Bug#897137: live-build: man -k and apropos don't work in live system

[Robert Munyer]

> While this fixes this feature, it bloats the image for a feature that is
> seldom used.

Seldom used?  I think of apropos and man as the most fundamental
commands in the Unix ecosystem.  They are the first thing I mention,
when people ask me about learning (or mastering) the system.

Bloat?  The last live image I built occupies ~2215 MiB.  In it,
"tar czf - -C /var/cache/man . | wc -c" prints 421793, less than
one fiftieth of one percent of the image size.

In a smaller live image with fewer packages, the cost would be even
less than 0.4 MiB.

Bug#682369: firefox-esr disobeys "until I close Firefox" cookie setting

[Robert Munyer]

Control: found -1 60.5.1esr-1~deb9u1
Control: retitle -1 firefox-esr disobeys "until I close Firefox" "cookies and 
site data" setting

To reproduce in version 60.5.1esr-1~deb9u1, currently in Debian stable:

Open Firefox ESR.

Configure Firefox thus:
  ≡
Preferences
  Privacy & Security
Browser Privacy
  Cookies and Site Data
Accept cookies and site data from websites (recommended)
  Keep until: I close Firefox

Browse to https://www.meetup.com .

Close Firefox.

After the preceding steps, meetup.com "cookies and site data" must not exist.
To see that meetup.com data still exist, continue with the following steps:

Open Firefox ESR.

View cookies and site data:
  ≡
Preferences
  Privacy & Security
Browser Privacy
  Cookies and Site Data
Manage Data...

Bug#682369: firefox-esr disobeys "until I close Firefox" cookie setting

[Robert Munyer]

Sven Joachim wrote:

> Basically that's the way session restore works, and I have
> always seen this as a feature rather than a bug, although
> that is certainly debatable.  Some upstream discussions:
>
> https://bugzilla.mozilla.org/show_bug.cgi?id=443354
> https://bugzilla.mozilla.org/show_bug.cgi?id=529644
> https://bugzilla.mozilla.org/show_bug.cgi?id=530594
> https://bugzilla.mozilla.org/show_bug.cgi?id=1286748

Sure, it's nice for some people, and in some situations.

But in this situation, Firefox is clearly retaining data
which the user has _explicitly_commanded_it_not_to_retain_.

Covertly disobeying the user's direct command is definitely,
not debatably, wrong.

I used the word "covertly" because Firefox accepts the user's
command, with no indication that it intends to disobey it.

In fact, the user generally doesn't know that the command has
been disobeyed, until after illegitimately retained data have
been exfiltrated to a server somewhere, which can't be undone.

Bug#741888: postfix: vulnerability, remotely exploitable, spews DSNs

[Robert Munyer]

Control: found -1 3.1.9-0+deb9u2

Scott Kitterman wrote:

> I agree this is a problem.  A design change like this should not be
> implemented at the distro level, so it's not a patch I would consider
> for Debian.  It should be discussed with the upstream developers.

Does upstream have a BTS?  I remember looking for an upstream BTS
when I filed this, and not finding one.  I did find a mailing list,
but it already had multiple reports about this vulnerability.

What I did to my own copy of Postfix (and shared with others, via
this bug report) was not a design change, but a surgical removal of
Postfix's ability to send "bounce" messages to strangers.

It's true that a design change would be better, but one doesn't want
to wait that long.  This exploit had been made public almost 10 years
before I first encountered it (in Petter Urkedal's 2004-09-17 message,
linked in my bug report) and the version of Postfix that's in Debian
Stable today is still vulnerable to this 14.4-year-old exploit!

I (and probably many others) want an MTA that just doesn't ever send
"bounce" messages to strangers.

Bug#897137: live-build: man -k and apropos don't work in live system

[Robert Munyer]

Package: live-build
Version: 1:20170213
Tags: patch

In a live system built by live-build, "man -k" and apropos produce
no output except the message ": nothing appropriate.", where
 is the argument that was given.

The cause is the command "rm -rf /var/cache/man/*" in
"/usr/share/live/build/hooks/normal/0190-remove-temporary-files.hook.chroot".

You can prevent the problem by doing the following before "lb config":

mkdir -p config/hooks/normal
cp -a 
/usr/share/live/build/hooks/normal/0190-remove-temporary-files.hook.chroot 
config/hooks/normal
patch config/hooks/normal/0190-remove-temporary-files.hook.chroot 
~/Downloads/don-t-remove-man-page-database-cache.patch

(The patch is attached below).

##  Live System Information:  ##

Name  Version
===-=-===
ii  live-boot 1:20170112
ii  live-config   5.20170112+deb9u1
ii  live-tools1:20151214+nmu1

Debian Release: 9.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

##  Host System Information:  ##

Name  Version
===-=-===
ii  debootstrap   1.0.89
ii  live-build1:20170213

Debian Release: 9.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-6-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

diff -Nru live-build-20170213/share/hooks/normal/0190-remove-temporary-files.hook.chroot live-build-20170213.1/share/hooks/normal/0190-remove-temporary-files.hook.chroot
--- live-build-20170213/share/hooks/normal/0190-remove-temporary-files.hook.chroot	2017-02-13 10:58:00.0 -0500
+++ live-build-20170213.1/share/hooks/normal/0190-remove-temporary-files.hook.chroot	2018-04-28 16:07:36.0 -0400
@@ -3,7 +3,6 @@
 set -e
 
 # Remove temporary files
-rm -rf /var/cache/man/*
 
 for _DIRECTORY in /tmp /var/tmp
 do

Bug#858709: live-config: Resolution changes and lost keystrokes, every 15 seconds

[Robert Munyer]

Control: reassign -1 live-config 5.20170112
Control: retitle -1 live-config: Resolution changes and lost keystrokes, every 
15 seconds

Bug#858709: debian-live: Resolution changes and lost keystrokes, every 15 seconds, in VirtualBox

[Robert Munyer]

Package: debian-live
Severity: normal

I think this will be helpful to anyone who wants to run a GUI in
a live Stretch image in VirtualBox.  None of my work-arounds seem
to be specific to VirtualBox, so this may also be helpful to people
using other (real or virtual) platforms.

I built a live Stretch image with task-kde-desktop, and booted it
in VirtualBox.  I expected to see a logged-in desktop environment,
but instead I saw a screen asking for DEBIAN LIVE USER's password.
Every 15 seconds, the VM's display window would change to a different
resolution and immediately change back, losing any password keystrokes
that I was typing while it was changing.  When I entered the password
I got a desktop environment, working as expected, except the resolution
changes and keystroke loss continued to happen every 15 seconds.

I determined that SDDM, which I don't think is supposed to run at all
on a live system, was successfully running its own X server, while the
autologin facility, which _is_ supposed be running an X server, was
trying and failing to start an X server, repeating every 15 seconds.

I was able to work around these problems by adding " xserver-xorg-legacy"
to config/package-lists/my.list.chroot, and creating an executable file
named config/hooks/live/no-sddm.hook.chroot containing these four lines:

#!/bin/sh
set -e
echo disabling sddm
systemctl disable sddm

##  Live System Information:  ##

Name  Version
===-=-===
ii  live-boot 1:20170112
ii  live-config   5.20170112
ii  live-tools1:20151214+nmu1

Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

##  Host System Information:  ##

Name  Version
===-=-===
ii  debootstrap   1.0.88
ii  live-build1:20170213

Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Bug#780747: reportbug: -o option is ignored on first run after fresh install

[Robert Munyer]

Control: found -1 6.6.6
Control: tags -1 - moreinfo unreproducible

I encountered this bug on Monday.  Yesterday I was able to reproduce
it while recording a transcript.  I used the ex command "%p" so that
all of the information that reportbug considered to be relevant would
be entered into the transcript.  I will attach the transcript below.

$ reportbug -o rb.txt
Welcome to reportbug! Since it looks like this is the first time you have used
reportbug, we are configuring its behavior. These settings will be saved to the
file "/home/user/.reportbugrc", which you will be free to edit further.
Please choose the default operating mode for reportbug.

1 noviceOffer simple prompts, bypassing technical questions.

2 standard  Offer more extensive prompts, including asking about things that a
moderately sophisticated user would be expected to know about
Debian.

3 advanced  Like standard, but assumes you know a bit more about Debian,
including "incoming".

4 expertBypass most handholding measures and preliminary triage routines.
This mode should not be used by people unfamiliar with Debian's
policies and operating procedures.

Select mode: [novice]
Will reportbug often have direct Internet access? (You should answer yes to
this question unless you know what you are doing and plan to check whether
duplicate reports have been filed via some other channel.) [Y|n|q|?]?
What real name should be used for sending bug reports?
[Debian Live user]>
Which of your email addresses should be used when sending bug reports? (Note
that this address will be visible in the bug tracking system, so you may want
to use a webmail address or another address with good spam filtering
capabilities.)
[user@debian.localdomain]>
Do you have a "mail transport agent" (MTA) like Exim, Postfix or SSMTP
configured on this computer to send mail to the Internet? [y|N|q|?]?
Please enter the name of your SMTP host. Usually it's called something like
"mail.example.org" or "smtp.example.org". If you need to use a different port
than default, use the : alternative format. Just press ENTER if you
don't have one or don't know, and so a Debian SMTP host will be used.
>
Please enter the name of your proxy server. It should only use this parameter
if you are behind a firewall. The PROXY argument should be formatted as a valid
HTTP URL, including (if necessary) a port number; for example,
http://192.168.1.1:3128/. Just press ENTER if you don't have one or don't know.
>
Default preferences file written. To reconfigure, re-run reportbug with the "--
configure" option.
Please enter the name of the package in which you have found a problem, or type
'other' to report a more general problem. If you don't know what package the
bug is in, please contact debian-u...@lists.debian.org for assistance.
> reportbug
Is "reportbug" actually the package you are having problems with [Y|n|q|?]?
*** Welcome to reportbug.  Use ? for help at prompts. ***
Note: bug reports are publicly archived (including the email address of the 
submitter).
Detected character set: UTF-8
Please change your locale if this is incorrect.

Using 'Debian Live user ' as your from address.
Getting status for reportbug...
Checking for newer versions at madison...
Will send report to Debian (per lsb_release).
Querying Debian BTS for reports on reportbug (source)...
175 bug reports found:

Bugs with severity important
1) #532150  reportbug: [regression] no longer supports custom mua commands
2) #564112  Checking status of source packages with many binaries can be sl
3) #709862  reportbug: GTK interface crashes on continue from package selec
4) #711404  reportbug's GTK interface crashes if spelling dictionaries for
5) #712415  reportbug doesn't notice installed foreign-architecture package
6) #717563  reportbug: web access thru proxy not available
7) #803675  reportbug: unable to report bug on kernel
8) #812220  reportbug: Bad Prompt Wording
9) #822522  reportbug: Crash when python-gtkspellcheck is installed
(1-9/175) Is the bug you found listed above [y|N|b|m|r|q|s|f|e|?]?
 Bugs with severity normal: 61 remain
   10) #265554  reportbug: on receiving SIGTERM, should also signal child proce
   11) #412914  reportbug: please add support for SSL protected SMTP communicat
   12) #431402  reportbug: Installed but not installed?
   13) #507600  bug script not ready for scripts
   14) #539157  direct SMTP send violates RFC1652 and sends unencoded 8-bit dat
   15) #539737  reportbug: RFC-1522-encoded headers for mutt
   16) #544485  special-case for severity of reports on linux-2.6
   17) #577278  reportbug: Attach options (-A) is not safe for UTF-8 content
   18) #579324  reportbug: doesn't cope with tr_TR locales
   19) #586680  Misnamed option --tls/smtptls with misleading docs and missing
   20) #590242  should always write realname/email on --configure
   21) #630086  reportbug does 

Bug#838952: w3m omits all of the text in this .html file

[Robert Munyer]

Package: w3m
Version: 0.5.3-29
Severity: normal

I have a .html file that contains lots of text, and is valid according
to w3c.org's validator, but when this file is given to w3m -dump there
is no content written to standard output, and no error message written
to standard error, and zero exit status returned to the parent process.

The content is copyrighted, so I redacted the content by replacing all
non-linefeed characters with "x", and found that the bug still occurs.

The redacted file is attached.

-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 4.6.0-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages w3m depends on:
ii  libc62.23-5
ii  libgc1c2 1:7.4.2-8
ii  libgpm2  1.20.4-6.2
ii  libssl1.0.2  1.0.2h-1
ii  libtinfo56.0+20160625-1
ii  zlib1g   1:1.2.8.dfsg-2+b1

Versions of packages w3m recommends:
ii  ca-certificates  20160104

Versions of packages w3m suggests:
pn  cmigemo   
pn  libsixel-bin  
ii  man-db2.7.5-1
ii  mime-support  3.60
pn  mpv   
pn  w3m-el
pn  w3m-img   
ii  wget  1.18-2+b1
pn  xdg-utils 
pn  xsel  

-- no debconf information


lots-of-x.html.bz2
Description: w3m omits all of the text in this .html file

Bug#682369: iceweasel: Tough cookie

[Robert Munyer]

Control: found -1 24.5.0esr-1~deb7u1
Control: tags -1 security

Bug still present in Iceweasel 24.5, in Debian 7.5 wheezy.

Because this bug can cause retention of data which the user
has explicitly commanded must not be retained (and then allow
exfiltration of the illegitimately retained data to a foreign
host!), I believe it needs the security tag.

To replicate the bug in Iceweasel 24.5.0esr-1~deb7u1:

Open Iceweasel.

Configure Iceweasel thus:
  Edit
Preferences
  Privacy
History
  Iceweasel will: Use custom settings for history
Accept cookies from sites
  Keep until: I close Iceweasel

Browse to http://noscript.net/features .

Click the Go back one page button.

Close Iceweasel.

After the preceding steps, the cookie must not exist.
To see that it does exist, continue with the following steps:

Open Iceweasel.

Click Restore Previous Session.

View cookies:
  Edit
Preferences
  Privacy
History
  Show Cookies...


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#741888: postfix: vulnerability, remotely exploitable, spews DSNs

[Robert Munyer]

Package: postfix
Version: 2.9.6-2
Severity: important
Tags: patch security

An unmodified Postfix install can be made to bounce arbitrary
content from an arbitrary internal address to an arbitrary external
address, by an external sender who has no affiliation with the
organization that's running Postfix.

The possibilities for offensive use of this exploit are interesting.
Suppose I want to prevent al...@a.com from receiving an important
message that I think b...@b.com may be about to send to her.  I can
take 5,000 randomly selected articles from my local news spool, and
cause b.com to bounce all of them from b...@b.com to postmas...@a.com.
This will likely cause a.com to block incoming mail from b...@b.com,
or from all of b.com... thus blocking Bob's message to Alice.

Or if I'm a spammer and I just want to cause trouble for b.com, I can
cause b.com to bounce spam to all the addresses in my listwash list.

To replicate this exploit, just add a Delivered-To: header with
the same address you're using as the envelope recipient.  Postfix
will detect a mail forwarding loop _after_ accepting the message,
and then bounce it to the envelope sender.  See the discussion at
http://mid.gmane.org/20040917175924.ga30...@ns2.nordita.dk.

In my own copy of Postfix, I have blocked this exploit by
intercepting outbound bounces and sending them to the local
postmaster instead.  (A patch is attached.)  If Postfix can't be
fixed to reject instead of bounce when it detects a forwarding loop,
then I think it would be desirable to have everyone's copy of Postfix
behave similarly, possibly switchable by a postconf option for any
site admins who actually want their site to send outbound bounces.



-- System Information:
Debian Release: 7.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages postfix depends on:
ii  adduser3.113+nmu3
ii  cpio   2.11+dfsg-0.1
ii  debconf [debconf-2.0]  1.5.49
ii  dpkg   1.16.12
ii  libc6  2.13-38+deb7u1
ii  libdb5.1   5.1.29-5
ii  libsasl2-2 2.1.25.dfsg1-6+deb7u1
ii  libsqlite3-0   3.7.13-1+deb7u1
ii  libssl1.0.01.0.1e-2+deb7u4
ii  lsb-base   4.1+Debian8+deb7u1
ii  netbase5.0
ii  ssl-cert   1.0.32

Versions of packages postfix recommends:
ii  python  2.7.3-4+deb7u1

Versions of packages postfix suggests:
ii  bsd-mailx [mail-reader]  8.1.2-0.2006cvs-1
pn  dovecot-common   none
ii  emacs23 [mail-reader]23.4+1-4
ii  libsasl2-modules 2.1.25.dfsg1-6+deb7u1
ii  mutt [mail-reader]   1.5.21-6.2+deb7u2
pn  postfix-cdb  none
pn  postfix-doc  none
pn  postfix-ldap none
pn  postfix-mysqlnone
pn  postfix-pcre none
pn  postfix-pgsqlnone
ii  procmail 3.22-20
pn  resolvconf   none
pn  sasl2-binnone
pn  ufw  none

-- debconf information excluded


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#739371: postfix: warning: hostname localhost does not resolve to address ::1: No address associated with hostname

[Robert Munyer]

That message is caused by a bug in Debian's Postfix package,
but the bug didn't just appear last month; it's been there
at least since 2012.  Probably something that changed on your
system last month caused fetchmail to start using the IPv6
loopback address instead of the IPv4 loopback address.

You can fix the bug with the patch provided by Tanguy Ortolo
in bug report #723915, or you may be able just to ignore it.
It's been happening on my mail server ever since I built it,
and hasn't caused any actual harm, AFAIK.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#741888: postfix: vulnerability, remotely exploitable, spews DSNs

[Robert Munyer]

diff -ur old/postfix-2.9.6/src/global/post_mail.c new/postfix-2.9.6/src/global/post_mail.c
--- old/postfix-2.9.6/src/global/post_mail.c	2007-02-12 15:34:48.0 -0500
+++ new/postfix-2.9.6/src/global/post_mail.c	2014-03-08 07:31:00.0 -0500
@@ -165,6 +165,10 @@
 #include post_mail.h
 #include mail_date.h
 
+/* Client stubs. */
+
+#include resolve_clnt.h
+
  /*
   * Call-back state for asynchronous connection requests.
   */
@@ -207,6 +211,23 @@
 	msg_fatal(unable to contact the %s service, var_cleanup_service);
 
 /*
+ * If trying to send to a domain which should be limited to
+ * authorized senders only, this is probably an attempt to do
+ * accept-then-bounce.  Send to the local postmaster instead.
+ */
+if (filter_class  INT_FILT_MASK_BOUNCE) {
+RESOLVE_REPLY reply;
+resolve_clnt_init(reply);
+resolve_clnt_query(recipient, reply);
+if (reply.flags  RESOLVE_CLASS_DEFAULT) {
+msg_warn(%s: blocking outbound message; diverting to postmaster,
+ vstring_str(id));
+recipient = postmaster;
+}
+resolve_clnt_free(reply);
+}
+
+/*
  * Generate a minimal envelope section. The cleanup service will add a
  * size record.
  */


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#739371: postfix: warning: hostname localhost does not resolve to address ::1: No address associated with hostname

[Robert Munyer]

 Simple patch, if I could find the file to apply it to :-). I take it
 the init.d file (strange name for a file) is in the source package.
 Do you know where I might find it outside of the source package, or is
 the behavior in this file essentially compiled into the binary?

In the installed package, its name is /etc/init.d/postfix.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#449012: Two more work-arounds

[Robert Munyer]

PROBLEM: the kernel clock lags, so badly that ntpd can't synchronize.

Solution: run aptitude intall adjtimex and adjtimex -t 10011.
Change the line TICK= to TICK=10011 in /etc/default/adjtimex.

PROBLEM: some server processes crash with a bus error, when receiving
a connection attempt from an intranet client which has no domain name.

This is bug #423222.

Solution: insert #  before mdns4, where mdns4 occurs at the
end of a line, in /etc/nsswitch.conf.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#452887: scsh-0.6: Some flags (e.g. open/create) have wrong values on SPARC

[Robert Munyer]

Package: scsh-0.6
Version: 0.6.7-3
Severity: normal

Some flags (e.g. open/create) have wrong values on SPARC.
One result of this is that create-temp-file doesn't work.

Transcript below shows correct value used by gcc, and
incorrect value used by scsh.

$ cat flag.c
#include sys/types.h
#include sys/stat.h
#include fcntl.h
#include stdio.h

int main (int argc, char **argv)
{ printf (O_CREAT = %ld\n, (long) O_CREAT);
  return 0;
}
$ cc flag.c
$ ./a.out
O_CREAT = 512
$ scsh
Welcome to scsh 0.6.7 (R6RS)
Type ,? for help.
 open/create
64
 (create-temp-file)

Error: 2
   No such file or directory
   #{Procedure 13389 (%open in scsh-level-0)}
   /var/tmp/53880
   193
   384
1

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: sparc (sparc64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-sparc64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages scsh-0.6 depends on:
ii  libc6  2.3.6.ds1-13etch2 GNU C Library: Shared libraries
ii  libelfg0   0.8.6-3   an ELF object file access library
ii  scsh-common-0.60.6.7-3   A `scheme' interpreter designed fo

scsh-0.6 recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#452886: kdegraphics: Version-restricted dependencies cause removal of 150+ packages

[Robert Munyer]

Package: kdegraphics
Version: 4:3.5.5-3etch2
Severity: normal

Running aptitude in Etch on SPARC, the keystrokes uUgg, which usually
just install security updates, now cause removal of over 150 packages
including all of KDE.  This is because kde depends on kdegraphics, and
security.debian.org has a recent Etch update of kdegraphics which depends
on (among others) version 4:3.5.5-3etch2 of kamera, which does not exist.

I think this is a near-duplicate of #325254, where Martin Schulze wrote:
 Why the )*(#%$ does a KDE package depend on the exact Debian version
 of another KDE package?  That should not be the case in the first place.

The next comment on #325254 seems to indicate that the version-restricted
dependencies were to be removed in the transition to KDE 3.4, but we are
well past that transition, and the version-restricted dependencies are
causing a problem again.

-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: sparc (sparc64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-sparc64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages kdegraphics depends on:
ii  kamera4:3.5.5-3etch1 digital camera io_slave for Konque
ii  kcoloredit4:3.5.5-3etch1 a color palette editor and color p
ii  kdegraphics-kfile-plugins 4:3.5.5-3etch1 KDE metainfo plugins for graphic f
ii  kdvi  4:3.5.5-3etch1 dvi viewer for KDE
ii  kfax  4:3.5.5-3etch1 G3/G4 fax viewer for KDE
ii  kfaxview  4:3.5.5-3etch1 G3/G4 fax viewer for KDE using kvi
ii  kgamma4:3.5.5-3etch1 gamma correction module for the KD
ii  kghostview4:3.5.5-3etch1 PostScript viewer for KDE
ii  kiconedit 4:3.5.5-3etch1 an icon editor for KDE
ii  kmrml 4:3.5.5-3etch1 a Konqueror plugin for searching p
ii  kolourpaint   4:3.5.5-3etch1 a simple paint program for KDE
ii  kooka 4:3.5.5-3etch1 scanner program for KDE
ii  kpdf  4:3.5.5-3etch1 PDF viewer for KDE
ii  kpovmodeler   4:3.5.5-3etch1 a graphical editor for povray scen
ii  kruler4:3.5.5-3etch1 a screen ruler and color measureme
ii  ksnapshot 4:3.5.5-3etch1 screenshot utility for KDE
ii  ksvg  4:3.5.5-3etch1 SVG viewer for KDE
ii  kuickshow 4:3.5.5-3etch1 KDE image/slideshow viewer
ii  kview 4:3.5.5-3etch1 simple image viewer/converter for 
ii  kviewshell4:3.5.5-3etch1 generic framework for viewer appli
ii  libkscan1 4:3.5.5-3etch1 scanner library for KDE

kdegraphics recommends no packages.

-- no debconf information



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#449012: installation-reports: Sun Blade 100: successful, after work-arounds

[Robert Munyer]

Package: installation-reports
Severity: normal



-- Package-specific info:

Boot method: CD
Image version: debian-40r0-sparc-netinst.iso
Date: Date and time of the install
2007 November 2
Machine: Sun Blade 100
Partitions: df -Tl will do; the raw partition table is preferred

FilesystemType   1K-blocks  Used Available Use% Mounted on
/dev/hda5 ext313050568   2423640   9963992  20% /
tmpfstmpfs  516936 0516936   0% /lib/init/rw
udev tmpfs   10240   104 10136   2% /dev
tmpfstmpfs  516936 0516936   0% /dev/shm

Base System Installation Checklist:
[O] = OK, [E] = Error (please elaborate below), [ ] = didn't try it

Initial boot:   [E]
Detect network card:[O]
Configure network:  [O]
Detect CD:  [O]
Load installer modules: [O]
Detect hard drives: [O]
Partition hard drives:  [O]
Install base system:[O]
Clock/timezone setup:   [O]
User/password setup:[O]
Install tasks:  [E]
Install boot loader:[E]
Overall install:[E]

Comments/Problems:

Description of the install, in prose, and any thoughts, comments
  and ideas you had during the initial install.

The [E] after Install tasks: above is for a misconfigured X server.
Aside from that, there was no problem with that installation phase.

Contrary to various reports on the Web, I had no problem with the
CD-ROM drivers.

PROBLEM: Debian-Installer kernel crashes while booting: Illegal
Instruction, Fast Data Access MMU Miss, Stack Underflow.

Solution: always turn power off after running Solaris and before running
any Linux kernel, including the installer.

PROBLEM: Debian-Installer kernel hangs while booting; last message is
Booting Linux

Solution: boot installer with the command install video=atyfb:off.

PROBLEM: Debian-Installer TUI is unusable: the highlighted menu item
looks the same as the unhighlighted items.

Solution: boot installer with the command install video=atyfb:off
DEBIAN_FRONTEND=text.

PROBLEM: newly installed Debian hangs while booting kernel; last message
is Booting Linux

Solution: boot Debian with the command Linux video=atyfb:off.  Later you
can add the line 'append=video=atyfb:off' before the first blank line
in /etc/silo.conf, so you won't have to type this parameter every time
you boot.

PROBLEM: monitor says Sync. Out of Range.

Solution: type Control-Alt-F2 to get a console.  Log in as root.  Stop the
X server.  (I used /etc/init.d/kdm stop, but you'll do something else
if you don't use KDE.  Possibly you can just replace the k with a
g.)  Add the line 'Option reference_clock 29.5 MHz' under 'Section
Device' in /etc/X11/xorg.conf.  Start the X server.

PROBLEM: unpleasant screen flicker, and inappropriate font sizes.

This is because the X Server didn't auto-identify your monitor.

Solution: look up your monitor's specifications.  Open a super-user
terminal window.  Run dpkg-reconfigure xserver-xorg and mostly accept
defaults, but change where necessary to match your specifications.
Edit /etc/X11/xorg.conf manually to set the display size in millimeters
(I added DisplaySize 306 230 under 'Section Monitor') and re-add
the reference_clock line because dpkg-reconfigure will have removed
it. Restart the X server.

PROBLEM: Debian-Installer overwrote the Solaris partition's bootloader,
and Solaris won't boot any more!

Solution: see Bug #293867.

-- 

Please make sure that the hardware-summary log file, and any other
installation logs that you think would be useful are attached to this
report. Please compress large files using gzip.

Once you have filled out this report, mail it to [EMAIL PROTECTED]

==
Installer lsb-release:
==
DISTRIB_ID=Debian
DISTRIB_DESCRIPTION=Debian GNU/Linux installer
DISTRIB_RELEASE=4.0 (installer build 20070308)
X_INSTALLATION_MEDIUM=cdrom

==
Installer hardware-summary:
==
umame -a: Linux debian 2.6.18-4-sparc64 #1 Wed Feb 21 16:19:25 UTC 2007 sparc64 
unknown
lspci -nn: 00:00.0 Host bridge [0600]: Sun Microsystems Computer Corp. Ultra 
IIe [108e:a001]
lspci -nn: 00:03.0 Non-VGA unclassified device []: ALi Corporation M7101 
Power Management Controller [PMU] [10b9:7101]
lspci -nn: 00:05.0 PCI bridge [0604]: Digital Equipment Corporation DECchip 
21152 [1011:0024] (rev 03)
lspci -nn: 00:07.0 ISA bridge [0601]: ALi Corporation M1533/M1535 PCI to ISA 
Bridge [Aladdin IV/V/V+] [10b9:1533]
lspci -nn: 00:08.0 Multimedia audio controller [0401]: ALi Corporation M5451 
PCI AC-Link Controller Audio Device [10b9:5451] (rev 01)
lspci -nn: 00:0c.0 Bridge [0680]: Sun Microsystems Computer Corp. RIO EBUS 
[108e:1100] (rev 01)
lspci -nn: 00:0c.1 Ethernet controller [0200]: Sun Microsystems Computer Corp. 
RIO GEM [108e:1101] (rev 01)
lspci -nn: 00:0c.2 FireWire (IEEE 1394) [0c00]: Sun Microsystems 

Bug#293867: This bug is much worse in Etch.

[Robert Munyer]

This bug is much worse in Etch.  Debian-Installer overwrites the
Solaris partition's bootloader, without even asking!  I am changing
the severity level to Critical.  One of the definitions of Critical
is makes unrelated software on the system (or the whole system)
break.  This bug breaks Solaris, which is unrelated software.

IMHO a fix for this bug should be included in 4.0r2; the potential
harm is too severe to justify fixing it only in Lenny.

Fortunately for me, unlike Mr. Egger, my new Debian installation
was usable (see Bug #449012) so at least I had one good operating
system.  I was able to repair the damage using the newly installed
Debian, without needing a Solaris CD.  For the benefit of others
who will be hit by this bug, I'll show how I repaired the damage.

Either:

dd if=/boot/old.b of=/dev/hda1 bs=512 seek=1 count=15
silo -t

Or:

mkdir /mnt/solaris
mount -rt ufs /dev/hda1 /mnt/solaris
find /mnt/solaris -name bootblk
# pathname of bootblk, below, is as found by the FIND command above
dd ibs=15b count=1 conv=sync obs=1b seek=1 of=/dev/hda1 \
   if=/mnt/solaris/usr/platform/sun4u/lib/fs/ufs/bootblk
umount /mnt/solaris
rmdir /mnt/solaris
silo -t

If you're paranoid, you'll want to retrieve both old.b and bootblk,
and verify that they are identical, modulo NUL-padding at the end.
(Mine were identical.)



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]