unstable.] It is actually. I will prepare a fix for unstable. If the RMs approve then I will upload it also to stable-updates. Regards Javier signature.asc Description: Digital signature
Bug#736168: pu: package samhain/2.8.3a-1
On Tue, Jan 21, 2014 at 10:48:44PM +, Adam D. Barratt wrote: > I've just flagged the re-upload for acceptance into p-u; thanks. You're welcome. > As a side-note, please don't close pu bugs in your upload. They remain > open until the package has been included in a point release, at which > point we'll close them. Sorry, I was not aware of this. Won't do next time. Regards Javier signature.asc Description: Digital signature
Bug#736168: pu: package samhain/2.8.3a-1
On Mon, Jan 20, 2014 at 08:57:48PM +, Adam D. Barratt wrote: > Control: tags -1 + wheezy moreinfo > > On Mon, 2014-01-20 at 18:06 +0100, Javier Fernández-Sanguino Peña wrote: > > I have recently updated Samhain in sid and have fixed some important bugs. > > As > > requested by DSA, since samhain is used in many project machines, I would > > like > > to make an upload to the wheezy release including some of these fixes. > > Not that it's a blocker, but do you know if they're planning on testing > the package once it's uploaded, before the point release? I'd say yes. DSA is actually willing test them right now, I've decided to approach you instead of manually building the test packages myself. > +samhain (2.8.3a-2) stable; urgency=medium > > In general we'd suggest 2.8.3a-1+deb7u1 here; -2 is okay as long as > there's never been a package in the Debian archive with that version. You are right. There's never been a 2.8.3a-2 package but I will use 2.8.3a-1+deb7u1 instead anyway. > > + * Default samhainrc now uses SetMailAddress=root, SetMailRelay=localhost > +since there have been reports of the previous confguration > +(SetMailAddress=root@localhost, SetMailRelay=NULL) not working since > +samhain tries to retrieve an MX record for 'localhost' from the DNS > +(Closes: 709754) > > I think you meant #709753 here; #709754 is an erlang bug. Yes, its #709753. Thanks for spotting this error. I will fix it in the changelog. > Is samhainrc generally customised by users? More specifically, is this > likely to lead to conffile prompts for a majority of users on upgrade? Some users might have changed the conffile to use the configuration above but I cannot be certain. There might be conffile prompts for users but I think the majority just runs with the standard configuration. The benefit of the above is that the "standard" configuration will work for everybody out of the box. > > diff --git a/sql_init/samhain.mysql.init~ b/sql_init/samhain.mysql.init~ > deleted file mode 100644 > diff --git a/sql_init/samhain.oracle.init~ b/sql_init/samhain.oracle.init~ > deleted file mode 100644 > diff --git a/sql_init/samhain.postgres.init~ b/sql_init/samhain.postgres.init~ > deleted file mode 100644 > > I'm assuming these are cruft and thus intentionally removed from the > package, but it would have been helpful to mention that (and preferably > changelog it). Yes, this is cruft. I will add to the changelog. Regards Javier signature.asc Description: Digital signature
Bug#736168: pu: package samhain/2.8.3a-1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: pu Dear Release Managers, I have recently updated Samhain in sid and have fixed some important bugs. As requested by DSA, since samhain is used in many project machines, I would like to make an upload to the wheezy release including some of these fixes. Most relevant bugs that would be fixed by this upload are: Bugs associated with the use of dnmalloc in different architectures: - #733875 broken on s390x - #657307 does not reap children (in armhf hosts) - #533860 samhain: frequent segfaults on lenny alpha Miscellaneous bugs which can be easily fixed in stable too: - #689902 Ships a folder in /var/run - #709753 mail reports with default config fail almost silently The full diff is attached, it is hopefully self-explanatory. Please don't hesitate to ask, should you need any additional information. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.11-2-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash diff --git a/debian/changelog b/debian/changelog index 0d18487..71faf11 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,27 @@ +samhain (2.8.3a-2) stable; urgency=medium + + [ Backport fixes from unstable version to fix serious/important bugs ] + * debian/rules: + - Disable dnmalloc for all architectures expect those known to work. It +seems to be the source of problems and segfaults in many different +architectures (Closes: #533860, #657307) + - Disable dnmalloc for s390x, as it is done for s390 already +(Closes: #733875) + * Fix use of /var/run/samhain, which is created by the init.d script since +version 2.6.2-1: +- Remove the /var/run/samhain directory when the package is purged +- Do not ship /var/run/samhain in the package file +Thanks go to Thomas Goirand for spotting this issue and providing a +patch, which I used as a basis for the above changes +(Closes: #689902) + * Default samhainrc now uses SetMailAddress=root, SetMailRelay=localhost +since there have been reports of the previous confguration +(SetMailAddress=root@localhost, SetMailRelay=NULL) not working since +samhain tries to retrieve an MX record for 'localhost' from the DNS + (Closes: 709754) + + -- Javier Fernández-Sanguino Peña Sun, 19 Jan 2014 11:53:32 +0100 + samhain (2.8.3a-1) unstable; urgency=low * New upstream release (Closes: #602678) diff --git a/debian/postrm b/debian/postrm index 51bbc12..c189cb5 100644 --- a/debian/postrm +++ b/debian/postrm @@ -7,7 +7,7 @@ set -e case "$1" in purge) - for dir in /var/log/samhain/supervise /var/log/samhain /var/state/samhain + for dir in /var/log/samhain/supervise /var/log/samhain /var/state/samhain /var/run/samhain do [ -d "$dir" ] && { find $dir -type f -exec rm -f {} \; diff --git a/debian/rules b/debian/rules index 083f6a9..a1a868a 100755 --- a/debian/rules +++ b/debian/rules @@ -11,17 +11,27 @@ # This is the debhelper compatability version to use. # export DH_COMPAT=5 +# Disable dnmalloc for most architectures except for +# those known to work (i386 and amd64). +# For more information see: +# http://www.la-samhna.de/samhain/manual/dnmalloc.html ifeq (linux,$(DEB_HOST_ARCH_OS)) -ifeq (ia64,$(DEB_HOST_ARCH)) -DNMALLOC = --disable-dnmalloc -else ifeq (s390,$(DEB_HOST_ARCH)) +ifeq (amd64,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else ifeq (i386,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else DNMALLOC = --disable-dnmalloc +endif else +ifeq (amd64,$(DEB_HOST_ARCH)) +DNMALLOC = --enable-dnmalloc +else ifeq (i386,$(DEB_HOST_ARCH)) DNMALLOC = --enable-dnmalloc -endif else DNMALLOC = --disable-dnmalloc endif +endif build: build-stamp build-stamp: @@ -100,6 +110,8 @@ binary-arch: build install dh_installchangelogs docs/Changelog dh_link dh_strip + # Remove /var/run/samhain from the package, it is created by the init script + -rm -rf `pwd`/debian/samhain/var/run/samhain dh_compress dh_fixperms dh_installdeb diff --git a/debian/samhainrc b/debian/samhainrc index 01724f4..992caac 100644 --- a/debian/samhainrc +++ b/debian/samhainrc @@ -591,11 +591,12 @@ SetMailNum = 10 ## Recipient (max. 8) # -SetMailAddress=root@localhost +#SetMailAddress=root@localhost +SetMailAddress=root ## Mail relay (IP address) # -# SetMailRelay = NULL +SetMailRelay = localhost ## Custom subject format # diff --git a/sql_init/samhain.mysql.init~ b/sql_init/samhain.mysql.init~ deleted file mode 100644 index e6eb065..000 --- a/sql_init/samhain.mysql.init~ +++ /dev/null @@ -1,95 +0,0 @@ -CREATE DATABASE samhain; -USE mysql; -INSERT INTO db (Host,Db,User,Select_priv,Insert_priv,Update_priv,Delete_priv,Create_pr
Bug#733875: dnmalloc broken
On Tue, Jan 14, 2014 at 03:28:17PM +0100, Bastian Blank wrote: > Some debugging shows that dnmalloc is broken. It is already disabled > for ia64 and s390, so the maintainer obviously knows. Please disable > for _all_ architectures until this code is known to work. I've disabled it for s390x just as I did for s390. Upstream currently lists the following architectures as problematic: The dnmalloc allocator doesn't work on: OpenBSD (problems with pthread internals), Cygwin (also pthread internals), and 64bit FreeBSD. On 64bit AIX, you need to compile as a 32bit application, or to forego dnmalloc. This is from http://www.la-samhna.de/samhain/manual/dnmalloc.html I will contact them in order to see if I can get a precise list of architectures where it is known to work and adjust debian/rules accordingly. Regards Javier signature.asc Description: Digital signature
Bug#660197: samhain: Installation fails
On Fri, Mar 09, 2012 at 03:20:10PM +0100, Gerfried Fuchs wrote: > I had it hanging like this for two week's time, and tried again if I am > able to reproduce it - it's absolutely reproducible. Doing this within a > cowbuilder chroot on an i386 machine. > > So, things to reproduce it should be as simple as: > > $> sudo cowbuilder --create --basepath squeeze --distribution squeeze > $> sudo cowbuilder --login --basepath squeeze > # apt-get install samhain Sorry for the delay with this. It is true, samhain does not install in a chroot environment. But the fact is: samhain does not seem to work *at all* if run within a chroot. The 'samhain -t init' call does not prosper because it gets stuck, for some reason, when opening /dev/urandom from within a chroot. But neither does it work if you just try to get the help (or version). Either way, I cannot reproduce this behaviour *outside* of a chroot. If you strace the running process you might see something like this: jflicio:samhain$ ps -ef |grep samhain root 17782 17663 0 00:51 pts/300:00:00 /usr/bin/dpkg --status-fd 13 --configure libgpg-error0:i386 libgcrypt11:i386 libffi6:i386 libp11-kit0:i386 libtasn1-3:i386 libgnutls26:i386 libltdl7:i386 libprelude2:i386 samhain:i386 root 17840 17782 0 00:51 pts/300:00:00 /usr/bin/perl -w /usr/share/debconf/frontend /var/lib/dpkg/info/samhain.postinst configure root 17843 17840 0 00:51 pts/300:00:00 /bin/sh -e /var/lib/dpkg/info/samhain.postinst configure root 17844 17843 0 00:51 pts/300:00:00 samhain -t init jfs 17846 8685 0 00:51 pts/200:00:00 grep samhain s@silicio:samhain$ sudo strace -f -p 17844 Process 17844 attached - interrupt to quit futex(0xb77aa454, FUTEX_WAIT_PRIVATE, 2, NULL I have attached a ltrace and strace of the samhain program within a chroot. The problem seems to lie in the program initialisation code. In summary: Please try to reproduce it within a *live* system, not a chroot. Until I get that information this bug stays as 'unreproducible' Regards Javier pthread_mutex_lock(0xb7751454, 0xb71f93c4, 0, 0) = 0 sysconf(30, 0xb768c000, 0xbffb3b84, 0xb71cf4c0) = 4096 mmap64(0, 0x3000, 3, 98) = 0xb7661000 mprotect(0xb7661000, 4096, 0, 98)= 0 mprotect(0xb7663000, 4096, 0, 98)= 0 sysconf(30, 4096, 0, 98) = 4096 sysconf(30, 4096, 0, 98) = 4096 sysconf(30, 4096, 0, 98) = 4096 mmap64(0, 0x8002000, 3, 0x4062) = 0xaf183000 sysconf(30, 0x8002000, 3, 0x4062)= 4096 mprotect(0xaf183000, 4096, 0, 0x4062)= 0 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 4096, 0, 0x4062) = 4096 mprotect(0xb7184000, 4096, 0, 0x4062)= 0 sbrk(0) = 0xb8d3e000 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 4096, 0, 0x4062) = 4096 sysconf(30, 0xb735d000, 0, 0xb72bf574) = 4096 mmap64(0, 0xe2000, 3, 98)= 0xaf0a1000 sysconf(30, 0xe2000, 3, 98) = 4096 mprotect(0xaf0a1000, 4096, 0, 98)= 0 sysconf(30, 4096, 0, 98) = 4096 sysconf(30, 4096, 0, 98) = 4096 mprotect(0xaf182000, 4096, 0, 98)= 0 sysconf(30, 4096, 0, 0x4062) = 4096 gettimeofday(0xbffb39ac, 0) = 0 sched_yield(0xbffb39ac, 0, 0xb768ef87, 0xb73632c8) = 0 open64("/dev/urandom", 0, 026732167607 pthread_mutex_lock(0xb7751454, 1, 0, 0xb737c041execve("/usr/sbin/samhain", ["samhain"], [/* 29 vars */]) = 0 brk(0) = 0xb7ffd000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb766b000 open("/usr/lib/cowdancer/libcowdancer.so", O_RDONLY|O_CLOEXEC) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\200\16\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=14544, ...}) = 0 mmap2(NULL, 17488, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7666000 mmap2(0xb766a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb766a000 close(3)= 0 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=10201, ...}) = 0 mmap2(NULL, 10201, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7663000 close(3)= 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/i386-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = 3 r
Bug#734775: tiger: nologin path incorrect in three scripts for debian use
tag 734775 upstream pending thanks On Thu, Jan 09, 2014 at 01:41:00PM -0500, Ian Bolton wrote: > Package: tiger > Version: 1:3.2.3-11 > Severity: normal > > Dear Maintainer, > The nologin path should be /usr/sbin/nologin for these three instances: (...) You are correct, I have committed a fix for this issue in Tiger's GIT repository (see attached file). I will update the package with the latest upstream version as soon as possible. Regards Javier diff --git a/scripts/check_anonftp b/scripts/check_anonftp index bf881c5..75fb163 100755 --- a/scripts/check_anonftp +++ b/scripts/check_anonftp @@ -17,6 +17,8 @@ # # check_anonftp - 06/14/93 # +# 01/09/2013 jfs Added /usr/sbin/nologin to list of valid nologin shells +# (Debian bug #734775) # 08/31/2005 jfs Changed GROUPC to GROUPSS # 06/28/2004 jfs Avoid duplicates for $ftphome # 01/13/2004 rbrad Cleanup noise and add additional check to check_anonftp. @@ -161,7 +163,7 @@ haveallcmds GETUSERHOME && { # Does the ftp user have a valid shell? shell=`echo $ftp_pwentry | $CUT -d: -f7` case "$shell" in -/bin/false|/usr/bin/false|/sbin/nologin) +/bin/false|/usr/bin/false|/sbin/nologin|/usr/sbin/nologin) ;; *) diff --git a/scripts/check_network b/scripts/check_network index e76dc2d..2645b76 100755 --- a/scripts/check_network +++ b/scripts/check_network @@ -339,7 +339,7 @@ sub check_ftpd { close(PASS); return unless ($name); return unless ($shell); - if (( $shell ne '/bin/false' ) || ( $shell ne '/sbin/nologin' )) { + if (( $shell ne '/bin/false' ) || ( $shell ne '/sbin/nologin' ) || ( $shell ne '/usr/sbin/nologin' ) ) { &Fail('netw018f',"Anon ftp user $name has valid shell of $shell"); } diff --git a/scripts/check_passwd b/scripts/check_passwd index 9b58e72..1fc6b6b 100755 --- a/scripts/check_passwd +++ b/scripts/check_passwd @@ -55,6 +55,8 @@ #Add /bin/true as valid shell as well as Solaris shells # 05/20/2006 jfs Add quotation marks to Tiger_Admin_Accounts to prevent #errors if empty (Debian bug #342181) +# 01/09/2013 jfs Added /usr/sbin/nologin to list of valid nologin shells +# (Debian bug #734775) # #- # TODO: @@ -168,7 +170,7 @@ check_passwd_entries() # TODO: The hardcoded list of shells could be user defined # (i.e. in tigerrc) eval "case \"$shell\" in - /bin/false|/usr/bin/false|/dev/null|/sbin/nologin|/bin/true) + /bin/false|/usr/bin/false|/dev/null|/sbin/nologin|/bin/true|/usr/sbin/nologin) ;; $shcase) [ \"$hash\" = \* ] && { signature.asc Description: Digital signature
Bug#734274: project-history: Fix dead links to "Debian counting site" and typo
tag 734274 pending thanks I've applied the patch (available now in SVN revision 10353). The fix should be available in the next upload of the project-history package and should be available in the website in the next rebuild. Thanks! Javier signature.asc Description: Digital signature
Bug#731316: e2undel is obsolete and should be removed
reassign 731316 ftp.debian.org retitle 731316 RM: e2undle -- RoM; abandoned-upstream thanks On Wed, Dec 04, 2013 at 10:07:02AM +0200, Adrian Bunk wrote: > If you agree that the e2undel should be removed, please reassign > this bug as a removal request to ftp.debian.org. As suggested, I'm reassinging this bug to ftp.debian.org and asking for the removal of e2undel. This package has been superceeded and is no needed in Debian any longer. Regards Javier signature.asc Description: Digital signature
Bug#729783: network-manager: Add network connectivy test using http://network-test.debian.org/nm
Package: network-manager Version: 0.9.8.0-5 Severity: wishlist Dear Network Manager maintainers, I've recently asked our DSA team to create a new network-test.debian.org service (See [rt.debian.org #4756) to be able to script tests of network connectivity with a stable service. Originally I intended this service to improve the 'network-test' script in the ifupdown-extra package, however, in light of the new Network-Manager capability to check connectivity status, I think it can be useful for network-manager users too. The service is now running and it is a static Virtual Host distributed along several Debian-managed machines with IPv4 and IPv6 connectivity. Specifically for Network-Manager, based on NetworkManager.conf(5), I've setup a URL for network connectivity tests which is now alive and running as you can see here: $ echo -e "GET /nm HTTP/1.1\r\nHost: network-test.debian.org\r\nConnection: close\r\n\r\n" | nc network-test.debian.org 80 HTTP/1.1 200 OK Date: Sun, 17 Nov 2013 10:52:46 GMT Server: Apache Last-Modified: Sat, 16 Nov 2013 16:28:43 GMT ETag: "1019d211-19-4eb4dcee584c0" Accept-Ranges: bytes Content-Length: 25 X-NetworkManager-Status: online Connection: close Content-Type: text/plain NetworkManager is online I would appreciate if you would consider: a) testing this service and see if it suits Network-Manager's requirements b) changin Network-Manager in order to add the following when creating a new managed connection: -- [connectivity] uri=http://network-test.debian.org/nm -- That way, when our Debian users setup a network connection they can test that it has full end-to-end connectivity and will be able to detect the following situations: - systems connected to cable connections which receive an DHCP assignment but are not fully connected to the Internet - as is the case with corporate connections which have network firewalls in place which require the use of network proxies for Internet access - systems connected to hotspots using WiFi which can connect and get a DHCP assignment but are forced to go through a captive portal before Internet access is granted (common use case for public/hotel WiFi hotspots) Please let me know if you need help in implementing the above changes. I'm not familiar enough with Network-Managers' codebase to produce a patch, but could try to work on it if assistance is needed. Best regards Javier -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.10-3-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages network-manager depends on: ii adduser3.113+nmu3 ii dbus 1.6.14-1 ii dpkg 1.17.1 ii isc-dhcp-client4.2.4-7 ii libc6 2.17-93 ii libdbus-1-31.6.14-1 ii libdbus-glib-1-2 0.100.2-1 ii libgcrypt111.5.3-2 ii libglib2.0-0 2.36.4-1 ii libgnutls262.12.23-7 ii libgudev-1.0-0 204-5 ii libnl-3-2003.2.21-1 ii libnl-genl-3-200 3.2.21-1 ii libnl-route-3-200 3.2.21-1 ii libnm-glib40.9.8.0-5 ii libnm-util20.9.8.0-5 ii libpolkit-gobject-1-0 0.105-3 ii libuuid1 2.20.1-5.5 ii lsb-base 4.1+Debian12 ii udev 204-5 ii wpasupplicant 1.0-3+b1 Versions of packages network-manager recommends: ii crda 1.1.2-1 ii dnsmasq-base 2.66-4 ii iptables 1.4.20-2 ii modemmanager 0.5.2.0-2 ii policykit-1 0.105-3 ii ppp 2.4.5-5.2 Versions of packages network-manager suggests: pn avahi-autoipd -- Configuration Files: /etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla [Errno 13] Permiso denegado: u'/etc/polkit-1/localauthority/10-vendor.d/org.freedesktop.NetworkManager.pkla' -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#728654: scratch: locale files are not installed in standard location
Package: scratch Version: 1.4.0.6~dfsg1-5 Severity: normal Scratch locale files are located under /usr/share/scratch/locale/. This is not the proper location for locale files (/usr/share/locale). There is no major harm in placing them there, but being a non-standard location makes it impossible for some packages (such as localepurge) to work their magic so that locales that are *not* useful for the installed system are removed. Please help system administrators claim back useless disk space ( == useless locales) by installing Scratch locales in the proper system location. -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.10-3-686-pae (SMP w/4 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages scratch depends on: ii libgtk2.0-bin 2.24.21-1 ii shared-mime-info1.0-1+b1 ii squeak-plugins-scratch 1.4.0.2~svn.r83-2 ii squeak-vm 1:4.10.2.2614-1 scratch recommends no packages. Versions of packages scratch suggests: ii pulseaudio 4.0-6+b1 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#661591: Does not apply to ifupdown-extra
Control: affects 661591 - ifmetric I have reviewed the ifupdown-extra scripts and they exit with 0 for success and 1 on error. The exit on error is only done on some specific cases (when the user has asked it this way) so the scripts should not have any issues with ifupdown now using run-parts. Regards Javier signature.asc Description: Digital signature
Bug#710303: debian-faq: [INTL:ru] Russian documentation translation update
tag 710303 pending thanks > Russian documentation translation update is attached. Thanks. I've updated the DDP SVN and included your translation. It will be made available in the next package upload. Regards Javier signature.asc Description: Digital signature
Bug#548336: restart gnome on squeeze2wheezy upgrades?
On Mon, Apr 29, 2013 at 03:00:57PM +0200, Michael Biebl wrote: > A restart of your desktop session is definitely desirable after a > squeeze -> wheezy dist-upgrade. Could you please provide some sample text, or should we run with the text that was present in the Squeeze Release Notes? > I even think we should advice users to *not* upgrade from within a > running X/GNOME session but from the console. This is already described in the Release Notes, see the "Important note" in section "4.1.5. Prepare a safe environment for the upgrade": You should *not* upgrade using telnet, rlogin, rsh, or from an X session managed by xdm, gdm or kdm etc on the machine you are upgrading. () Regards Javier signature.asc Description: Digital signature
Bug#420380: harden-doc: FAIL_DELAY and PASS_MAX_LEN are obsoleted by PAM
tag 420380 pending thanks On Wed, May 20, 2009 at 11:09:56PM +0200, Francesco Poli wrote: > On Sun, 22 Apr 2007 00:38:05 +0200 Francesco Poli wrote: > > [...] > > Section 4.11.3 _User login actions: edit /etc/login.defs_ talks > > about FAIL_DELAY and PASS_MAX_LEN. > > However, according to /etc/login.defs itself, these two parameters > > are now obsoleted by PAM. > > Any progress on this bug? I've done some progress today, in SVN. See http://anonscm.debian.org/viewvc/ddp/manuals/trunk/securing-howto/en/after-install.sgml?view=log > I really think this subsection should be updated, but I am not sure > how (because I don't know how those obsolete suggestions should be > translated for current Debian systems). I have hopefully removed the obsolete information, if you can review this information I would appreciate it. This bug will be closed in the next upload of the harden-doc package. Regards Javier signature.asc Description: Digital signature
Bug#692631: non-free files in upstream tarball ("The Software shall be used for Good, not Evil")
merge 692071 692631 thanks On Wed, Nov 07, 2012 at 11:20:33PM +0100, Ansgar Burchardt wrote: > The upstream tarball contains files under the non-free JSON license: This has already been reported. I'm merging this bug. Regards Javier signature.asc Description: Digital signature
Bug#692071: storymaps: includes non-free files (src/org/json/*)
On Thu, Nov 01, 2012 at 11:08:32PM +0100, Francesco Poli (wintermute) wrote: > Hello Javier, > it seems to me [1] that storymaps includes non-free files > (src/org/json/*) released under the JSON license [2]. Yes, it does. > (B) replace src/org/json/* files with a DFSG-free and GPL-compatible > equivalent, if any is available (tools/jsmin.py from libv8, which > is under a GPL-compatible 3-clause-BSD license, was mentioned [3] > during the debian-legal discussion, but maybe it's a completely > different thing...) Searching a little bit I've found Gson, which is a JSON implementation for Java using the Apache license. It is available here: http://code.google.com/p/google-gson/ Doing a cursory review Gson provides a JSON array implementation in Java, which is what Storymaps actually uses. So it could be an alternative for replacing Douglas' JSON. I will try to test replacing it and see where that takes me. > (C) remove src/org/json/* files by repacking the orig.tar.gz upstream > source archive, as long as storymaps is able to still be > significantly useful without those files... No, storymaps cannot work without the JSON implementation. > (D) move the package to the non-free archive This is probably what I will do in the short-term, however, as modifying and testing the code might take some time (if it works at all) Regards Javier signature.asc Description: Digital signature
Bug#691275: cron: symlink races in crontab
tags 691275 moreinfo thanks On Tue, Oct 23, 2012 at 09:28:05PM +0200, Jann Horn wrote: > Debian's crontab contains multiple symlink races. If > crontab was setuid root (which I think it normally is), this could be used > to e.g. wipe directories (vulnerable code is in cleanup_tmp_crontab) or for > other attacks. However, as it is only setgid crontab on debian, the only > attack this can be used for is to block cron access for a user named > "crontab" by invoking "crontab -e" and replacing the > folder in /tmp with a symlink before crontab creates the file "crontab" > inside the folder. The code vulnerable to this attack is in > create_tmp_crontab. Could you please detail where do you see the symlink races or show, at least, a proof of concept of the symlink race in action and how can I reproduce this bug? Reviewing the code: the directory used in cleanup_tmp_crontab is actually defined in create_tmp_crontab using mkdtemp(). Mkdtemp ensures that the directory created is both unique as well as restricted to the user running it. This means that, as far as I know, any files created within that directory (and removed afterwards) should be "safe". This includes the unlink() codes in cleanup_tmp_crontab, as well as the rmdir() call there. Best regards Javier signature.asc Description: Digital signature
Bug#690791: building from source an inconvenient process
retitl 690791 doc-debian: Should include text sources in package thanks On Wed, Oct 17, 2012 at 06:11:03PM +0200, Thijs Kinkhorst wrote: > Package: doc-debian > Version: 4.0.2 > Severity: important > Building this package from source requires one to have a webwml > checkout in a specific hardcoded filesystem location. Yes, this is true. However, this issues is not severity important, as it only affects package *rebuild* not package *use*. > Also, the source package does not really contain the sources > as these are pulled in from the checkout at build time. This is something that should be fixed. Since the package should include the sources. > Probably a good solution would be to move the code that > collects the files into a get-orig-source rules target. This is a good idea. I will change debian/rules to do this and also change it so it does not remove the wml files when cleaning. Best regards Javier signature.asc Description: Digital signature
Bug#690657: harden-remoteaudit: Outdated mention to Nessus in the description (update for OpenVAS)
Package: harden-remoteaudit Version: 0.1.38 Priority: normal The current description of the harden-remoteaudit package says: Nessus note: You have to have the nessus client installed on some host. The client is provided by the 'nessus' package. You can install it on the same host but that is not necessary. Since the package does not Depend/Suggest on anything related to Nessus that paragraph does not make sense to me. If you want to update it for OpenVAS I suggest using the following: OpenVAS note: You have to have an OpenVAS client or installed on some system in order to launch scans. Some of the available clients are provided by the openvas-administrator, openvas-client, and openvas-cli packages. You can install any of them in the same host, but it is not a requirement. Best regards Javier signature.asc Description: Digital signature
Bug#690656: harden-remoteaudit: Please remove dependency on openvas-server
Package: harden-remoteaudit Version: 0.1.38 Tags: important Harden-remoteaudit currently depends on the packages for the OpenVAS2 scanner (openvas-server). This package is being replaces by openvas-scanner, which is the new name of this package since the OpenVAS 3 release. This dependency prevents the package from being removed from Wheezy something which, as its maintainer, I would like to do. This is because support for OpenVAS 2 was discontinued last year [1] and providing OpenVAS 2 to our Debian 'stable' users in our upcoming release is not really a good idea. Since harden-remoteaudit does not Depend: on any other package, an alternative to make it possible to remove the openvas-server package from Wheezy would be to change the Depends: into a Suggests: and, in addition, change it from 'openvas-server' to 'openvas-scanner | openvas-server'. Once the openvas-scanner is moved from experimental to unstable you could, if desired, change the Suggests: back into a Depends: Thanks for your co-operation, Javier [1] http://lists.wald.intevation.org/pipermail/openvas-announce/2011-June/000127.html signature.asc Description: Digital signature
Bug#690655: RM: openvas2 [wheezy] -- RoM; abandoned-upstream
Package: release.debian.org Version: N/A Priority: grave Tags: rm I would like to request the Release Managers to remove *all* of the OpenVAS 2.x packages from the current testing distribution. This includes the following packages: - libopenvas2 / libopenvas2-dev (version 2.0.4-2.1) - libopenvasnasl2 / libopenvasnasl2-dev (version 2.0.2-2.1) - openvas-client (version 2.0.5-1.1) - openvas-plugins-base / openvas-plugins-dfsg (version 1:20100705-2) - openvas-server / openvas-server-dev (version 2.0.3-6) In addition, please also remove the following package: - harden-remoteaudit: it depends on openvas-server (I have sent a bug to the package to update this dependency) Support for OpenVAS 2 was discontinued last year [2]. Providing OpenVAS 2 to our Debian 'stable' users in our upcoming release is not really a good idea. Even though the scanner/client works 'as it is', users will not be able to download new plugins for this release from the OpenVAs servers and it will not be possible for them to find "recent" vulnerabilities in hosts they scan. For the last 2 years I have provided experimental versions of OpenVAS 3, which seem to have not received to much attention from users. In any case since that version is also going to be discontinued upstream. Since the latest OpenVAS release is version 5 [1] (released May this year) I will work towards providing OpenVAS 5 in our unstable distribution. And, once available, will try to make backports available for Wheezy too. Removing the OpenVAS 2 packages from testing simplifies handling upgrades to the newer version and also installations of the backports of OpenVAS 5 packages in Wheezy. Regards Javier signature.asc Description: Digital signature
Bug#683424: Patch describing Multiarch
tag 683424 pending thanks On Sat, Oct 13, 2012 at 02:24:37PM +0200, Thijs Kinkhorst wrote: > > We need some introduction to multi-arch. > > Attached patch adds a basic introduction to Multiarch in the What's new > section, referring to the HOWTO for extended information for those who (...) > Perhaps more could be improved, but this patch should at least satisfy a > large number of common cases. Please apply. Thanks, I have applied this patch to the sources. Regards Javier signature.asc Description: Digital signature
Bug#688923: mathematica-fonts: [INTL:es] spanish translation
On Fri, Sep 28, 2012 at 10:32:26AM +0900, Atsuhito Kohda wrote: > I'll wait for a new update. Thanks for your contribution. I've reviewed the translation that Rafael sent and I've found a number of mistakes in it. The main mistake is the translation of "font" in the translation sent by him which is not consisten with the proper translation of font in Spanish (he uses "fuentes" and even leaves it unstralated in one msgid and uses "fonts") and with the translation used in the translated msgids by Francisco Javier. After a review, I attach you an updated file. Please replace the existing es.po file in your package with this file to fix the errors outlined above. Thanks Javier # mathematica-fonts po-debconf translation to Spanish # Copyright (C) 2009 Software in the Public Interest # This file is distributed under the same license as the mathematica-fonts package. # # Changes: # - Initial translation # Francisco Javier Cuadrado , 2009 # - Translation update and review # Rafael Ernesto Rivas , 2012. # Javier Fernández-Sanguino , 2012 # # Traductores, si no conocen el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor, lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # msgid "" msgstr "" "Project-Id-Version: mathematica-fonts 0.1\n" "Report-Msgid-Bugs-To: mathematica-fo...@packages.debian.org\n" "POT-Creation-Date: 2012-09-07 18:02-0400\n" "PO-Revision-Date: 2012-09-27 02:12+0200\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian l10n Spanish \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: http WRI Mathematica Research proxy Proxy Inc Wolfram\n" #. Type: string #. Description #: ../templates:2001 msgid "HTTP proxy to use:" msgstr "Proxy HTTP a utilizar:" #. Type: string #. Description #: ../templates:2001 msgid "" "If you need to use a proxy server, please enter it here (example: " "http://192.168.0.1:8080). This will cause the font file to be downloaded " "through the proxy." msgstr "" "Si necesita utilizar un servidor proxy, introdúzcalo aquí (por ejemplo: " "http://192.168.0.1:8080). Esto provocará que los archivos de las tipografías " "se descarguen utilizando dicho proxy." #. Type: string #. Description #: ../templates:2001 msgid "Leave this field blank if you don't use a proxy server." msgstr "Deje este campo en blanco si no quiere utilizar un servidor proxy." #. Type: note #. Description #. This debconf note displays the original license of fonts #. The license terms themselves are not translatable, which explains #. that translators do not see them in the PO files #: ../templates:3001 msgid "License for Mathematica fonts" msgstr "Licencia de las tipografías de Mathematica" #. Type: note #. Description #: ../templates:3001 msgid "" "Read this agreement carefully before proceeding. It is an agreement between " "Wolfram Research, Inc. (\"WRI\") and you. Acceptance of its terms creates a " "binding contract between you and WRI. By downloading the fonts below, you " "are accepting the terms of this agreement." msgstr "" "Lea cuidadosamente este acuerdo antes de continuar. Se trata de un acuerdo " "entre la empresa Wolfram Research, Inc. (WRI) y usted. La aceptación de los " "términos de este acuerdo crea un contrato vinculante entre usted y la WRI. " "Usted está aceptando los términos de este acuerdo al descargar las " "tipografías indicadas más abajo." #. Type: boolean #. Description #: ../templates:4001 msgid "Do you accept the license of Mathematica fonts?" msgstr "¿Acepta la licencia de las tipografías de Mathematica?" #. Type: boolean #. Description #: ../templates:4001 msgid "" "In order to install this package, you must accept its license terms. Not " "accepting will cancel the installation." msgstr "" "Debe aceptar los términos de la licencia para poder instalar este paquete. " "Si no los acepta se cancelará la instalación." signature.asc Description: Digital signature
Bug#688808: debian-goodies: checkrestart incorrectly ignores util-linux (getty)
On Tue, Sep 25, 2012 at 10:17:02PM +0200, Francesco Poli (wintermute) wrote: > The attached patch (which I think is so trivial that it is not > copyrighted) fixes the issue for me: Thanks for the patch, I'll review it and include it in the package. Regards Javier signature.asc Description: Digital signature
Bug#684237: oinkmaster: bleeding Snort is not available anymore
Package: oinkmaster Version: 2.0-3 Priority: wishlist In addition to the "Bleeding Snort", there are additional rules for Snort available at http://www.emergingthreats.net/ which could be incorporated in the package. Regards Javier signature.asc Description: Digital signature
Bug#677810: snort: white/blacklist
On Tue, Jul 31, 2012 at 04:23:52PM +0800, Jim Barber wrote: > I have also encountered this problem when installing snort for the first time > on a freshly installed Debian host. > > To get the package to configure I did the following steps: (...) Thank you (and the other reports) for the additional information. Since the preprocessor which uses this white/black list is experimental I'm actually going to disable it in the next Snort release. For the benefit of the users that want to enable it. I'm going to change the relative paths to absolute paths so this (upstream) bug does not trigger here. Regards Javier signature.asc Description: Digital signature
Bug#680303: snort-rules-default: ip-based rules in community-sip.rules are wrong
On Wed, Jul 04, 2012 at 10:46:37PM +0200, Robert Kehl wrote: > The rules in community-sip.rules that use "ip any any -> any" are wrong in > my stumbling understanding of snort's rule syntax, as they trigger in every > case the content is involved, regardless of the port 5060 mentioned. Thanks for your report. Googling this actually seems to be a common problem to some Snort users, see for example: https://groups.google.com/forum/#!msg/snortusers/hPX_WRjTUWY/eZckB3C00U8J[1-25] https://www.alienvault.com/forum/index.php?t=msg&goto=5575&S=cd14599b5bf0cd872c3643f18b7a53a9 https://www.alienvault.com/forum/index.php?t=msg&goto=3448&S=edb2a35e5f434a528c4e6bb2448226a7 > Especially the rule "COMMUNITY SIP TCP/IP message flooding directed to SIP > proxy" triggers very often, being a false positive then, as it does not > limit regarding the content of a packet in any way. These rules are very out of dated and are only provided as a reference for users. The default snort.conf configuration in Debian does not include this file anymore. In any case, to prevent users from shooting themselves in the foot I'm modifying the file as distributed in Debian to comment out the rules and add a warning, so that users enable it at their own risk > > Having disabled the questioned rules, snort behaves as expected, > beforehand, I got hundreds of false positives covering the real attacks. > > I think, a rule like this is wrong: > > alert ip any any -> any 5060 > > It acutally behaves like this one: > > alert ip any any -> any > > This results in numerous warnings on heavily used connections like an > OpenVPN connection (in my case). I believe this is probably because the rule should use 'tcp' or 'udp' instead of IP. > Despite the fact that most of the rules are heavily out-dated, but still > better than none, you should consider boiling down community-sip.rules to > the set below or kicking it completely. I'd suggest the latter, as I'm not > sure wether the remaining rules are correct, either. Implementing a recent > ET ruleset would improve the usage of snort on Debian, for sure, but this > is out of scope of this bug report. As said before, I'm commenting it out completely and adding a warning for users. Regards Javier signature.asc Description: Digital signature
Bug#682558: fs2ram: [INTL:es] New spanish translation
On Mon, Jul 23, 2012 at 01:20:43PM -0600, Christian PERRIER wrote: > Well, your translation, Javier, corresponds to the templates in the > archive. However, they have been reviewed and therefore changed. The review here was really minor (some double spaces and minor wording). So the update was easy. > Here is the resynced PO file. Updated again. Regards Javier # fs2ram po-debconf translation to Spanish # Copyright (C) 2012 Software in the Public Interest, SPI Inc. # This file is distributed under the same license as the fs2ram package. # # Changes: # - Initial translation # Javier Fernández-Sanguino , 2012 # # # Traductores, si no conoce el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de # traducción de Debian al español () msgid "" msgstr "" "Project-Id-Version: fs2ram\n" "Report-Msgid-Bugs-To: fs2...@packages.debian.org\n" "POT-Creation-Date: 2012-07-11 08:07-0600\n" "PO-Revision-Date: 2012-07-23 22:23+0200\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian Spanish \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: tmp fs log lock ram reinicios var tmpfs\n" #. Type: select #. Choices #: ../templates:2001 msgid "Content-preserving" msgstr "Preservando contenido" #. Type: select #. Choices #: ../templates:2001 msgid "Structure-preserving" msgstr "Preservando estructura" #. Type: select #. Choices #: ../templates:2001 msgid "Unconfigured" msgstr "No configurado" #. Type: select #. Description #: ../templates:2002 msgid "Configuration for fs2ram:" msgstr "Configuración para fs2ram:" #. Type: select #. Description #: ../templates:2002 msgid "Please select the fs2ram configuration that best meets your needs." msgstr "" "Seleccione la configuración de fs2ram que mejor se adapte a sus necesidades." #. Type: select #. Description #: ../templates:2002 msgid "" " * Content-preserving: /var/tmp, /var/cache, and /var/log will be in\n" " RAM, reducing writes to the hard drive, and fs2ram will preserve the\n" " contents of these file systems across reboots.\n" " * Structure-preserving: /var/tmp, /var/cache, and /var/log will be in\n" " RAM, but fs2ram will only preserve their directory structures across\n" " reboots, not their (potentially private) contents.\n" " * Unconfigured: the fs2ram configuration file will be left empty and\n" " must be filled manually." msgstr "" " * Preservando contenido: se mantendrán «/var/tmp», «/var/cache», y «/var/" "log»\n" " en RAM, reduciendo el número de escrituras en el disco duro, y fs2ram \n" " preservará los contenidos de estos sistemas de ficheros entre cada\n" " reinicio del sistema.\n" " * Preservando estructura: se mantendrán /var/tmp, /var/cache, y /var/log " "en\n" " RAM, pero fs2ram sólo preservará la estructura de directorios entre\n" " cada reinicio del sistema y no sus contenidos (potencialmente privados).\n" " * No configurado: el archivo de configuración de fs2ram se dejará vacío y\n" " deberá rellenarse manualmente." #. Type: boolean #. Description #: ../templates:3001 msgid "Turn /tmp into a RAM file system?" msgstr "¿Desea convertir «/tmp» en un sistema de ficheros en RAM?" #. Type: boolean #. Description #: ../templates:3001 msgid "" "Please choose whether /tmp should be converted into a tmpfs mount point. " "This is not the default for freshly installed systems." msgstr "" "Seleccione si desea que se convierta «/tmp» en un punto de montaje de tipo " "«tmpfs». Éste no es el comportamiento por omisión para sistemas recién " "instalados." #. Type: boolean #. Description #: ../templates:4001 msgid "Turn /var/lock into a RAM file system?" msgstr "¿Desea convertir «/var/lock» en un sistema de ficheros en RAM?" #. Type: boolean #. Description #: ../templates:4001 msgid "" "Please choose whether /var/lock should be converted into a tmpfs mount " "point. This is the default for freshly installed systems." msgstr "" "Seleccione si desea que se convierta «/var/lock» en un punto de montaje de " "tipo «tmpfs». Ésta es la configuración predefinida en sistemas recién " "instalados." #~ msgid "fs2ram configuration" #~ msgstr "Configuración de fs2ram" signature.asc Des
Bug#682559: tomoyo-tools: [INTL:es] spanish translation
On Mon, Jul 23, 2012 at 01:24:19PM -0600, Christian PERRIER wrote: > Same than fs2ram. The translation corresponds to the unreviewed > templates. > > Here's the file after syncing it with the reviewed templates. Attached is the reviewed file after the sync. Regards Javier # tomoyo-tools po-debconf translation to Spanish # Copyright (C) 2012 Software in the Public Interest, SPI Inc. # This file is distributed under the same license as the tomoyo-tools package. # # Changes: # - Initial translation # Javier Fernández-Sanguino , 2012 # - Revision # Camaleón , 2012 # # # Traductores, si no conoce el formato PO, merece la pena leer la # documentación de gettext, especialmente las secciones dedicadas a este # formato, por ejemplo ejecutando: # info -n '(gettext)PO Files' # info -n '(gettext)Header Entry' # # Equipo de traducción al español, por favor lean antes de traducir # los siguientes documentos: # # - El proyecto de traducción de Debian al español # http://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en # http://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans # o http://www.debian.org/intl/l10n/po-debconf/README-trans # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de # traducción de Debian al español () # msgid "" msgstr "" "Project-Id-Version: tomoyo-tools\n" "Report-Msgid-Bugs-To: tomoyo-to...@packages.debian.org\n" "POT-Creation-Date: 2012-07-17 19:17-0600\n" "PO-Revision-Date: 2012-07-23 22:29+0200\n" "Last-Translator: Javier Fernández-Sanguino \n" "Language-Team: Debian Spanish \n" "Language: es\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "X-POFile-SpellExtra: grub default Tomoyo update GRUBCMDLINELINUX tomoyo\n" "X-POFile-SpellExtra: security\n" #. Type: boolean #. Description #: ../tomoyo-tools.templates:2001 msgid "Enable TOMOYO Linux at boot time?" msgstr "¿Desea habilitar TOMOYO Linux en el arranque?" #. Type: boolean #. Description #: ../tomoyo-tools.templates:2001 msgid "" "Enabling TOMOYO Linux functionality in the running kernel requires an " "appropriate kernel command line at boot time. This can be configured by " "setting GRUB_CMDLINE_LINUX=\"security=tomoyo\" in /etc/default/grub and " "running grub-update." msgstr "Para habilitar la funcionalidad de TOMOYO para Linux es necesario configurar la opción correcta de la línea de órdenes del núcleo en el momento del arranque. Esto puede realizarse definiendo «GRUB_CMDLINE_LINUX=\"security=tomoyo\"» en «/etc/default/grub» y ejecutar «grub-update»." #. Type: boolean #. Description #: ../tomoyo-tools.templates:2001 msgid "" "If you accept here, these actions will be performed automatically and TOMOYO " "Linux will be enabled at next boot." msgstr "Si acepta ahora, estas acciones se harán de forma automática y TOMOYO para Linux quedará habilitado automáticamente en el siguiente arranque." #~ msgid "" #~ "To enable Tomoyo, you should set GRUB_CMDLINE_LINUX=\"security=tomoyo\" " #~ "in /etc/default/grub and run grub-update to use it with your Linux kernel " #~ "in next boot time. This config will enable it automatically." #~ msgstr "Para habilitar Tomoyo debe definir «GRUB_CMDLINE_LINUX=\"security=tomoyo\"» en «/etc/default/grub» y ejecutar «grub-update» de forma que se use en su núcleo de Linux en el próximo arranque. Este programa de configuración lo habilitará automáticamente si así lo desea." #~ msgid "" #~ "If you would not accept it, you should set it by your own hand later." #~ msgstr "" #~ "Si no desea hacerlo ahora, debería configurarlo manualmente más adelante." signature.asc Description: Digital signature
Bug#679062: cron: should remove obsolete /etc/cron.daily/standard
On Thu, Jul 05, 2012 at 10:58:04AM +0300, Teodor MICU wrote: > reopen 679062 > stop > > This process is not complete since I get this email from all systems > where I upgraded cron: > > | Subject: Anacron job 'cron.daily' on frost.museglobal.ro > | [..] > | run-parts: failed to stat component /etc/cron.daily/standard: No > such file or directory I'm not sure this is entirely's cron fault. From the subject: it looks like anacron is trying to run the old cron.daily's standard task. Could you please do this: - send the list of files under /etc/cron.daily/ - check if anacron is running in your system (i.e. 'ps -ef |grep anacron') - restart anacron, if running and see if the error reproduces If this is anacron's fault maybe we have to reassign the bug there. Thanks Javier signature.asc Description: Digital signature
Bug#620392: cron looses job output if no mta is installed
merge 670118 620392 thanks On Fri, Apr 01, 2011 at 12:26:01PM -0500, Adam Heath wrote: > I suggest that in this case the output should be sent to syslog, at > the least. I'm merging this bug with bug #670118 which provides precisely support for logging cron job information to syslog. This feature will not be enabled for Wheezy, but we might consider these changes in later releases of the cron package. Thanks Javier signature.asc Description: Digital signature
Bug#679106: cron: multiple /etc/init.d/cron stop may kill unrelated processes
tag 679106 pending thanks Hi, After reviewing this bug I believe we did not fix it properly in 3.0pl1-117. In that version we did the following change: * debian/cron.init: - Don't call start-stop-daemon directly, use LSB init functions instead. Among other things, this works around the cron daemon not deleting its pidfile from /var/run/. Closes: #615855 But the bug (cron: does not clean up PID file on exit) was not properly addressed (or LSB's killproc behaviour has changed in the meantime). I have committed a fix through cron's init.d file . The init.d file will now remove the pidfile if it exists after killing the process. This should be fixed in cron itself (through it's SIG handler) but this fix is a quicker (and less complex) fix for this bug. The fix is now is available in GIT and can be found at http://anonscm.debian.org/gitweb/?p=pkg-cron/pkg-cron.git;a=commitdiff;h=e284ede4877465557c6846d391eabebd7077cbd6 I will upload this fix with a new cron version. Regards Javier signature.asc Description: Digital signature
Bug#284274: Patch for the hardlink replacement bug request
On Sun, Jun 17, 2012 at 09:40:49PM +0200, Sandro Tosi wrote: > On Fri, Jul 31, 2009 at 12:56 AM, Javier Fernández-Sanguino Peña > wrote: > > > > tags 284274 patch > > thanks > > > > Attached is a patch to the program sources (through the use of a dpatch > > patch > > in the Debian package) that adds a new -L / --linkhard option to fdupes. > > This > > option will replace all duplicate files with hardlinks which is useful in > > order to reduce space. > > > > It has been tested only slightly, but the code looks (to me) about right. > > > > Please consider this patch and include it in the Debian package. > > As it turned out[1] this patch loses data if some of the file to > replace are on different filesystems. I'm going to remove it from the > package for now, but i'd be happy to evaluate a new patch. It might not be too difficult to introduce a check in the patch that tries the hard link and, if it fails, it restores the file and complains. I'll see what I can do. Regards Javier signature.asc Description: Digital signature
Bug#674296: checkrestart: specialcase unreadable pid 1 - assume vserver
On Thu, May 24, 2012 at 10:54:26AM +0200, Tomas Pospisek wrote: > In contrast to the discussion above, I've changed the default behaviour > of checkrestart back to its original one, that is, if there's an > exception reading a /proc/*/exe link, then we raise and exception > (and terminate). Thanks for the patch, it looks fine to me so I will probably apply it before my next upload of debian-goodies. Best regards Javier -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#670118: [PATCHv2] Add support for logging cron job output to syslog
On Sun, Apr 22, 2012 at 11:18:15PM -0700, Josh Triplett wrote: > [Resending with the correct set of patches this time.] > > The attached patches make it possible for cron to log cron job output to > syslog. Hi, Thanks for the work and the patches. I've added these patches to a new git branch (bug/670118) for review. I'm not sure if we can commit to include these patches in the current version of the cron package (for Squeeze) since we were trying to get the number of patches down in order to move to a new package (using 3.0 source format). Once we have discussed this between the cron maintainers we will let you know how we will go forward with these changes. Best regards, Javier signature.asc Description: Digital signature
Bug#674228: openvas-plugins-dfsg: FTBFS: missing build-deps
On Thu, May 24, 2012 at 01:03:27AM +0200, Cyril Brulebois wrote: > $subject says it all: > | [ "clean" = "audit-plugins" ] || dh clean --with quilt > | dh: unable to load addon quilt: Can't locate > Debian/Debhelper/Sequence/quilt.pm in @INC (@INC contains: /etc/perl > /usr/local/lib/perl/5.14.2 /usr/local/share/perl/5.14.2 /usr/lib/perl5 > /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 > /usr/local/lib/site_perl .) at (eval 18) line 2. > | BEGIN failed--compilation aborted at (eval 18) line 2. > | > | make: *** [clean] Error 2 > A build-depends: on quilt is missin in debian/control, I will add it. Regards Javier signature.asc Description: Digital signature
Bug#649168: blacklist not really working?
On Thu, May 24, 2012 at 12:39:37AM +0200, Tomas Pospisek wrote: > So currently instead of failing as above I changed checkrestart to > report an error and to continue: That patch looks good to me. > admin:~# diff -u /tmp/checkrestart /usr/local/bin/checkrestart > --- /tmp/checkrestart 2012-05-24 00:37:15.147100799 +0200 > +++ /usr/local/bin/checkrestart 2012-05-24 00:24:23.0 +0200 > @@ -445,7 +445,8 @@ > self.program = os.readlink('/proc/%d/exe' % self.pid) > except OSError, e: > if e.errno != errno.ENOENT: > -raise > +sys.stderr.write('ERROR: Failed to read %d' % self.pid) > +#raise > self.program = self.cleanFile(self.program) > > def cleanFile(self, f): > > I wonder if there's a better way... I think your fix is probably good enough. > Other than that, I can report that Tollef patch works for me. That's good to hear, thank you. Regards Javier signature.asc Description: Digital signature
Bug#674192: Please reconsider package description
On Wed, May 23, 2012 at 09:21:39PM +0100, Justin B Rye wrote: > > . > > This cron package is pre-configured to do some basic daily system > > maintenance tasks. Other packages, such as checksecurity, help with > > further maintenance tasks. > > The "basic daily system maintenance tasks" are being phased out (see > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=579640). Sooner or > later this paragraph is going to need a rewrite, or maybe it would be > better just to drop it completely. When the tasks are removed the paragraph can be changed to something along the lines of: This package does not provide any system maintenance tasks. Other packages, such as cron-standard and checksecurity, provide relevant periodic maintenance tasks useful to cover basic system checks. This will explain the dependencies on other packages (checksecurity is currently Suggested: and cron-standard might hold the standard system tasks in the future). Regards Javier signature.asc Description: Digital signature
Bug#673822: wicd-daemon: Power management suspend script runs unconditionally even in wired-only computers
On Tue, May 22, 2012 at 09:55:18PM +0200, David Paleino wrote: > This isn't true. Wicd isn't listed among the dependencies of NM -- if it was > the case, it would be *VERY* weird. Please run a "aptitude why wicd-daemon", > and check what pulled it in. Excuse my ignorance, you are right, wicd was not pulled because of Network-Manager, my mistake. In my system, wicd was pulled in because of the task-xfce-desktop: jfs@silicio:$ LC_ALL=C aptitude why wicd-daemon id wicd Depends wicd-daemon (= 1.7.2.3-1) jfs@silicio:$ LC_ALL=C aptitude why wicd id task-xfce-desktop Recommends wicd I incorrectly assumed that wicd was somehow associated to wireless, when it's not. The starting 'w' got me confused :) > > This package installs a script under /usr/lib/pm-utils/sleep.d/55wicd and > > gets run after any resume of hibernation. > > > > However, since this script is not a configuration file and it does not > > provide > > any way to disable it, the script will run regardless of whether the system > > is > > using a wireless connection or a wired connection (as is my case). > > Regardless of what the comments in that file say, it just runs wicd > suspend/resume, and the existence of a wireless connection is not taken into > consideration. What I tried to say is that wicd is trying to do things on suspend/resumen even if it's not *configured* for any given interface. At least in my system, I have never configured wicd and my *wired* interface (eth1) has always been managed by /etc/network/interfaces. In this setup (the user has not ever configured wicd and the interfaces are already managed) it doesn't make sense for the suspend script to run at all. > > If possible, I would appreciate if the script would NO-OP either > > > > a) by detecting that wicd is not configured using some kind of system > > indication. For example, in my system, /etc/wicd/wireless-settings.conf is > > an > > empty (0-bytes) file which could be an indication. > > If you don't want wicd to manage wireless, just clear the "wireless_interface" > entry in manager-settings.conf . I actually don't want wicd to manage *any* of my *wired* interfaces. So I cannot understand why the script runs when: - /etc/wicd/wireless-settings.conf is an empty file - /etc/wicd/wired-settings.conf has not been configured at all (available at http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=37;filename=wired-settings.conf;att=1;bug=557156) > Since you seem to be a NM user, I guess you don't want wicd at all. At the > beginning of your mail you said it was "pulled in" -- this shouldn't happen, > and certainly is not a bug in the wicd packages. Please check why it was > pulled > in first; then decide whether use it or just keep NM. Using both programs is > technically possible, but not really encouraged. Keeping just one of them will > save you tons of possible problems and Heisenbugs (and no, I won't add a > Conflict.) The problem is: I'm a regular user of /etc/network/interfaces, I use guessnet, and I don't want any networking packages to interfere with my setup. Not NetworkManager, not Wicd, not others. Unfortunately, the different desktop management systems introduce a network manager that interferes with a setup that has been working fine since (IIRC) Woody. I don't mind having wicd installed if that is pulled in by a task and is inactive. But having the software *do* stuff when I have never configured it, nor even started the graphical interface, and have it behave in a way that interferes with my network setup is quite strange. The fact is, that just because I installed the Xfce desktop to test out the *desktop* environment, wicd got pulled in and broke my networking setup (for more information see #557156) and this only happens *when* I suspended the system and resumed from suspend. You are tagging this as 'unreproducible' bug, I believe that it is quite easy to reproduce: 1- Install a bare system 2- Configure the system's networking using a fixed IP address either by using the Debian Installer or by manually editing /etc/network/interfaces after installation 3- Install the xfce-desktop task (which pulls in wicd) 4- Suspend the system 5- Return from suspend Right before step 4, the system will be configured with a static IP address. In step 5 wicd's suspend script will run, even though wicd is unconfigured. And this leads us to a completely broken network setup (using DHCP) due to bug #557156. A way I see to prevent bug #557156 and other future bugs, wicd's suspend script should *not* run if wicd is not being used to manage the system's networking. I don't know wicd's internals, but reviewing wicd's code, it occurs to me than an alternative way would be for the script to check if wicd daemon is running and abort if it's not. That way a sysadmin could simply disable the wicd daemon using wicd's default file and then the suspend script would do nothing. Regards Javier signature.asc Description: Digit
Bug#557156: wicd deconfigures the wired (eth0) interface at suspend or cable unplugged
On Mon, May 21, 2012 at 07:14:08PM +0200, Javier Fernández-Sanguino Peña wrote: > - I have not configured wicd at all, it was just pulled in as a dependency > because > GNOME's NetworkManager depends on it A mistake here: wicd was pulled in because I installed the xfce-desktop task, not because of Network Manager. Still, I've always managed my interfaces using /etc/network/interfaces and have *never* configured them using wicd. > As I cannot disable the /usr/lib/pm-utils/sleep.d/55wicd script I've > introduced another > script in /etc/pm/sleep.d/00_restart_network that stops dhclient and (...) Please take note that it took me quite a lot of debugging of the pm-suspend scripts until I found out that the reason why my interfaces were reconfigured was because of wicd. Once the culprit has been found, a much simpler way to prevent this bug would be using apt-get or dpkg, I could remove wicd since it is only Recommended: by xfce-desktop. For me it probably an option, but a regular user that steps into this bug will find that this will make more "friendly" package management frontends, such as aptitude, to *always* try to remove the xfce-desktop task (unless configured to ignore Recommends). Regards Javier signature.asc Description: Digital signature
Bug#557156: wicd deconfigures the wired (eth0) interface at suspend or cable unplugged
Package: wicd-daemon Version: 1.7.2.3-1 Followup-For: Bug #557156 I can confirm that this bug is still present and it completely breaks my network setup when resuming from suspend. In my case, I have a desktop system that uses 'eth1' as its wired interface: - this interface is configured through /etc/network/interfaces (since Woody, or even earlier) - I have not configured wicd at all, it was just pulled in as a dependency because GNOME's NetworkManager depends on it - there is no way to disable the suspend script (I have filed a separate bug on this) When resuming from suspend the following happens: - /usr/lib/pm-utils/sleep.d/55wicd is run - the script calls /usr/share/wicd/daemon/autoconnect.py - this script calls dhclient - the interface is auto reconfigured to use a dynamic (instead of static IP address) Please see the attached file generated using 'script' (wicd-test-resume.log) that shows the behaviour. The /var/log/wicd/wicd.log file (attached is an extract) shows that seems to be the behaviour when resuming from suspend. I'm attaching also my current /etc/wicd/wired-settings.conf configuration file for review. As I cannot disable the /usr/lib/pm-utils/sleep.d/55wicd script I've introduced another script in /etc/pm/sleep.d/00_restart_network that stops dhclient and reconfigures the interface. Writting this script was a little bit tricky as there is a race condition in how the power management scripts are run (as wicd dettachs to a background process). It seems to work well in my system and prevents this bug. I'm attaching it also here for the benefit of those affected by this bug. Please feel free to ask for additional information. By the way: this bug is pretty serious, in my opinion it makes this package unsuitable for release. Regards Javier -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wicd-daemon depends on: ii adduser 3.113+nmu1 ii dbus1.5.12-1 ii debconf 1.5.42 ii ethtool 1:3.1-1 ii iproute 20120319-1 ii iputils-ping3:20101006-1+b1 ii isc-dhcp-client [dhcp3-client] 4.2.2.dfsg.1-4 ii lsb-base4.1+Debian2 ii net-tools 1.60-24.1 ii psmisc 22.16-1 ii python 2.7.2-10 ii python-dbus 0.84.0-3 ii python-gobject 3.2.0-3 ii python-wicd 1.7.2.3-1 ii wireless-tools 30~pre9-8 ii wpasupplicant 0.7.3-6 Versions of packages wicd-daemon recommends: ii wicd-gtk [wicd-client] 1.7.2.3-1 Versions of packages wicd-daemon suggests: ii pm-utils 1.4.1-9 Versions of packages wicd depends on: ii wicd-gtk [wicd-client] 1.7.2.3-1 Versions of packages wicd-gtk depends on: ii python 2.7.2-10 ii python-glade2 2.24.0-3 ii python-gtk22.24.0-3 Versions of packages wicd-gtk recommends: ii gksu 2.0.2-6 ii python-notify 0.1.1-3 Versions of packages python-wicd depends on: ii python 2.7.2-10 ii python2.6 2.6.7-4 ii python2.7 2.7.3~rc2-2.1 -- debconf information: * wicd/users: jfs [wired-default] ip = None broadcast = None netmask = None gateway = None search_domain = None dns_domain = None dns1 = None dns2 = None dns3 = None beforescript = None afterscript = None predisconnectscript = None postdisconnectscript = None encryption_enabled = None default = True dhcphostname = silicio lastused = True Script iniciado (lun 21 may 2012 18:19:36 CEST ) fetchmail: background fetchmail at 12848 awakened. jfs@silicio:log$ jfs@silicio:log$ ps -ef |grep dhcl jfs@silicio:log$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:c0:df:03:c5:e9 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::2c0:dfff:fe03:c5e9/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:7336517 errors:0 dropped:0 overruns:0 frame:0 TX packets:16048323 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:963483172 (918.8 MiB) TX bytes:2499792887 (2.3 GiB) Interrupt:20 Base address:0xd000 jfs@silicio:log$ cat /etc/network/interfaces |grep eth1 auto eth1 iface eth1 inet static #mapping eth1 # iface eth1:1 inet dhcp jfs@silicio:log$ sudo -s silicio:/var/log# /usr/share/wicd/daemon/autoconnect.py silicio:/var/log# ps -ef |grep dhc root 19460 2769 0 18:21 ?00:00:00 /sbin/dhclient -v -r eth1 root 19462 18898 0 18:21 pts/000:00:00 grep dhc root 19463 19460 0 18:21 ?00:00:00 /bin/bash /sbin/dhclient-sc
Bug#673823: wpasupplicant: Power management suspend script runs unconditionally even in wired-only computers
Package: wpasupplicant Version: 0.7.3-6 Severity: normal I'm running a desktop system which does *not* have a Wireless interface which is, AFAIK, still a common setup in many computers. My connection uses a wired (Ethernet) interface. When hibernating and resuming from suspension this system will *always* run the /usr/lib/pm-utils/sleep.d/60_wpa_supplicant, which in turn runs /sbin/wpa_cli unconditionally. This is done "by design" because Network-manager (installed because of GNOME3) dependencies pulls in the wpasupplicant package and this package installs the /usr/lib/pm-utils/sleep.d/60_wpa_supplicant script. Running this script n a wired-connected desktop environment which lacks a WiFi interface is useless in most circunstances. However, the previous script cannot be configured in any way in order to prevent it from running and the script will run regardless of whether the system is using a wireless connection (where it's useful) or a wired connection (where it's not). If possible, I would appreciate if the script is changed to prevent it from running under the following circumstances: a) /sbin/wpa_cli is not executable or not present in the system. This is, for example, how /etc/network/if-up.d/wpasupplicant is disabled b) wpasupplicant is not running. By, for example, using the test_wpa_cli() function defined in /etc/wpa_supplicant/functions.sh c) by detecting that wpasupplicant is not configured in the system by using some kind of system indication. d) by making it possible for the administrator to disable it manually. This could be possible by either using a defaults file (under /etc/) or by moving the script under /etc/ and replacing /usr/lib/pm-utils/sleep.d/55wicd with a symbolic link. Introducing any of these mechanisms would enable administrators to configure the system so that this script does not run in systems that do not require it. On the one hand this possibility would save some CPU cycles when resuming for hibernation, making the system startup faster and, on the other hand, it would avoid potential issues or errors that could be caused by running the /sbin/wpa_cli script on systems that are really not configured with any Wireless interface. Thank you for your help in fixing this bug, Javier -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wpasupplicant depends on: ii adduser 3.113+nmu1 ii initscripts 2.88dsf-22.1 ii libc6 2.13-30 ii libdbus-1-3 1.5.12-1 ii libnl-3-200 3.2.7-2 ii libnl-genl-3-200 3.2.7-2 ii libpcsclite1 1.8.3-2 ii libreadline6 6.2-8 ii libssl1.0.0 1.0.1b-1 ii lsb-base 4.1+Debian2 wpasupplicant recommends no packages. Versions of packages wpasupplicant suggests: pn libengine-pkcs11-openssl pn wpagui -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#673822: wicd-daemon: Power management suspend script runs unconditionally even in wired-only computers
Package: wicd-daemon Version: 1.7.2.3-1 Severity: normal I'm running a desktop system which does *not* have a Wireless interface but Network-manager (installed because of GNOME3) dependencies pulls in wicd-daemon unconditionally. This package installs a script under /usr/lib/pm-utils/sleep.d/55wicd and gets run after any resume of hibernation. However, since this script is not a configuration file and it does not provide any way to disable it, the script will run regardless of whether the system is using a wireless connection or a wired connection (as is my case). If possible, I would appreciate if the script would NO-OP either a) by detecting that wicd is not configured using some kind of system indication. For example, in my system, /etc/wicd/wireless-settings.conf is an empty (0-bytes) file which could be an indication. b) by making it possible for the administrator to disable it. This could be possible by either using a defaults file (under /etc/) or by moving the script under /etc/ and replacing /usr/lib/pm-utils/sleep.d/55wicd with a symbolic link. This would enable adminsitrators to remove, if required, this script from suspend. On the one hand this would save some CPU cycles when resuming for hibernation, making the system startup faster and, on the other hand, it would avoid potential issues that could be caused by running /usr/share/wicd/daemon/autoconnect.py (or /usr/share/wicd/daemon/suspend.py) on systems that are really not configured with any Wireless interface. Thank you for your help in fixing this bug, Javier -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages wicd-daemon depends on: ii adduser 3.113+nmu1 ii dbus1.5.12-1 ii debconf 1.5.42 ii ethtool 1:3.1-1 ii iproute 20120319-1 ii iputils-ping3:20101006-1+b1 ii isc-dhcp-client [dhcp3-client] 4.2.2.dfsg.1-4 ii lsb-base4.1+Debian2 ii net-tools 1.60-24.1 ii psmisc 22.16-1 ii python 2.7.2-10 ii python-dbus 0.84.0-3 ii python-gobject 3.2.0-3 ii python-wicd 1.7.2.3-1 ii wireless-tools 30~pre9-8 ii wpasupplicant 0.7.3-6 Versions of packages wicd-daemon recommends: ii wicd-gtk [wicd-client] 1.7.2.3-1 Versions of packages wicd-daemon suggests: ii pm-utils 1.4.1-9 Versions of packages wicd depends on: ii wicd-gtk [wicd-client] 1.7.2.3-1 Versions of packages wicd-gtk depends on: ii python 2.7.2-10 ii python-glade2 2.24.0-3 ii python-gtk22.24.0-3 Versions of packages wicd-gtk recommends: ii gksu 2.0.2-6 ii python-notify 0.1.1-3 Versions of packages python-wicd depends on: ii python 2.7.2-10 ii python2.6 2.6.7-4 ii python2.7 2.7.3~rc2-2.1 -- debconf information: * wicd/users: jfs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#671761: netselect-apt/testing needs a dependency link to netselect/testing
On Sun, May 06, 2012 at 02:09:23PM -0400, Brendan Byrd wrote: > Apparently, the -D option is only in the testing branch of netselect. I > can see two solutions: > > 1. Make sure netselect-apt can use netselect with or without the -D option. > 2. Create a dependency link between netselect/testing and > netselect-apt/testing. I will go towards the second option, I should have done that before. Regards Javier signature.asc Description: Digital signature
Bug#650060: snort: FTBFS with multiarch libmysqlclient-dev (now in unstable)
On Tue, May 01, 2012 at 04:19:41PM +0200, Christoph Egger wrote: > severity 650060 serious > bye > > Seems to happen now in unstable It does not seem to be the same bug (or the patch provided does not apply and fix this bug). The version of libmysqlclient-dev currently available in unstable (version 5.1.62-1) does not provide the '--variable=pkglibdir' option (i.e. it is not recognised for mysql_config). Regards Javier signature.asc Description: Digital signature
Bug#661944: snort.conf portvar $FILE_DATA_PORTS missing
On Fri, Mar 02, 2012 at 09:36:17PM +0100, nils wrote: > The portvar FILE_DATA_PORTS is not defined in the snort.conf, but is used > by many new rulesets, meaning, as soon as the rulesets are updated, snort > will not start with a configuration error. (...) I'm preparing an upload for a new upstream release that includes this new variable so this bug will be fixed with a new upload. Regards Javier signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Fri, Apr 20, 2012 at 10:39:22PM +0300, Peter Eisentraut wrote: > > > > Please send me the output to see if I can see where the problem might be. > > Pretty obvious problem, it turns out: > > Will look in lines using regular expression > '/usr/lib/i386-linux-gnu/libstdc++.so.*' (...) I've patched checkrestart in GIT to fix this issue. Sorry for the delay: - New checkrestart version: http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=blob;f=checkrestart;h=2b9085a8696dcaf112d52cbc0ea0726962182fc9;hb=a510ac78fec59f80462aed8ce9e14f09a75587ee - Patch: http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=commitdiff;h=a510ac78fec59f80462aed8ce9e14f09a75587ee;hp=e770fd65ea860fd45e702c27b6d3b9464de95a49 Could you please test it out? It does not cover all cases and it still might break if the files incluse some characters that can be considered part of a regular expression, but it should fix your problem with libstdc++ Regards Javier signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Fri, Apr 20, 2012 at 10:39:22PM +0300, Peter Eisentraut wrote: > On mån, 2012-04-09 at 21:04 +0200, Javier Fernández-Sanguino Peña wrote: > Pretty obvious problem, it turns out: > > Will look in lines using regular expression > '/usr/lib/i386-linux-gnu/libstdc++.so.*' Thanks. I'll take a look on how to fix this. Probably just indenting special characters (+.*) in the filename should be good enough to fix this. Regards Javier signature.asc Description: Digital signature
Bug#665876: merge - but still affecting squeeze
On Tue, Apr 10, 2012 at 11:26:55AM -0500, Frank Loeffler wrote: > Hi > > This is most likely a cause of #667985, which has been fixed in sid. Yes, I've tested this in a Squeeze chroot and the behaviour in Squeeze generates the error message that was reported. The version in Squeeze is actually very brittle. I should backport the version in unstable to backports and encourage users running stable to use that one instead as many enhancements have been introduced in the latest versions. > However, a similar bug also affects stable and can be fixed using a > similar simple patch: > > - m@'"$SEARCH"':.*@i > + m@'"$SEARCH"':.*@i I will prepare the fix and submit it to the Release Team, if they approve I will do an upload to stable. Regards Javier signature.asc Description: Digital signature
Bug#665876: not using html as source
On Tue, Apr 10, 2012 at 11:35:33AM -0500, Frank Loeffler wrote: > Hi, > > What about parsing http://http.us.debian.org/debian/README.mirrors.txt > for information about Debian mirrors instead of the HTML page? It didn't occur to me, but I'm not sure that parsing that text file is going to be easier than parsing the HTML page and, in the end, it might still be brittle since the format (spacing, column ordering, etc.) might change in the future. The best alternative would be to have a machine-parseable (i.e. XML file) with all the mirrors information. In any case, if you can work on a patch for it I could take a look :) Regards Javier signature.asc Description: Digital signature
Bug#668193: libreoffice-common: Postinst fails saying it cannot determine language
On Mon, Apr 09, 2012 at 05:50:15PM +0200, Rene Engelhard wrote: > Full log? Interesting is the ordering. Without it - as you should know - > this isn't really helpful. I can't provide the full upgrade log as I didn't save it. I do have the aptitude and dpkg logs if those are useful (attached) Please note that I did two upgrades, the first one started at 17:17 broke because of libreoffice's postinstall script and the second one, at 17:29, did go ahead fine (and upgraded the system). > > When retrying the upgrade the error does not reproduce itself so I'm not > > sure what generated it. > > the UNO environment not consistent.. > > (That said, I wonder why you attempt an upgrade 11 days after the first 3.5 > was uploaded, but > anyway...) I just did an upgrade of the system as I'm having some issues after the GNOME 3 upgrade (last week) and wanted to see if an upgrade fixes them (it doesn't) and use xfce in the meantime. I also encountered some strange issue with libreoffice and GNOME (a libreoffice process would be spawned whenever I opened up some applications) and wanted to see if this was fixed (it seems to be now). I didn't really check when was the upgrade of the last libreoffice version, but I don't mind help testing it out and weeding some bugs, after all, that is what sid is for :) Regards Javier aptitude.log.gz Description: Binary data dpkg.log.gz Description: Binary data signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Thu, Apr 05, 2012 at 09:11:09PM +0300, Peter Eisentraut wrote: > On lör, 2012-03-31 at 22:53 +0200, Javier Fernández-Sanguino Peña wrote: > > On Sat, Mar 31, 2012 at 03:10:01PM +0300, Peter Eisentraut wrote: > > > > Does this sound like a viable approach? > > > > > > It's worth a try. > > > > You can find a first attempt at coding this behaviour at > > http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=commitdiff;h=09c21d49555d13153131da3f463aa54452c73fd7 > > > > The -p option should work now with upgrades in *unstable* systems too as old > > libraries are detected and found in (newer) library upgrades. It seems to > > work properly in my unstable desktop when I upgrade some libraries. > > > > Could you give it a try? > > It currently crashes for me: Just to make sure this is not a problem with the script, could you please apply the attached patch to checkrestart (which adds more verbosity) and run checkrestart using 'checkrestart -v -p' ? Please send me the output to see if I can see where the problem might be. Thanks Javier --- checkrestart.orig 2012-04-09 21:02:09.0 +0200 +++ checkrestart 2012-04-09 21:03:27.0 +0200 @@ -301,8 +301,12 @@ dpkgProc.wait() if verbose: print "Running:%s" % dpkgQuery +if file_regexp: +print "Will look in lines using regular expression '%s'" % f for line in dpkgProc.stdout.readlines(): line = line.strip() +if verbose: +print "Analysing output: %s" % line if line.find('no path found matching pattern ' + f) > 0: file_in_package = False break signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Thu, Apr 05, 2012 at 09:11:09PM +0300, Peter Eisentraut wrote: > On lör, 2012-03-31 at 22:53 +0200, Javier Fernández-Sanguino Peña wrote: > > On Sat, Mar 31, 2012 at 03:10:01PM +0300, Peter Eisentraut wrote: > > > > Does this sound like a viable approach? > > > > > > It's worth a try. > > > > You can find a first attempt at coding this behaviour at > > http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=commitdiff;h=09c21d49555d13153131da3f463aa54452c73fd7 > > > > The -p option should work now with upgrades in *unstable* systems too as old > > libraries are detected and found in (newer) library upgrades. It seems to > > work properly in my unstable desktop when I upgrade some libraries. > > > > Could you give it a try? > > It currently crashes for me: > > $ sudo ./checkrestart -p Maybe this is because of the python version? I'm using the following: $ python --version Python 2.7.3rc2 What version are you using? Regards Javier signature.asc Description: Digital signature
Bug#667985: netselect-apt: fails to parse new rel="nofollow" href links
On Sat, Apr 07, 2012 at 01:42:52PM -0700, Nameless wrote: > Netselect-apt fails to parse newest mirrors list with rel="nofollow" in href > links. > Attached patch which tweaks the relevant regexp restored normal functionality. Thanks for the patch. I will apply it, test it and update a new version ASAP. Regards Javier signature.asc Description: Digital signature
Bug#668193: libreoffice-common: Postinst fails saying it cannot determine language
Package: libreoffice-common Version: 1:3.4.6-2 Severity: important I just upgraded libreoffice-common to the new version in sid (coming from 1:3.4.6-2, upgrading to 1:3.5.2-1) it spit out the following error: - Procesando disparadores para libreoffice-common ... ERROR: Cannot determine language! Exception details: (com.sun.star.uno.RuntimeException) { { Message = "Cannot determine language!", Context = (com.sun.star.uno.XInterface) @0 } } unopkg failed. terminate called after throwing an instance of 'com::sun::star::uno::RuntimeException' /var/lib/dpkg/info/libreoffice-common.postinst: línea 32: 17596 Abortado /usr/lib/libreoffice/program/unopkg sync -v --shared "-env:BUNDLED_EXTENSIONS_USER=file:///usr/lib/libreoffice/share/prereg/bundled" "-env:UserInstallation=file://$INSTDIR" "-env:UNO_JAVA_JFW_INSTALL_DATA=file://$d/share/config/javasettingsunopkginstall.xml" "-env:JFW_PLUGIN_DO_NOT_CHECK_ACCESSIBILITY=1" dpkg: error al procesar libreoffice-common (--remove): el subproceso instalado el script post-installation devolvió el código de salida de error 134 configured to not write apport reports - This error broke the upgrades, since the dpkg error is not recoverable. It would be best if these kind of errors where handled somehow. When retrying the upgrade the error does not reproduce itself so I'm not sure what generated it. Regards -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=es_ES.UTF-8, LC_CTYPE=es_ES.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libreoffice-common depends on: ii dpkg 1.16.2 ii libreoffice-style-galaxy [libreoffice-style-default] 1:3.4.6-2 ii ure 3.5.2~rc2-1 Versions of packages libreoffice-common recommends: ii libtextcat-data 2.2-11 ii xfonts-mathml4 Versions of packages libreoffice-common suggests: pn libreoffice-style-crystal pn libreoffice-style-hicontrast pn libreoffice-style-oxygen pn libreoffice-style-tango -- Configuration Files: /etc/libreoffice/soffice.sh changed [not included] /etc/libreoffice/sofficerc changed [not included] -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#666892: cron: Cross-building support for cron
tag 666892 pending thanks On Mon, Apr 02, 2012 at 01:25:36AM -0700, Steve Langasek wrote: > In Ubuntu, the attached patch was applied to add support for cross-building > cron. cron has a very simple build system, so it's a very simple patch; all > that's required to let cron cross-build is to tell the makefile where the > cross-compiler is. > > Please consider including this patch in Debian as well. Thanks Steve, I have applied the patch to our GIT repo [1]. The fix should be available in the next package upload of cron (version 3.0pl1-122). Regards Javier [1] commit 24f9c8fcc95e271d94e19dacc57afd82b82fbba7 signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Sat, Mar 31, 2012 at 03:10:01PM +0300, Peter Eisentraut wrote: > > Does this sound like a viable approach? > > It's worth a try. You can find a first attempt at coding this behaviour at http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=commitdiff;h=09c21d49555d13153131da3f463aa54452c73fd7 The -p option should work now with upgrades in *unstable* systems too as old libraries are detected and found in (newer) library upgrades. It seems to work properly in my unstable desktop when I upgrade some libraries. Could you give it a try? Regards Javier signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Fri, Mar 30, 2012 at 08:13:55PM +0300, Peter Eisentraut wrote: > I appears to me, however, that what it's doing is effectively useless. > For example, I currently have this in the output of checkrestart -v: > > Process /usr/bin/dbus-daemon (PID: 1519) > List of deleted files in use: > /lib/i386-linux-gnu/libexpat.so.1.5.2 > > The (new) checkrestart -p determines that this file does not belong to > any package, so it ignores it. But the whole point is, it belonged to > a former package, which has been upgraded. So whenever a file is > renamed in a package upgrade, this approach breaks down. Note that with > shared libraries, the process has the file open that contains the minor > version. So pretty much every single library upgrade will be missed by > this. You are right in that if the file is removed and a new file is installed (with a new name) then checkrestart -p is largely useless as it is for these situations. However, this will probably happen only when you are doing upgrades in unstable (where libraries are frequently upgraded) but not in stable (where library versions are not changed). So the approach is still useful for those users running stable and doing security upgrades which is one of the main goals of checkrestart. For users running unstable, a way to fix this issue would be to check for packages providing *newer* versions of the library, not just the old file (which was deleted). For example, in your case, if the dpkg-query was done like this: dpkg-query --search "/lib/i386-linux-gnu/libexpat.so*" instead of how it is currently done: dpkg-query --search "/lib/i386-linux-gnu/libexpat.so.1.5.2" The previous one can be useful to make checkrestart "known" that the former library belongs to the libexpat1 package, although it might lead to false positives if not coded properly. Whileas the second one will not indicate any package (as the file has been removed) Does this sound like a viable approach? Coding this into checkrestart might not be too difficult if we restrict ourselves to only libraries (i.e. files under /lib and /usr/lib). I will try to take a shot at this. Regards Javier signature.asc Description: Digital signature
Bug#548380: checkrestart: Xorg intel drivers regression
On Wed, Mar 14, 2012 at 09:36:43PM +0100, Francesco Poli wrote: > Mmmh, may I have some sort of reply, please? There was a bug in the fix commited for this bug and it has been fixed in our GIT repository [1]. The bug will be fixed with the next package upload. Sorry for the delay, regards Javier [1] http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=commitdiff;h=1287a709e04b66549f9a6ae954400456349260ea signature.asc Description: Digital signature
Bug#657653: checkrestart -p completely broken?
On Fri, Jan 27, 2012 at 08:51:43PM +0200, Peter Eisentraut wrote: > sudo checkrestart reports: > > Found 87 processes using old versions of upgraded files > (57 distinct programs) > ... > > and then gives the details. > > sudo checkrestart -p on the other hand, runs for 10 minutes, prints > hundreds of "dpkg-query: no path found matching pattern" lines (bug > #513189), then finishes with I've reviewed the use of dpkg-query and, indeed, there were some bugs in the code: 1.- the call to dpkg-query was run as a subprocess and the script did not wait for the process to stop, so the file was found *not* to be a part of a package 2.- the script was making dpkg-query calls for all the instances of a file even if the file appeared more than once (i.e. a removed library that many processes were using) which leads it to be *very* CPU intensive if you've done a full upgrade which includes many core libraries (i.e. used by many processes) I have submitted a fix to our GIT repository [1]. Once we confirm that this fix is OK and does not introduced any new bugs we will upload it. Regards Javier [1] http://anonscm.debian.org/gitweb/?p=collab-maint/debian-goodies.git;a=blobdiff;f=checkrestart;h=718577a21f6dc49514fe0f6916e821ff075eae76;hp=1e1f9b894b0c93bb47ad9ea4684f051715193c52;hb=2a2b41299b1177f42e7765a44614b03b639c51bc;hpb=85d9cac6e96e4de024ae5083b01274d714f258e8 signature.asc Description: Digital signature