Bug#822862: Missing files and permissions

[Mathieu Parent]

Package: subunit
Version: 1.1.0-3
Severity: normal

Hello,


Running samba selftest fails, with "Permission denied" on 
Quick fix:
chmod +x /usr/lib/python2.7/dist-packages/subunit/tests/test_subunit_filter.py
mkdir /usr/lib/python2.7/filters/
ln -s /usr/bin/subunit-filter /usr/lib/python2.7/filters/subunit-filter

Regards

Mathieu Parent

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages subunit depends on:
ii  libsubunit-perl  1.1.0-3
ii  perl 5.22.1-10
ii  python   2.7.11-1
ii  python-subunit   1.1.0-3
ii  python3-subunit  1.1.0-3

Versions of packages subunit recommends:
ii  python-gtk2  2.24.0-4
pn  python-junitxml  

subunit suggests no packages.

-- no debconf information

Bug#822771: [pkg-php-pear] Bug#822771: php-pear: Invalid argument supplied for foreach() in /usr/share/php/PEAR/Command.php on + XML Extension not found

[Mathieu Parent]

Control: severity -1 major
Control: tag -1 + moreinfo unreproducible

2016-04-27 12:36 GMT+02:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
> Package: php-pear
> Version: 1:1.10.1+submodules+notgz-8
> Severity: grave
> Justification: renders package unusable

Hi,

> I discovered I've the same problem described here:
> http://serverfault.com/questions/589877/pecl-command-produces-long-list-of-errors
> examining horde log files
>
> A long list of
> Invalid argument supplied for foreach() in /usr/share/pear/PEAR/...
> ending with


Can you send the complete log. I need at least the file and line number.

> PHP Warning:  require_once(/lib/Application.php): failed to open stream:
> No such file or directory in /usr/bin/horde-alarms on line 21
> PHP Fatal error:  require_once(): Failed opening required
> '/lib/Application.php' (include_path='.:/usr/share/php:') in
> /usr/bin/horde-alarms on line 21

How have you installed Horde? Using PEAR or apt?

What does aptitude search "php~i" outputs?

> This also seems to be related with some pear issue not setting horde_dir

What does pear config-get horde_dir outputs?

> Simply running
> pear list-all
> or any other pear command end up in the same list of
> Invalid argument supplied for foreach() in /usr/share/pear/PEAR/...
> ending with
> XML Extension not found

I can't reproduce.

> thanks
>
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers unstable
>   APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')

You have a mix of php5 and php7. Ensure you have the corresponding
versions (for xml, ...)


> Versions of packages php-pear depends on:
> ii  php-common1:35
> ii  php-xml       1:7.0+35
> ii  php5.6-cli [php-cli]  5.6.18+dfsg-11
> ii  php7.0-xml [php-xml]  7.0.5-3

Regards


-- 
Mathieu Parent

Bug#822841: cifs-utils should suggests winbind instead of recommending it

[Mathieu Parent]

Package: cifs-utils
Version: 2:5.0-1
Severity: minor

Hello,

Installing cifs-utils pulls winbind (which pulls samba, see #732604).

This is only needed when mounting with cifsacl option.

Regards

Mathieu Parent

Bug#820989: [Pkg-samba-maint] Bug#820989: samba: After an 'apt-get upgrade' dpkg report error in samba (--configure)

[Mathieu Parent]

Le jeudi 21 avril 2016, Arveno Santoro  a écrit :

> In the configuration file there was the deprecated security = share;
> when I changed it to security=user the error is gone away.
>
>
> Thanks for your support and sorry for my little english
>
Thanks



-- 
Mathieu

Bug#818962: [lintian] Proposed patches for php checks

[Mathieu Parent]

Control: tag -1 + patch confirmed

Hello,

See the attached patches (0001 to 0004).

Patches 5 and 6 are unrelated.

Regards
-- 
Mathieu
From 4231f1d6bcf8deaa785941b6ed8809aa2127dc79 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <mathieu.par...@nantesmetropole.fr>
Date: Thu, 3 Mar 2016 10:50:36 +0100
Subject: [PATCH 1/6] There is now a php-cli package

---
 checks/scripts.desc| 6 +++---
 data/scripts/versioned-interpreters| 2 +-
 t/tests/legacy-scripts/debian/debian/rules | 4 ++--
 t/tests/legacy-scripts/tags| 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/checks/scripts.desc b/checks/scripts.desc
index ddcc5ed..77590ec 100644
--- a/checks/scripts.desc
+++ b/checks/scripts.desc
@@ -221,9 +221,9 @@ Tag: php-script-but-no-phpX-cli-dep
 Severity: important
 Certainty: certain
 Info: Packages with PHP scripts must depend on a phpX-cli package such as
- php5-cli.  Note that a dependency on a php-cgi package (such as php5-cgi)
- is needlessly strict and forces the user to install a package that isn't
- needed.
+ php-cli or php7.0-cli.  Note that a dependency on a php-cgi package (such
+ as php-cgi or php7.0-cgi) is needlessly strict and forces the user to
+ install a package that isn't needed.
  .
  In some cases a weaker relationship, such as Suggests or Recommends, will
  be more appropriate.
diff --git a/data/scripts/versioned-interpreters b/data/scripts/versioned-interpreters
index fff44c2..05fb366 100644
--- a/data/scripts/versioned-interpreters
+++ b/data/scripts/versioned-interpreters
@@ -73,7 +73,7 @@ guile   => /usr/bin, guile-([\d.]+), guile-$1, 1.6 1.8,
 jruby   => /usr/bin, jruby([\d.]+), jruby$1, 1.0 1.1 1.2
 lua => /usr/bin, lua([\d.]+), lua$1, 40 50 5.1 5.2
 octave  => /usr/bin, octave([\d.]+), octave$1, 3.0 3.2
-php => /usr/bin, php(\d+), php$1-cli, 5, @NO_DEFAULT_DEPS@
+php => /usr/bin, php(\d+), php$1-cli, 5, php-cli
 pike=> /usr/bin, pike([\d.]+), pike$1 | pike$1-core, 7.6 7.8, @NO_DEFAULT_DEPS@
 python  => /usr/bin, python([\d.]+), python$1:any | python$1-minimal:any, 2.7, @SKIP_UNVERSIONED@
 ruby=> /usr/bin, ruby([\d.]+), ruby$1, 1.8 1.9, @SKIP_UNVERSIONED@
diff --git a/t/tests/legacy-scripts/debian/debian/rules b/t/tests/legacy-scripts/debian/debian/rules
index 25b6f9e..a615bd6 100755
--- a/t/tests/legacy-scripts/debian/debian/rules
+++ b/t/tests/legacy-scripts/debian/debian/rules
@@ -63,8 +63,8 @@ binary-indep:
 	install -m 755 init-lsb-other $(tmp)/etc/init.d/lsb-other
 
 	install -m 755 phpfoo $(tmp)/usr/share/scripts/
-	sed 's/php$$/php5/' phpfoo > $(tmp)/usr/share/scripts/php5foo
-	chmod 755 $(tmp)/usr/share/scripts/php5foo
+	sed 's/php$$/php7.0/' phpfoo > $(tmp)/usr/share/scripts/php7.0foo
+	chmod 755 $(tmp)/usr/share/scripts/php7.0foo
 
 	echo "#!/usr/bin/perl" >> $(tmp)/usr/share/scripts/foobar.in
 	chmod 644 $(tmp)/usr/share/scripts/foobar.in
diff --git a/t/tests/legacy-scripts/tags b/t/tests/legacy-scripts/tags
index 3f2854c..d229820 100644
--- a/t/tests/legacy-scripts/tags
+++ b/t/tests/legacy-scripts/tags
@@ -13,7 +13,7 @@ E: scripts: init.d-script-has-unterminated-lsb-section etc/init.d/lsb-broken:15
 E: scripts: missing-dep-for-interpreter jruby => jruby | jruby1.0 | jruby1.1 | jruby1.2 (usr/bin/jruby-broken)
 E: scripts: missing-dep-for-interpreter lefty => graphviz (usr/bin/lefty-foo)
 E: scripts: package-installs-python-bytecode usr/lib/python2.3/site-packages/test.pyc
-E: scripts: php-script-but-no-phpX-cli-dep usr/share/scripts/php5foo
+E: scripts: php-script-but-no-phpX-cli-dep usr/share/scripts/php7.0foo
 E: scripts: php-script-but-no-phpX-cli-dep usr/share/scripts/phpfoo
 E: scripts: python-script-but-no-python-dep usr/bin/py2foo
 E: scripts: python-script-but-no-python-dep usr/bin/pyfoo
-- 
2.6.2

From 9e3f413469c0533a34f397dae77ef5307e4735f9 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <mathieu.par...@nantesmetropole.fr>
Date: Thu, 3 Mar 2016 10:56:23 +0100
Subject: [PATCH 2/6] dh-php5 is replaced by dh-php, and php5-dev by php-dev

Note that php-dev currently depends on php7.0-dev
---
 checks/phppear.desc |  4 ++--
 checks/phppear.pm   | 18 +-
 data/debhelper/dh_addons|  2 +-
 data/debhelper/dh_commands  |  2 +-
 data/debhelper/dh_packages  |  2 +-
 data/debhelper/maint_commands   |  2 +-
 data/debhelper/miscDepends_commands |  2 +-
 t/tests/phppear-pear/tags   |  6 +++---
 t/tests/phppear-pearok/debian/debian/control.in |  2 +-
 9 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/checks/phppear.desc b/checks/phppear.desc
index ccf7a57..5f659b6 100644
--- a/checks/phppear.desc
+++ b/checks/phppear.desc
@@ -50,7 +50,7 @@ Tag: pecl-package-requires-build-dependency
 Severity: normal
 Certainty: possible
 Info: The pac

Bug#821458: RM: dh-make-php -- ROM; Superseeded by pkg-php-tools

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

Actually I'm not the maintainer of this package.

dh-make-php is not used anymore and is superseeded by pkg-php-tools
(See #801269). No more package (build-)depend on it.

Please remove it.

Thanks

Mathieu Parent

Bug#820282: [php-maint] Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent (Debian)]

Control: tag -1 + patch



2016-04-17 13:51 GMT+02:00 Mathieu Parent (Debian) <sath...@debian.org>:
> 2016-04-07 23:05 GMT+02:00 Mathieu Parent (Debian) <sath...@debian.org>:

Here is an updated version:

> Please consider the atatched patches.I've tested that they work if:
> - only php7.0-fpm is installed
> - only libapache2-mod-php7.0 is installed
> - both are installed
>
> Notes:
> - if both are installed, -fpm wins
now, mod_php wins

> - if apache2 is installed after -fpm, -fpm is not activated
still. But this not worse than currently.

Cheers

-- 
Mathieu Parent
From 669898d1ecac4329c57d38dd1ab28a83f34515bb Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Sun, 17 Apr 2016 03:54:15 +0200
Subject: [PATCH 3/3] Enable mod_proxy_fcgi for php-fpm

---
 debian/php-fpm.postinst.extra | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/php-fpm.postinst.extra b/debian/php-fpm.postinst.extra
index 9394363..5895ce9 100644
--- a/debian/php-fpm.postinst.extra
+++ b/debian/php-fpm.postinst.extra
@@ -3,6 +3,7 @@ if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
 
 php_enable() {
 	# Enable PHP FPM by default when Apache 2 is installed
+	apache2_invoke enmod proxy_fcgi
 	return 0
 }
 else
-- 
2.8.0.rc3

From 121144164aef76a6cf6fdd9a34ba8a2ea2cb1664 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 7 Apr 2016 22:57:41 +0200
Subject: [PATCH 2/3] Only use fpm SetHandler when it works

i.e when mod_proxy_fcgi is loaded
---
 debian/php-fpm.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/debian/php-fpm.conf b/debian/php-fpm.conf
index 32c1119..8487808 100644
--- a/debian/php-fpm.conf
+++ b/debian/php-fpm.conf
@@ -1,5 +1,6 @@
 # Redirect to local php-fpm if mod_php is not available
 
+
 # Enable http authorization headers
 SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 
@@ -17,3 +18,4 @@
 Require all denied
 
 
+
-- 
2.8.0.rc3

From 44b95cfce8a7627fb765dcf652a4713aa566f044 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Sun, 17 Apr 2016 03:42:02 +0200
Subject: [PATCH 1/3] Revert "Don't enable PHP FPM by default"

This reverts commit 4c4736beed2d0151d69aadbfc156a9d9b3df05c1.
---
 debian/php-fpm.postinst.extra | 17 +
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/debian/php-fpm.postinst.extra b/debian/php-fpm.postinst.extra
index 9e017b3..9394363 100644
--- a/debian/php-fpm.postinst.extra
+++ b/debian/php-fpm.postinst.extra
@@ -1,7 +1,16 @@
-php_enable() {
-# Don't enable PHP FPM by default
-return 1
-}
+if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
+. /usr/share/apache2/apache2-maintscript-helper
+
+php_enable() {
+	# Enable PHP FPM by default when Apache 2 is installed
+	return 0
+}
+else
+php_enable() {
+	# Don't enable PHP FPM by default when Apache 2 is not installed
+	return 1
+}
+fi
 
 if [ "$1" = "triggered" ] && [ "$2" = "/etc/php/@PHP_VERSION@/fpm/conf.d" ]; then
 invoke-rc.d php@PHP_VERSION@-fpm restart
-- 
2.8.0.rc3

Bug#820282: [php-maint] Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent (Debian)]

2016-04-07 23:05 GMT+02:00 Mathieu Parent (Debian) <sath...@debian.org>:
> 2016-04-07 12:57 GMT+02:00 Ondřej Surý <ond...@sury.org>:
>> Hi Mathieu,
[...]

Hello Ondřej,

Please consider the atatched patches.I've tested that they work if:
- only php7.0-fpm is installed
- only libapache2-mod-php7.0 is installed
- both are installed

Notes:
- if both are installed, -fpm wins
- if apache2 is installed after -fpm, -fpm is not activated

Regards

-- 
Mathieu Parent
From d685d93f2eff841245dc737788752b04bd0cbff9 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Sun, 17 Apr 2016 03:54:15 +0200
Subject: [PATCH 3/3] Enable mod_proxy_fcgi for php-fpm

---
 debian/php-fpm.postinst.extra | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/php-fpm.postinst.extra b/debian/php-fpm.postinst.extra
index 9394363..5895ce9 100644
--- a/debian/php-fpm.postinst.extra
+++ b/debian/php-fpm.postinst.extra
@@ -3,6 +3,7 @@ if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
 
 php_enable() {
 	# Enable PHP FPM by default when Apache 2 is installed
+	apache2_invoke enmod proxy_fcgi
 	return 0
 }
 else
-- 
2.8.0.rc3

From 8c4d5af805709b923c2c64cf64d87347d877264e Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 7 Apr 2016 22:57:41 +0200
Subject: [PATCH 2/3] Only use fpm SetHandler when it works

i.e when mod_proxy_fcgi is loaded
---
 debian/php-fpm.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/php-fpm.conf b/debian/php-fpm.conf
index 32c1119..cc8c7ab 100644
--- a/debian/php-fpm.conf
+++ b/debian/php-fpm.conf
@@ -1,5 +1,5 @@
 # Redirect to local php-fpm if mod_php is not available
-
+
 # Enable http authorization headers
 SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 
-- 
2.8.0.rc3

From 44b95cfce8a7627fb765dcf652a4713aa566f044 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Sun, 17 Apr 2016 03:42:02 +0200
Subject: [PATCH 1/3] Revert "Don't enable PHP FPM by default"

This reverts commit 4c4736beed2d0151d69aadbfc156a9d9b3df05c1.
---
 debian/php-fpm.postinst.extra | 17 +
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/debian/php-fpm.postinst.extra b/debian/php-fpm.postinst.extra
index 9e017b3..9394363 100644
--- a/debian/php-fpm.postinst.extra
+++ b/debian/php-fpm.postinst.extra
@@ -1,7 +1,16 @@
-php_enable() {
-# Don't enable PHP FPM by default
-return 1
-}
+if [ -e /usr/share/apache2/apache2-maintscript-helper ]; then
+. /usr/share/apache2/apache2-maintscript-helper
+
+php_enable() {
+	# Enable PHP FPM by default when Apache 2 is installed
+	return 0
+}
+else
+php_enable() {
+	# Don't enable PHP FPM by default when Apache 2 is not installed
+	return 1
+}
+fi
 
 if [ "$1" = "triggered" ] && [ "$2" = "/etc/php/@PHP_VERSION@/fpm/conf.d" ]; then
 invoke-rc.d php@PHP_VERSION@-fpm restart
-- 
2.8.0.rc3

Bug#821253: RM: shinken-mod-livestatus/experimental -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

It has been removed from sid (#820267) and should be removed from experimental
too.

Regards

Mathieu Parent

Bug#820989: [Pkg-samba-maint] Bug#820989: samba: After an 'apt-get upgrade' dpkg report error in samba (--configure)

[Mathieu Parent]

 "

2016-04-14 17:45 GMT+02:00 Arveno Santoro :
> samba_4.2.10+dfsg-0+deb8u2
>
> Same problem
>
> Reading package lists...
> Building dependency tree...
> Reading state information...
> 0 upgraded, 0 newly installed, 0 to remove and 13 not upgraded.
> 1 not fully installed or removed.
> After this operation, 0 B of additional disk space will be used.
> Setting up samba (2:4.2.10+dfsg-0+deb8u2) ...
> Job for smbd.service failed. See 'systemctl status smbd.service' and
> 'journalctl -xn' for details.
> invoke-rc.d: initscript smbd, action "start" failed.
> dpkg: error processing package samba (--configure):
>  subprocess installed post-installation script returned error exit status 1

Can you run at least "systemctl status smbd.service" and "journalctl -xn"?

We need your details,  but you probably have an obsolete configuration
in smb.conf ("password level" or "set directory")

Regards
-- 
Mathieu

Bug#820282: [php-maint] Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent (Debian)]

2016-04-07 12:57 GMT+02:00 Ondřej Surý <ond...@sury.org>:
> Hi Mathieu,
>
> I already tried enabling FPM by default but it ended with a weird errors
> on the user side, see:
>
> https://github.com/oerdnj/deb.sury.org/issues/266
>
> So I have disabled it again. It might need a debconf question that can
> be pre-seeded or something like that before we re-enable it again.

The original problem is not about mod_php vs fcgi, but about the fpm
not working by default.

What is required is enabling mod_proxy_fcgi, and ensure it's activated
with the attached patch.

This is just a proof-of-concept, I'll check that later (read: end of April)

> I've been getting a lot of complaints that `apt-get install php` pulls
> apache2 and FPM SAPI is much safer anyway.

I understand. But we have tried to move to php5-fpm in jessie and some
applications didn't work. I won't go into details, but the behavior is
slightly different, and it seems that mod_php is the most used (we
also had problem with mod_auth_cas not working with mpm_workers which
decrease the advantage of fcgi over mod_php). Anyway I don't care that
much about defaults as we use Puppet.


Cheers
-- 
Mathieu Parent
From 1d5174bfaf4219aa5169e9611395f9783a40a168 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 7 Apr 2016 22:57:41 +0200
Subject: [PATCH] Only use fpm SetHandler when it works

i.e when mod_proxy_fcgi is loaded
---
 debian/php-fpm.conf | 32 +---
 1 file changed, 17 insertions(+), 15 deletions(-)

diff --git a/debian/php-fpm.conf b/debian/php-fpm.conf
index 32c1119..3172a92 100644
--- a/debian/php-fpm.conf
+++ b/debian/php-fpm.conf
@@ -1,19 +1,21 @@
 # Redirect to local php-fpm if mod_php is not available
 
-# Enable http authorization headers
-SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
+
+# Enable http authorization headers
+SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1
 
-
-SetHandler "proxy:unix:/run/php/php@php_vers...@-fpm.sock|fcgi://localhost"
-
-
-# Deny access to raw php sources by default
-# To re-enable it's recommended to enable access to the files
-# only in specific virtual host or directory
-Require all denied
-
-# Deny access to files without filename (e.g. '.php')
-
-Require all denied
-
+
+SetHandler "proxy:unix:/run/php/php@php_vers...@-fpm.sock|fcgi://localhost"
+
+
+# Deny access to raw php sources by default
+# To re-enable it's recommended to enable access to the files
+# only in specific virtual host or directory
+Require all denied
+
+# Deny access to files without filename (e.g. '.php')
+
+Require all denied
+
+
 
-- 
2.8.0.rc3

Bug#819592: Can't complete horde webmail-install script

[Mathieu Parent]

Hi,

On Thu, 31 Mar 2016 01:43:51 +0300
=?UTF-8?B?0JXQstCz0LXQvdC40Lkg0JHQsNGF0YLQuNC9?=
<bahtin.ev...@gmail.com> wrote:
> Package: php-horde-webmail
> Version: 5.2.12-2
> Severity: grave
> Tags: sid
>
> I use only 'sid' repository. I install on 'clean' system.
> When I try to complete horde webmail installation with script
> 'webmail-install' I see this message:
>

I couldn't reproduce it.

As things are changing fast currently in sid (PHP7 transition), can
you try again?

The only problems I had are:
- PHP not enabled on Apache (#820282)
- Services_Weather had to be patched:
diff -ur /usr/share/php.orig/Services/Weather.php
/usr/share/php/Services/Weather.php
--- /usr/share/php.orig/Services/Weather.php2016-03-18
22:10:39.0 +
+++ /usr/share/php/Services/Weather.php2016-04-05 06:27:00.783244225 +
@@ -164,7 +164,7 @@

 // Create service and return
 $error = null;
-@$obj =  $classname($options, $error);
+@$obj = new $classname($options, $error);

 if (Services_Weather::isError($error)) {
     return $error;



Regards

Mathieu Parent

Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent]

On Thu, 7 Apr 2016 08:15:10 +0200 Mathieu Parent <math.par...@gmail.com> wrote:
> On Thu, 07 Apr 2016 07:46:12 +0200 Mathieu Parent <sath...@debian.org> wrote:
> [...]
> > Patch:
> >   git revert 4c4736beed2d0151d69aadbfc156a9d9b3df05c1
>
>
> And mod_proxy should be enabled (a2enmod proxy or apache2_invoke enmod proxy).


I mean proxy_fcgi

Cheers

Mathieu
(sorry for the spam)

Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent]

On Thu, 07 Apr 2016 07:46:12 +0200 Mathieu Parent <sath...@debian.org> wrote:
[...]
> Patch:
>   git revert 4c4736beed2d0151d69aadbfc156a9d9b3df05c1


And mod_proxy should be enabled (a2enmod proxy or apache2_invoke enmod proxy).

Cheers,

Mathieu

Bug#820282: Please enable fpm by default on Apache

[Mathieu Parent]

Package: php7.0-fpm
Version: 7.0.5-2
Severity: normal

Hi Ondrej,

Currently, php7.0 depends on php7.0-fpm | libapache2-mod-php7.0 | php7.0-cgi.

FPM being the default, a smooth experience is expected. Also, this can be a 
security risk as PHP source is available.

Patch:
  git revert 4c4736beed2d0151d69aadbfc156a9d9b3df05c1

Side question: Why was the default changed from mod_php5 to php7.0-fpm?

Cheers

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.58.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Bug#820280: RM: shinken-mod-ws-arbiter -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820279: RM: shinken-mod-ui-graphite -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820276: RM: shinken-mod-pickle-retention-file-generic -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820278: RM: shinken-mod-simple-log -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820273: RM: shinken-mod-named-pipe -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820275: RM: shinken-mod-nsca -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820274: RM: shinken-mod-npcdmod -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820277: RM: shinken-mod-retention-mongodb -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820269: RM: shinken-mod-logstore-null -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820272: RM: shinken-mod-mongodb -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820271: RM: shinken-mod-logstore-sqlite -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820265: RM: shinken-mod-graphite -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820267: RM: shinken-mod-livestatus -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820268: RM: shinken-mod-logstore-mongodb -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820264: RM: shinken-mod-collectd -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820263: RM: shinken-mod-booster-nrpe -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820266: RM: shinken-mod-hot-dependencies -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820262: RM: shinken -- ROM; Debian packaging team inactive

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hello,

As the RFA [1] has not been taken, and without any effective action [2].

I don't want to keep this package outdated and unmaintained, so please remove 
it.

Regards


[1]: https://bugs.debian.org/799539
[2]: 
https://lists.alioth.debian.org/pipermail/pkg-shinken-maint/Week-of-Mon-20160111/000358.html

Bug#820094: [Pkg-php-pecl] Bug#820094: Doesn't support PHP 7

[Mathieu Parent]

2016-04-05 14:30 GMT+02:00 Ondřej Surý :
> Source: php-facedetect
> Version: 1.1.0+git20140717-2
> Severity: grave
>
> Dear maintainers,
>
> php-facedetect doesn't support PHP 7.0 and it should be either updated
> to have PHP 7.0 support (which doesn't support in upstream) or the
> package should be removed from the archive (I can fill the RM bug if
> you don't have time).

Keep it in sid only for now. I will dig into it once time permit.

Cheers
-- 
Mathieu

Bug#820091: [pkg-horde] Bug#820091: Switch from php-mongo to php-mongodb is needed

[Mathieu Parent]

2016-04-05 13:54 GMT+02:00 Ondřej Surý :
> Package: php-horde-mongo
> Version: 1.0.3-4
> Severity: grave
>
> Dear maintainers,

hello Ondřej,

> php-mongo is obsolete with PHP 7.0 and it's going to be removed from
> Debian unstable.

OK.

> This is RC bug to make sure that php-horde-mongo gets removed from
> testing, so we can remove php-mogno, and then gets updated to use the
> new mongodb extension packaged as php-mongodb.

No problem to have php-horde-mongodb removed from testing, it's a leaf package.

Just for my information, is there any plan to ship php-mongodb? Is the
API compatible?

> Cheers,

Cheers,

-- 
Mathieu

Bug#819986: RFP: resolv-wrapper -- A wrapper for DNS name resolving or DNS faking

[Mathieu Parent]

Package: wnpp
Severity: wishlist

* Package name: resolv-wrapper
  Version : 1.1.3
  Upstream Author : Andreas Schneider
* URL : https://cwrap.org/resolv_wrapper.html
* License : BSD-3-clauses
  Programming Lang: C
  Description : A wrapper for DNS name resolving or DNS faking

resolv_wrapper makes it possible on most UNIX platforms to contact your own DNS
implementation in your test environment. It requires socket_wrapper to be able
to contact it.
If it doesn't work on a special platform the wrapper is able to fake DNS queries
and return valid responses to your application.

- Redirects name queries to the nameservers specified in your resolv.conf
- Can fake DNS queries using a simple formatted DNS hosts file.

This package is usefull to run samba selftest.

Bug#819302:

[Mathieu Parent]

Control: reopen -1

Reopening as it still affects jessie.

-- 
Mathieu

Bug#709613: Still in wheezy

[Mathieu Parent]

Control: reopen -1

It still affects wheezy. Reopening

-- 
Mathieu

Bug#753667:

[Mathieu Parent]

Control: reopen -1

Oups, it still affects wheezy.

-- 
Mathieu

Bug#759010: [Pkg-samba-maint] Bug#759010: samba: FTBFS on hurd-i386

[Mathieu Parent]

On Sat, 23 Aug 2014 22:45:02 +0200 Jelmer Vernooij <jel...@samba.org> wrote:
> On Sat, Aug 23, 2014 at 02:49:59PM -0400, Manuel Menal wrote:
> > samba FTBFS on hurd-i386 because lib/tevent/testsuite.c uses PIPE_BUF
> > unconditionally, which is not defined on GNU/Hurd.
> >
> > Attached is a simple patch that use sysconf() if PIPE_BUF is not
> > defined.
> >
> > With this patch and those in #759008 and #749095 applied, samba builds
> > and seems to be working fine on GNU/Hurd.
>
> Thanks! I'll see if I can also get this upstream.

Manuel, can you report it upstream (using samba-technical mailing-list
or a github pull-request)?

Regards

Mathieu Parent

Bug#763648: samba: Typo fix: sever -> server

[Mathieu Parent]

Hello Santiago,

Can you send this patch upstream (via their bugzilla or using github[1])

[1]: https://github.com/samba-team/samba/pulls

We'll merge the Debian part of it once the upstream part is merged.

Regards

Mathieu Parent

Bug#801690: [Pkg-samba-maint] Bug#801690: 'smbstatus -b' leads to broken ctdb cluster

[Mathieu Parent]

Hello Adi,

I'm not able to reproduce the bug under current sid.

As ctdb in jessie was in another repository than samba, I suspect an
API incompatibility.

I'm tempted to mark this as fixed under sid, but can you setup a sid
box and test yourself with a similar config?

Regards

Mathieu Parent

Bug#801327: ctdb: Man page for ctdb_diagnostics

[Mathieu Parent]

On Fri, 09 Oct 2015 20:04:48 +0200 Martijn van Brummelen
<mart...@brumit.nl> wrote:
>
>
> I had contact with upstream see [0] and I created this patch.
>
> Kind regards,
> Martijn van Brummelen
> [0] https://lists.samba.org/archive/samba-technical/2015-October/109873.html

Hello Martijn,

Any news on this? Upstream is waiting for an XML, ...

Regards

Mathieu Parent

Bug#736518: This is a FTBR

[Mathieu Parent]

Hello,

THis bug looks like a FTBR.

regards
-- 
Mathieu

Bug#816205: tagging 816205

[Mathieu Parent (Debian)]

2016-03-28 14:44 GMT+02:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
> On Mon, 2016-03-28 at 14:39 +0200, Mathieu Parent (Debian) wrote:
>> 2016-03-26 18:35 GMT+01:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
>> > On Sat, 2016-03-26 at 17:14 +0100, Mathieu Parent wrote:
>> >> tags 816205 + jessie-ignore
>> >> thanks
>> >
>> > Was that discussed with anyone on the Release Team before the tag was
>> > added?
>>
>> No.I've done it to remove this bug from my UDD dashboard.
>
> I see. Please don't do that in future.

OK.

> The tags have a specific purpose (which isn't "I don't want to fix or
> see this in $release") and should only be set by, or with the agreement
> of, the Release Team. See the bolded sections of
> https://www.debian.org/Bugs/Developer#tags

OK

> Regards,
>
> Adam
>



-- 
Mathieu Parent

Bug#816205: tagging 816205

[Mathieu Parent (Debian)]

2016-03-26 18:35 GMT+01:00 Adam D. Barratt <a...@adam-barratt.org.uk>:
> On Sat, 2016-03-26 at 17:14 +0100, Mathieu Parent wrote:
>> tags 816205 + jessie-ignore
>> thanks
>
> Was that discussed with anyone on the Release Team before the tag was
> added?

No.I've done it to remove this bug from my UDD dashboard.

> From a quick look at the bug log it may well be suitable for a -ignore
> tag, but it shouldn't simply be added by the maintainer or a bug triager
> (with a couple of exceptions where the SRMs have previously agreed scope
> with some people).

OK. Feel free to remove the tag if needed.


Regards
-- 
Mathieu Parent

Bug#819146: PHP 7 transition and moving to pkg-php-pecl team

[Mathieu Parent]

Source: php-mongo
Version: 1.6.10-1
Severity: important

Hello,

There is an ongoing transition from php5 to php7.0.

This is basically replacing all references to php5 in debian/* by either php or
php7.0.

Additionnaly moving this package to pkg-php-pecl team and to alioth's git will
allow team maintenance.

Laszlo, can you take care of this? If not, I'll do it in April.

Regards

Mathieu Parent

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.3.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

Bug#818161: [pkg-horde] Bug#818161: Cannot use 'String' as class name as it is reserved

[Mathieu Parent]

Control: tag -1 upstream
Control: forward -1 https://bugs.horde.org/ticket/14297

Reported upstream. As Horde devs have made some changes already but
there're not sufficient.

Regards

-- 
Mathieu

Bug#818271: [pkg-php-pear] Bug#818271: PEAR sysconfdir has changed from /etc/pear to /etc

[Mathieu Parent]

Control: tag -1 + pending confirmed

I've commited this:
http://anonscm.debian.org/cgit/pkg-php/php-pear.git/commit/?id=423616341f668843f86eb6d40ab46ef1ec3b1492

Thanks

2016-03-15 11:18 GMT+01:00 Ondřej Surý :
> Package: php-pear
> Version: 5.6.17+dfsg-3
> Severity: important
>
> Hi,
>
> after setting back PEAR_INSTALL_DIR in PHP SAPIs back to
> /usr/share/php, we are almost back at the same default config
> variables as we had before the source package split, with one notable
> exception that needs to be fixed:
>
> Signature Key Directorysig_keydir   [-/etc/pear/pearkeys-]   
> {+/etc/pearkeys+}
> System Configuration File  Filename [-/etc/pear/pear.conf-]   
>   {+/etc/pear.conf+}
>
> The sysconfdir for src:php-pear packages has changed from /etc/pear/
> to just /etc/.
>
> We had this in d/rules before:
>
> cd cgi-build && PHP_PEAR_DOWNLOAD_DIR=$(CURDIR)/pear-build-download $(MAKE) 
> install-pear PHP_PEAR_PHP_BIN=/usr/bin/php 
> PHP_PEAR_INSTALL_DIR=/usr/share/php PHP_PEAR_SYSCONF_DIR=/etc/pear 
> PHP_PEAR_SIG_BIN=/usr/bin/gpg INSTALL_ROOT=$(CURDIR)/pear-build
>
> So I guess you need to emulate that somehow from src:php-pear to get
> the variables back to where they were before the src package split.
>
> Cheers,
> Ondrej
>
> -- System Information:
> Debian Release: stretch/sid
>   APT prefers testing
>   APT policy: (900, 'testing'), (800, 'unstable'), (700, 'experimental')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 4.3.0-1-amd64 (SMP w/4 CPU cores)
> Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: systemd (via /run/systemd/system)
>
> Versions of packages php-pear depends on:
> ii  php5-cli 5.6.17+dfsg-3
> ii  php5-common  5.6.17+dfsg-3
>
> Versions of packages php-pear recommends:
> ii  gnupg  1.4.20-4
>
> Versions of packages php-pear suggests:
> ii  php5-dev  5.6.17+dfsg-3
>
> -- Configuration Files:
> /etc/pear/pear.conf [Errno 2] No such file or directory: 
> u'/etc/pear/pear.conf'
>
> -- no debconf information
>
> ___
> pkg-php-pear mailing list
> pkg-php-p...@lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-pear



-- 
Mathieu

Bug#670141: archived releases unusable now

[Mathieu Parent]

On Mon, 23 Apr 2012 22:06:48 +0200 Joerg Jaspert <jo...@debian.org> wrote:
> On 12825 March 1977, Thorsten Glaser wrote:
[...]
> If you dislike its default, you can tell it to use a different way (and
> ignore the expiry)

For reference, this is adding "Acquire::Check-Valid-Until false;" in apt.conf.

Unfortunately, a per-archive config is not supported on squeeze:

deb [ check-valid-until=no ] http://archive.debian.org/debian/ squeeze-lts main

Regards

Mathieu Parent

Bug#818161: [pkg-horde] Bug#818161: Cannot use 'String' as class name as it is reserved

[Mathieu Parent]

2016-03-14 11:54 GMT+01:00 Felix Zielcke <fziel...@z-51.de>:
> Package: php-horde-css-parser
> Version: 1.0.8-2
> Severity: important
>
>
> Hi,

Hello,

> I just upgraded the php-horde* packages to the new ones with support for PHP 
> 7.
> But I get the following error after login:
>
> PHP Fatal error:  Cannot use 'String' as class name as it is reserved in 
> /usr/share/php/Horde/Css/Parser/vendor/sabberworm/php-css-parser/lib/Sabberworm/CSS/Value/String.php
>  on line 5

Thanks for reporting.

This is probably fixed by:
https://github.com/sabberworm/PHP-CSS-Parser/commit/647f53dbc7d98b7df5183ede743d0de8b95729f7

> Regards
> Felix Zielcke

Regards

-- 
Mathieu Parent

Bug#805222: [Pkg-php-pecl] Bug#805222: php-apcu: FTBFS: PHP Fatal error: Call to a member function getFilelist() on null

[Mathieu Parent (Debian)]

2016-03-12 22:30 GMT+01:00 Mathieu Parent (Debian) <sath...@debian.org>:
> ... About the FTBFS of PECL extensions...
[...]
> $ git bisect visualize
> commit 4a66490bdecd5e4ec2b8213e89a6e40aaa18975e
> Author: Christian Weiske <cwei...@cweiske.de>
> Date:   Mon Feb 9 23:26:33 2015 +0100
>
> Fix for PHP 7: Replace "" with "new" (new-by-reference)

And the following patch fix the FTBFS:

diff --git a/PEAR/Config.php b/PEAR/Config.php
index 5b3f1e2..7b21726 100644
--- a/PEAR/Config.php
+++ b/PEAR/Config.php
@@ -2119,10 +2119,10 @@ class PEAR_Config extends PEAR
 if ($layer == 'ftp' || !isset($this->_registry[$layer])) {
 continue;
 }
-$this->_registry[$layer] =
-new PEAR_Registry(
+$r = new PEAR_Registry(
 $this->get('php_dir', $layer,
'pear.php.net'), false, false,
 $this->get('metadata_dir', $layer, 'pear.php.net'));
+$this->_registry[$layer] = &$r;
 $this->_registry[$layer]->setConfig($this, false);
 $this->_regInitialized[$layer] = false;
 }
(still php 5.6)

Regards


-- 
Mathieu Parent

Bug#805222: [Pkg-php-pecl] Bug#805222: php-apcu: FTBFS: PHP Fatal error: Call to a member function getFilelist() on null

[Mathieu Parent (Debian)]

... About the FTBFS of PECL extensions...

2015-12-08 12:21 GMT+01:00 Ondřej Surý <ond...@sury.org>:
> JFTR this is not a correct fix and we need upstream to fix that, because
> there are two different approaches of handling packagingroot at
> different places and this is the main reason why it's causing the
> errors.
>
> PEAR_Command_Install is directly mangling the variables (channelsdir,
> etc.), but the code below resets this to default value by calling
> PEAR_Config::setInstallRoot($options['packagingroot']) followed by
> PEAR_Config::setInstallRoot(false). This needs to be made consistent.

Hello,

Bisecting lead to the following commit:

$ git bisect visualize
commit 4a66490bdecd5e4ec2b8213e89a6e40aaa18975e
Author: Christian Weiske <cwei...@cweiske.de>
Date:   Mon Feb 9 23:26:33 2015 +0100

Fix for PHP 7: Replace "" with "new" (new-by-reference)

I've attached the used bissect script.

Disclamier, I'm still using php 5.6.

-- 
Mathieu Parent


bisect.sh
Description: Bourne shell script

Bug#817251: RM: shinken-mod-webui -- ROM; Obsolete, unmaintained, superseeded by webui2

[Mathieu Parent]

Package: ftp.debian.org
Severity: normal

Hi,

Please remove this package.

See also #817161.

Regards

Mathieu Parent

Bug#734688: Patch to remove garbage logrotate files

[Mathieu Parent]

hello,

I've proposed a modified patch at:
https://github.com/logrotate/logrotate/pull/23

Regards

-- 
Mathieu

Bug#814809: [pkg-php-pear] Bug#814809: Moving forward with the PHP 7.0 transition [Was: phing depends on php5-xdebug, which is not available anymore]

[Mathieu Parent]

2016-02-22 20:43 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
[...]
> i.e we need php-pear to pass NEW (which include the needed fix |1])

Now that php-pear is in sid, I've uploaded newer pkg-php-tools.

Remaining lintian warnings:
E: pkg-php-tools: php-script-but-no-phpX-cli-dep usr/bin/pkgtools
E: pkg-php-tools: php-script-but-no-phpX-cli-dep
usr/share/pkg-php-tools/scripts/phppkginfo


Also, the phpunit tests need to be fixed.

Regards

-- 
Mathieu

Bug#816184: [pkg-horde] Bug#816184: php-horde-memcache depends on package that is no longer built.

[Mathieu Parent]

2016-02-28 14:45 GMT+01:00 peter green :
> Package: php-horde-memcache
> Version: 2.0.7-3
> Severity: serious


Hi,


> php-horde-memcache depends on php5-memcache which is no longer built by the
> php-memcache source package.
>
> Ubuntu seems to indicate that a no-change rebuild is enough to fix this.

This kind of bug merely affect all php packages. Please don't file
those bug reports before the PHP7 transition is finished.

Thanks

-- 
Mathieu

Bug#816002: wheezy-pu: package c-icap/1:0.1.6-1.1+deb7u2

[Mathieu Parent]

2016-02-26 15:59 GMT+01:00 Sebastian Andrzej Siewior :
> Package: release.debian.org
> Severity: normal
> Tags: wheezy
> User: release.debian@packages.debian.org
> Usertags: pu
>
> In order to address the current FTBFS of c-icap-modules here is an
> update for c-icap which resolves the problem. With this patch I was able
> to build c-icap-modules again.

Patch looks good. But I don't know which openssl commit broke c-icap.
Why does it FTBFS on wheezy now?

> Mathieu, I will be happy to perform the upload unless you want to do
> this yourself.

Please go ahead. Thanks

Cheers,
-- 
Mathieu

Bug#813406: WIP (was: Fwd: Proposed changes to jessie)

[Mathieu Parent]

Hello,

I've proposed the changes to -security, without response yet.

See below.

-- Forwarded message --
From: Mathieu Parent <math.par...@gmail.com>
Date: 2016-02-24 22:24 GMT+01:00
Subject: Re: Proposed changes to jessie
To: t...@security.debian.org


2016-02-04 15:04 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
> Hello,

Pinging again.

> I have prepared security fixes for two Horde packages:
> - php-horde: https://bugs.debian.org/813573#26 XSS vulnerability in menu bar
Debdiff at: 
http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde.git/diff/?id2=47c6d6e6ad0836d657eee75e36ef8dbd19c843d2=112b45b0403df87828e6cd620eb0e3d4fc3c7fa9

> - php-horde-core: https://bugs.debian.org/813590#23 XSS in
> Horde_Core_VarRenderer_Html
Debdiff at: 
http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde-core.git/diff/?id2=d79e0d5424ba76351cde56701e061f91d241ec09=a98c8cb02edaaa0378771a7f21855aaafc883785

>
> Can I upload the two packages (this is already fixed in sid)?

Waiting for your answer.

> I have also prepared a ctdb regression update, which fix CTDB behavior
> under Linux after the fix for CVE-2015-8543:
> - https://bugs.debian.org/813406#25 ctdb, raw sockets and CVE-2015-8543

See 
http://anonscm.debian.org/cgit/pkg-samba/ctdb.git/commit/?h=debian-jessie=ec4e506686578cdf13b36ce18ec98cc5307b4e64

> Can I upload it?

Same.

> Can I make the same to wheezy once jessie is uploaded?

Same.

I think keeping those issues in place is not good.

Regards
--
Mathieu Parent

Bug#814809: [pkg-php-pear] Bug#814809: Moving forward with the PHP 7.0 transition [Was: phing depends on php5-xdebug, which is not available anymore]

[Mathieu Parent]

2016-02-21 22:27 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
> Hello everybody,
>
> [...]
>> [ pkg-php-tools ]
>>
>> About the “root” issue, Mathieu, what are the current blockers holding
>> the still current “pkg-php-tools package is still WIP”? [0] Is there
>> anything we can help with in order to start making our PHP classes ready
>> for the ongoing transition?
>
> There is no blocker. I'll upload it soon.

I spoke too fast. pkg-php-tools currently FTBFS on sid:
Running test: 201_Debian_Debhelper_Buildsystem_phppear.sh
cp package.xml ./MyProject_Packages-1.2.1/package.xml
sed -i -e s/md5sum=\"\[^\"\]\*\"// -e s/sha1sum=\"\[^\"\]\*\"//
./MyProject_Packages-1.2.1/package.xml
/usr/bin/pear -c debian/pearrc -d download_dir=/tmp -d
include_path=/usr/share/php -d php_bin=/usr/bin/php -d
bin_dir=/usr/bin -d php_dir=/usr/share/php -d
data_dir=/usr/share/php/data -d doc_dir=/usr/share/doc/php-foo -d
test_dir=/usr/share/php/tests install --offline --nodeps -P
/tmp/xk_J41CJRn ./MyProject_Packages-1.2.1/package.xml
PHP Parse error:  syntax error, unexpected 'new' (T_NEW) in
/usr/share/php/PEAR/Frontend.php on line 91
201_Debian_Debhelper_Buildsystem_phppear.pl: /usr/bin/pear -c
debian/pearrc -d download_dir=/tmp -d include_path=/usr/share/php -d
php_bin=/usr/bin/php -d bin_dir=/usr/bin -d php_dir=/usr/share/php -d
data_dir=/usr/share/php/data -d doc_dir=/usr/share/doc/php-foo -d
test_dir=/usr/share/php/tests install --offline --nodeps -P
/tmp/xk_J41CJRn ./MyProject_Packages-1.2.1/package.xml returned exit
code 255
UNKNOWN

i.e we need php-pear to pass NEW (which include the needed fix |1])

[1]: 
https://github.com/pear/pear-core/commit/4a66490bdecd5e4ec2b8213e89a6e40aaa18975e




-- 
Mathieu

Bug#814809: [pkg-php-pear] Bug#814809: Moving forward with the PHP 7.0 transition [Was: phing depends on php5-xdebug, which is not available anymore]

[Mathieu Parent]

Hello everybody,

[...]
> [ pkg-php-tools ]
>
> About the “root” issue, Mathieu, what are the current blockers holding
> the still current “pkg-php-tools package is still WIP”? [0] Is there
> anything we can help with in order to start making our PHP classes ready
> for the ongoing transition?

There is no blocker. I'll upload it soon.


> Among the things I was wondering that might need handling in order to
> make this transition possible without having to deal manually with every
> version of every (build-)dependency, recommendation, etc. of every
> package:
[...]

No idea, but we're already in a broken state, we need to go ahead now.

Regards
-- 
Mathieu

Bug#813590: Jessie debdiff

[Mathieu Parent]

Here is the patch for jessie.

-- 
Mathieu
From e296b805cc1def193d3e9efa6891e031f18cb1de Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 4 Feb 2016 14:03:33 +0100
Subject: [PATCH] Escape form value, fix XSS in Horde_Core_VarRenderer_Html
 (Closes: #813590)

---
 debian/changelog|  6 ++
 debian/patches/0001-Escape-form-value.patch | 25 +
 debian/patches/series   |  1 +
 3 files changed, 32 insertions(+)
 create mode 100644 debian/patches/0001-Escape-form-value.patch
 create mode 100644 debian/patches/series

diff --git a/debian/changelog b/debian/changelog
index 3a76ef5..950c5c6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde-core (2.15.0+debian0-2) unstable; urgency=medium
+
+  * Escape form value, fix XSS in Horde_Core_VarRenderer_Html (Closes: #813590)
+
+ -- Mathieu Parent <sath...@debian.org>  Thu, 04 Feb 2016 14:03:38 +0100
+
 php-horde-core (2.15.0+debian0-1) unstable; urgency=medium
 
   * New upstream version 2.15.0+debian0
diff --git a/debian/patches/0001-Escape-form-value.patch b/debian/patches/0001-Escape-form-value.patch
new file mode 100644
index 000..1907b08
--- /dev/null
+++ b/debian/patches/0001-Escape-form-value.patch
@@ -0,0 +1,25 @@
+From: Michael J Rubinsky <mrubi...@horde.org>
+Date: Mon, 14 Dec 2015 09:27:09 -0500
+Subject: Escape form value.
+
+Even though this is a numeric field, this isn't enforced until
+the form is submitted.
+
+(Adapted from upstream 11d74fa5a22fe626c5e5a010b703cd46a136f253)
+
+diff --git a/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php b/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
+index 62ae559..580dc27 100644
+--- a/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
 b/Horde_Core-2.15.0/lib/Horde/Core/Ui/VarRenderer/Html.php
+@@ -48,7 +48,7 @@ class Horde_Core_Ui_VarRenderer_Html extends Horde_Core_Ui_VarRenderer
+ return sprintf('',
+htmlspecialchars($var->getVarName()),
+$this->_genID($var->getVarName(), false),
+-   $value,
++   htmlspecialchars($value),
+$this->_getActionScripts($form, $var)
+);
+ }
+-- 
+2.7.0
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 000..3a37ec8
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Escape-form-value.patch
-- 
2.7.0

Bug#813573: Jessie patch

[Mathieu Parent]

Here is the jessie debdiff.

-- 
Mathieu
From ce52fddc5bacf6a089ce777ccbde1b80b915d7e6 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Thu, 4 Feb 2016 13:47:41 +0100
Subject: [PATCH] Fix XSS vulnerability in menu bar (Closes: #813573)

and release
---
 debian/changelog|  6 ++
 .../0005-Fix-XSS-vulnerability-in-menu-bar.patch| 21 +
 debian/patches/series   |  1 +
 3 files changed, 28 insertions(+)
 create mode 100644 debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch

diff --git a/debian/changelog b/debian/changelog
index fdc10df..512c484 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+php-horde (5.2.1+debian0-2+deb8u3) jessie-security; urgency=high
+
+  * Fix XSS vulnerability in menu bar (Closes: #813573)
+
+ -- Mathieu Parent <sath...@debian.org>  Thu, 04 Feb 2016 13:46:39 +0100
+
 php-horde (5.2.1+debian0-2+deb8u2) jessie-security; urgency=high
 
   * Add session token checking to various admin pages (Closes: #803641)
diff --git a/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch b/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch
new file mode 100644
index 000..8d35066
--- /dev/null
+++ b/debian/patches/0005-Fix-XSS-vulnerability-in-menu-bar.patch
@@ -0,0 +1,21 @@
+From: Jan Schneider <j...@horde.org>
+Date: Wed, 6 Jan 2016 11:46:35 +0100
+Subject: [jan] SECURITY: Fix XSS vulnerability in menu bar exposed by
+ only a few applications (Bug #14213).
+
+
+(Adapted from upstream ab07a1b447de34e13983b4d7ceb18b58c3a358d8)
+
+diff --git a/horde-5.2.1/templates/topbar/_menubar.html.php b/horde-5.2.1/templates/topbar/_menubar.html.php
+index acb416c..df75623 100644
+--- a/horde-5.2.1/templates/topbar/_menubar.html.php
 b/horde-5.2.1/templates/topbar/_menubar.html.php
+@@ -23,7 +23,7 @@
+ 
+   
+ 
+-  
++  
+ 
+   
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 79d01fd..ac555f4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 0002-Fix-rewrite-base.patch
 0003-Fix-XSS-in-group-administration.patch
 0004-Add-session-token-checking-to-various-admin-pages.patch
+0005-Fix-XSS-vulnerability-in-menu-bar.patch
-- 
2.7.0

Bug#813406: Jessie patch

[Mathieu Parent]

Here is the debdifff for jessie.

-- 
Mathieu
From e8478a6d112d3ba908adc964f2772d6bef949bbf Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Wed, 3 Feb 2016 22:50:01 +0100
Subject: [PATCH] Fix CTDB behavior since CVE-2015-8543 (Closes: #813406)

---
 debian/changelog|   6 ++
 debian/patches/series   |   1 +
 debian/patches/sockets-with-htons.patch | 136 
 3 files changed, 143 insertions(+)
 create mode 100644 debian/patches/sockets-with-htons.patch

diff --git a/debian/changelog b/debian/changelog
index bb64ed8..70d230b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ctdb (2.5.4+debian0-5) UNRELEASED; urgency=medium
+
+  * Fix CTDB behavior since CVE-2015-8543 (Closes: #813406)
+
+ -- Mathieu Parent <sath...@debian.org>  Wed, 03 Feb 2016 22:48:35 +0100
+
 ctdb (2.5.4+debian0-4) unstable; urgency=medium
 
   * Install ctdb.service during dh_install, and thus before dh_systemd_enable
diff --git a/debian/patches/series b/debian/patches/series
index e69de29..a359082 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -0,0 +1 @@
+sockets-with-htons.patch
diff --git a/debian/patches/sockets-with-htons.patch b/debian/patches/sockets-with-htons.patch
new file mode 100644
index 000..8fb3536
--- /dev/null
+++ b/debian/patches/sockets-with-htons.patch
@@ -0,0 +1,136 @@
+From: Amitay Isaacs <ami...@gmail.com>
+Date: Fri, 29 Jan 2016 00:05:26 +1100
+Subject: [PATCH 1/2] ctdb-common: Protocol argument must be in host order for
+ socket() call
+
+BUG: https://bugzilla.samba.org/show_bug.cgi?id=11705
+
+Signed-off-by: Amitay Isaacs <ami...@gmail.com>
+Reviewed-by: Volker Lendecke <v...@samba.org>
+(cherry picked from commit 9f8395cb7d49b63a82f75bf504f5f83920102b29)
+---
+ common/system_aix.c  | 4 ++--
+ common/system_common.c   | 2 +-
+ common/system_freebsd.c  | 2 +-
+ common/system_gnu.c  | 2 +-
+ common/system_kfreebsd.c | 2 +-
+ common/system_linux.c| 8 
+ 6 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/common/system_aix.c b/common/system_aix.c
+index 41f61ae..2637442 100644
+--- a/common/system_aix.c
 b/common/system_aix.c
+@@ -44,7 +44,7 @@ int ctdb_sys_open_sending_socket(void)
+ 	int s, ret;
+ 	uint32_t one = 1;
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(" failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+@@ -121,7 +121,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 
+ 
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(" failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+diff --git a/common/system_common.c b/common/system_common.c
+index 899f3b5..3e30a6c 100644
+--- a/common/system_common.c
 b/common/system_common.c
+@@ -85,7 +85,7 @@ char *ctdb_sys_find_ifname(ctdb_sock_addr *addr)
+ 	struct ifconf ifc;
+ 	char *ptr;
+ 
+-	s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++	s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 	if (s == -1) {
+ 		DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+ 			 strerror(errno)));
+diff --git a/common/system_freebsd.c b/common/system_freebsd.c
+index 9597a7a..d026864 100644
+--- a/common/system_freebsd.c
 b/common/system_freebsd.c
+@@ -158,7 +158,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.th_sum   = tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s == -1) {
+ 			DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+  strerror(errno)));
+diff --git a/common/system_gnu.c b/common/system_gnu.c
+index 2ab1399..8f776c6 100644
+--- a/common/system_gnu.c
 b/common/system_gnu.c
+@@ -156,7 +156,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.check= tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s == -1) {
+ 			DEBUG(DEBUG_CRIT,(__location__ " failed to open raw socket (%s)\n",
+  strerror(errno)));
+diff --git a/common/system_kfreebsd.c b/common/system_kfreebsd.c
+index 41aa4d6..7d9182c 100644
+--- a/common/system_kfreebsd.c
 b/common/system_kfreebsd.c
+@@ -156,7 +156,7 @@ int ctdb_sys_send_tcp(const ctdb_sock_addr *dest,
+ 		ip4pkt.tcp.check= tcp_checksum((uint16_t *), sizeof(ip4pkt.tcp), );
+ 
+ 		/* open a raw socket to send this segment from */
+-		s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
++		s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
+ 		if (s

Bug#813573: [php-horde] XSS vulnerability in menu bar

[Mathieu Parent]

Package: php-horde
Version: 5.2.8+debian0-1

Hello,

According to: http://lists.horde.org/archives/announce/2016/001140.html

Regards
-- 
Mathieu Parent

Bug#813573: [pkg-horde] Bug#813573: [php-horde] XSS vulnerability in menu bar

[Mathieu Parent]

Control: tag -1 + security upstream fixed-upstream pending
Control: severity -1 grave
Control: forwarded -1 https://bugs.horde.org/ticket/14213

This is a security bug probably affecting jessie. I need to patch this
branch too.

Remark: No CVE, as usual with horde.

-- 
Mathieu Parent

Bug#813590: [php-horde-core] XSS in Horde_Core_VarRenderer_Html

[Mathieu Parent]

Package: php-horde-core
Version: 2.22.5+debian0-1

Will post more info later.

-- 
Mathieu

Bug#813406: [Pkg-samba-maint] Bug#813406: ctdb, raw sockets and CVE-2015-8543

[Mathieu Parent]

2016-02-01 17:29 GMT+01:00 Adi Kriegisch :
> Package: ctdb
> Severity: grave
> Tags: patch,upstream
>
> Hi!
>
> The kernel upgrade for CVE-2015-8543 showed a bug in CTDB that leads to a
> broken cluster:
>   | s = socket(AF_INET, SOCK_RAW, htons(IPPROTO_RAW));
> htons(IPPROTO_RAW) leads to 0xff00 which causes "-1 EINVAL (Invalid
> argument)" because of CVE-2015-8543.
> The fix for the issue is quite simple: remove IPPROTO_RAW; to make the fix
> more consistent with what was used before, use IPPROTO_IP (which is 0).
>
> Error messages related to this bug are:
>   | We are still serving a public IP 'x.x.x.x' that we should not be serving. 
> Removing it
>   | common/system_common.c:89 failed to open raw socket (Invalid argument)
>   | Could not find which interface the ip address is hosted on. can not 
> release it
> and
>   | common/system_linux.c:344 failed to open raw socket (Invalid argument)
> As a result, IP addresses cannot be released and multiple nodes in the
> cluster serve the same address, which obviously does not work.

Thank you so much for finding this bug! I was wondering why my
clusters were crazy, blaming the network itself.

> Upstream bug: https://bugzilla.samba.org/show_bug.cgi?id=11705 and mailing
> list conversation: 
> https://lists.samba.org/archive/samba/2016-January/197389.html

There are two set of patches:
- yours that basically keep the same behavior as pre-CVE-2015-8543 (proto=0)
- Amitay's that restore the intented behavior (proto=255)

Also you patch only fixes 2 functions.

Amitay's patch also fixes references to ETHERTYPE_ARP (0x0806) and
ETH_P_ALL (0x0003)

I think I'll got for Amitay's patch which probably fixes a lot of
weird behaviors I've seen pre-CVE-2015-8543 (i.e TCP connections not
reset, Ip not properly relocated).

I plan to fix this for wheezy and jessie. stretch will come with next
upstream release.

Givent the importance of the bug, I think it can go thru -security.

Regards
-- 
Mathieu

Bug#810858: [pkg-horde] Bug#810858: Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

[Mathieu Parent]

Control: reassign -1 php-horde-db
Control: affects -1 php-horde-webmail php-horde-kronolith
Control: tag -1 + upstream confirmed
Control: forwarded -1 https://github.com/horde/horde/pull/168

Hello,

2016-01-15 19:34 GMT+01:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
[...]
> The patch is attached and should work with postgres versions as remote as
> 8.0.

I proposed it at: https://github.com/horde/horde/pull/168

I'll wait upstream review before applying in Debian.

Regards
-- 
Mathieu Parent

Bug#811360: [pkg-horde] Bug#811360: php-horde-mapi: depends on not-in-the-archive-anymore php-math-biginteger

[Mathieu Parent]

2016-01-18 11:15 GMT+01:00 Mattia Rizzolo :
> Package: php-horde-mapi
> Version: 1.0.5-3
> Severity: serious
>
> Dear maintainer,
>
> your package depends on a package not available anymore in unstable, and
> that is keep in testing just for you.

It shouldn't, as this package is provided by php-seclib.

See https://tracker.debian.org/media/packages/p/phpseclib/control-1.0.0-3

> Is it possible to have a binary without such dependency?

Given the above: Why?

Regards

-- 
Mathieu

Bug#810858: [pkg-horde] Bug#810858: Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

[Mathieu Parent]

2016-01-14 15:59 GMT+01:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
> On 01/14/2016 03:48 AM, Mathieu Parent wrote:
|...]
>
> 
> I think I got it...

Great!

>
> What really get executed is:
> SELECT tablename FROM pg_tables WHERE schemaname IN ('"$user"','
>   public')
>
> In the actual SQL statement there is an extra white space before public!
>
> The problem should be here
> foreach (explode(',', $this->getSchemaSearchPath()) as $p) {
>   $schemas[] = $this->quote($p);
> }
> $p should be trimmed before. Anyway I find this way error prone.
>
>
> I don't know if this went under the radar just because pg is seldom used
> with horde. I still don't get why moving from one update to the other didn't
> trigger this problem.
>
> It's a pretty long time I havent written more than a couple of lines in PHP
> and I'm not that familiar with the horde codebase.
>
> Sorry for thinking the problem was in packaging and not upstream.
> I initially thought it was a problem of mixed versions in the repo.
>
>
> BTW if you're going to report the bug upstream a more standard way to get
> the visible tables would be:
>
> SELECT table_name FROM information_schema.tables WHERE table_schema = ANY
> (CURRENT_SCHEMAS(false));
>
> This omit the $user schema if there is no $user schema... so it shows what
> can *actually* be seen from the current search_path
>
> CURRENT_SCHEMAS() is available at least starting from pg 8.0 and
> information_schema is supported from 7.4
> Postgres 8.0 is over 10 years old.
>
> This method could be used even to retrieve indexes() so to completely get
> rid of getSchemaSearchPath()
>
> Otherwise, let me know if I've to report it upstream and if you know... to
> which horde component.

Can you propose a PR? There are at least two usages of this pattern:
https://github.com/horde/horde/blob/master/framework/Db/lib/Horde/Db/Adapter/Postgresql/Schema.php#L256
https://github.com/horde/horde/blob/master/framework/Db/lib/Horde/Db/Adapter/Postgresql/Schema.php#L299

Propose the CURRENT_SCHEMAS() pattern first. And post the PR here.


-- 
Mathieu

Bug#799539: [Pkg-shinken-maint] Removing shinken from Debian in about a month

[Mathieu Parent]

2016-01-14 10:06 GMT+01:00 Maximilien Douchet :
> Hello,
>
> I don't want to see the shinken package unmaintained. So I intend to
> be the new maintainer of the shinken package.
>
> I only wish some help to get started. I already tried to build a new
> shinken package few month ago.

OK.

Do you have proper permissions on the alioth git repos ?

Once you have pushed you changes to the repos, ask for review here or
on debian-mentors. I don't have much time to help, but will do my
best.

Regards
-- 
Mathieu

Bug#810858: [pkg-horde] Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

[Mathieu Parent]

2016-01-12 22:28 GMT+01:00 Ivan Sergio Borgonovo :
> Package: php-horde-webmail
> Version: 5.2.11-1

Hello,

> I had to fresh reinstall horde on Debian testing.
>
> It was installed several months ago on the same machine and it was working,
> it passed through a series of updates and I just had to update the DB schema
> of some components.
> Now with the same package version that were previously working fine and
> coming from a series of upgrades I can't get a fresh install working.
>
> I did
[...]
> Dropped the DB, run horde-db-migrate. It successfully build the DB with no
> error this time but again, when I log into horde it tries again to create
> imp_schema_info table.

Can you try this again with logs enabled and post them here?

Thanks

Mathieu

Bug#799539: Removing shinken from Debian in about a month

[Mathieu Parent]

Hello,

I don't want to keep a non-maintained packages in sid, and nobody has
adopted them.

I plan to ask removal of all shinken* packages in a month or so.

More info in #799539

Regards
-- 
Mathieu Parent

Bug#810858: [pkg-horde] Bug#810858: Bug#810858: webmail-install and horde try to create db schema multiple times + wrong schema version

[Mathieu Parent]

2016-01-13 12:09 GMT+01:00 Ivan Sergio Borgonovo <ivan@gmail.com>:
> Hi,

Hello,

> On 01/13/2016 10:49 AM, Mathieu Parent wrote:
[...]
>
> horde=# select * from kronolith_schema_info ;
>  version
> -
>   17
> (1 row)

This should be 26 instead.
Ref: https://github.com/horde/horde/tree/master/kronolith/migration

Does the 'kronolith_sharesng' table have a 'share_parents' column
(added in step 17)?
Does the 'kronolith_events' table have the 'event_category' column
(removed in step 18)?

Can you run "horde-db-migrate --debug kronolith up"?

>
> horde=# select * from imp_schema_info ;
>  version
> -
>3

This looks ok.
Ref: https://github.com/horde/horde/tree/master/imp/migration

Regards

-- 
Mathieu Parent

Bug#771480: c-icap: Segmentation Fault with libLLVM-3.0.so.1

[Mathieu Parent]

Hello,

(being busy, sorry for the lag)

On Mon, 08 Dec 2014 01:41:22 +0100 Luca Lanari <lucalanar...@gmail.com> wrote:
> i wasn't able to get a backtrace.
[...]
> Any hint on how to collect other useful infos?


Have you tried launching the daemon first (using service c-icap start)
and later attaching gdb with "gdb ./usr/bin/c-icap "?

Regards

Mathieu Parent

Bug#808769: ldb: FTBFS on s390x

[Mathieu Parent]

On Tue, 22 Dec 2015 17:39:05 +0100 Ivo De Decker <iv...@debian.org> wrote:
> Package: ldb
> Version: 2:1.1.23-1
> Severity: serious
>
> Hi Jelmer,
>
> The ldb testsuite fails on s390x, causing the build to fail. Obviously, this
> also blocks the build of the latest version of samba (which build-depends on
> it).

It's also failing on ppc64 with the same error. Both s390x and ppc64
are Big-endian, but it builds on mips which is also big-endian, so
problem on 64bit big-endian?

==
ERROR: test_set_component (__main__.DnTests)
--
Traceback (most recent call last):
  File "tests/python/api.py", line 661, in test_set_component
dn.set_component(0, 'cn', 'bar')
TypeError: Failed to set component

==
ERROR: test_set_component_bytes (__main__.DnTests)
--
Traceback (most recent call last):
  File "tests/python/api.py", line 672, in test_set_component_bytes
dn.set_component(0, 'cn', b'bar')
TypeError: Failed to set component

--

Ref:
https://buildd.debian.org/status/logs.php?pkg=ldb=2%3A1.1.24-1
https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3A1.1.24-1=1450397581
https://buildd.debian.org/status/fetch.php?pkg=ldb=ppc64=2%3A1.1.24-1=1450616129

Regards

Mathieu Parent

Bug#808467: Why serious?

[Mathieu Parent]

Control: severity -1 important


Hello,

Downgrading severity. I don't find anything in the policy making it RC.

Regards
-- 
Mathieu Parent

Bug#808055: [pkg-php-pear] Bug#808055: php-pinba: FTBFS: PHP Fatal error: Call to a member function getFilelist() on null in /usr/share/php/PEAR/Command/Install.php on line 747

[Mathieu Parent]

>
> Dear Maintainer,

hello Chris,

> php-pinba fails to build from source in unstable/amd64:

This is same as #805222. More info there (but no fix yet).

Regards
-- 
Mathieu Parent

Bug#807711: O: kolabadmin

[Mathieu Parent]

Package: wnpp
Severity: normal

Hello,

I first thought to remove it from the archive directly, but I give it one more 
chance...

If nobody take this package soon, it'll removed before the stretch release.

Context:
- I don't use it
- none of the kolab server packages are in Debian
- it may be incompatible with newer kolab

Cheers

Mathieu Parent

Bug#807476: snmpd: BTRFS support missing in hrFSTable

[Mathieu Parent (Debian)]

Package: snmpd
Version: 5.7.2.1+dfsg-1
Severity: normal

Dear Maintainer,

BTRFS mountpoints are not listed from snmpwalk.

The upstream patch for this is:
http://sourceforge.net/p/net-snmp/code/ci/2659c0f6bd86f0171869d34ff8a7d48194ea4b31/

I think this deserves a fix in jessie as this worked in wheezy.

I can work on this if you want.

Regards

Mathieu Parent

-- System Information:
Debian Release: 8.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages snmpd depends on:
ii  adduser3.113+nmu3
ii  debconf [debconf-2.0]  1.5.56
ii  libc6  2.19-18+deb8u1
ii  libsnmp-base   5.7.2.1+dfsg-1
ii  libsnmp30  5.7.2.1+dfsg-1
ii  lsb-base   4.1+Debian13+nmu1

snmpd recommends no packages.

Versions of packages snmpd suggests:
pn  snmptrapd  

-- Configuration Files:
/etc/default/snmpd changed [not included]
/etc/snmp/snmpd.conf [Errno 13] Permission denied: u'/etc/snmp/snmpd.conf'
/etc/snmp/snmptrapd.conf a2ee110581a5a9a1e2252400cb176bcc [Errno 2] No
such file or directory: u'/etc/snmp/snmptrapd.conf
a2ee110581a5a9a1e2252400cb176bcc'

-- debconf information excluded

Bug#805222: [Pkg-php-pecl] Bug#805222: php-apcu: FTBFS: PHP Fatal error: Call to a member function getFilelist() on null

[Mathieu Parent (Debian)]

2015-12-07 17:21 GMT+01:00 Ondřej Surý <ond...@sury.org>:
> Control: reassign -1 php-pear
> Control: found -1 php-pear/5.6.16+dfsg-1
> Control: affects -1 php5-apcu
>
> Hi,
>
> thank you for the report, after some debugging it seems this is a
> generic error in PEAR instead of bug just in the php-apcu. This should
> not affect no users, but it probably broke all PHP extensions, since it
> stops honoring packagingroot after calling PEAR_Registry->setConfig()
>
> I have a fix ready and PHP building, and I am ccing Fedora and SuSE
> maintainers.
>
> Mathieu, this also applies to your standalone src:php-pear:

OK thanks.

> diff --git a/PEAR/Command/Install.php b/PEAR/Command/Install.php
> index 9d572ed..3b1fec9 100644
> --- a/PEAR/Command/Install.php
> +++ b/PEAR/Command/Install.php
> @@ -848,7 +848,7 @@ Run post-installation scripts in package ,
> if any exist.
>  $pkg = &$instreg->getPackage($param->getPackage(),
>  $param->getChannel());
>  // $pkg may be NULL if install is a 'fake' install via
>  --packagingroot
>  if (is_object($pkg)) {
> -$pkg->setConfig($this->config);
> +$pkg->setConfig($this->config, false);
>  if ($list = $pkg->listPostinstallScripts()) {
>  $pn =
>  $reg->parsedPackageNameToString(array('channel' =>
> $param->getChannel(), 'package' =>
> $param->getPackage()), true);
>
>
> This fixes the issue right now, but it should be probably reported
> upstream to have a correct fix (since this might break other stuff :)),
> but my PEAR account doesn't work right now, so it might take me a while
> to report this to upstream.

You can propose a PR instead: https://github.com/pear/pear-core/pulls

Cheers
-- 
Mathieu Parent

Bug#805278: ITP: heka -- Stream processing software system developed by Mozilla

[Mathieu Parent (Debian)]

2015-12-01 11:27 GMT+01:00 ChangZhuo Chen <czc...@debian.org>:
> On Tue, Dec 01, 2015 at 09:11:23AM +0100, Raphael Hertzog wrote:
>> Hi,
>>
>> On Mon, 16 Nov 2015, Thomas Goirand wrote:
>> > Thanks for working on this. I will need the package too. How far are you
>> > from uploading the package?
>>
>> Mathieu Parent is also interested in the package. I looked at the package
>> to try to help him and it has a bunch of dependencies that need to
>> be packaged first. I have seen no further ITP on such dependencies
>> from ChangZhuo Chen so far.
>>
>> Thus I'm also interested in a status update about the work you did so far.
>
> Hi,
>
> The only thing I do so far is creating the repository in anonscm [0].
> Help is welcome.
>
> I did not create a debian directory yet since upstream also has debian
> directory, and I am not sure how to handle this case. Anyone has idea
> about this case?

I've submitted a PR to move it out:
https://github.com/mozilla-services/heka/pull/1802

Raphael's idea works too, but if upstream cooperates, it'll ease our
case (and they cooperated very nicely for my previous patches).

Cheers

-- 
Mathieu Parent

Bug#769031: Crowfunding the port of IMP to latest ckeditor?

[Mathieu Parent]

Hello,

On 11/10/2014 10:46 AM, Michael M Slusarz wrote:
[...]
> IMP uses the Ckeditor 3.x javascript API.  Ckeditor's 4.x javascript API
> is completely different.
>
> Using Ckeditor 4.x will only be possible when all of IMP's javascript
> code interfacing with Ckeditor is rewritten.
>
> michael
Ref: http://lists.horde.org/archives/horde/Week-of-Mon-20141110/052934.html

Is there any plan to port IMP to ckeditor 4 or upcoming 5? Can you
estimate the amount of work required? Can it be crowfunded?

NB: Part of the ckeditor 4 API will be available in ckeditor 5:
https://medium.com/content-uneditable/ckeditor-5-the-future-of-rich-text-editing-2b9300f9df2c#2b4d

Regards
-- 
Mathieu Parent

Bug#682157: Bugs 759282 and 682157 (php-pear unsafe use of /tmp) should probably not be closed

[Mathieu Parent]

Control: reopen -1

2015-11-08 7:25 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
> Hi Mathieu,

Hi Salvatore,

> On Sat, Nov 07, 2015 at 03:53:07PM +0100, Mathieu Parent wrote:
>> 2015-11-07 15:05 GMT+01:00 Salvatore Bonaccorso <car...@debian.org>:
>> > Hi Mathieu,
>> >
>> > On Sat, Nov 07, 2015 at 01:27:07PM +, Debian Bug Tracking System wrote:
>> >> Version: 5.3.6-1
>> >>
>> >> Hello,
>> >>
>> >> According to https://pear.php.net/bugs/bug.php?id=18056, it's fixed since 
>> >> 1.9.2
>> >
>> > is this true? I just did a quick check (not a full analysis) and it
>> > still seems to use /tmp/pear.
>>
>> Yes, it does. But it checks for symlinks and truncate the file.
>>
>> This even introduced a regression on Windows:
>> https://pear.php.net/bugs/bug.php?id=18834
>>
>> > Can you check if the upstream bug report might be pointing to the
>> > wrong fixing version?
>>
>> This is:
>> https://github.com/pear/pear-core/commit/38de9355e3a9c66445a6d39d2c9a20f73e986d9a
>> (which is in 1.9.2)
>>
>> And further improvement in:
>> https://github.com/pear/pear-core/commit/cd31da7d8b5e684f177a8fe700339f7eb2420876
>> (which is in 1.9.3)
>>
>> > (I have reopened the bugs for now)
>>
>> Can we close it then?
>
> Well, IMHO no, that is not correct. The issues are still there even
> you cannot globber anymore someone else files. A can block another
> user this way.

I didn't want to close, it, but my Reply-to-all went to the -done addresses.

>
> As user foo do:
>
> foo@sid:~$ pear download HTML_Common2
> downloading HTML_Common2-2.1.1.tgz ...
> Starting to download HTML_Common2-2.1.1.tgz (8,604 bytes)
> .done: 8,604 bytes
> File /home/foo/HTML_Common2-2.1.1.tgz downloaded
>
>
> then replace the cache files with symlinks (e.g. to files in home of
> user bar, since he want's to try to globber these files). bar now is
> unable to pear download HTML_Common2:
>
> bar@sid:~$ pear download HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php on 
> line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in 
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> download failed
> bar@sid:~$ ls
> bar@sid:~$
>
> or as root
>
> root@sid:~# pear download HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php
> on line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> download failed
> root@sid:~# pear install HTML_Common2
>
> Notice: unserialize(): Error at offset 0 of 220 bytes in PEAR/REST.php
> on line 203
> PHP Notice:  unserialize(): Error at offset 0 of 220 bytes in
> /usr/share/php/PEAR/REST.php on line 203
> No releases available for package "pear.php.net/HTML_Common2"
> install failed
> root@sid:~#
>
> So again, I don't think the issues with unsafe use of /tmp are fixed
> correctly and the bugs should not be closed. PHP maintainers, what do
> you think (Ondřej cc'ed)?

Which pear version are you testing?

Note that I'll be the php-pear maintainer, once the new package [1] is finished.

We should test against this latest 1.10 and report upstream is the bug remain.

[1]: anonscm.debian.org/cgit/pkg-php/php-pear.git

Regards

-- 
Mathieu

Bug#769031: [pkg-horde] Issue with php-horde-editor and ckeditor3

[Mathieu Parent]

2015-11-02 21:28 GMT+01:00 T.A. van Roermund :
> Dear package Maintainer,

Hello Timo,

> I hope you can help me with the following issue.
>
> I installed the Horde framework (under Debian testing) and noticed that name
> completion did not work in my Imp compose window. When digging into the
> issue, I saw that Firebug actually reported a JS error, which seems to stop
> all (further) JS processing:
>
> "TypeError: CKEDITOR.on is not a function"
>
> After some searching, I found the following bug report:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769031
>
> It says:
> "Release to experimental, until ckeditor3 is in the archive"
>
> However, the following bug report seems to indicate that ckeditor3 is not
> going to become available in Debian:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769455
>
> "This package as not been accepted in time for jessie. Let's drop it."
>
> What is the current plan forward?

This problem is currently stalled.

I planned to fix it by:
- packaging old ckeditor as a ckeditor3 package
- make php-horde-editor depends on it and update symlinks

Appart from the lack of time finishing the work (including making
ckeditor3 dfsg), the security team may forbid having an old ckeditor
in the archive.

I've asked this at:
https://lists.debian.org/debian-security/2014/11/msg00035.html but
received no response (I also forwarded the message to the Debian
security team).

Funding the work to port Horde to ckeditor 4 is the way forward. I
will propose this to the horde-dev ML.

> Or is there no plan and should I better fix it manually (if so, any
> suggestions how)?

The workaround are :
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=769031#15, or
- install files and directories from
(horde.git)/horde/framework/Editor/js/ckeditor into the debian package
directory /usr/share/horde/js/ckeditor/


> Thanks for your support!
>
> Timo van Roermund
-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: Aw: Re: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

[Mathieu Parent]

2015-11-02 14:27 GMT+01:00 Philip Frei :
>> This seems to be:
>> https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
>
>> I will prepare an upload for next jessie point-release, unless you
>> think it should go to the security mirors sooner.
>
> Thanks a lot!
>
> I think Horde's command shells are hardly used (I, for one don't use them 
> very often).

But it is enabled by default. I have tested and uploaded the fix to
security-master-unembargoed, in coordination with the security team.
If I understand correctly, it will go to the security mirrors soon.

Regards

-- 
Mathieu

Bug#803191: closed by Mathieu Parent <sath...@debian.org> (Bug#803191: fixed in jeepyb 0+20150929-2)

[Mathieu Parent]

2015-11-02 20:24 GMT+01:00 Hans Joachim Desserud :
>> This is an automatic notification regarding your Bug report
>> which was filed against the jeepyb package:
>>
>> #803191: jeepyb FTBFS: A newer version of python-pbr has been packaged
>>
>
> Thank you, Mathieu. :)
>
> You may have noticed this already, but gerritlib also depends on
> python3-pbr < 1.0 and is thus also affected. I'm not sure
> whether I need to file a separate bug on that or not.

Not needed.

There is currently a patch waiting upstream:
https://review.openstack.org/#/c/199568/

I will upload a fixed gerritlib soon.

Regards

-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: php-horde: Multiple CSRF Vulnerabilities

[Mathieu Parent]

Control: severity -1 important
Control: tag -1 + confirmed upstream security patch jessie fixed-upstream fixed
Control: fixed -1 5.2.8+debian0-1


2015-11-01 12:37 GMT+01:00 Philip Frei :
> Package: php-horde
> Version: 5.2.1+debian0-2+deb8u1
> Severity: normal
>
> Dear Maintainer,
>
> there are some multiple CSRF vulnerabilities in Horde that were recently
> discovered[1].
> The new version (5.2.8) in testing/unstable fixes this problem. But the
> problem still exists for stable's version.
> I would be nice to have a fixed version in stable too.

This seems to be:
https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae

I will prepare an upload for next jessie point-release, unless you
think it should go to the security mirors sooner.

Regards
-- 
Mathieu

Bug#801690: [Pkg-samba-maint] Bug#801690: 'smbstatus -b' leads to broken ctdb cluster

[Mathieu Parent]

2015-10-13 15:44 GMT+02:00 Adi Kriegisch :
> Package: ctdb
> Version: 2.5.4+debian0-4
>
> Dear maintainers,

Hello Adi,

Sorry for my late reply.

> I recently upgraded a samba cluster from Wheezy (with Kernel, ctdb, samba
> and glusterfs from backports) to Jessie. The cluster itself is way older
> and basically always worked. Since the upgrade to Jessie 'smbstatus -b'
> (almost always) just hangs the whole cluster; I need to interrupt the call
> with ctrl+c (or run with 'timeout 2') to avoid a complete cluster lockup
> leading to the other cluster nodes being banned and the node I run smbstatus
> on to have ctdbd run at 100% load but not being able to recover.

How do you recover then? KILL-ing ctdbd?

> The cluster itself consists of three nodes sharing three cluster ips. The
> only service ctdb manages is Samba. The lock file is located on a mirrored
> glusterfs volume.
>
> running and interrupting the hanging smbstatus leads to the following log
> messages in /var/log/ctdb/log.ctdb:
>   | 2015/10/13 15:09:24.923002 [19378]: Starting traverse on DB
>   |  smbXsrv_session_global.tdb (id 2592646)
>   | 2015/10/13 15:09:25.505302 [19378]: server/ctdb_traverse.c:644 Traverse
>   |  cancelled by client disconnect for database:0x6b06a26d
>   | 2015/10/13 15:09:25.505492 [19378]: Could not find idr:2592646
>   | [...]
>   | 2015/10/13 15:09:25.507553 [19378]: Could not find idr:2592646
>
> 'ctdb getdbmap' lists that database, but also lists a second entry for
> smbXsrv_session_global.tdb:
>   | dbid:0x521b7544 name:smbXsrv_version_global.tdb 
> path:/var/lib/ctdb/smbXsrv_version_global.tdb.0
>   | dbid:0x6b06a26d name:smbXsrv_session_global.tdb 
> path:/var/lib/ctdb/smbXsrv_session_global.tdb.0
> (I have no idea if that has always been the case or if that happened after
> the upgrade).
>
> Calling 'smbstatus --locks' and 'smbstatus --shares' works just fine.

Have you tried which of --processes, --notify hangs? Does it hangs
with "-b --fast"?

,

> 'strace'ing ctdbd leads to a massive amount of these messages:
>   | 
> write(58,"\240\4\0\0BDTC\1\0\0\0\215U\336\25\5\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
>   |  1184) = -1 EAGAIN (Resource temporarily 
> unavailable)

fd 58 is probably the ctdb socket. Can you confirm?

To have more usefull info, can you install gdb, ctdb-dbg and samba-dbg
and send the stacktrace of ctdbd at the write?

> Running 'ctdb_diagnostics' is only possible shortly after  the cluster is
> started (ie. while smbstatus -b works) and yields the following messages:
>   | ERROR[1]: /etc/krb5.conf is missing on node 0
>   | ERROR[2]: File /etc/hosts is different on node 1
>   | ERROR[3]: File /etc/hosts is different on node 2
>   | ERROR[4]: File /etc/samba/smb.conf is different on node 1
>   | ERROR[5]: File /etc/samba/smb.conf is different on node 2
>   | ERROR[6]: File /etc/fstab is different on node 1
>   | ERROR[7]: File /etc/fstab is different on node 2
>   | ERROR[8]: /etc/multipath.conf is missing on node 0
>   | ERROR[9]: /etc/pam.d/system-auth is missing on node 0
>   | ERROR[10]: /etc/default/nfs is missing on node 0
>   | ERROR[11]: /etc/exports is missing on node 0
>   | ERROR[12]: /etc/vsftpd/vsftpd.conf is missing on node 0
>   | ERROR[13]: Optional file /etc/ctdb/static-routes is not present on node 0
> '/etc/hosts' differs in some newlines and comments while 'smb.conf' only
> has some different log levels on the nodes. The rest of the messages does
> not affect ctdb as it only manages samba.

Yes. Nothing relevant here.

> Feel free to ask if you need any more information.

Regards


-- 
Mathieu

Bug#803641: [pkg-horde] Bug#803641: Bug#803641: php-horde: Multiple CSRF Vulnerabilities

[Mathieu Parent]

2015-11-02 7:52 GMT+01:00 Mathieu Parent <math.par...@gmail.com>:
> Control: severity -1 important
> Control: tag -1 + confirmed upstream security patch jessie fixed-upstream 
> fixed
> Control: fixed -1 5.2.8+debian0-1
>
>
> 2015-11-01 12:37 GMT+01:00 Philip Frei <p...@gmx.de>:
>> Package: php-horde
>> Version: 5.2.1+debian0-2+deb8u1
>> Severity: normal
>>
>> Dear Maintainer,
>>
>> there are some multiple CSRF vulnerabilities in Horde that were recently
>> discovered[1].
>> The new version (5.2.8) in testing/unstable fixes this problem. But the
>> problem still exists for stable's version.
>> I would be nice to have a fixed version in stable too.
>
> This seems to be:
> https://github.com/horde/horde/commit/a199d74932c902844514b2a83d21e7e221257dae
>
> I will prepare an upload for next jessie point-release, unless you
> think it should go to the security mirors sooner.

I have prepared the upload to jessie-security:
http://anonscm.debian.org/cgit/pkg-horde/PEAR/php-horde.git/commit/?h=debian/jessie=47c6d6e6ad0836d657eee75e36ef8dbd19c843d2

To the security team: Can/Should I upload it?

Note that the Horde team doesn't provide CVEs, I've asked for it at:
http://lists.horde.org/archives/dev/Week-of-Mon-20141201/028821.html

Regards
-- 
Mathieu

Bug#803337: [Pkg-samba-maint] Bug#803337: Small error in smb.conf manpage

[Mathieu Parent]

Control: tag -1 upstream

2015-10-28 20:21 GMT+01:00 Yvan Masson :
> Package: samba-common-bin
> Version: 2:4.1.17+dfsg-2
> Severity: minor
>
> Dear maintainers,

Hello Yvan,

> In the smb.conf manpage, the following sentence is written:
[...]

Thanks for your report. Can you send a patch directly upstream?

See https://wiki.samba.org/index.php/Contribute

Regards

-- 
Mathieu

Bug#802989: [pkg-php-pear] Bug#802989: Composer: ~5 translates badly as (>= 5) and (<< 1~~)

[Mathieu Parent]

2015-10-25 21:03 GMT+01:00 David Prévot :
> Package: pkg-php-tools
> Version: 1.30
> Severity: normal
>
> Hi,

Hi David,

> While looking at the latest (2.0.1) version of phpunit-dbunit (Vcs up to
> date, except the changelog entry), I noticed that the following entry in
> composer.json:
>
> "require": {
> […]
> "phpunit/phpunit": "~5",
>
> was translated as “phpunit (>= 5), phpunit (<< 1~~)” by dh_phpcomposer,
> making the package uninstallable (even if phpunit 5 were available),
> instead of the expected “phpunit (>= 5), phpunit (<< 6~~)”.

Accorind to doc (https://getcomposer.org/doc/articles/versions.md#tilde):

Note: The ~ operator has an exception on its behavior for the major
release number. This means for example that ~1 is the same as ~1.0 as
it will not allow the major number to increase trying to keep
backwards compatibility.

> I haven’t tracked down the issue, sorry, but filling a bug report not to
> forget it.

Will fix and upload shortly (hopefully).

Regards
-- 
Mathieu

Bug#801919: ITP: php-pear -- PEAR - PHP Extension and Application Repository

[Mathieu Parent]

Package: wnpp
Severity: wishlist
Owner: Mathieu Parent <sath...@debian.org>

* Package name: php-pear
  Version : 1:1.10
  Upstream Author : a lot
* URL : https://pear.php.net/package/PEAR
* License : BSD-2-Clause
  Programming Lang: PHP
  Description : PEAR - PHP Extension and Application Repository

Current description (from src:php5):
 This package contains the base PEAR classes for PHP, as well as the PEAR
 installer.  Many PEAR classes are already packaged for Debian, and can be
 easily identified by names beginning with "php-", such as php-db and
 php-auth.  Note: to build and install precompiled PECL extensions, you
 will need one of the php development packages installed.
 .
 PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used
 open source general-purpose scripting language that is especially suited
 for web development and can be embedded into HTML.

This is to fix #714848. The package will be maintained in the pkg-php-pear ML.

To avoid having a circular dependency, I won't build-depend on pkg-php-tools,
as its dependencies:
- Archive_Tar
- Structures_Graph
- Console_Getopt
- XML_Util

Regards 

Mathieu Parent

Bug#795664: Fixed ruby-handlebars-assets FTBS

[Mathieu Parent]

Hello,

I've fixed the FTBS in my local git repo. I'll request pkg-ruby-extras
membership and upload the fixes next week. As don't know Ruby either,
can someone from the team review?

Detail:
* patch 0001: the package was previously splitted as libjs-handlebars
and libjs-handlebars.runtime
* patch 0002: missing ruby load path. This one is strange and I don't
understand why system load path should be listed here
* patch 0003: fixes js path. This is related to 0001
* TODO patch 0004: debian/changelog

Regards
-- 
Mathieu
From 23e6c7735a5421b5142bf47cc76d97ba72623931 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 04:58:28 +0200
Subject: [PATCH 3/3] Fix path during tests

---
 debian/patches/0002-Fix-slimbars-test.patch | 37 +
 debian/patches/series   |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 debian/patches/0002-Fix-slimbars-test.patch

diff --git a/debian/patches/0002-Fix-slimbars-test.patch b/debian/patches/0002-Fix-slimbars-test.patch
new file mode 100644
index 000..78c433f
--- /dev/null
+++ b/debian/patches/0002-Fix-slimbars-test.patch
@@ -0,0 +1,37 @@
+From: Mathieu Parent <math.par...@gmail.com>
+Date: Tue, 13 Oct 2015 05:26:45 +0200
+Subject: Fix slimbars test
+
+---
+ test/handlebars_assets/slimbars_test.rb | 5 +
+ 1 file changed, 5 insertions(+)
+
+diff --git a/test/handlebars_assets/slimbars_test.rb b/test/handlebars_assets/slimbars_test.rb
+index f162d81..2002f26 100644
+--- a/test/handlebars_assets/slimbars_test.rb
 b/test/handlebars_assets/slimbars_test.rb
+@@ -5,6 +5,11 @@ module HandlebarsAssets
+ include SprocketsScope
+ include CompilerSupport
+ 
++def teardown
++  HandlebarsAssets::Config.reset!
++  HandlebarsAssets::Handlebars.reset!
++end
++
+ def compile_slim(source)
+   Slim::Template.new(HandlebarsAssets::Config.slim_options) { source }.render
+ end
+diff --git a/test/test_helper.rb b/test/test_helper.rb
+index c829413..fc18e3c 100644
+--- a/test/test_helper.rb
 b/test/test_helper.rb
+@@ -57,7 +57,7 @@ module HandlebarsAssets
+ def reset!
+   @chomp_underscore_for_partials = nil
+   @compiler = nil
+-  @compiler_path = nil
++  @compiler_path = 'vendor/assets/javascripts'
+   @haml_options = nil
+   @known_helpers = nil
+   @known_helpers_only = nil
diff --git a/debian/patches/series b/debian/patches/series
index d77d941..543a72c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 engine-root.patch
+0002-Fix-slimbars-test.patch
-- 
2.6.1

From c20b61299da5ba14d7e61f8d66702beb251fb747 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 04:11:55 +0200
Subject: [PATCH 2/3] Fixing: uninitialized constant MiniTest::Test (NameError)
 (Closes: #795664)

---
 debian/ruby-tests.rake | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/ruby-tests.rake b/debian/ruby-tests.rake
index fc925a8..024e4ab 100644
--- a/debian/ruby-tests.rake
+++ b/debian/ruby-tests.rake
@@ -1,5 +1,6 @@
 require 'rake/testtask'
 Rake::TestTask.new(:test) do |test|
+  test.libs << '/usr/lib/ruby/vendor_ruby'
   test.libs << 'test'
   test.test_files = FileList["test/**/*_test.rb"]
   test.verbose = false
-- 
2.6.1

From 09f88579ab0f0b667ce40d56b0964af281d212f9 Mon Sep 17 00:00:00 2001
From: Mathieu Parent <math.par...@gmail.com>
Date: Tue, 13 Oct 2015 03:21:04 +0200
Subject: [PATCH 1/3] Remove circular dep on libjs-handlebars{,.runtime}

---
 debian/control | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/debian/control b/debian/control
index ab3e0c2..7388f96 100644
--- a/debian/control
+++ b/debian/control
@@ -4,8 +4,7 @@ Priority: optional
 Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org>
 Uploaders: Pirate Praveen <prav...@debian.org>
 Build-Depends: debhelper (>= 7.0.50~), gem2deb (>= 0.7.5~), ruby-slim,
- ruby-execjs, ruby-tilt, ruby-multi-json, ruby-sprockets, ruby-haml,
- libjs-handlebars (>= 2:0.20.1~), libjs-handlebars.runtime (>= 2:0.20.1~)
+ ruby-execjs, ruby-tilt, ruby-multi-json, ruby-sprockets, ruby-haml
 Standards-Version: 3.9.6
 Vcs-Git: git://anonscm.debian.org/pkg-ruby-extras/ruby-handlebars-assets.git
 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-ruby-extras/ruby-handlebars-assets.git;a=summary
-- 
2.6.1

Bug#800341: Fixed in git

[Mathieu Parent]

Hello,

I have fixed both problems in git.

I think commits 444a7fb4df and 6ac65f75a971a4a should be applied for
jessie too. What do you think? NB: the second commit should use
"pidfile: /var/run/squid3.pid" on jessie.


Regards
-- 
Mathieu Parent

Bug#801327: [Pkg-samba-maint] Bug#801327: ctdb: Man page for ctdb_diagnostics

[Mathieu Parent]

2015-10-08 18:49 GMT+02:00 Martijn van Brummelen :
> Dear Maintainer,

hello Martin,

> I created a manpage for ctdb_diagnostics.
> What do you think about it?

This is good. Can you please send this directly upstream? this can be
done by sending this to samba-technical mailing list [1], or creating
a pull-request to the samba github repository [2].

[1]:https://lists.samba.org/mailman/listinfo/samba-technical
[2]:https://github.com/samba-team/samba/pulls

Regards
-- 
Mathieu

Bug#784047: Moving from dh-make-php to pkg-php-tools in one month

[Mathieu Parent]

Hello,

Without any news within a month, I will go ahead and move this package
to pkg-php-tools.

Regards

-- 
Mathieu

Bug#801269: Superseeded by pkg-php-tools

[Mathieu Parent]

Package: dh-make-php
Version: 0.4.0
Severity: normal
Control: block -1 by 784047 784048 784049

Hello,

pkg-php-tools is here since wheezy (and squeeze-backports), and it builds most 
of the PEAR/PECL/Composer packages now. The major difference is that 
dh-make-php is CDBS-oriented and pkg-php-tools is dh7-oriented (but both can 
probably be used either way).

debpear can be used to bootstrap a package.

I propose to remove dh-make-php from stretch and sid, once the blocker bugs are 
fixed (currently: 3 reverse builddeps).

Thanks Uwe Steinmann for this package!

Regards

Mathieu Parent

Bug#800341: squid3: systemctl reports squid is running when there is a bungled squid.conf and it has exited.

[Mathieu Parent]

On Tue, 29 Sep 2015 18:36:59 +1300 Amos Jeffries  wrote:
> Hi Alex,
>  Thank you for this report.
>
> To summarize:
> * this appears to be a bug in systemd, or maybe systemd-shim
> * the systemd init.d script handler is lying and corrupting systemd state

See my explanations below.

>
> On Mon, 28 Sep 2015 14:26:00 +1300 Alex King wrote:
> >
> > For example, with squid running, add a nonsense line into the
> > configuration. Reload with "systemctl reload squid3". Now "systemctl
> > status squid3" shows:
> >
> > ● squid3.service - LSB: Squid HTTP Proxy version 3.x
> > Loaded: loaded (/etc/init.d/squid3)
> > Active: active (exited) since Mon 2015-09-28 13:31:37 NZDT; 12min ago
> > Process: 25937 ExecReload=/etc/init.d/squid3 reload (code=exited,
> status=0/SUCCESS)
>
> systemd is lying.

Nope, process has exited with exit status of 0.

>
> The init script contains this to exit with an error on squid.conf errors:
>res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
>   if test -n "$res";
>   then
> log_failure_msg "$res"
> exit 3
>   ...

This is were the error is.

With a faulty config, I have the following log:
FATAL: Bungled /etc/squid3/squid.conf line 272: http_access allow toto

The grep doesn't match! It should be grep -o "FATAL: .*"`.


> On most OS a shell script calling exit N with a non-0 value means
> failure. Apparently systemd is different.

As stated, "/etc/init.d/squid3 status" returned 0 here.
Once the attached patch is applied, and "systemctl daemon-reload" is
run, with a running service, doing the following will work as
expected:

me@srv:~$ sudo systemctl reload squid3.service
Job for squid3.service failed. See 'systemctl status squid3.service'
and 'journalctl -xn' for details.
me@srv:~$ systemctl status squid3.service
● squid3.service - LSB: Squid HTTP Proxy version 3.x
   Loaded: loaded (/etc/init.d/squid3)
   Active: active (running) (Result: exit-code) since mer. 2015-10-07
15:46:14 CEST; 1min 34s ago
  Process: 17652 ExecReload=/etc/init.d/squid3 reload (code=exited, status=3)
   CGroup: /system.slice/squid3.service
   ├─17066 /usr/sbin/squid3 -YC -f /etc/squid3/squid.conf
   ├─17069 (squid-1) -YC -f /etc/squid3/squid.conf
   ├─17070 (negotiate_wrapper_auth) --ntlm /usr/bin/ntlm_auth
--helper-protocol=squid-2.5-ntlmssp --kerberos
/usr/lib/squid3/negotiate_kerberos_auth -s HTTP/proxy-pp.nantes
   ├─17071 /usr/lib/squid3/negotiate_kerberos_auth -s
HTTP/proxy-pp.nantes@ad.nantes.net
   ├─17072 (ntlm_auth) --helper-protocol=squid-2.5-ntlmssp
   ├─17073 /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp
   ├─17074 (ntlm_auth) --helper-protocol=squid-2.5-basic
   ├─17075 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17076 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17077 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17078 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   ├─17079 /usr/bin/perl -w /usr/lib/squid3/ext_wbinfo_group_acl -K
   └─17080 (pinger)



Additionnaly (but this is orthogonal), the systemctl status command
will incorrectly report service as active if it exited with status 0.

To fix, run:
sudo mkdir /etc/systemd/system/squid3.service.d
cat &1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"
@@ -153,7 +153,7 @@
fi
;;
 reload|force-reload)
-   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"
@@ -166,7 +166,7 @@
fi
;;
 restart)
-   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL .*"`
+   res=`$DAEMON -k parse -f $CONFIG 2>&1 | grep -o "FATAL: .*"`
if test -n "$res";
then
log_failure_msg "$res"