Bug#1037073: proot: New upstream version available: 5.4.0 - 2023-05-13

[Teodor Milkov]

Package: proot
Version: 5.1.0-1.3
Severity: normal

Dear Maintainer,

There's a new upstream version of proot with several fixes and enhancements.
For example, proot 5.1.0 that's currently included doesn't recognize the
statx() syscall, so "ls" doesn't work with it.


-- System Information:
Debian Release: bookworm/sid
APT prefers lunar
APT policy: (500, 'lunar'), (300, 'stable-updates'), (300, 
'stable-security'), (300, 'stable')

Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.2.0-20-generic (SMP w/4 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US

Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages proot depends on:
ii libc6 2.37-0ubuntu2
ii libtalloc2 2.4.0-f2

proot recommends no packages.

proot suggests no packages.

-- no debconf information

Bug#1036905: libdoxygen-filter-perl has new upstream version 1.73

[Teodor Milkov]

Package: libdoxygen-filter-perl
Version: 1.72-3

There's new upstream version with some support for subroutine signatures.

Bug#1017647: Update ucarp to current upstream version

[Teodor Milkov]

Package: ucarp
Version:1.5.2-2.2 There's newer version available at 
https://github.com/jedisct1/UCarp/ sadly still listed as 1.5.2 Among 
changes are the addition of --debug and --mcastip options, as well as 
some fixes. Please, consider updating.

Bug#886941: libproc-processtable-perl: Recognize the new P (parked) process state

[Teodor Milkov]

Package: libproc-processtable-perl
Version: 0.53-2+b2
Severity: normal
Tags: upstream

Dear Maintainer,

There is a new process state with newer kernels: P (parked).

It is intrudced there: https://lkml.org/lkml/2017/9/25/257

There's already fix in the upstream 
https://github.com/jwbargsten/perl-proc-processtable/commit/383e79030a946c9eea9e800b04caca3c8552f5b5


Please, consider applying this fix.


-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 4.14.11 (SMP w/4 CPU cores)

Versions of packages libproc-processtable-perl depends on:
ii  libc6   2.24-11+deb9u1
ii  perl    5.24.1-3+deb9u2
ii  perl-base [perlapi-5.24.1]  5.24.1-3+deb9u2

libproc-processtable-perl recommends no packages.

libproc-processtable-perl suggests no packages.

Bug#883458: ucarp on vlan interfaces broken by ifupdown's recursion check

[Teodor Milkov]

Package: ucarp
Version: 1.5.2-2+b1
Severity: normal

Dear Maintainer,

There's new version of ifupdown in Debian Stretch that adds additional 
locking and recursion checks.


Unfortunately, the way ucarp is currently integrated in 
/etc/network/ifu-up.d/ucarp is not compatible with the new ifupdown when 
using vlan interfaces.


This new ifupdown version uses environment variables to detect recursive 
locks.


ucarp daemon is started from the up (more specifically if-up.d/ucarp) 
stanza of the vlan (e.g. eth0.2) interfaces, so the environment 
variables are inherited.


Later, when ucarp daemon tries to bring the alias interfaces 
(eth0.2:ucarp) it calls ifup (through vip-up), which inherits the 
environment from ucarp and tries to ensure there are no recursive locks 
by checking for the presence of IFUPDOWN_eth0 env var with value 
"parent-lock". Because there IS such a var, ifup fails with:


ifup: recursion detected for parent interface bond0 in parent-lock phase

I'm attaching my workaround for this problem, as well as added logging 
for vip-up scripts.

Logging would be better handled from within ucarp binary imo.

See also this similar (but not the same) bug: 
https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1545302


--- etc/network/if-up.d/ucarp
+++ etc/network/if-up.d/ucarp
@@ -1,5 +1,5 @@
-#!/bin/sh
+#!/bin/bash
 
 UCARP=/usr/sbin/ucarp
 EXTRA_PARAMS=""
 
@@ -44,8 +44,19 @@
 fi
 
 if [ -n "$IF_UCARP_VID" -a -n "$IF_UCARP_VIP" -a \
 -n "$IF_UCARP_PASSWORD" ]; then
+
+	# Workaround for ifupdown recursive lock false positive (ADMIN-517)
+	IFS_OLD=$IFS
+	IFS='='
+	while read -r key val; do
+		if [ "$key" = "IFUPDOWN_${IFACE%%.*}" -a "$val" = "parent-lock" ]; then
+			unset eval "$key"
+		fi
+	done < <(env)
+	IFS=$IFS_OLD
+
 $UCARP -i $IFACE -s $IF_ADDRESS -B -z -v $IF_UCARP_VID \
 -p $IF_UCARP_PASSWORD -a $IF_UCARP_VIP -u $IF_UCARP_UPSCRIPT \
 -d $IF_UCARP_DOWNSCRIPT $EXTRA_PARAMS
 fi
--- usr/share/ucarp/vip-up
+++ usr/share/ucarp/vip-up
@@ -1,3 +1,3 @@
 #!/bin/sh
 
-/sbin/ifdown $1:ucarp
+/sbin/ifdown $1:ucarp 2>&1 |logger --stderr --tag "ucarp-${0##*/}"

Bug#698218: roundcube-core: maybe remove obsolete entries from /e/r/htaccess?

[Teodor MICU]

2017-09-10 19:47 GMT+03:00 Sandro Knauß :
> just for me to understand, you are asking for the default deactivated parts to
> be updated? Or are you suggesting to enable them by default? Because from your
> inital report you only mention deactivated lines:
>   # http://bugs.php.net/bug.php?id=30766
>   #php_value   mbstring.func_overload  0
>
>   # replace 'append' with 'merge' for Apache version 2.2.9 and later
>   #Header append Cache-Control public env=!NO_CACHE

At that time I was asking to have both deactivated by default in Debian.

Bug#870255: whois: Can't retrieve nameserver information

[Teodor Milkov]

On 31.07.2017 17:47, Marco d'Itri wrote:

On Jul 31, Teodor Milkov <t...@del.bg> wrote:


Unfortunately nameserver queries do not work in 5.2.17, so I ended up using
both old and new whois at the same time:

This is a feature: if you want to query for a name server then you should use
the appropriate sintax.

whois (5.2.13) unstable; urgency=medium

   * Use "domain" instead of "=" for default verisign-grs queries,
 to ignore the name server names spam.


Ah, I didn't find anything about this special syntax in the man page, sorry.

It seems to work, so this bug should be closed now.

Bug#870255: whois: Can't retrieve nameserver information

[Teodor Milkov]

On 31.07.2017 14:02, Marco d'Itri wrote:

On Jul 31, Teodor Milkov <t...@del.bg> wrote:


Recently (past week?) something changed in the whois servers and we started
to
get much less information about domains.

Fixed in 5.2.17, I will make a stable update later this week.
Until then, you can just manually install the package from testing.


I did try 5.2.17 and domain details are working again, which is great.

Unfortunately nameserver queries do not work in 5.2.17, so I ended up 
using both old and new whois at the same time:

 * /usr/local/bin/whois-5.2.17 for domains
 * /usr/local/bin/whois-5.2.7  for nameservers

Bug#870255: whois: Can't retrieve nameserver information

[Teodor Milkov]

Package: whois
Version: 5.2.14
Severity: normal

Dear Maintainer,

Recently (past week?) something changed in the whois servers and we 
started to

get much less information about domains.

Previously there were entries for "Admin Name:", "Tech Name:" and so on. 
After
the change these additional details disappeared and we were left with 
only the

base info such as "Domain Name:", "Registrar:" and "Name Server:".

I've upgraded to latest whois 5.2.17, which brought the detailed info back.
Unfortunately it doesn't work for nameserver queries. For example the
following command used to work:

$ whois -H ns1.google.com
No match for domain "NS1.GOOGLE.COM".

I can get the previous result if I specify a particular whois server:

$ whois -H ns1.google.com -h whois.verisign-grs.com
   Server Name: NS1.GOOGLE.COM
   IP Address: 216.239.32.10
   Registrar: MarkMonitor Inc.
   Registrar WHOIS Server: whois.markmonitor.com
   Registrar URL: http://www.markmonitor.com
>>> Last update of whois database: 2017-07-31T10:37:43Z <<<


Best regards,
Teodor

-- System Information:
Debian Release: stretch/sid

Bug#842718: closed by Osamu Aoki <os...@debian.org> (Bug#842718: fixed in maildrop 2.8.4-2)

[Teodor Milkov]

Hello,

Maybe I do not understand how bug fixes are handled in Debian, but the 
original bug report is still valid: maildrop version in Jessie is still 
2.7.1-3 and buggy.


The 5 lines patch from 
https://sourceforge.net/p/courier/courier-libs.git/ci/86eac1206be963bcd3108774ccac1afc7a61a930/ 
would fix it and we are actually using it for more than 2 years already 
with locally compiled maildrop.



Best regards,
Teodor

On 11.12.2016 07:51, Debian Bug Tracking System wrote:

This is an automatic notification regarding your Bug report
which was filed against the maildrop package:

#842718: maildrop: header add/match corruption bug with -A

It has been closed by Osamu Aoki <os...@debian.org>.

Their explanation is attached below along with your original report.
If this explanation is unsatisfactory and you have not received a
better one in a separate message then please contact Osamu Aoki 
<os...@debian.org> by
replying to this email.




--
Teodor Milkov | http://icdsoft.com
Head of Linux Development & Operations

Bug#844542: /sbin/writeboost doesn't work for static options (e.g. write_around_mode)

[Teodor Milkov]

Package: writeboost
Version: 1.20160718-1

Hello,

We found that //sbin/writeboost/ doesn't work with devices in 
/write_around_mode/, because it is a static option and the script tries 
to setup wb cache without any options and then send options as sequence 
of dmsetup message commands.


For example we have the following //etc/writeboosttab/:

wb-disk123/dev/vg0/disk123  /dev/sdc1 
write_around_mode=1,read_cache_threshold=127


Then running //etc/init.d/writeboost start/ results in:

writeboost: mapping wb-disk123
writeboost: wb-disk123 mapped.
device-mapper: message ioctl on wb-disk123 failed: Invalid argument
Command failed

After the above error /write_around_mode=1/ is missing from the output 
of the /dmsetup table/ command.


Please find attached a patch, which rectifies the problem for us.

Best regards,
Teodor
--- writeboost.orig	2016-11-16 17:54:14.935717731 +0200
+++ writeboost	2016-11-16 17:52:02.695445860 +0200
@@ -147,13 +147,20 @@
 [ -z "$B" ] && continue ## unable to get size of cached device.
+
+	if [ -n "$O" ]; then
+		opts=''
+		opts_n=0
+		IFS_BAK="${IFS}"
+		IFS=','
+		for I in $O; do
+			opts="$opts ${I%%=*} ${I##*=}"
+			opts_n=$(( opts_n + 2 ))
+		done
+		IFS="${IFS_BAK}"
+	fi
+
 logger --tag writeboost --stderr "mapping $M"
-dmsetup create "$M" --table "0 $B writeboost $H $S"
+dmsetup create "$M" --table "0 $B writeboost $H $S $opts_n $opts"
+
 if [ -b "/dev/mapper/$M" ]; then
 logger --tag writeboost --stderr "$M mapped."
-[ -z "$O" ] && continue
-IFS_BAK="${IFS}"
-IFS=','
-for I in $O; do
-dmsetup message "$M" 0 ${I%%=*} ${I##*=}
-done
-IFS="${IFS_BAK}"
 else

Bug#842718: maildrop: header add/match corruption bug with -A

[Teodor Milkov]

Package: maildrop
Version: 2.7.1-3
Severity: normal

Dear Maintainer,

There's a bug in the maildrop version currently in Jessie discussed here: 
http://courier-mail-server.10983.n7.nabble.com/Interesting-bug-failed-to-match-after-adding-headers-in-maildrop-td21606.html

This bug is fixed with 
https://sourceforge.net/p/courier/courier-libs.git/ci/86eac1206be963bcd3108774ccac1afc7a61a930/

Please consider backporting, because this bug makes maildrop unusable in many 
situations.


-- System Information:
Debian Release: 8.6

Bug#644240: bat: ASSERT failure in QList::operator[]: "index out of range"

[Teodor MICU]

Hi,

2016-09-21 0:58 GMT+03:00 Carsten Leonhardt :
> do you still have this problem with a current bacula version?

I cannot test this anymore, from what I know they (old job) still use
the old bacula version. I suppose you can close this bug.

Thanks

Bug#838293: /sbin/writeboost uses deprecated blockdev --getsize

[Teodor Milkov]

Package: writeboost
Version: 1.20160718-1

Doesn't work with large devices.

--getsize
  Print device size (32-bit!) in sectors. Deprecated in 
favor of the --getsz option.



Best regards,
Teodor

Bug#820328: perl: UTF-8 in regular expressions sometimes causing a crash

[Teodor Milkov]

Package: perl
Version: 5.20.2-3+deb8u4
Severity: normal

Dear Maintainer,

There's a bug introduced in Perl 5.20.2 involving UTF-8 in regular expressions 
and sometimes causing a crash has been fixed.

It's fixed in 5.20.3. More information: 
https://rt.perl.org/Public/Bug/Display.html?id=124109



-- System Information:
Debian Release: 8.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (x86_64)
Foreign Architectures: amd64

Kernel: Linux 3.14.51-grsec (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Init: sysvinit (via /sbin/init)

Versions of packages perl depends on:
ii  dpkg  1.17.26
ii  libbz2-1.01.0.6-7+b3
ii  libc6 2.19-18+deb8u4
ii  libdb5.3  5.3.28-9
ii  libgdbm3  1.8.3-13.1
ii  perl-base 5.20.2-3+deb8u4
ii  perl-modules  5.20.2-3+deb8u4
ii  zlib1g1:1.2.8.dfsg-2+b1

Versions of packages perl recommends:
ii  netbase  5.3
ii  rename   0.20-3

Versions of packages perl suggests:
ii  libterm-readline-gnu-perl  1.24-2+b1
ii  make   4.0-8.1
pn  perl-doc   

-- debconf-show failed

Bug#810799: libcgi-session-perl: Perl DSA-3441-1 exposes taint bug in CGI::Session::Driver::file

[Teodor Milkov]

Hello,

I've just installed libcgi-session-perl 4.48-3, but still my twiki spew 
the following error:


/Insecure dependency in sysopen while running with -T switch at 
/usr/share/perl5/CGI/Session/Driver/file.pm line 107. /


I had to apply the following patch to mute it:

--- tmp/file.pm 2016-01-19 11:17:45.0 +0200
+++ /usr/share/perl5/CGI/Session/Driver/file.pm 2016-01-19 
11:11:46.0 +0200

@@ -52,6 +52,8 @@
 return $self->set_error( "_file(): Session ids cannot contain 
\\ or / chars: $sid" );

 }

+($sid) = $sid =~ /(.*)/;
+
 return File::Spec->catfile($self->{Directory}, sprintf( $FileName, 
$sid ));

 }


Best regards,
Teodor

On 15.01.2016 23:47, Niko Tyni wrote:

Source: libcgi-session-perl
Source-Version: 4.48-1+deb8u1

We believe that the bug you reported is fixed in the latest version of
libcgi-session-perl, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 810...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Niko Tyni <nt...@debian.org> (supplier of updated libcgi-session-perl package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 15 Jan 2016 17:37:38 +0200
Source: libcgi-session-perl
Binary: libcgi-session-perl
Architecture: source all
Version: 4.48-1+deb8u1
Distribution: jessie
Urgency: medium
Maintainer: Debian Perl Group <pkg-perl-maintain...@lists.alioth.debian.org>
Changed-By: Niko Tyni <nt...@debian.org>
Description:
  libcgi-session-perl - persistent session data in CGI applications
Closes: 810799
Changes:
  libcgi-session-perl (4.48-1+deb8u1) jessie; urgency=medium
  .
* Team upload.
* Untaint raw data coming from session storage backends.
  + fixes a taint regression caused by CVE-2015-8607 fixes in perl
(Closes: #810799)
Checksums-Sha1:
  dd9f83880c6e00799d0227ab97f0a53d9f4e3e56 2310 
libcgi-session-perl_4.48-1+deb8u1.dsc
  3f414fda9db1f6709c2138f88eabfb006ac07959 5212 
libcgi-session-perl_4.48-1+deb8u1.debian.tar.xz
  416fa42341118941ded98b8bac1724b99c06662e 118682 
libcgi-session-perl_4.48-1+deb8u1_all.deb
Checksums-Sha256:
  89a831bc5ee51ed2efa734c0424e38b99a53fcccddebfa0c75cdbcc06de5e8db 2310 
libcgi-session-perl_4.48-1+deb8u1.dsc
  0fd7899549ba370648c84daf47a9c9c9db027503a2b649be206bb03540a06078 5212 
libcgi-session-perl_4.48-1+deb8u1.debian.tar.xz
  7620fec43861ee6aff8c4ce9614438738a3142dfe0a501f9d26ae0658f2aeb6d 118682 
libcgi-session-perl_4.48-1+deb8u1_all.deb
Files:
  e8763ea03d0ee8263025f2fa212ef1f4 2310 perl optional 
libcgi-session-perl_4.48-1+deb8u1.dsc
  fe371a64c0d220a676692b98af27e014 5212 perl optional 
libcgi-session-perl_4.48-1+deb8u1.debian.tar.xz
  ed1fc424632fca5164cda489517ecb89 118682 perl optional 
libcgi-session-perl_4.48-1+deb8u1_all.deb

-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCAAGBQJWmRQEAAoJEC7A/7O3MBsfS8sP/jNEBmo7hVWLjzXGHfCEGSzd
TUKWO9+nVBxESs64j4gBVGuAAK56AL8U55CYWmHxUGhY6vFS7orp3vrxbNtwvAvU
xJsRYtj/zZk/2erwHMXiHFFGAU3ItqzNfD4Rper8LwllsvWy8vdY1EXaMTYW0qA0
hkxuVPeXYzFNq0FAfGbksxPTcXce0GmxKm/j7btVsgedPcGbSGlSPxhwbdM2QSiX
IExK3y9au5UNKkTYXYgmh0Lyt5SSBoiMvn65ZZ4B6ZkMVywchmBjM8B+ysIqvedy
zB908tt7SX/Yf9zbuaXzT+krT5yBgT7MJIYZHD7ELMTHsy+CEkqEZhSq3X4pAg/6
EP1WAdLuiTsjG3D9+N6mYaTrCV2OSTLnxrzwGMDoMEQrIUBEie+QjaI9cPvfqK2k
jPjzbORIWMJSyLFy3u5pEW8MhsvlFj4cpDfkMxYgTBCYf03SSCfelp38L5c3CrQw
nj3jn7EYYi790khxso9NJlH9tKi8FVKUbSlUcXo6SzJYwnvrvT1AExW8187FQhAo
U7+aqUyeYc70vLKcVoY+dP1dvQJMrlHAzRkKNVFlMyfC3nmeDhRqVgZdQrB68gPj
H7y9zelIS6Bj7bBa8fnUb/4vcRzGdrNUWnq7E8WCS95drOfbpQtnm2pHUK8OesOH
/9yYiMLdXphy2992JeIS
=4mF8
-END PGP SIGNATURE-

Bug#786685: proftpd-basic: SSL / TLS handshakes for data connections sometimes stall for 3-30 seconds

[Teodor Milkov]

Hi,

This is affecting a lot of people. Also, there's new upstream bugfix 
release 1.3.5a addressing this issue.

Please, consider applying the patch.

Best regards.

Bug#789054: sudo: PERM_ROOT: setresuid(0, -1, -1): too many processes

[Teodor Milkov]

Package: sudo
Version: 1.8.5p2-1+nmu2
Severity: normal
Tags: patch upstream

Dear Maintainer,

This is regression in upstream sudo, which is already fixed in official sudo 
repo.

Long story short: a user with limited max user processes cannot sudo to root.

For more details and discussion see: 
http://www.sudo.ws/pipermail/sudo-users/2015-June/005641.html

There's the fix: http://www.sudo.ws/repos/sudo/rev/e6a03c31f4e5

Please consider backporting this fix for Jessie.


-- System Information:
Debian Release: 7.8
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: i386 (x86_64)

Kernel: Linux 3.14.44-grsec (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages sudo depends on:
ii  libc6   2.13-38+deb7u8
ii  libpam-modules  1.1.3-7.1
ii  libpam0g1.1.3-7.1
ii  libselinux1 2.3-2

sudo recommends no packages.

sudo suggests no packages.

-- Configuration Files:
/etc/sudoers changed [not included]

-- debconf-show failed


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#751931: Not enabled by default

[Teodor Väänänen]

I get affected by something which I suspect is this bug.
When I install the php5-pecl-http package from the repo, I start getting 
error messages from cron which I managed to narrow down to a single 
module as to source
The message, which I get each time /usr/lib/php5/sessionclean is run is 
as follows:


PHP Warning:  PHP Startup: Unable to load dynamic library 
'/usr/lib/php5/20131226/http.so' - /usr/lib/php5/20131226/http.so: 
undefined symbol: php_persistent_handle_abandon in Unknown on line 0


My temporary fix has been to simply not try to load the http.so module 
for now and rely on a replacement function, but I would prefer not to.


Talking with people over at ##php over at Freenode irc, it seems the 
issue is caused by a mismatch between how the main PHP code and the PECL 
PHP extension is compiled.


Hope these nuggets of information help :)

/Teo.


--
Teodor Väänänen  | Don't meddle in the affairs of wizards,
tvi...@sm0tvi.net| for you are good and crunchy with
Remove QRM to reply  | ketchup.


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698821: linux-image-3.2.0-4-amd64: ARECA driver arcmsr is out of date - please update

[Teodor Milkov]

FTR,

It seems newest areca driver is finally merged into vanilla kernel 3.18: 
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/scsi/arcmsr/arcmsr_hba.c?id=b2776bf7149bddd1f4161f14f79520f17fc1d71d


Unfortunately, neither Wheezy nor Jessie have support for 1214 and 
there's even regression for 1882 in some configurations (doesn't work on 
supermicro X10 mobo's).


Please, consider backporting areca updates from 3.18/3.19 to Jessie 
kernel (3.16).



--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#774760: quagga: Support linux kernel 3.14 (CVE-2014-0181 netlink fix)

[Teodor Milkov]

Package: quagga
Version: 0.99.22.4-1+wheezy1
Severity: wishlist

Dear Maintainer,

Quagga 0.9.22 no longer works with recent kernels due to security fix 
for CVE-2014-0181:

  http://www.spinics.net/lists/netdev/msg280198.html

zebra can't insert routing entries with the following error:

  zebra[2726]: netlink-cmd error: Operation not permitted, 
type=RTM_NEWROUTE(24), seq=82, pid=0


This shouldn't be a issue if using Debian's 3.2 kernel,
but still it'd be nice if we could enjoy latest kernel's improvements.

Fix seems trivial as per:
https://github.com/opensourcerouting/quagga/commit/8e998b1eb5fea53f2a2eddd9f7f2b8ab004406f3


Best regards,
Teodor

-- System Information:
Debian Release: 7.7
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.65-grsec (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages quagga depends on:
ii  adduser3.113+nmu3
ii  debconf [debconf-2.0]  1.5.49
ii  iproute20120521-3+b3
ii  libc6  2.13-38+deb7u6
ii  libcap21:2.22-1.2
ii  libpam0g   1.1.3-7.1
ii  libreadline6   6.2+dfsg-0.1
ii  libtinfo5  5.9-10
ii  logrotate  3.8.1-4

quagga recommends no packages.

Versions of packages quagga suggests:
ii  snmpd  5.4.3~dfsg-2.8+deb7u1

-- Configuration Files:
/etc/quagga/daemons changed [not included]

-- debconf information excluded


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#767742: linux-image-3.16.0-4-amd64: screen flickering with ATI Radeon X1600

[Teodor]

Package: src:linux
Version: 3.16.7-2
Followup-For: Bug #767742

Hi

It appears that this problem affects multiple graphic cards that depend on
the 'radeon' kernel module. Using 'nomodesetting' is not an option because
the resolution gets too small (1024x768).

On this laptop I still use the last 3.14.x kernel to be usable. Please
include the proposed patch in Debian 8.0.

Thanks



-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: Hewlett-Packard
product_name: HP Compaq nw8440 (RH415EA#ABB)
product_version: F.16
chassis_vendor: Hewlett-Packard
chassis_version: 
bios_vendor: Hewlett-Packard
bios_version: 68YVD Ver. F.16
board_vendor: Hewlett-Packard
board_name: 30A3
board_version: KBC Version 40.19

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Mobile 945GM/PM/GMS, 943/940GML 
and 945GT Express Memory Controller Hub [8086:27a0] (rev 03)
Subsystem: Hewlett-Packard Company Compaq nw8440 [103c:30a3]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort+ SERR- PERR- INTx-
Latency: 0
Capabilities: access denied

00:01.0 PCI bridge [0604]: Intel Corporation Mobile 945GM/PM/GMS, 943/940GML 
and 945GT Express PCI Express Root Port [8086:27a1] (rev 03) (prog-if 00 
[Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=01, subordinate=01, sec-latency=0
I/O behind bridge: 4000-4fff
Memory behind bridge: f460-f46f
Prefetchable memory behind bridge: e000-efff
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort+ SERR- PERR-
BridgeCtl: Parity- SERR- NoISA+ VGA+ MAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: access denied
Kernel driver in use: pcieport

00:1b.0 Audio device [0403]: Intel Corporation NM10/ICH7 Family High Definition 
Audio Controller [8086:27d8] (rev 01)
Subsystem: Hewlett-Packard Company Compaq nw8440 [103c:30a3]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Interrupt: pin A routed to IRQ 45
Region 0: Memory at f470 (64-bit, non-prefetchable) [size=16K]
Capabilities: access denied
Kernel driver in use: snd_hda_intel

00:1c.0 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI Express Port 
1 [8086:27d0] (rev 01) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=08, subordinate=08, sec-latency=0
I/O behind bridge: 6000-6fff
Memory behind bridge: f410-f41f
Prefetchable memory behind bridge: c400-c41f
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR-
BridgeCtl: Parity- SERR- NoISA+ VGA- MAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: access denied
Kernel driver in use: pcieport

00:1c.1 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI Express Port 
2 [8086:27d2] (rev 01) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR- INTx-
Latency: 0, Cache Line Size: 64 bytes
Bus: primary=00, secondary=10, subordinate=10, sec-latency=0
I/O behind bridge: 7000-7fff
Memory behind bridge: f400-f40f
Prefetchable memory behind bridge: c420-c43f
Secondary status: 66MHz- FastB2B- ParErr- DEVSEL=fast TAbort- TAbort- 
MAbort- SERR- PERR-
BridgeCtl: Parity- SERR- NoISA+ VGA- MAbort- Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: access denied
Kernel driver in use: pcieport

00:1c.3 PCI bridge [0604]: Intel Corporation NM10/ICH7 Family PCI Express Port 
4 [8086:27d6] (rev 01) (prog-if 00 [Normal decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 

Bug#754294: Debian kernel fix for routing regression in 3.2.60

[Teodor Milkov]

On 13/07/14 19:55, Ben Hutchings wrote:

Sorry about the regression in the latest security update.  This is
apparently the result of an incomplete fix for a longstanding bug in
routing between interfaces with differing MTU.  The first part of the
fix went into 3.2.57, and the second part in 3.2.60.  It appears that
several more changes would need to be applied to complete the fix and
avoid this regression.

So, what I'm intending to do is to revert both those changes.  That will
leave the original bug present, but this will not be a regression from
the earlier Debian 7 'wheezy' kernel versions.

I have rebuilt the kernel for amd64 with these changes and uploaded to
http://people.debian.org/~benh/packages/wheezy-security/.  The changes
file is signed with my GPG key and there are also detached GPG
signatures for the linux-image binary packages.  You can verify these
using:

 gpg --keyring /usr/share/keyrings/debian-keyring.gpg --verify sig-file

If you need packages for another architecture or you're not sure about
the signature checking, you can build packages using the instructions at
http://kernel-handbook.alioth.debian.org/ch-common-tasks.html#s-common-official
 and the attached patches (revert-net-ipv4-ip_forward-fix-inverted-local_df-tes.patch 
followed by
revert-net-ip-ipv6-handle-gso-skbs-in-forwarding-pat.patch).

After applying the above two patches all is good. Here's how I tested:

apt-get update
apt-get build-dep linux

mkdir linux-deb
cd linux-deb
apt-get source linux=3.2.60-1+deb7u1
wget --no-check-certificate 
https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=50;filename=revert-net-ip-ipv6-handle-gso-skbs-in-forwarding-pat.patch;att=1;bug=754294; 
-O revert-net-ip-ipv6-handle-gso-skbs-in-forwarding-pat.patch
wget --no-check-certificate 
https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=50;filename=revert-net-ipv4-ip_forward-fix-inverted-local_df-tes.patch;att=2;bug=754294; 
-O revert-net-ipv4-ip_forward-fix-inverted-local_df-tes.patch


cd linux-3.2.60

bash debian/bin/test-patches -f amd64 -j 8 
../revert-net-ipv4-ip_forward-fix-inverted-local_df-tes.patch 
../revert-net-ip-ipv6-handle-gso-skbs-in-forwarding-pat.patch


dpkg -i linux-image-3.2.0-4-amd64_3.2.60-1+deb7u1a~test_i386.deb

And then tried my usual download-from-windows-host test, which worked fine.


Best regards,
Teodor Milkov


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#754294: Regression: While routing Kernel chokes on spurious too big IP packets

[Teodor Milkov]

I wonder if this is the same bug I've been experiencing? See it reported 
and discussed at the following places:


  https://bugzilla.kernel.org/show_bug.cgi?id=79891
  http://www.spinics.net/lists/netdev/msg288798.html


Best regards,
Teodor


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#748595: irqbalance: MSI interrupts found in /proc/interrupts but none found in sysfs (kernel version mismatch)

[Teodor Milkov]

Package: irqbalance
Version: 1.0.3-3
Severity: important

Dear Maintainer,

The combination of irqbalance version and linux kernel version included in 
Wheezy is not compatible as described in this upstream bug report:

 https://github.com/Irqbalance/irqbalance/issues/6

We had to downgrade to irqbalance version from Squeeze (0.56) to get it 
working. Alternative solution is to upgrade to a wheezy-backports kernel.

I don't know if anything could be done about this bug at this stage...

-- System Information:
Debian Release: 7.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages irqbalance depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  libc6  2.13-38+deb7u1
ii  libcap-ng0 0.6.6-2
ii  libglib2.0-0   2.33.12+really2.32.4-5
ii  libnuma1   2.0.8~rc4-1
ii  lsb-base   4.1+Debian8+deb7u1

irqbalance recommends no packages.

irqbalance suggests no packages.

-- debconf information:
  irqbalance/oneshot: false
  irqbalance/enable: true


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#707550: opu: package php-mdb2/2.5.0b2-1

[Teodor MICU]

Hi,

2014/1/21 intrigeri intrig...@debian.org:
 Hi,

 Teodor, ping?

I don't have the necessary experience to make this source debdiff.
Thomas, are you still interested in uploading this (simple) patch for
squeeze?

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#716762: [buildd-tools-devel] Bug#716762: sbuild maybe should end the session after package build?

[Teodor MICU]

Hi,

2013/7/13 Roger Leigh rle...@codelibre.net:
 On Fri, Jul 12, 2013 at 03:15:05PM +0300, Teodor wrote:
 I've noticed that after upgrade to Debian 7, sbuild doesn't end the
 schroot session anymore. This is confirmed by the log too:
 | Not removing build depends: as requested
This bug report is not about this line...

 | Keeping session: wheezy-amd64-sbuild-...
.. but about this one.

 This is not consistent with schroot behaviour where the session is
 automatically handled per schroot(1) default --automatic-session.

 This is controlled through the sbuild PURGE_BUILD_DEPS configuration
 option ($purge_build_deps = 'always|successful|never' or the --purge-deps
 or --purge command-line options.

 Are you sure that this is not being set to never either in
 /etc/sbuild/sbuild.conf, .sbuildrc or on the command-line?

I agree with you that dependency handling is done as requested, in my
case not via the configuration file (default) but via command line
options:
 --purge=never --purge-deps=never

However, this bug report is about sbuild *leaving* the schroot session
open at the end of the package build. I believe that sbuild should
automatically end the schroot session, session automatically created
to build the package.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#716762: sbuild maybe should end the session after package build?

[Teodor]

Package: sbuild
Version: 0.63.2-1.1
Severity: minor

Hi,

I've noticed that after upgrade to Debian 7, sbuild doesn't end the
schroot session anymore. This is confirmed by the log too:
| Not removing build depends: as requested
| Keeping session: wheezy-amd64-sbuild-...

This is not consistent with schroot behaviour where the session is
automatically handled per schroot(1) default --automatic-session.

Cheers


-- System Information:
Debian Release: 7.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages sbuild depends on:
ii  adduser 3.113+nmu3
ii  apt-utils   0.9.7.9
ii  libsbuild-perl  0.63.2-1.1
ii  perl5.14.2-21
ii  perl-modules5.14.2-21

Versions of packages sbuild recommends:
ii  debootstrap  1.0.48+deb7u1
ii  fakeroot 1.18.4-2

Versions of packages sbuild suggests:
ii  deborphan  1.7.28.8
ii  wget   1.13.4-3

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#714854: spamass-milter: race condition at boot with spamd

[Teodor]

Package: spamass-milter
Version: 0.3.1-10
Severity: normal

Hi,

Sometimes spamass-milter fails to start at boot because spamd is down,
more concrete spamd is started *after* spamass-milter. I've seen then
only 3 times in 5 years.  :-)

Adding this to the init script should eliminate the race condition:

# Should-Start:  spamassassin
# Should-Stop:   spamassassin

Cheers

-- System Information:
Debian Release: 6.0.7
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages spamass-milter depends on:
ii  adduser   3.112+nmu2 add and remove users and groups
ii  libc6 2.11.3-4   Embedded GNU C Library: Shared lib
ii  libgcc1   1:4.4.5-8  GCC support library
ii  libmilter1.0.18.14.3-9.4 Sendmail Mail Filter API (Milter)
ii  libstdc++64.4.5-8The GNU Standard C++ Library v3
ii  spamc 3.3.1-1Client for SpamAssassin spam filte

Versions of packages spamass-milter recommends:
ii  postfix 2.7.1-1+squeeze1 High-performance mail transport ag
ii  spamassassin3.3.1-1  Perl-based spam filter using text 

spamass-milter suggests no packages.

-- Configuration Files:
/etc/default/spamass-milter changed:
OPTIONS=-I -i 127.0.0.1,INTRANET -m -r 20 -- --headers
SOCKET=/var/spool/postfix/run/spamass-milter/mux
SOCKETOWNER=spamass-milter:spamass-milter

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#714745: unattended-upgrades: doesn't upgrade pkgs from backports if NEW pkg dependencies

[Teodor]

Package: unattended-upgrades
Version: 0.79.5
Severity: normal

Hi,

I've configured u-a to upgrade from wheezy-backports with:
  Unattended-Upgrade::Origins-Pattern {
..
o=Debian\ Backports,a=wheezy-backports;
  }
(and Pin-Priority: 500 for all packages in the w-bpo archive)

However, the current available upgrades are not considered by u-a.
Running 'apt-get dist-upgrade' manually will upgrade the pkgs.
| The following NEW packages will be installed:
|   linux-image-3.9-0.bpo.1-486 linux-image-3.9-0.bpo.1-686-pae

Cheers

-- System Information:
Debian Release: 7.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages unattended-upgrades depends on:
ii  apt0.9.7.9
ii  apt-utils  0.9.7.9
ii  debconf [debconf-2.0]  1.5.49
ii  lsb-base   4.1+Debian8+deb7u1
ii  lsb-release4.1+Debian8+deb7u1
ii  python 2.7.3-4
ii  python-apt 0.8.8.2
ii  ucf3.0025+nmu3
ii  xz-utils   5.1.1alpha+20120614-2

unattended-upgrades recommends no packages.

Versions of packages unattended-upgrades suggests:
pn  bsd-mailx   none
ii  postfix [mail-transport-agent]  2.9.6-2

-- Configuration Files:
/etc/apt/apt.conf.d/50unattended-upgrades changed:
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
o=Debian,a=stable;
o=Debian,a=stable-updates;
o=Debian,a=proposed-updates;
o=Debian\ Backports,a=wheezy-backports;
origin=Debian,archive=stable,label=Debian-Security;
origin=Google\, Inc.,archive=stable,label=Google;
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
//  vim;
//  libc6;
//  libc6-dev;
//  libc6-i686;
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run 
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg false;
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps true;
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown true;
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. u...@example.com
Unattended-Upgrade::Mail root;
// Set this value to true to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError true;
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies false;
// Automatically reboot *WITHOUT CONFIRMATION* if a 
// the file /var/run/reboot-required is found after the upgrade 
//Unattended-Upgrade::Automatic-Reboot false;
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit 70;

/etc/logrotate.d/unattended-upgrades changed:
/var/log/unattended-upgrades/unattended-upgrades.log
/var/log/unattended-upgrades/unattended-upgrades-shutdown.log {
  rotate 6
  monthly
  compress
  missingok
  notifempty
}


-- debconf information:
* unattended-upgrades/enable_auto_updates: true
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates', 
'o=Debian,a=proposed-updates', 'o=Debian\\ Backports,a=wheezy-backports', 
'origin=Debian,archive=stable,label=Debian-Security', 'origin=Google\\, 
Inc.,archive=stable,label=Google']
adjusting candidate version: 'Version: package:'firmware-linux' 
version:'0.36+wheezy.1''
adjusting candidate version: 'Version: package:'firmware-linux-nonfree' 
version:'0.36+wheezy.1''
adjusting candidate version: 'Version: package:'initramfs-tools' 
version:'0.109.1''
adjusting candidate version: 'Version: package:'linux-image-486' 
version:'3.2+46''
adjusting candidate version: 'Version: package:'linux-image-686-pae' 
version:'3.2+46''

Bug#697357: bridging broken over bond interfaces

[Teodor Milkov]

I'm having similar issues, and in my case it is the intel igb driver.

I have the following setup:

==
# brctl show
bridge name bridge id   STP enabled interfaces
br0 8000.0025906bde00   no  bond0
kvm01tap0
-
# ip addr show
...
2: eth0: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc mq master bond0 
state UP qlen 1000
link/ether 00:25:90:6b:de:00 brd ff:ff:ff:ff:ff:ff
3: eth1: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc mq master bond0 
state UP qlen 1000
link/ether 00:25:90:6b:de:00 brd ff:ff:ff:ff:ff:ff

5: bond0: BROADCAST,MULTICAST,MASTER,UP,LOWER_UP mtu 1500 qdisc mq master br0 
state UP qlen 1000
link/ether 00:25:90:6b:de:00 brd ff:ff:ff:ff:ff:ff

7: kvm01tap0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast 
master br0 state UP qlen 500
link/ether 52:fa:04:aa:fb:f1 brd ff:ff:ff:ff:ff:ff

6: br0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UP
link/ether 00:25:90:6b:de:00 brd ff:ff:ff:ff:ff:ff
inet 213.145.98.98/24 brd 213.145.98.255 scope global br0
   valid_lft forever preferred_lft forever
==

I.e. eth0  eth1 are part of bond0, which in turn is joined into br0 together 
with tap0. Ethernet hw is Intel I350 using igb driver.

This setup works with Linux kernel 2.6.32  3.2.9, but does not work with 3.2.0.

It works with 3.2.0 if I manually turn promiscuous mode on for eth0 like this:

==
# ip link set dev eth0 promisc on
==

I've compiled igb.ko from 
http://sourceforge.net/projects/e1000/files/igb%20stable/3.4.7/ and it works 
fine.

So, this driver (from 3.2.0 kernel) does not work:
==
# modinfo tmp/igb-k3.2.0.ko |grep ^version:
version:3.2.10-k
==

While this one from sourceforge works:
==
# modinfo tmp/igb-3.4.7.ko |grep ^version:
version:3.4.7
==


HTH

-- 
Teodor Milkov | System Administrator | ICDSoft Ltd.


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711826: no more unattended upgrades since Wheezy is out

[Teodor MICU]

2013/6/14 Harald Dunkel ha...@afaics.de:
 Changing config files for 1 or 2 PCs is not the problem.
 The problem is, that its not unattended anymore. I have
 to access appr. 150 servers, desktops and laptops to
 make this work again. Thats a lot of work for a package
 that promised to do its job silently in the background.

You can easily deploy such a small replace on your network with
several tools (clusterssh / pssh / puppet).

 I would highly appreciate a better solution for Wheezy
 without breaking things when Jessie comes out.

How is this breaking things?! U-A does what was instructed to do.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711826: no more unattended upgrades since Wheezy is out

[Teodor MICU]

2013/6/10 Harald Dunkel harald.dun...@aixigo.de:
 Since Wheezy is out the unattended-upgrades for Squeeze
 don't work anymore. The default configuration in
 /etc/apt/apt.conf.d/50unattended-upgrades says

 Unattended-Upgrade::Allowed-Origins {
 ${distro_id} stable;

stable == wheezy now, thus you probably need to update your config
with oldstable.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711037: zabbix-server-mysql: proc.num[spamd].last(0) always at 0

[Teodor MICU]

Hi,

2013/6/7 Craig Small csm...@debian.org:
  I'm the procps maintainer (Debian and upstream). Dmitry asked me to
 have a look at this bug as pgrep was discussed.  My first impression
 is that there is some confusion between command line and process name.

 Digging deeper, that is the correct impression.

Indeed, now I see that all the other correctly monitored processes
don't have the full path, only '/usr/sbin/spamd' has it.

 So, we have a process, pgrep finds it, zabbix_agent doesn't. Obviously
 they are doing things differently, but what?

Actually, not even pgrep finds it if --exact or -x is used. That is
because if looks for an exact match of spamd but there is
/usr/sbin/spamd. It's not clear why it doesn't find the child
processes:

| # pgrep -fl spamd
| 31238 /usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d
|   --pidfile=/var/run/spamd.pid
| 31246 spamd child
| 31247 spamd child

Comparing 'spamd' with 'spamass-milter' I see this:

| # ps -e -o pid,comm,cmd -f 31238
|  PID COMMAND CMD
|  31238 /usr/sbin/spamd /usr/sbin/spamd --create-prefs [..]

| # ps -e -o pid,comm,cmd -f 3841
|  PID COMMAND CMD
|  3841 spamass-milter  /usr/sbin/spamass-milter -P [..]

| # ps -e -o pid,comm,cmd -f 31246
|   PID COMMAND CMD
| 31246 spamd child spamd child

 So why did spamd not show up? My strong assumption is that its command
 line looks different to its process name.  There might be something else
 happening here, but at the very least you can easily discount this.

Maybe this is a bug in 'spamd' that is registers bogus process names
(ie. full path).

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711037: zabbix-server-mysql: proc.num[spamd].last(0) always at 0

[Teodor MICU]

2013/6/5 Dmitry Smirnov only...@member.fsf.org:
 `pgrep` is searching for substring in process name. For example if I
 have `konsole` running the `pgrep konso` will return PID even though
 there is no process konso running.

 proc.num is checking for exact process name so it will return
 0 for `zabbix_get -s localhost -k 'proc.num[konso]'`
 and
 1 for `zabbix_get -s localhost -k 'proc.num[konsole]'`

I know, that's why I wrote the console output. In my case, 'spamd' is
the exact process name.

| $ pgrep -l spamd
| 854 /usr/sbin/spamd
| 858 spamd child
| 859 spamd child

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711037: zabbix-agent: proc.num[spamd].last(0) always at 0

[Teodor MICU]

Hi,

2013/6/5 Dmitry Smirnov only...@member.fsf.org:
   `pgrep --exact spamd | wc -l`
 or
   `pgrep --count --exact spamd`

 would be an equivalent of

   `zabbix_get -s localhost -k 'proc.num[spamd]'`

Weird, not even 'pgrep' can count them even if 'spamd' is running.
This might have the same cause.

| $ pgrep --count --exact spamd
| 0
| $ pgrep --count --exact spamass-milter
| 1

As noted in the first message, this is a false alert only when
counting 'spamd' processes. All the other proc.num monitoring is
working fine.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#711037: zabbix-server-mysql: proc.num[spamd].last(0) always at 0

[Teodor]

Package: zabbix-server-mysql
Version: 1:2.0.6+dfsg-1
Severity: normal

(real version is ~bpo70+1)

Hi,

The proc.num[spamd] always reports 0, web frontend or command line:

| root@return:~# zabbix_get -s localhost -k 'proc.num[spamd]'
| 0
| root@return:~# zabbix_get -s localhost -k 'proc.num[spamass-milter]'
| 1

All other proc.num checks appear to be correct (ex. spamass-milter).
It's a mistery why spamd gives 0 all the time.

On the system pgrep reports three running processes:
| root@return:~# pgrep spamd
| 5697
| 5699
| 5700
| root@return:~# pgrep spamass-milter
| 3841

This problem has appeared on both Zabbix 1.8.2 and 2.0.6 after the system
was upgraded to Debian 7.0.

Cheers

-- System Information:
Debian Release: 7.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages zabbix-server-mysql depends on:
ii  adduser   3.113+nmu3
ii  fping 3.2-1
ii  libc6 2.13-38
ii  libcurl3-gnutls   7.26.0-1+wheezy2
ii  libiksemel3   1.2-4
ii  libldap-2.4-2 2.4.31-1+nmu2
ii  libmysqlclient18  5.5.31+dfsg-0+wheezy1
ii  libopenipmi0  2.0.16-1.3
ii  libsnmp15 5.4.3~dfsg-2.7
ii  libssh2-1 1.4.2-1.1
ii  lsb-base  4.1+Debian8
ii  ucf   3.0025+nmu3

Versions of packages zabbix-server-mysql recommends:
ii  mysql-server  5.5.31+dfsg-0+wheezy1
ii  snmpd 5.4.3~dfsg-2.7

Versions of packages zabbix-server-mysql suggests:
ii  logrotate3.8.1-4
ii  zabbix-frontend-php  1:2.0.6+dfsg-1~bpo70+1

-- Configuration Files:
/etc/default/zabbix-server changed:
START=yes

/etc/logrotate.d/zabbix-server-mysql changed:
/var/log/zabbix-server/zabbix_server.log {
daily
rotate 7
compress
missingok
notifempty
create 0640 zabbix adm
sharedscripts
}


-- debconf information:
  zabbix-server-mysql/upgrade-error: abort
  zabbix-server-mysql/dbconfig-reinstall: false
  zabbix-server-mysql/upgrade-backup: true
  zabbix-server-mysql/missing-db-package-error: abort
  zabbix-server-mysql/mysql/admin-user: root
  zabbix-server-mysql/remote/port:
  zabbix-server-mysql/remote/host:
  zabbix-server-mysql/db/dbname: zabbix
  zabbix-server-mysql/dbconfig-remove:
  zabbix-server-mysql/db/app-user: zabbix
  zabbix-server-mysql/database-type: mysql
  zabbix-server-mysql/internal/skip-preseed: false
  zabbix-server-mysql/remove-error: abort
  zabbix-server-mysql/server:
  zabbix-server-mysql/remote/newhost:
  zabbix-server-mysql/purge: false
  zabbix-server-mysql/internal/reconfiguring: false
  zabbix-server-mysql/install-error: abort
  zabbix-server-mysql/passwords-do-not-match:
* zabbix-server-mysql/dbconfig-install: true
  zabbix-server-mysql/mysql/method: unix socket
  zabbix-server-mysql/dbconfig-upgrade: true


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#710571: Patch for /lib/lsb/init-functions

[Teodor MICU]

2013/6/3 Didier 'OdyX' Raboud o...@debian.org:
 I have now also re-read the #683654 bugreport and got more convinced that
 changing these logging functions is a really bad idea. The biggest blocker
 that I see is the output that one gets when managing services by hand: if one
 setups VERBOSE=no in /etc/default/rcS, then any service action (such as #
 service cups restart) will log exactly no output to the console, while now you
 get a useful message.

My initial proposal was only for [info] messages to be suppressed if VERBOSE=no.
Indeed, VERBOSE=no should not block important messages. After all, not
being verbose not does equal being quiet.

This VERBOSE mechanism is flawed by the „all or nothing” choice. One
fast solution (not necessary a good one) is to add a new variable
QUIET=yes to suppress important messages, but what about critical or
error messages?  :-(

Cheers


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#710571: Patch for /lib/lsb/init-functions

[Teodor MICU]

This topic was discussed with LSB maintainers on #683654. Maybe these
two bugs should be merged, but I don't know if the discussion will be
preserved.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683654

2013/6/1 Josh Triplett j...@joshtriplett.org:
 The attached git patch makes the log_* functions in
 /lib/lsb/init-functions check $VERBOSE before outputting anything.

 - Josh Triplett


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#696332: lsb-release: release/codename depend on a successful apt-get

[Teodor MICU]

Control: block 685355 by 696332

2013/5/21 Didier 'OdyX' Raboud o...@debian.org:
 Even if your log confirms that, I can't reproduce this behaviour on jessie.

I cant test on „jessie/testing” but this affects at least
unattended-upgrades on „wheezy/stable”. See bug #685355 for details.

Cheers


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#708238: bacula-director-pgsql: Fatal error: Version error for database bacula. Wanted 14, got 12

[Teodor]

Package: bacula-director-pgsql
Version: 5.2.6+dfsg-9
Severity: grave

Hi,

I've upgraded from Debian 6.0 to Debian 7.0 and Bacula director does not
start after upgrade. It appears that the database was not upgraded:

| 14-May 14:24 bacula-dir JobId 0: Fatal error: Version error for
|   database bacula. Wanted 14, got 12
| 14-May 14:24 bacula-dir JobId 0: Fatal error: Could not open
|   Catalog MyCatalog, database bacula.
| 14-May 14:24 bacula-dir JobId 0: Fatal error: Version error for
|   database bacula. Wanted 14, got 12
| 14-May 14:24 bacula-dir ERROR TERMINATION
| Please correct configuration file: /etc/bacula/bacula-dir.conf

So far I've found that /usr/share/bacula-director/update_postgresql_tables
is the script to handle the upgrade but it's not executed automatically.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-director-pgsql depends on:
ii  bacula-common  5.2.6+dfsg-9
ii  bacula-common-pgsql5.2.6+dfsg-9
ii  bacula-director-common 5.2.6+dfsg-9
ii  dbconfig-common1.8.47+nmu1
ii  debconf [debconf-2.0]  1.5.49
ii  libc6  2.13-38
ii  libcap21:2.22-1.2
ii  libgcc11:4.7.2-5
ii  libpython2.7   2.7.3-6
ii  libssl1.0.01.0.1e-2
ii  libstdc++6 4.7.2-5
ii  libwrap0   7.6.q-24
ii  postgresql-client  9.1+134wheezy3
ii  postgresql-client-8.4 [postgresql-client]  8.4.17-0squeeze1
ii  postgresql-client-9.1 [postgresql-client]  9.1.9-1
ii  ucf3.0025+nmu3
ii  zlib1g 1:1.2.7.dfsg-13

Versions of packages bacula-director-pgsql recommends:
ii  postgresql  9.1+134wheezy3

Versions of packages bacula-director-pgsql suggests:
pn  gawknone
pn  postgresql-contrib  none
pn  postgresql-doc  none

-- Configuration Files:
/etc/bacula/scripts/delete_catalog_backup [Errno 13] Permission denied: 
u'/etc/bacula/scripts/delete_catalog_backup'

-- debconf information:
  bacula-director-pgsql/pgsql/method: unix socket
  bacula-director-pgsql/pgsql/authmethod-admin: ident
  bacula-director-pgsql/passwords-do-not-match:
  bacula-director-pgsql/pgsql/no-empty-passwords:
  bacula-director-pgsql/upgrade-backup: true
  bacula-director-pgsql/install-error: abort
  bacula-director-pgsql/internal/reconfiguring: false
  bacula-director-pgsql/db/app-user: bacula
  bacula-director-pgsql/dbconfig-reinstall: false
  bacula-director-pgsql/dbconfig-remove:
  bacula-director-pgsql/db/dbname: bacula
  bacula-director-pgsql/remote/host:
  bacula-director-pgsql/pgsql/admin-user: postgres
  bacula-director-pgsql/pgsql/authmethod-user:
  bacula-director-pgsql/upgrade-error: abort
  bacula-director-pgsql/internal/skip-preseed: true
  bacula-director-pgsql/purge: false
  bacula-director-pgsql/database-type: pgsql
  bacula-director-pgsql/remote/port:
  bacula-director-pgsql/pgsql/changeconf: false
  bacula-director-pgsql/remote/newhost:
  bacula-director-pgsql/unsafe-director-password-was-changed:
  bacula-director-pgsql/pgsql/manualconf:
* bacula-director-pgsql/dbconfig-install: false
  bacula-director-pgsql/dbconfig-upgrade: true
  bacula-director-pgsql/missing-db-package-error: abort
  bacula-director-pgsql/remove-error: abort


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#707550: opu: package php-mdb2/2.5.0b2-1

[Teodor]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: opu

Hi,

This is a follow up on one email thread from debian-release list:
  http://lists.debian.org/debian-release/2012/05/msg00182.html

Please apply the attached patch to php-mdb2 package version 2.5.0b2-1
from Debian 6.0 (squeeze) in a future point release (6.0.8 or later).

Cheers

-- System Information:
Debian Release: 7.0
  APT prefers stable
  APT policy: (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- /usr/share/php/MDB2.php_2.5.0b2-1	2009-04-25 18:23:22.0 +0300
+++ /usr/share/php/MDB2.php	2012-05-03 18:14:11.451133868 +0300
@@ -390,7 +390,7 @@
 return $err;
 }
 
-$db = new $class_name();
+$db = new $class_name();
 $db-setDSN($dsninfo);
 $err = MDB2::setOptions($db, $options);
 if (PEAR::isError($err)) {
@@ -2596,7 +2596,7 @@
 }
 
 // }}}
-// {{{ function _wrapResult($result, $types = array(), $result_class = true, $result_wrap_class = false, $limit = null, $offset = null)
+// {{{ function _wrapResult($result_resource, $types = array(), $result_class = true, $result_wrap_class = false, $limit = null, $offset = null)
 
 /**
  * wrap a result set into the correct class
@@ -2613,13 +2613,13 @@
  *
  * @access  protected
  */
-function _wrapResult($result, $types = array(), $result_class = true,
+function _wrapResult($result_resource, $types = array(), $result_class = true,
 $result_wrap_class = false, $limit = null, $offset = null)
 {
 if ($types === true) {
 if ($this-supports('result_introspection')) {
 $this-loadModule('Reverse', null, true);
-$tableInfo = $this-reverse-tableInfo($result);
+$tableInfo = $this-reverse-tableInfo($result_resource);
 if (PEAR::isError($tableInfo)) {
 return $tableInfo;
 }
@@ -2644,7 +2644,7 @@
 'result class does not exist '.$class_name, __FUNCTION__);
 return $err;
 }
-$result = new $class_name($this, $result, $limit, $offset);
+$result = new $class_name($this, $result_resource, $limit, $offset);
 if (!MDB2::isResultCommon($result)) {
 $err = $this-raiseError(MDB2_ERROR_NOT_FOUND, null, null,
 'result class is not extended from MDB2_Result_Common', __FUNCTION__);
@@ -2667,7 +2667,7 @@
 'result wrap class does not exist '.$result_wrap_class, __FUNCTION__);
 return $err;
 }
-$result = new $result_wrap_class($result, $this-fetchmode);
+$result = new $result_wrap_class($result_resource, $this-fetchmode);
 }
 return $result;
 }

Bug#676660: radicale: please package new upstream version 0.7.1

[Teodor MICU]

Package: radicale
Version: 0.7-1.1
Severity: wishlist

Hi,

Please package version 0.7.1 for the following reasons:
- [acl/IMAP.py] adds IMAP authentication module
- [acl/PAM.py] fix PAM group membership check
- [acl/courier.py] some fixes for courier auth

Unfortunately, PAM auth will still doesn't work with python-pam and can be
addressed later.

A short diff review shows that there are no intrusive changes, thus it
could be a candidate for inclusion in Debian 7.0 wheezy via a point release
(7.0.x, x=1|2|3..).

Cheers

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages radicale depends on:
ii  adduser  3.113+nmu3
ii  python   2.7.3-4
ii  python-radicale  0.7-1.1

radicale recommends no packages.

Versions of packages radicale suggests:
pn  apache2-utils   none
pn  courier-authdaemon  none
pn  python-ldap none
ii  python-pam  0.4.2-13

-- Configuration Files:
/etc/default/radicale changed [not included]
/etc/radicale/config changed [not included]
/etc/radicale/logging changed [not included]

-- no debconf information

Bug#652719: unattended-upgrades: unexpected daily conffile prompt messages from Cron

[Teodor MICU]

I would like to close this report, but I don't know on which version
it was fixed.

Michael, if you can determine that from the bzr repo history, please
close this report with the correct version number. From my point of
view the problem appears to be fixed a long time ago.

2013/3/13 Tomas Pospisek t...@sourcepole.ch:
 On my part I am completely happy with the current behavior - i.e. getting
 emails from unattended-upgrades, when dpkg is in need of some input from the
 user.

I woudn't describe it like this, but that's not important.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702547: unblock: unattended-upgrades/0.79.5

[Teodor]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please unblock package unattended-upgrades. It contains one important fix:

   * unattended-upgrade:
 - do not nice/ionice as this wil affect daemon restarts
   (closes: #701850)

Thanks


unblock unattended-upgrades/0.79.5

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702509: unattended-upgrades: does not run autonomously, even after it was enabled

[Teodor MICU]

control: -1 severity normal

2013/3/8 Arturo Moral amo...@gmail.com:
 This config was removed in version 0.79.5 and might not work at all:

 I'm currently using 0.79.4, therefore the config change does not affect me,
 right?

You should not use it, 0.79.5 will migrate to testing on the following days.

 Anyway, my main issue is that the unattended upgrades don't run. If it would
 be only a config file problem, they would run but with no upgradable
 candidates.

You didn't show that u-a doesn't work. From what we've seen so far it
works as expected, maybe you need to investigate why Cron doesn't
run?!

Do you know for sure that there are packages to be upgraded? Running
apt-get upgrade will tell you. If apt-get doesn't find packages to
be upgraded, neither does u-a.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702509: unattended-upgrades: does not run autonomously, even after it was enabled

[Teodor MICU]

2013/3/7 g0to amo...@gmail.com:
 -- Configuration Files:
 /etc/apt/apt.conf.d/50unattended-upgrades changed:
 // Automatically upgrade packages from these origin patterns
 Unattended-Upgrade::Origins-Pattern {
 // Codename based matching:
 // This will follow the migration of a release through different
 // archives (e.g. from testing to stable and later oldstable).
 o=Debian,n=wheezy;
 o=Debian,n=wheezy-updates;
 o=Debian,n=wheezy-proposed-updates;
 o=Debian,n=wheezy,l=Debian-Security;

This config was removed in version 0.79.5 and might not work at all:

 - remove codename based matching example as this needs a newer
   python-apt than available in wheezy, thanks to Russell Stuart

 // Archive or Suite based matching:
 // Note that this will silently match a different release after
 // migration to the specified archive (e.g. testing becomes the
 // new stable).
 //  o=Debian,a=stable;
 //  o=Debian,a=stable-updates;
 //  o=Debian,a=proposed-updates;
 //  origin=Debian,archive=stable,label=Debian-Security;
 };

Usually this is what you need to enable, plus an extra line if you are
using testing or unstable.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702323: unattended-upgrades: logrotate should not rotate u-a-dpkg* files

[Teodor]

Package: unattended-upgrades
Version: 0.79.5
Severity: minor

Hi,

Recently the logrotate.d file was updated to rotate all files:

  /var/log/unattended-upgrades/unattended-upgrades*.log

This has an undesired effect to rotate also all unattended-upgrades-dpkg_*.log
files with NAME.1.gz and leaving unattended-upgrades-dpkg_*.log empty files.

This pattern should be corrected to include only two global files:

  /var/log/unattended-upgrades/unattended-upgrades.log
  /var/log/unattended-upgrades/unattended-upgrades-shutdown.log

(I'm not sure about the last one, I have it only on my homestation)

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages unattended-upgrades depends on:
ii  apt0.9.7.7
ii  apt-utils  0.9.7.7
ii  debconf [debconf-2.0]  1.5.49
ii  lsb-base   4.1+Debian9
ii  lsb-release4.1+Debian9
ii  python 2.7.3-4
ii  python-apt 0.8.8.1
ii  ucf3.0025+nmu3
ii  xz-utils   5.1.1alpha+20120614-2

unattended-upgrades recommends no packages.

Versions of packages unattended-upgrades suggests:
pn  bsd-mailx  none
ii  nullmailer [mail-transport-agent]  1:1.11-2

-- Configuration Files:
/etc/apt/apt.conf.d/50unattended-upgrades changed:
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
o=Debian,a=unstable;
o=Debian,a=stable;
o=Debian,a=stable-updates;
o=Debian,a=proposed-updates;
origin=Debian,archive=stable,label=Debian-Security;
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
//  vim;
//  libc6;
//  libc6-dev;
//  libc6-i686;
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run 
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg false;
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps true;
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown true;
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. u...@example.com
Unattended-Upgrade::Mail root;
// Set this value to true to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
Unattended-Upgrade::MailOnlyOnError true;
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies false;
// Automatically reboot *WITHOUT CONFIRMATION* if a 
// the file /var/run/reboot-required is found after the upgrade 
//Unattended-Upgrade::Automatic-Reboot false;
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit 70;

/etc/logrotate.d/unattended-upgrades changed:
/var/log/unattended-upgrades/unattended-upgrades.log {
  rotate 6
  monthly
  compress
  missingok
  notifempty
}


-- debconf information:
* unattended-upgrades/enable_auto_updates: true


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702325: unattended-upgrades: false apache2 upgradable but kept back

[Teodor]

Package: unattended-upgrades
Version: 0.79.3
Severity: normal

Hi,

I've only seen this in the past (and today) for apache2 package:

| Packages that are upgraded:
|  apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common 
| Packages with upgradable origin but kept back:
|  apache2

U-A returns True and no problem for upgrades. But at least in the
message it says that this package was kept back:

| Unattended-upgrades log:
| [..]
| package 'apache2' not upgraded
| Packages that are upgraded: apache2-mpm-prefork apache2-utils
|   apache2.2-bin apache2.2-common

Cheers


-- System Information:
Debian Release: 6.0.7
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages unattended-upgrades depends on:
ii  apt   0.8.10.3+squeeze1  Advanced front-end for dpkg
ii  apt-utils 0.8.10.3+squeeze1  APT utility programs
ii  debconf [debconf-2.0] 1.5.36.1   Debian configuration management sy
ii  lsb-base  3.2-23.2squeeze1   Linux Standard Base 3.2 init scrip
ii  lsb-release   3.2-23.2squeeze1   Linux Standard Base version report
ii  python2.6.6-3+squeeze7   interactive high-level object-orie
ii  python-apt0.7.100.1+squeeze1 Python interface to libapt-pkg
ii  ucf   3.0025+nmu1Update Configuration File: preserv
ii  xz-utils  5.0.0-2XZ-format compression utilities

unattended-upgrades recommends no packages.

Versions of packages unattended-upgrades suggests:
pn  bsd-mailx   none   (no description available)
ii  postfix [mail-transport 2.7.1-1+squeeze1 High-performance mail transport ag

-- Configuration Files:
/etc/apt/apt.conf.d/50unattended-upgrades changed:
// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
// Archive or Suite based matching:
// Note that this will silently match a different release after
// migration to the specified archive (e.g. testing becomes the
// new stable).
o=Debian,a=stable;
o=Debian,a=stable-updates;
o=Debian,a=proposed-updates;
origin=Debian,archive=stable,label=Debian-Security;
};
// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
//  vim;
//  libc6;
//  libc6-dev;
//  libc6-i686;
};
// This option allows you to control if on a unclean dpkg exit
// unattended-upgrades will automatically run 
//   dpkg --force-confold --configure -a
// The default is true, to ensure updates keep getting installed
//Unattended-Upgrade::AutoFixInterruptedDpkg false;
// Split the upgrade into the smallest possible chunks so that
// they can be interrupted with SIGUSR1. This makes the upgrade
// a bit slower but it has the benefit that shutdown while a upgrade
// is running is possible (with a small delay)
//Unattended-Upgrade::MinimalSteps true;
// Install all unattended-upgrades when the machine is shuting down
// instead of doing it in the background while the machine is running
// This will (obviously) make shutdown slower
//Unattended-Upgrade::InstallOnShutdown true;
// Send email to this address for problems or packages upgrades
// If empty or unset then no email is sent, make sure that you
// have a working mail setup on your system. A package that provides
// 'mailx' must be installed. E.g. u...@example.com
Unattended-Upgrade::Mail root;
// Set this value to true to get emails only on errors. Default
// is to always send a mail if Unattended-Upgrade::Mail is set
//Unattended-Upgrade::MailOnlyOnError true;
// Do automatic removal of new unused dependencies after the upgrade
// (equivalent to apt-get autoremove)
//Unattended-Upgrade::Remove-Unused-Dependencies false;
// Automatically reboot *WITHOUT CONFIRMATION* if a 
// the file /var/run/reboot-required is found after the upgrade 
//Unattended-Upgrade::Automatic-Reboot false;
// Use apt bandwidth limit feature, this example limits the download
// speed to 70kb/sec
//Acquire::http::Dl-Limit 70;


-- debconf information:
* unattended-upgrades/enable_auto_updates: true


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702150: dctrl-tools: -X should match on NAME (VERSION) too

[Teodor]

Package: dctrl-tools
Version: 2.22.2
Severity: important

Hi,

First, this cannot be always reproduced just because »apt-cache dumpavail«
doesn't give the same content on successive executions.

I'm using this command to add package pins, for example for python2.7:

apt-cache dumpavail | grep-dctrl -S $SPKG -sPackage -X

By using '-X' some times not all packages are selected:

Package: python2.7
Source: python2.7 (2.7.3-7)

The above output was obtained by executing:

apt-cache dumpavail | grep -B1 -E (Package|Source): python2.7

I thing that »grep-dctrl -X« should match on NAME (VERSION) too.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (100, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=ro_RO.utf8, LC_CTYPE=ro_RO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dctrl-tools depends on:
ii  libc6  2.13-38

dctrl-tools recommends no packages.

Versions of packages dctrl-tools suggests:
ii  apt  0.9.7.7
ii  debtags  1.10.2

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702150: [Dctrl-tools-devel] Bug#702150: dctrl-tools: -X should match on NAME (VERSION) too

[Teodor MICU]

2013/3/3 Antti-Juhani Kaijanaho antti-juh...@kaijanaho.fi
  By using '-X' some times not all packages are selected:
 
  Package: python2.7
  Source: python2.7 (2.7.3-7)

 This is the expected result, hence downgrading to wishlist.
 -X is supposed to check if the field in question (in this case, Source, or if
 it is missing, Package) contains the string (in this case $PKG) and nothing 
 else.

This is not expected at all. You see that the name in question has an
exact match?

  I thing that »grep-dctrl -X« should match on NAME (VERSION) too.

 I think changing the defined meaning of -X that radically is out of the 
 question.
 Providing another flag to do what you are reqesting is possible, though the
 question of exactly what it *should* match is not clear.  Can you give me a
 regexp, for example?

This is not a radical change. A regex could be found, the question is
would you accept it.

Cheers


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#701961: clusterssh: does not follow .ssh/config anymore

[Teodor]

Package: clusterssh
Version: 4.01.04-1
Severity: important

Hi,

This is a big regression from previous version (4.01.01).
I have per host configuration in .ssh/config for default user name.
In cssh clusters file I only add the hostnames. With the current
version (4.01.04) it tries to connect using my current user.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages clusterssh depends on:
ii  libexception-class-perl  1.32-1
ii  libtry-tiny-perl 0.12-1
ii  libx11-protocol-perl 0.56-4
ii  openssh-client   1:6.0p1-4
ii  perl 5.14.2-18
ii  perl-tk  1:804.030-1
ii  xterm278-4

clusterssh recommends no packages.

clusterssh suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699794: [Popcon-developers] Bug#699794: Bug#699794: popularity-contest: should work without a local SMTP/sendmail

[Teodor MICU]

2013/2/5 Petter Reinholdtsen p...@hungry.com:
 It should try to connect to popcon.debian.org.

 See SUBMITURLS in /usr/share/popularity-contest/default.conf for the
 default URLs, and /etc/cron.daily/popularity-contest for the program
 deciding how to submit the information.

Looking at that script I see that I can disable email reporting by
adding MAILTO= in /e/p-c.conf. I've re-enabled popcon on all Debian
hosts.

How can I monitor if popcon via HTTP fails from now on?
Does it write anything to syslog?

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699794: [Popcon-developers] Bug#699794: popularity-contest: should work without a local SMTP/sendmail

[Teodor MICU]

2013/2/5 Petter Reinholdtsen p...@hungry.com:
 popcon work without SMTP.  It will first try using http for delivery,
 and only if this fail will it try to send email.  If http delivery
 fail, it will syslog a message about this.

That would be great. However, I've seen this fail both from my work
network (with firewall restrictions) and on other networks with no
restrictions.

 I suggest you investigate why http delivery fail to figure out why
 this isn't working for you.

Does it try to connect to some other non-standard HTTP port? (not 80
or 443). A destination host name would help too.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699794: popularity-contest: should work without a local SMTP/sendmail

[Teodor]

Package: popularity-contest
Version: 1.56
Severity: wishlist

Hi,

After removing postfix (or any other SMTP server) from all systems, I
see that the monthly popcon message fails to be delivered (no IP addr
based relay here, only u/p submission).

It would be nice if popcon could work just like reportbug, that is with
no local SMTP server (or sendmail like tool).

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages popularity-contest depends on:
ii  debconf [debconf-2.0]  1.5.49
ii  dpkg   1.16.9

Versions of packages popularity-contest recommends:
ii  cron   3.0pl1-124
ii  nullmailer [mail-transport-agent]  1:1.11-2

Versions of packages popularity-contest suggests:
ii  anacron  2.3-19

-- debconf information:
  popularity-contest/submiturls:
* popularity-contest/participate: true


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699149: bacula-fd: should not run as 'root' by default

[Teodor MICU]

2013/1/31 Alexander Golovko alexan...@ankalagon.ru:
 You lose files owner/group and acl on restoring.

That's not a big deal comparing with the increased security.

 /e/d/bacula-{dir,sd} has nonempty ARGS and bacula-{director,sd} will be
 incorrectly runned under root privileges if defaults file missed.

 This should be changed.

Yes, you should set the defaults in the init script (not in
/etc/default/FILE) just like you do for $CONFIG.

 Also, there is a reason, that we should provide
 defaults in /e/d/bacula-* as comments. I think, this is will not be
 included into wheezy, but it should be fixed in next versions.

OK. Please, no more double settings like this:

# CONFIG=/etc/bacula/bacula-fd.conf
CONFIG=/etc/bacula/bacula-fd.conf

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699442: fail2ban: please add configuration for roundcube

[Teodor]

Package: fail2ban
Version: 0.8.6-3wheezy1
Severity: wishlist

Hi,

Please add /etc/fail2ban/filter.d/roundcube.conf with this content:

| [Definition]
| 
| failregex   = FAILED login for .*. from HOST
| ignoreregex =

Also, an entry to jail.conf disabled by default would be nice:

| [roundcube]
|
| enabled  = false
| port = http,https
| filter   = roundcube
| logpath  = /var/log/roundcube/userlogins

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages fail2ban depends on:
ii  lsb-base4.1+Debian8
ii  python  2.7.3~rc2-1
ii  python-central  0.6.17

Versions of packages fail2ban recommends:
ii  iptables  1.4.14-3
ii  python-gamin  0.1.10-4.1
ii  whois 5.0.20

Versions of packages fail2ban suggests:
ii  heirloom-mailx [mailx]  12.5-2

-- Configuration Files:
/etc/fail2ban/action.d/iptables-multiport.conf changed:
[Definition]
actionstart = iptables -N fail2ban-name
  iptables -I chain -p protocol -m multiport --dports port -j 
fail2ban-name
actionstop = iptables -D chain -p protocol -m multiport --dports port -j 
fail2ban-name
 iptables -F fail2ban-name
 iptables -X fail2ban-name
actioncheck = iptables -n -L chain | grep -q fail2ban-name
actionban = iptables -I fail2ban-name 1 -s ip -j DROP
actionunban = iptables -D fail2ban-name -s ip -j DROP
[Init]
name = default
port = ssh
protocol = tcp
chain = INPUT

/etc/fail2ban/action.d/sendmail-whois-lines.conf changed:
[Definition]
actionstart =
actionstop =
actioncheck = 
actionban = printf %%b Subject: [Fail2Ban] name: banned ip
Date: `date -u +%%a, %%d %%h %%Y %%T +`
From: Fail2Ban sender
To: dest\n
Hi,\n
The IP ip has just been banned by Fail2Ban after
failures attempts against name.\n\n
Here are more information about ip:\n
`/usr/bin/whois ip`\n\n
Lines containing IP:ip in logpath\n
`/bin/grep '\ip\' logpath`\n\n
Regards,\n
Fail2Ban | /usr/sbin/sendmail -f sender dest
actionunban = 
[Init]
name = default
dest = root
sender = fail2ban
logpath = /dev/null

/etc/fail2ban/jail.conf changed:
[DEFAULT]
ignoreip = 127.0.0.1/8
bantime  = 600
maxretry = 3
backend = auto
destemail = root
banaction = iptables-multiport
mta = sendmail
protocol = tcp
chain = INPUT
action_ = %(banaction)s[name=%(__name__)s, port=%(port)s, 
protocol=%(protocol)s, chain=%(chain)s]
action_mw = %(banaction)s[name=%(__name__)s, port=%(port)s, 
protocol=%(protocol)s, chain=%(chain)s]
  %(mta)s-whois[name=%(__name__)s, dest=%(destemail)s, 
protocol=%(protocol)s, chain=%(chain)s]
action_mwl = %(banaction)s[name=%(__name__)s, port=%(port)s, 
protocol=%(protocol)s, chain=%(chain)s]
   %(mta)s-whois-lines[name=%(__name__)s, dest=%(destemail)s, 
logpath=%(logpath)s, chain=%(chain)s]
action = %(action_mwl)s

[postfix]
enabled  = true
port = smtp
filter   = postfix
logpath  = /var/log/mail.log

[sasl]
enabled  = true
port = submission
filter   = sasl
logpath  = /var/log/mail.warn

[dovecot]
enabled  = true
port = imaps,pop3s
filter   = dovecot
logpath  = /var/log/mail.info

[roundcube]
enabled  = true
port = http,https
filter   = roundcube
logpath  = /var/log/roundcube/userlogins

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699442: fail2ban: please add configuration for roundcube

[Teodor MICU]

2013/1/31 Yaroslav Halchenko deb...@onerussian.com:
 would you mind also providing sample log lines demonstrating this
 failed attempts?

These are like this:
[22-Jan-2013 22:28:21 +0200]: FAILED login for user1 from 109.97.x.x
[23-Jan-2013 12:53:09 +0200]: FAILED login for user2 from 79.117.x.x
[25-Jan-2013 21:54:17 +0200]: FAILED login for user3 from 193.231.x.x

 ideally you could submit a pull request against fail2ban on
 https://github.com/fail2ban/fail2ban/
 with sample log lines provided under testcases/files/logs/roundcube.conf

For this I probably need to clone the project.. which I don't think
it's worth the trouble.

 And is this location standard on debian'provided installations of
 roundcube?

 | logpath  = /var/log/roundcube/userlogins

Yes, this is the standard location on Debian. This function is
actually provided by the fail2ban plugin [1] for roundcube, not by
Roundcube itself.

Cheers

[1]: http://mattrude.com/projects/roundcube-fail2ban-plugin/


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699149: [pkg-bacula-devel] Bug#699149: bacula-fd: should not run as 'root' by default

[Teodor MICU]

2013/1/29 Alexander Golovko alexan...@ankalagon.ru:
   ARGS=-u bacula -g bacula -k

 I think that from a security perspective this should be the default
 on package installation.

 This will lead to impossibility to restore backups without
 restarting bacula-fd. This is also can require changing user scripts
 for dump databases and such. This can confuse peoples.

I'm having this setup and I can restore backups just fine. Of course,
the restore directory must be rwx by bacula or mode 1777.

About the other thing (ie. dump databases), I can't tell.

 I think, we should not change defaults, however, this functionality
 described in README.Debian.gz (USERS  SECURITY).

But you do for bacula-dir and bacula-sd, why not for bacula-fd?

 bacula-fd init script correctly work without /e/d/bacula-fd.

Right. I thought that it depends on setting ENABLED=yes but I see
now that it checks for no.

 But there is a reason for set defaults in init scripts for
 bacula-director and bacula-sd and comment defaults in /e/d/bacula-*

Can you detail a little? I don't understand what you're trying to say.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699149: bacula-fd: should not run as 'root' by default

[Teodor]

Package: bacula-fd
Version: 5.2.6+dfsg-7
Severity: normal

Hi,

The other Bacula services are started by 'bacula' user. Only bacula-fd
is started as 'root'. However, I've just discovered that it can function
properly with limited privileges too.

For this one must edit /etc/default/bacula-df to contain:

  ARGS=-u bacula -g bacula -k

I think that from a security perspective this should be the default
on package installation.

Also, the init script file should work with defaults even if there is
no content on /e/d/bacula-fd or is completely missing. This means that
at install all default options should be provided as a comment/example:

#ENABLED=yes
#ARGS=-u bacula -g bacula -k
#CONFIG=/etc/bacula/bacula-fd.conf

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-fd depends on:
ii  bacula-common  5.2.6+dfsg-7
ii  libacl12.2.51-8
ii  libc6  2.13-37
ii  libcap21:2.22-1.2
ii  libgcc11:4.7.2-5
ii  libpython2.7   2.7.3-6
ii  libssl1.0.01.0.1c-4
ii  libstdc++6 4.7.2-5
ii  libwrap0   7.6.q-24
ii  lsb-base   4.1+Debian8
ii  ucf3.0025+nmu3
ii  zlib1g 1:1.2.7.dfsg-13

bacula-fd recommends no packages.

Versions of packages bacula-fd suggests:
pn  bacula-traymonitor  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#620825: bacula-director-common: wrong email From address

[Teodor MICU]

Hi,

I'm using this configuration in Messages:

  mailcommand = /usr/sbin/bsmtp -h SMTPHOST -f \Bacula
\bac...@host.domain.tld\\ -s [..]

The main reason is to have the real address instead of the fake %r
which could be rejected at the destination. This same address is added
automatically by 'bsmtp' on Sender: header.

What I would like is to have a parameter (like %r) for the local host
name that I could use instead of specifying the FQDN.

Regarding  this is mandated by strict RFC email rules. It's probably
common to activate 'strict_rfc821_envelopes = yes' in Postfix to block
unsolicited messages.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#699173: bsmtp: missing Message-Id: header on notifications

[Teodor]

Package: bacula-common
Version: 5.2.6+dfsg-7
Severity: normal

Hi,

I've noticed that Message-Id: header is missing on notifications.
This could cause the notifications to be rejected by some SMTP servers.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-common depends on:
ii  adduser   3.113+nmu3
ii  libc6 2.13-37
ii  libcap2   1:2.22-1.2
ii  libgcc1   1:4.7.2-5
ii  libpython2.7  2.7.3-6
ii  libssl1.0.0   1.0.1c-4
ii  libstdc++64.7.2-5
ii  libwrap0  7.6.q-24
ii  zlib1g1:1.2.7.dfsg-13

bacula-common recommends no packages.

Versions of packages bacula-common suggests:
pn  bacula-doc  none

-- Configuration Files:
/etc/logrotate.d/bacula-common changed:
/var/log/bacula/log {
  create  0640 bacula adm
  compress
  delaycompress
  missingok
  notifempty
  rotate 12
  monthly
}


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698947: bacula-fd: Messages:append to local log file is ignored

[Teodor]

Package: bacula-fd
Version: 5.2.6+dfsg-7
Severity: normal

Hi,

I'm trying to keep logs on the local system. For this I've put this
configuration in /etc/bacula/bacula-fd.conf:

Messages {
  Name = Standard
  append = /var/lib/bacula/log = all
  director = BACULAMASTER-dir = all, !skipped, !restored
}

However, no line is writted on local log file but send to director.
If I remove the director line there is no change regarding local
log file (ie. remains empty).

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-fd depends on:
ii  bacula-common  5.2.6+dfsg-7
ii  libacl12.2.51-8
ii  libc6  2.13-37
ii  libcap21:2.22-1.2
ii  libgcc11:4.7.2-5
ii  libpython2.7   2.7.3-6
ii  libssl1.0.01.0.1c-4
ii  libstdc++6 4.7.2-5
ii  libwrap0   7.6.q-24
ii  lsb-base   4.1+Debian8
ii  ucf3.0025+nmu3
ii  zlib1g 1:1.2.7.dfsg-13

bacula-fd recommends no packages.

Versions of packages bacula-fd suggests:
pn  bacula-traymonitor  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#493092: bacula: package upgrade creates or modifies `bacula-*.conf.dist'

[Teodor]

Package: bacula-fd
Version: 5.2.6+dfsg-7
Followup-For: Bug #493092

Hi,

Packages upgraded yesterday:

bacula-common:amd64 5.2.6+dfsg-2 = 5.2.6+dfsg-7
bacula-fd:amd64 5.2.6+dfsg-2 = 5.2.6+dfsg-7

The packages were installed last week.
After upgrade I've got a new file '/etc/bacula/bacula-fd.conf.dist'.

Obviously this affects all bacula-* packages. I think at some
point I've found that this was related to dbconfig.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-fd depends on:
ii  bacula-common  5.2.6+dfsg-7
ii  libacl12.2.51-8
ii  libc6  2.13-37
ii  libcap21:2.22-1.2
ii  libgcc11:4.7.2-5
ii  libpython2.7   2.7.3-6
ii  libssl1.0.01.0.1c-4
ii  libstdc++6 4.7.2-5
ii  libwrap0   7.6.q-24
ii  lsb-base   4.1+Debian8
ii  ucf3.0025+nmu3
ii  zlib1g 1:1.2.7.dfsg-13

bacula-fd recommends no packages.

Versions of packages bacula-fd suggests:
pn  bacula-traymonitor  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#695610: opendkim: fails to configure

[Teodor MICU]

Hi Scott,

2013/1/7 gustavo panizzo gfa g...@zumbi.com.ar:
 i have opendkim installed, but disabled at boot time (update-rc.d opendkim
 disable).
 when the packages gets upgraded, i got that error.
 this problem only appears on my laptop, where i keep opendkim installed but
 not running (for documentation proposes)

Considering this scenario this is probably RC severity for not being
able to upgrade if service is stopped. Considering that the fix is
small maybe it can be fixed for Wheezy too?

Cheers

(I though you would included this fix together with #695145 but it
seems that you forgot about it)


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687602: retext: should restore the window position and size at startup

[Teodor MICU]

2013/1/12 Dmitry Shachnev mity...@gmail.com:
 Hm, I probably was not clear enough: you need to add
 saveWindowGeometry=true (w/o quotes) to ~/.config/ReText
 project/ReText.conf to get that working. See
 https://sourceforge.net/p/retext/wiki/Configuration%20file/ for
 details.

Thanks for this explanation. Why not default to true instead of false?
I don't think there should be an option to disable this function, I
know no other application that does this. You could use a separate
config file (in .config/retext) like position for these properties
that are not for the user to edit manually.

Also, looking at .config directory any other Linux application is
using just its name for user preferences (lower case). Why not do the
same for retext?

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#694046: bacula-common: missing 'create' directive in logrotate.d/bacula-common

[Teodor MICU]

2012/11/23 Teodor mteo...@gmail.com:
 Please improve /etc/logrotate.d/bacula-common file with:

 /var/log/bacula/log {
   create 0644 bacula bacula

Actually, the group should be 'adm' and no read permissions for others:

  create  0640 bacula adm

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698218: roundcube-core: maybe remove obsolete entries from /e/r/htaccess?

[Teodor MICU]

2013/1/15 Vincent Bernat ber...@debian.org:
 We are shipping htaccess as shipped by upstream. I see little reason to
 change it just because they may be obsolete but harmless. Note that the
 first one is not commented by default.

Using the files from upstream is always a good idea. But again some of
these files (like htaccess) is constructed by upstream to cover all
distros, thus it makes sense for them to add notes about Apache
version but in Debian is not a question, it is certain. So, some of
these parameters can be adjusted for Debian if necessary.

Back to technical discussion, please at least add a note in
README.Debian why these are recommended and what problem do they fix.
I haven't had a problem by not using them, but maybe upstream
developers have more knowledge.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698218: roundcube-core: maybe remove obsolete entries from /e/r/htaccess?

[Teodor]

Package: roundcube
Version: 0.7.2-5
Severity: minor

Hi,

I'm using roundcube v0.7.x on both Debian 6.0 and 7.0 systems.
I see that these entries are still there although I've never found a
technical reason to keep them on my setup:

  # http://bugs.php.net/bug.php?id=30766
  #php_value   mbstring.func_overload  0

  # replace 'append' with 'merge' for Apache version 2.2.9 and later
  #Header append Cache-Control public env=!NO_CACHE

Debian has Apache 2.2.22 in release 6.0, thus if this was really needed
the last entry should have been configured by default.

Are these obsolete recommendations that could be removed?

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages roundcube-core depends on:
ii  apache2  2.2.22-12
ii  apache2-mpm-prefork [httpd]  2.2.22-12
ii  dbconfig-common  1.8.47+nmu1
ii  debconf [debconf-2.0]1.5.49
ii  libjs-jquery 1.7.2+dfsg-1
ii  libjs-jquery-ui  1.8.ooops.21+dfsg-2
ii  libmagic15.11-2
ii  php-auth 1.6.2-1
ii  php-mail-mime1.8.4-1
ii  php-mdb2 2.5.0b3-2
ii  php-net-smtp 1.6.1-1
ii  php-net-socket   1.0.9-2
ii  php5 5.4.4-10
ii  php5-gd  5.4.4-10
ii  php5-intl5.4.4-10
ii  php5-mcrypt  5.4.4-10
ii  php5-pspell  5.4.4-10
ii  roundcube-pgsql  0.7.2-5
ii  tinymce  3.4.8+dfsg0-1
ii  ucf  3.0025+nmu3

roundcube-core recommends no packages.

Versions of packages roundcube-core suggests:
ii  php-auth-sasl  1.0.4-1
pn  php-crypt-gpg  none
ii  roundcube-plugins  0.7.2-5

roundcube depends on no packages.

-- debconf information:
  roundcube/upgrade-error: abort
  roundcube/pgsql/authmethod-user: password
  roundcube/purge: false
* roundcube/dbconfig-install: true
* roundcube/language: en_US
  roundcube/db/dbname: roundcube
  roundcube/remote/newhost:
  roundcube/pgsql/changeconf: false
  roundcube/upgrade-backup: true
  roundcube/install-error: abort
  roundcube/mysql/admin-user: root
* roundcube/hosts: localhost
  roundcube/pgsql/authmethod-admin: ident
  roundcube/dbconfig-remove:
  roundcube/pgsql/admin-user: postgres
  roundcube/internal/skip-preseed: true
  roundcube/db/app-user: roundcube
  roundcube/dbconfig-reinstall: false
  roundcube/mysql/method: unix socket
  roundcube/remove-error: abort
* roundcube/restart-webserver: false
  roundcube/dbconfig-upgrade: true
  roundcube/remote/port:
  roundcube/pgsql/method: unix socket
  roundcube/pgsql/manualconf:
  roundcube/db/basepath:
  roundcube/pgsql/no-empty-passwords:
  roundcube/passwords-do-not-match:
  roundcube/internal/reconfiguring: false
* roundcube/reconfigure-webserver:
* roundcube/database-type: pgsql
  roundcube/remote/host:
  roundcube/missing-db-package-error: abort


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#698223: roundcube-plugins: plugin show_additional_headers should be configured in /e/r/plugins

[Teodor]

Package: roundcube
Version: 0.7.2-5
Severity: wishlist

Hi,

The plugin show_additional_headers is not like all other plugins. To be
able to use it one must add it's config in main.inc.php.

| # plugin: show_additional_headers
| $rcmail_config['show_additional_headers'] = array('Reply-To', ..);

Please make it possible to use a directory from /e/r/plugins like all
other plugins do.

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages roundcube-plugins depends on:
ii  roundcube-core  0.7.2-5

roundcube-plugins recommends no packages.

roundcube-plugins suggests no packages.

Versions of packages roundcube-core depends on:
ii  apache2  2.2.22-12
ii  apache2-mpm-prefork [httpd]  2.2.22-12
ii  dbconfig-common  1.8.47+nmu1
ii  debconf [debconf-2.0]1.5.49
ii  libjs-jquery 1.7.2+dfsg-1
ii  libjs-jquery-ui  1.8.ooops.21+dfsg-2
ii  libmagic15.11-2
ii  php-auth 1.6.2-1
ii  php-mail-mime1.8.4-1
ii  php-mdb2 2.5.0b3-2
ii  php-net-smtp 1.6.1-1
ii  php-net-socket   1.0.9-2
ii  php5 5.4.4-10
ii  php5-gd  5.4.4-10
ii  php5-intl5.4.4-10
ii  php5-mcrypt  5.4.4-10
ii  php5-pspell  5.4.4-10
ii  roundcube-pgsql  0.7.2-5
ii  tinymce  3.4.8+dfsg0-1
ii  ucf  3.0025+nmu3

Versions of packages roundcube-core suggests:
ii  php-auth-sasl  1.0.4-1
pn  php-crypt-gpg  none

Versions of packages roundcube depends on:
ii  roundcube-core  0.7.2-5

-- Configuration Files:
/etc/roundcube/plugins/managesieve/config.inc.php changed [not included]

-- debconf information:
  roundcube/upgrade-error: abort
  roundcube/pgsql/authmethod-user: password
  roundcube/purge: false
* roundcube/dbconfig-install: true
* roundcube/language: en_US
  roundcube/db/dbname: roundcube
  roundcube/remote/newhost:
  roundcube/pgsql/changeconf: false
  roundcube/upgrade-backup: true
  roundcube/install-error: abort
  roundcube/mysql/admin-user: root
* roundcube/hosts: localhost
  roundcube/pgsql/authmethod-admin: ident
  roundcube/dbconfig-remove:
  roundcube/pgsql/admin-user: postgres
  roundcube/internal/skip-preseed: true
  roundcube/db/app-user: roundcube
  roundcube/dbconfig-reinstall: false
  roundcube/mysql/method: unix socket
  roundcube/remove-error: abort
* roundcube/restart-webserver: false
  roundcube/dbconfig-upgrade: true
  roundcube/remote/port:
  roundcube/pgsql/method: unix socket
  roundcube/pgsql/manualconf:
  roundcube/db/basepath:
  roundcube/pgsql/no-empty-passwords:
  roundcube/passwords-do-not-match:
  roundcube/internal/reconfiguring: false
* roundcube/reconfigure-webserver:
* roundcube/database-type: pgsql
  roundcube/remote/host:
  roundcube/missing-db-package-error: abort


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#687602: retext: should restore the window position and size at startup

[Teodor]

Package: retext
Version: 4.0.0-1
Followup-For: Bug #687602

Hi,

I've installed the latest version from experimental and I still
see that these window properties are not preserved.

Cheers

-- System Information:
Debian Release: 7.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (100, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=ro_RO.utf8, LC_CTYPE=ro_RO.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages retext depends on:
ii  python3  3.2.3-6
ii  python3-markups  0.2.4-1
ii  python3-pyqt44.9.3-4

Versions of packages retext recommends:
ii  python3-enchant  1.6.5-2

retext suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697758: dovecot-core: starting up log message should have the same priority stop does

[Teodor]

Package: dovecot-core
Version: 1:2.1.7-6
Severity: minor

Hi,

I've noticed these entries in syslog (mail.info):
| Jan  9 04:33:15 palomino dovecot: master: Warning: Killed with
|   signal 15 (by pid=1037 uid=0 code=kill)
| Jan 09 04:33:15 master: Info: Dovecot v2.1.7 starting up (core
|   dumps disabled)

I've configured info (and debug) messages to not log via syslog:
#log_path = syslog
info_log_path = /var/log/mail.info

That's why these two messages have a different format. First is logged
via syslog (thus sent by Dovecot with a priority less that 'info'), the
second is write directly by Dovecot with 'info' priority.

This causes monitoring tools like logwatch to send misleading alerts:
| Dovecot was killed, and not restarted afterwards.
|
| **Unmatched Entries**
|dovecot: master: Warning: SIGHUP received - reloading
|  configuration: 2 Time(s)

I think these important server actions (start, stop, reload..) should
have the same syslog priority (probably start/reload is log with 'warn'
right now, I'm not sure).

Cheers


-- Package-specific info:

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dovecot-core depends on:
ii  adduser 3.113+nmu3
ii  libbz2-1.0  1.0.6-4
ii  libc6   2.13-37
ii  libpam-runtime  1.1.3-7.1
ii  libpam0g1.1.3-7.1
ii  libssl1.0.0 1.0.1c-4
ii  openssl 1.0.1c-4
ii  ucf 3.0025+nmu3
ii  zlib1g  1:1.2.7.dfsg-13

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
pn  dovecot-gssapinone
ii  dovecot-imapd 1:2.1.7-6
pn  dovecot-ldap  none
pn  dovecot-lmtpd none
ii  dovecot-managesieved  1:2.1.7-6
pn  dovecot-mysql none
pn  dovecot-pgsql none
ii  dovecot-pop3d 1:2.1.7-6
ii  dovecot-sieve 1:2.1.7-6
pn  dovecot-solr  none
pn  dovecot-sqlitenone
pn  ntp   none

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.1.7-6
ii  dovecot-dbg1:2.1.7-6
pn  dovecot-devnone
pn  dovecot-gssapi none
ii  dovecot-imapd  1:2.1.7-6
pn  dovecot-ldap   none
pn  dovecot-lmtpd  none
ii  dovecot-managesieved   1:2.1.7-6
pn  dovecot-mysql  none
pn  dovecot-pgsql  none
ii  dovecot-pop3d  1:2.1.7-6
ii  dovecot-sieve  1:2.1.7-6
pn  dovecot-sqlite none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697760: dovecot-core: ssl_cert/key should be specific to each protocol

[Teodor]

Package: dovecot-core
Version: 1:2.1.7-6
Severity: wishlist

Hi,

It appears that these settings are common for all protocols:

ssl_cert = /etc/ssl/certs/imap.DOMAIN.crt
ssl_key = /etc/ssl/private/imap.DOMAIN.key

I would like to set different hostnames (and IP addresses) for IMAP and
POP3, but this is not possible right now because ssl_cert and ssl_key
are global parameters.

Please make these parameters specific to each protocol.

Cheers


-- Package-specific info:

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dovecot-core depends on:
ii  adduser 3.113+nmu3
ii  libbz2-1.0  1.0.6-4
ii  libc6   2.13-37
ii  libpam-runtime  1.1.3-7.1
ii  libpam0g1.1.3-7.1
ii  libssl1.0.0 1.0.1c-4
ii  openssl 1.0.1c-4
ii  ucf 3.0025+nmu3
ii  zlib1g  1:1.2.7.dfsg-13

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
pn  dovecot-gssapinone
ii  dovecot-imapd 1:2.1.7-6
pn  dovecot-ldap  none
pn  dovecot-lmtpd none
ii  dovecot-managesieved  1:2.1.7-6
pn  dovecot-mysql none
pn  dovecot-pgsql none
ii  dovecot-pop3d 1:2.1.7-6
ii  dovecot-sieve 1:2.1.7-6
pn  dovecot-solr  none
pn  dovecot-sqlitenone
pn  ntp   none

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.1.7-6
ii  dovecot-dbg1:2.1.7-6
pn  dovecot-devnone
pn  dovecot-gssapi none
ii  dovecot-imapd  1:2.1.7-6
pn  dovecot-ldap   none
pn  dovecot-lmtpd  none
ii  dovecot-managesieved   1:2.1.7-6
pn  dovecot-mysql  none
pn  dovecot-pgsql  none
ii  dovecot-pop3d  1:2.1.7-6
ii  dovecot-sieve  1:2.1.7-6
pn  dovecot-sqlite none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#693114: dovecot-core: Mailboxes inaccessible after upgrade

[Teodor MICU]

Hi,

Considering that mailbox auto detection is not always working, I
recommend to just add a big NEWS entry telling people to manually set
the 'mail_location' parameter in /etc/dovecot/local.conf.

I've always set this parameter manually, but after reading how much
problems it could cause I prefer to keep it in /etc/dovecot/local.conf
to avoid it from being replaced on upgrades. Of course, the default
config *must* not set this parameter (leave it as an example).

Cheers

-- my local.conf --
mail_location = maildir:~/mail


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697769: dovecot-core: please setup 'lda' by default during installation

[Teodor]

Package: dovecot-core
Version: 1:2.1.7-6
Severity: wishlist

Hi,

Because 'dovecot-lda' is „special” I've setup the following to make
it work with Postfix securely without 'sudo' of setuid root:

1) info_log path set to a world writable file:
  
  # conf.d/15-lda.conf
  protocol lda {
info_log_path = /var/log/dovecot/lda.info
#mail_plugins = $mail_plugins
  }

2) create /var/log/dovecot/lda.info (dovecot:adm 0662)

  install -v -o dovecot -g adm -m 0751 -d /var/log/dovecot

  touch /var/log/dovecot/lda.info
  chown dovecot:adm /var/log/dovecot/lda.info
  chmod 0662 /var/log/dovecot/lda.info

3) add /etc/logrotate.d/dovecot-lda

  /var/log/dovecot/lda.info {
create 0662 dovecot adm
compress
delaycompress
notifempty
rotate 60
weekly
  }

4) remove file /var/log/dovecot/lda.info on purge if empty

5) remove directory /var/log/dovecot on purge if empty (quiet)

If anyone doesn't use dovecot-lda this setup is of no inconvenience.

I didn't figure out yet how dovecot-lmtpd is supposed to integrate
with Postfix. Maybe there is no difference?
  mailbox_command = /usr/lib/dovecot/dovecot-lda -f $SENDER -a $RECIPIENT

Cheers


-- Package-specific info:

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dovecot-core depends on:
ii  adduser 3.113+nmu3
ii  libbz2-1.0  1.0.6-4
ii  libc6   2.13-37
ii  libpam-runtime  1.1.3-7.1
ii  libpam0g1.1.3-7.1
ii  libssl1.0.0 1.0.1c-4
ii  openssl 1.0.1c-4
ii  ucf 3.0025+nmu3
ii  zlib1g  1:1.2.7.dfsg-13

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
pn  dovecot-gssapinone
ii  dovecot-imapd 1:2.1.7-6
pn  dovecot-ldap  none
pn  dovecot-lmtpd none
ii  dovecot-managesieved  1:2.1.7-6
pn  dovecot-mysql none
pn  dovecot-pgsql none
ii  dovecot-pop3d 1:2.1.7-6
ii  dovecot-sieve 1:2.1.7-6
pn  dovecot-solr  none
pn  dovecot-sqlitenone
pn  ntp   none

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.1.7-6
ii  dovecot-dbg1:2.1.7-6
pn  dovecot-devnone
pn  dovecot-gssapi none
ii  dovecot-imapd  1:2.1.7-6
pn  dovecot-ldap   none
pn  dovecot-lmtpd  none
ii  dovecot-managesieved   1:2.1.7-6
pn  dovecot-mysql  none
pn  dovecot-pgsql  none
ii  dovecot-pop3d  1:2.1.7-6
ii  dovecot-sieve  1:2.1.7-6
pn  dovecot-sqlite none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#697583: opendkim: reports insecure key in all AR headers

[Teodor]

Package: opendkim
Version: 2.6.8-3
Severity: normal

Hi,

I've done multiple tests and both 1024 and 2048-bit keys ar reported
insecure key in the Authentication-Results: header.

| Authentication-Results: smtp.DOMAIN; dkim=pass
|   reason=2048-bit key; insecure key
|   header.d=gmail.com header.i=@gmail.com header.b=0jmPjoQc;
|   dkim-adsp=pass; dkim-atps=neutral

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages opendkim depends on:
ii  adduser 3.113+nmu3
ii  libc6   2.13-37
ii  libdb5.15.1.29-5
ii  libldap-2.4-2   2.4.31-1
ii  liblua5.1-0 5.1.5-4
ii  libmilter1.0.1  8.14.4-2.1
ii  libopendkim72.6.8-3
ii  libssl1.0.0 1.0.1c-4
ii  libunbound2 1.4.17-2
ii  libvbr2 2.6.8-3
ii  lsb-base4.1+Debian8

opendkim recommends no packages.

Versions of packages opendkim suggests:
ii  opendkim-tools  2.6.8-3

-- Configuration Files:
/etc/opendkim.conf changed:
Syslog  yes
SyslogSuccess   yes
UMask   002
Domain  mu**.com
KeyFile /etc/mail/dkim_pa**.key
Selectorpa**
Canonicalizationrelaxed/relaxed
SubDomains  yes
OversignHeaders From
On-BadSignature tempfail
On-DNSError accept
Socket  inet:8891@[127.0.0.1]
MilterDebug 3


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#695145: opendkim: DKIM signature verification is failing

[Teodor MICU]

Obviously DKIM signature verification works in most cases (including for gmail).

Looking at this report it seems that DKIM does not fail signature
verification, but only the log message is wrong. Do you agree?

In this case the one-line patch could be included in an upload for an
important fix (like the one for #695610).

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#695610: opendkim: fails to configure

[Teodor MICU]

Hi,

I've installed opendkim a few days ago and didn't encounter this
problem. Why your directory was missing at package installation? Did
you manually remove it?

This could be a potential problem at boot but I've just tested and the
directory is correctly handled at boot.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#696856: spamass-milter: Could not retrieve sendmail macro i

[Teodor MICU]

2012/12/28 Teodor mteo...@gmail.com:
 | Dec 28 03:07:07 palomino spamass-milter[30692]: Could not retrieve
 |   sendmail macro i!.

I've found some related info on the MILTER_README:
  http://www.postfix.org/MILTER_README.html#workarounds

Quoting from that page: current versions of dkim-filter and dk-filter
already have code that looks up the Postfix queue ID at a later
protocol stage...

This makes me think that a fix is not out of the question.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#696856: spamass-milter: Could not retrieve sendmail macro i

[Teodor]

Package: spamass-milter
Version: 0.3.2-1
Severity: normal

Hi,

After spamass-milter service restart and the first message received, these
lines are found in the syslog:
| Dec 28 03:07:07 palomino spamass-milter[30692]: Could not retrieve
|   sendmail macro i!.  Please add it to confMILTER_MACROS_ENVFROM for
|   better spamassassin results

This appear to be harmless but at least should be documented in README with
what's causing it and how to fix it (if possible).

Cheers

-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages spamass-milter depends on:
ii  adduser 3.113+nmu3
ii  libc6   2.13-37
ii  libgcc1 1:4.7.2-4
ii  libmilter1.0.1  8.14.4-2.1
ii  libstdc++6  4.7.2-4
ii  spamc   3.3.2-4

Versions of packages spamass-milter recommends:
ii  postfix   2.9.3-2.1
ii  spamassassin  3.3.2-4

spamass-milter suggests no packages.

-- Configuration Files:
/etc/default/spamass-milter changed:
OPTIONS=-I -i 127.0.0.1,69.160.75.102 -m -r 20 -- --headers
SOCKET=/var/spool/postfix/run/spamass-milter/mux
SOCKETOWNER=spamass-milter:spamass-milter


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#696861: spamass-milter: must create an empty home directory

[Teodor]

Package: spamass-milter
Version: 0.3.2-1
Severity: normal

Hi,

During package installation the account is created without HOME:
| Not creating home directory `/var/lib/spamass-milter'.

But, on all messages received you'll see many messages like this:
| Dec 27 09:25:13 palomino spamd[13761]: spamd: setuid to spamass-milter 
succeeded
| Dec 27 09:25:13 palomino spamd[13761]: spamd: creating default_prefs:
|   /var/lib/spamass-milter/.spamassassin/user_prefs
| Dec 27 09:25:13 palomino spamd[13761]: config: cannot create user
|   preferences file /var/lib/spamass-milter/.spamassassin/user_prefs:
|   No such file or directory
| Dec 27 09:25:13 palomino spamd[13761]: spamd: failed to create readable
|   default_prefs: /var/lib/spamass-milter/.spamassassin/user_prefs
|
| Dec 27 09:25:14 palomino spamd[13761]: pyzor: check failed: internal
|   error, python traceback seen in response
| Dec 27 09:25:15 palomino spamd[13761]: plugin: eval failed: bayes:
|   (in learn) locker: safe_lock: cannot create lockfile
|   /var/lib/spamass-milter/.spamassassin/bayes.mutex: No such file or directory


Thus, altough you don't want all the files from /etc/skel we still
need an empty directory. However, you need to update the permissions
in postinstall.
(it would be nice to create a 'spamass-milter' group too)

Cheers


-- System Information:
Debian Release: 7.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages spamass-milter depends on:
ii  adduser 3.113+nmu3
ii  libc6   2.13-37
ii  libgcc1 1:4.7.2-4
ii  libmilter1.0.1  8.14.4-2.1
ii  libstdc++6  4.7.2-4
ii  spamc   3.3.2-4

Versions of packages spamass-milter recommends:
ii  postfix   2.9.3-2.1
ii  spamassassin  3.3.2-4

spamass-milter suggests no packages.

-- Configuration Files:
/etc/default/spamass-milter changed:
OPTIONS=-I -i 127.0.0.1,BINDADDR -m -r 20 -- --headers
SOCKET=/var/spool/postfix/run/spamass-milter/mux
SOCKETOWNER=spamass-milter:spamass-milter


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#695301: openvpn: Fails to install a logrotate.d entry

[Teodor MICU]

2012/12/6 Alberto Gonzalez Iniesta a...@inittab.org:
 As far as I know, openvpn does not create that log file, unless you told
 it to. In that case, it's not a bug in the package...

That's my experience too. By default 'openvpn' will log to
/var/log/syslog which is handled automatically. If you've set a custom
log file then you must manually add a logrotate entry. I'm not sure
but on restart the log file could also be truncated if you use --log
instead of --log-append.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#695301: openvpn: Fails to install a logrotate.d entry

[Teodor MICU]

2012/12/7 Karl Schmidt k...@xtronics.com:
  IMO it probably should be set up to log out-of-the-box as well [..]

It does log by default to /var/log/syslog on Linux.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#605449: Set up for bacula-director-pgsql runs before that of postgresql-8.4.

[Teodor MICU]

Package: bacula-director-common
Version: 5.2.6+dfsg-6

Hi,

Indeed, any SQL backend (postgresql, mysql ..) does not have to be
local. But in case it is local (as I and many probably have) this
needs to be declared correctly in the init script:

#! /bin/sh
### BEGIN INIT INFO
# Provides:  bacula-director
# Required-Start:$remote_fs $syslog
# Should-Start:  bacula-fd postgresql
# Required-Stop: $remote_fs $syslog
# Should-Stop:   bacula-fd postgresql
# Default-Start: 2 3 4 5
# Default-Stop:  0 1 6
### END INIT INFO

Because the declaration is on Should-* it doesn't affect those who
don't have the SQL service on the local system. Its the same mechanism
used for 'bacula-fd' (which I don't have it installed on the Bacula
server).

I'm currently settings this in /etc/insserv/overrides/bacula-director.
You might want to add what others provide in their init script too
(i.e. mysql).

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#694046: bacula-common: missing 'create' directive in logrotate.d/bacula-common

[Teodor]

Package: bacula-common
Version: 5.2.6+dfsg-6
Severity: normal

Hi,

Please improve /etc/logrotate.d/bacula-common file with:

/var/log/bacula/log {
  create 0644 bacula bacula
  compress
  delaycompress
  missingok
  notifempty
  rotate 12
  monthly
}

The most important is create directive since on the first rotation the
new permissions will be root:root and Bacula service will not be able to
write there anymore.

This applies to older versions too (i.e. from squeeze).

Cheers


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages bacula-common depends on:
ii  adduser   3.113+nmu3
ii  initscripts   2.88dsf-34
ii  libc6 2.13-37
ii  libcap2   1:2.22-1.2
ii  libgcc1   1:4.7.2-4
ii  libpython2.7  2.7.3-5
ii  libssl1.0.0   1.0.1c-4
ii  libstdc++64.7.2-4
ii  libwrap0  7.6.q-24
ii  zlib1g1:1.2.7.dfsg-13

bacula-common recommends no packages.

Versions of packages bacula-common suggests:
pn  bacula-doc  none

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#693744: libnetcf1: uninstallable due to Conflicts: libvirt0 (= 0.10.1-2~)

[Teodor MICU]

severity 693744 serious
stop

root@frost:~# aptitude full-upgrade
The following packages will be upgraded:
  libnetcf1{b}
1 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 51.6 kB of archives. After unpacking 3,072 B will be freed.
The following packages have unmet dependencies:
 libnetcf1 : Conflicts: libvirt0 (= 0.10.1-2~) but 0.9.12-5 is installed.

This might be a unclean 'sid+exp' build error in which case a binNMU
by Release Team should fix it. I don't have the time to check this
now.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#693132: initscripts: mountnfs fails at boot if $NFSHOST is present on /etc/hosts

[Teodor MICU]

2012/11/13 Roger Leigh rle...@codelibre.net:
 This is a symptom of a bug in the -bootclean scripts; I'll be
 fixing this soon with a new upload of sysvinit.

The problem I reported is for Debian Linux 6.0.6 systems, not current
Wheezy. So, it doesn't appear to be the same problem as the one
described in bug #677097.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#693132: initscripts: mountnfs fails at boot if $NFSHOST is present on /etc/hosts

[Teodor]

Package: initscripts
Version: 2.88dsf-13.1+squeeze1
Severity: normal

Hi,

After testing NFS on four Debian hosts I've found that the presence of a
static entry for the NFSHOST will make mountnfs to fail at boot. Ironically,
I've added the static entry just to make it more reliable.  :-)_

The one that fails is probably /etc/network/if-up.d/mountnfs since the init
script /etc/init.d/mountnfs.sh appears to be a no-op -- at least for mount
point /srv/backups. After some testing I see that do_wait_async_mount it
detects correctly the nfs entry from the /etc/fstab file but it no other
action is taken.

Cheers


-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages initscripts depends on:
ii  coreutils  8.5-1 GNU core utilities
ii  debianutils3.4   Miscellaneous utilities specific t
ii  libc6  2.11.3-4  Embedded GNU C Library: Shared lib
ii  lsb-base   3.2-23.2squeeze1  Linux Standard Base 3.2 init scrip
ii  mount  2.17.2-9  Tools for mounting and manipulatin
ii  sysv-rc2.88dsf-13.1+squeeze1 System-V-like runlevel change mech
ii  sysvinit-utils 2.88dsf-13.1+squeeze1 System-V-like utilities

Versions of packages initscripts recommends:
ii  e2fsprogs   1.41.12-4stable1 ext2/ext3/ext4 file system utiliti
pn  psmisc  none   (no description available)

initscripts suggests no packages.

-- Configuration Files:
/etc/default/tmpfs changed:
TMPFS_SIZE=20%
RUN_SIZE=10%
LOCK_SIZE=5242880 # 5MiB
SHM_SIZE=
TMP_SIZE=
RW_SIZE=5242880 # 5 MiB


-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#693132: initscripts: mountnfs fails at boot if $NFSHOST is present on /etc/hosts

[Teodor MICU]

2012/11/13 Teodor mteo...@gmail.com:
 [..] script /etc/init.d/mountnfs.sh appears to be a no-op

I've just tested and after removal of '/etc/init.d/mountnfs.sh' and
'/etc/init.d/mountnfs-bootclean.sh' from the init sequence (with
update-rc.d remove) I can confirm that the NFS mounting is by
if-up.d/nfsmount script.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692448: qemu: system crash on 'libaio1' removal

[Teodor]

Package: qemu
Version: 0.12.5+dfsg-3squeeze2
Severity: serious

Hi,

I've just had a system crash a few seconds after I removed 'libaio1
package (declared orphan by deborphan). On KVM systems this is not
a problem because its a dependency of qemu-kvm. But on Xen systems
(+libvirtd) this package is useless and 'qemu' is enough.

I believe 'qemu' should also depend on 'libaio1'. Another alternative
is to add the dependency on 'xen-qemu-dm*' packages.

Cheers


-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages qemu depends on:
ii  qemu-system0.12.5+dfsg-3squeeze2 QEMU full system emulation binarie
ii  qemu-user  0.12.5+dfsg-3squeeze2 QEMU user mode emulation binaries
ii  qemu-utils 0.12.5+dfsg-3squeeze2 QEMU utilities

qemu recommends no packages.

Versions of packages qemu suggests:
pn  qemu-user-static  none (no description available)

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692448: qemu: system crash on 'libaio1' removal

[Teodor MICU]

2012/11/6 Michael Tokarev m...@tls.msk.ru:
 On 06.11.2012 15:40, Teodor wrote:
 I've just had a system crash a few seconds after I removed 'libaio1
 package (declared orphan by deborphan).

 What kind of crash?  Crash of what, exactly?  What you were running?

Debian Linux 6.0 (amd64) on top of Xen 4.0 hypervisor.

reboot   system boot  2.6.32-5-xen-amd Tue Nov  6 02:59 - 05:01  (02:02)
root pts/2vpn-120.DOMAIN Tue Nov  6 02:27 - crash  (00:32)

 None of qemu-system or qemu-user binaries are linked with libaio.
 libaio1 is not used and hence not needed.

 Note that qemu package - against which you filed the bugreport -
 is a meta-package, it does not use any library at all.

# aptitude why qemu
i   xen-qemu-dm-4.0 Depends qemu-system | qemu

# aptitude why libaio1
i   libvirt-bin Recommends qemu-kvm | qemu (= 0.9.1)
p   qemu-kvmDependslibaio1

Maybe qemu is not the right package, then which is the right pkg?

   On KVM systems this is not
 a problem because its a dependency of qemu-kvm. But on Xen systems
 (+libvirtd) this package is useless and 'qemu' is enough.

 Which package is useless?

qemu-kvm is useless on a Xen hypervisor.

 xen-qemu-dm* packages are not relevant for qemu.

 Please describe your issue in a bit more details.  Currently
 what you wrote makes no sense, sorry.

Do you need more info?

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#692448: qemu: system crash on 'libaio1' removal

[Teodor MICU]

2012/11/6 Michael Tokarev m...@tls.msk.ru:
 So, can you start it again when libaio1 is NOT installed?

Yes, I was able to start the VMs again after the libaio1 removal. I'm
not sure about the full Xen system -- I can't test now.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#678506: consolekit: Rejected send message: type=method_call, interface=org.freedesktop.DBus.Properties

[Teodor MICU]

tags 678506 +patch
quit

I've been using this patch for more than two months to fix this noise
in the logs. Please include it in Debian 7.0.

Cheers



--- ConsoleKit.conf 2012-03-01 00:26:35.0 +0200
+++ /etc/dbus-1/system.d/ConsoleKit.conf2012-08-11 12:30:28.084999148 
+0300
@@ -21,7 +21,7 @@
   send_interface=org.freedesktop.ConsoleKit.Seat/
 deny send_destination=org.freedesktop.ConsoleKit
   send_interface=org.freedesktop.ConsoleKit.Session/
-deny send_destination=org.freedesktop.ConsoleKit
+allow send_destination=org.freedesktop.ConsoleKit
   send_interface=org.freedesktop.DBus.Properties /

 allow send_destination=org.freedesktop.ConsoleKit


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#690845: ethtool: incorrect WoL detection on Broadcom NX II rev 12

[Teodor]

Package: ethtool
Version: 1:2.6.34-3
Severity: normal
Tags: upstream

Hi,

On Broadcom NX II rev  12 network interfaces it's not possible to activate
WoL using 'ethtool' (it can only be done from the MBA Configuration Menu).

However, even if Pre-boot Wake On LAN was enabled 'ethtool' doesn't
see this change:
Supports Wake-on: d
Wake-on: d

I've just tested that WoL works for this system.

Cheers


-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ethtool depends on:
ii  libc6 2.11.3-4   Embedded GNU C Library: Shared lib

ethtool recommends no packages.

ethtool suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#690845: ethtool: incorrect WoL detection on Broadcom NX II rev 12

[Teodor MICU]

2012/10/18 Ben Hutchings b...@decadent.org.uk:
 ethtool just reports what the driver tells it, so this isn't an ethtool
 bug.

I thought this might be a driver problem just like setting WoL is not
supported by the driver for rev  12 on these cards.

 Which kernel version are you using (package name and version) and have
 you installed a different version of the bnx2 driver?

Linux version 2.6.32-5-amd64 (Debian 2.6.32-46)

# modinfo bnx2
filename:   /lib/modules/2.6.32-5-amd64/kernel/drivers/net/bnx2.ko
firmware:   bnx2/bnx2-rv2p-09ax-5.0.0.j3.fw
firmware:   bnx2/bnx2-rv2p-09-5.0.0.j3.fw
firmware:   bnx2/bnx2-mips-09-5.0.0.j3.fw
firmware:   bnx2/bnx2-rv2p-06-5.0.0.j3.fw
firmware:   bnx2/bnx2-mips-06-5.0.0.j3.fw
version:2.0.2

I'm using the package from backports (0.35~bpo60+1)  for the 3.2
kernel, but I think the common files are identical.

All these packages are from Debian Linux 6.0.6, no custom
installations were done.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#690535: tftpd-hpa: fails to start if kernel flag ipv6.disable=1 is set

[Teodor]

Package: tftpd-hpa
Version: 5.0-18
Severity: important

Hi,

I've disables IPv6 via ipv6.disable=1 boot parameter. On all servers with
this configuration tftpd-hpa doesn't start and prints in syslog:
| in.tftpd[5303]: cannot open IPv6 socket, disable IPv6: Address family
|   not supported by protocol
| in.tftpd[5303]: Cannot set nonblock flag on socket: Bad file descriptor

Cheers


-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages tftpd-hpa depends on:
ii  adduser   3.112+nmu2 add and remove users and groups
ii  debconf [debconf-2.0] 1.5.36.1   Debian configuration management sy
ii  libc6 2.11.3-4   Embedded GNU C Library: Shared lib
ii  libwrap0  7.6.q-19   Wietse Venema's TCP wrappers libra

tftpd-hpa recommends no packages.

Versions of packages tftpd-hpa suggests:
ii  syslinux-common2:4.02+dfsg-7 collection of boot loaders (common

-- debconf information:
  tftpd-hpa/options: --secure
  tftpd-hpa/address: 0.0.0.0:69
* tftpd-hpa/directory: /srv/tftp
  tftpd-hpa/username: tftp


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#690158: ettercap: unconditionally sets net.ipv4.ip_forward=0

[Teodor MICU]

2012/10/12 Simon Paillard spaill...@debian.org:
 On top of that, ettercap is designed for man in the middle attacks, disabling
 kernel forwarding seems to be a must.

 man ettercap:

 NAME
ettercap - multipurpose sniffer/content filter for man in the middle 
 attacks

Ok, good to know. Obviously I only wanted a friendly sniffer (no IP
information).

So the wishlist might be to have this unoffensive mode active by default?

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#690158: ettercap: unconditionally sets net.ipv4.ip_forward=0

[Teodor]

Package: ettercap
Version: 1:0.7.3-2.1
Severity: grave
Justification: causes non-serious data loss

Hi,

I've just found that running 'ettercap' on gateway system (were ip_forward
is a must) will unconditionally disable the kernel flag. This affects both
Debian 6.0 (squeeze) and Debian 7.0 (wheezy).

Cheers

-- System Information:
Debian Release: 6.0.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/24 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages ettercap depends on:
ii  ettercap-common1:0.7.3-2.1   Common support files and plugins f
ii  libc6  2.11.3-4  Embedded GNU C Library: Shared lib
ii  libltdl7   2.2.6b-2  A system independent dlopen wrappe
ii  libncurses55.7+20100313-5shared libraries for terminal hand
ii  libnet11.1.4-2   library for the construction and h
ii  libpcap0.8 1.1.1-2+squeeze1  system interface for user-level pa
ii  libpcre3   8.02-1.1  Perl 5 Compatible Regular Expressi
ii  libssl0.9.80.9.8o-4squeeze13 SSL shared libraries
ii  zlib1g 1:1.2.3.4.dfsg-3  compression library - runtime

ettercap recommends no packages.

ettercap suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#682481: gnome-shell: epiphany shouldn't be the default browser

[Teodor MICU]

Didn't you forgot to add | www-browser in the Depends: line?

Funny upgrade today with 121 new packages although I have at least two
packages installed that provide www-browser.

Cheers


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#668354: Downgrading

[Teodor MICU]

2012/9/19 Marcin Owsiany porri...@debian.org:
 severity 668354 wishlist
 thanks

 I had a look at LSB and it agrees with Debian policy in that it also
 requires calling a command rather than manipulating symlinks directly.
 [..]

That's the requirement for Debian packages only.
Also, «install_initd» is provided by lsb-core which is not guaranteed
to be installed.

 As such I don't think this warrants an RC bug. I'm downgrading it to
 wishlist. Personally I'd close or mark it wontfix, but I'll leave that
 up to the maintainer.

Are you serious?! Are you expecting a multi-platform product to do a
dozen of checks for each system type and execute
update-rc.d/chkconfig/whatever based on that?

Cheers


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org