Bug#1035685: unblock: mpdscribble/0.24-2+b1

[kaliko]

control: tags -1 - moreinfo

On 11/05/23, Paul Gevers wrote:
> Control: tags -1 confirmed moreinfo
> Control: retitle -1 unblock: mpdscribble/0.24-3
> 
> Hi,
> 
>  On 07-05-2023 20:58, kaliko wrote:
> > During bookworm development the package was refactored and
> > a bug was introduced in the conf file management.
> > piuparts recently spotted the issue and #1035603 was reported.
> 
> Please go ahead and remove the moreinfo tag once the upload happened.
Uploaded
Thanks


signature.asc
Description: PGP signature

Bug#1035685: unblock: mpdscribble/0.24-2+b1

[kaliko]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: mpdscrib...@packages.debian.org
Control: affects -1 + src:mpdscribble

Please unblock package mpdscribble

[ Reason ]
During bookworm development the package was refactored and
a bug was introduced in the conf file management.
piuparts recently spotted the issue and #1035603 was reported.

https://bugs.debian.org/1035603

[ Impact ]
Package will be removed from testing and not shipped in bookworm.

[ Tests ]
Tested with piuparts to ensure the bug is actually fixed

[ Risks ]
I don't believe there are risks with this trivial fix.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock mpdscribble/0.24-2+b1
diff -Nru mpdscribble-0.24/debian/changelog mpdscribble-0.24/debian/changelog
--- mpdscribble-0.24/debian/changelog   2022-07-31 18:28:30.0 +0200
+++ mpdscribble-0.24/debian/changelog   2023-05-07 20:00:03.0 +0200
@@ -1,3 +1,10 @@
+mpdscribble (0.24-3) unstable; urgency=medium
+
+  * Do not ship /etc/mpdscribble.conf as a conffile (already managed with ucf)
+Thanks to Andreas Beckmann  (Closes: #1035603)
+
+ -- Geoffroy Youri Berret   Sun, 07 May 2023 20:00:03 +0200
+
 mpdscribble (0.24-2) unstable; urgency=medium
 
   * Fixed FTBS (porting to gcc12) (Closes: #1016284)
diff -Nru mpdscribble-0.24/debian/rules mpdscribble-0.24/debian/rules
--- mpdscribble-0.24/debian/rules   2022-07-31 18:28:30.0 +0200
+++ mpdscribble-0.24/debian/rules   2023-05-07 19:58:53.0 +0200
@@ -16,6 +16,7 @@
 
 override_dh_auto_install:
dh_auto_install
+   rm debian/mpdscribble/etc/mpdscribble.conf
rm debian/mpdscribble/usr/share/doc/mpdscribble/COPYING
 
 override_dh_clean:

Bug#1031754: ncmpc-lyrics: missing dependencies on python3-bs4 and python3-requests

[kaliko]

22/02/2023 13:38, Diederik wrote:

MR of that patch: https://salsa.debian.org/mpd-team/ncmpc/-/merge_requests/1


Thanks very much for your MR Diederik :)

FYI: Regarding the cross building issue, there is an report against 
sphinx package https://bugs.debian.org/961206
I stumbled upon the issue trying to build MPD for amrhf (raspbian) and 
arm64 Debian...


Cheers
k

Bug#1017921: mpd tries to start on non-interactive sessions

[kaliko]

Hi Antoine,

Le 24/08/2022 à 14:54, Antoine Beaupré a écrit :

[…]
In any case, I think you're right this might not be an actual bug,
although I can't help but think that the [Install] block could target
graphical-session.target instead of default.target, which would possibly
remove a lot of those problems in the future.


Actually my use of MPD requires default.target for users mpd service.
I'm sharing a server with a friend, we both run our own instance of MPD 
to stream music through icecast (and we only have a shell to manage our 
accounts, no graphical env.).


I've always seen MPD as an audio player for advanced *nix users, I don't 
think we should make it too much "foolproof". I believe the current 
defaults for user/system services are a good trade off: user service 
disabled and system service enabled/started. It's well documented both 
in /usr/share/doc/mpd and on the https://wiki.debian.org/mpd


I suggest to close this bug.
Would it be fine with you ?
Cheers
k

ps: sorry for this late reply

Bug#930565: dev-ref: should use distro-info instead of hardcoding version numbers

[kaliko]

On 3/29/22 11:00, kaliko wrote:
Alright then here is a patch using distro-info (forking currently fails 
at least with my account on salsa).


Humm, error between keyboard and chair actually…
Here is the salsa "Merge request":

https://salsa.debian.org/debian/developers-reference/-/merge_requests/35

cheers
k

Bug#930565: dev-ref: should use distro-info instead of hardcoding version numbers

[kaliko]

Hi Holger,

On 3/28/22 14:12, Holger Levsen wrote:

On Wed, Mar 02, 2022 at 02:21:20PM +0100, kaliko wrote:

On Sat, 15 Jun 2019 16:26:33 + Holger Levsen 
wrote:

[…]
and then for bullseye we should use distro-info(-data). (wondering how
to do this sensibly at run time and not at build time...)

What is "run time" for manual (pdf, html, etc…), do you mean when the manual
is actually shown in the browser for instance with html?


could also be a monthly (?) cron job or some such.


Alright then here is a patch using distro-info (forking currently fails 
at least with my account on salsa).



I was thinking about using python distro-info to set variables to format
rst_epilog with along with _version and _date. But I guess this is not what
you expect.


Ideally I'd like something that also works in a pdf viewer and for the txt
version.


This should works for any output format since distro-info is used to 
configure the rst source (through rst_epilog). I've tested the plain 
text and pdf outputs and it's fine indeed.


Cheers,
k


From f1a9aa93d449c1ef48b3a3cd9ab19bef7b846d77 Mon Sep 17 00:00:00 2001
From: Geoffroy Youri Berret 
Date: Tue, 29 Mar 2022 09:40:38 +0200
Subject: [PATCH] Use distro-info instead of hardcoding version numbers

Closes: #930565
---
 debian/control |  1 +
 source/conf.py | 49 +++--
 2 files changed, 32 insertions(+), 18 deletions(-)

diff --git a/debian/control b/debian/control
index e180c98..6e239d7 100644
--- a/debian/control
+++ b/debian/control
@@ -7,6 +7,7 @@ Uploaders: Hideki Yamane ,
 Standards-Version: 4.6.0
 Rules-Requires-Root: no
 Build-Depends-Indep: latexmk,
+ python3-distro-info,
  python3-sphinx,
  python3-stemmer,
  tex-gyre,
diff --git a/source/conf.py b/source/conf.py
index a207e34..088d447 100644
--- a/source/conf.py
+++ b/source/conf.py
@@ -6,6 +6,19 @@
 # full list see the documentation:
 # http://www.sphinx-doc.org/en/master/config
 
+# -- distro-info
+import distro_info
+_deb = distro_info.DebianDistroInfo()
+_all_codenames = _deb.get_all()
+_testing_codename = _deb.testing()
+_testing_version = int(_deb.version(_deb.testing()))
+_stable_codename = _deb.stable()
+_stable_version = int(_deb.version(_deb.stable()))
+_old_codename = _deb.old()
+_old_version = int(_deb.version(_deb.old()))
+_oldold_codename = _all_codenames[_all_codenames.index(_old_codename)-1]
+_nexttesting_codename = _all_codenames[_all_codenames.index(_testing_codename)+1]
+
 # -- Environment variable setup --
 import os
 _package = os.getenv("PACKAGE", default="package-name")
@@ -63,28 +76,28 @@ source_suffix = '.rst'
 master_doc = 'index'
 
 # Substitution (only for text contents (not for URL refs)
-rst_epilog = """
-.. |version| replace:: ``{}``
-.. |pubdate| replace:: ``{}``
+rst_epilog = f"""
+.. |version| replace:: ``{_version}``
+.. |pubdate| replace:: ``{_date}``
 .. |number-of-pkgs| replace:: ``3``
 .. |number-of-maintainers| replace:: 1000
 .. |number-of-arches| replace:: 10
 .. |codename-security| replace:: *codename*\ ``-security``
-.. |codename-oldoldstable| replace:: ``jessie``
-.. |codename-oldstable| replace:: ``stretch``
-.. |codename-stable| replace:: ``buster``
-.. |codename-stable-security| replace:: ``buster-security``
-.. |codename-testing| replace:: ``bullseye``
-.. |codename-nexttesting| replace:: ``bookworm``
-.. |version-oldoldstable| replace:: 8
-.. |version-oldstable| replace:: 9
-.. |version-stable| replace:: 10
-.. |version1-revision-deb-version-stable-u1| replace:: ``1:2.4.3-4+deb10u1``
-.. |version2-revision-deb-version-stable-u1| replace:: ``1.5-3+deb10u1``
-.. |version-testing| replace:: 11
-.. |version2-revision-deb-version-testing-u1| replace:: ``1.5-3+deb11u1``
-.. |version-nexttesting| replace:: 12
-""".format(_version, _date)
+.. |codename-oldoldstable| replace:: ``{_oldold_codename}``
+.. |codename-oldstable| replace:: ``{_old_codename}``
+.. |codename-stable| replace:: ``{_stable_codename}``
+.. |codename-stable-security| replace:: ``{_stable_codename}-security``
+.. |codename-testing| replace:: ``{_testing_codename}``
+.. |codename-nexttesting| replace:: ``{_nexttesting_codename}``
+.. |version-oldoldstable| replace:: {_old_version-1}
+.. |version-oldstable| replace:: {_old_version}
+.. |version-stable| replace:: {_stable_version}
+.. |version1-revision-deb-version-stable-u1| replace:: ``1:2.4.3-4+deb{_stable_version}u1``
+.. |version2-revision-deb-version-stable-u1| replace:: ``1.5-3+deb{_stable_version}u1``
+.. |version-testing| replace:: {_testing_version}
+.. |version2-revision-deb-version-testing-u1| replace:: ``1.5-3+deb{_testing_version}u1``
+.. |version-nexttesting| replace:: {_testing_version+1}
+"""
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
 #
-- 
2.30.2



OpenPGP_signature
Description: OpenPGP digital signature

Bug#930565: dev-ref: should use distro-info instead of hardcoding version numbers

[kaliko]

On Sat, 15 Jun 2019 16:26:33 + Holger Levsen  
wrote:

[…]
and then for bullseye we should use distro-info(-data). (wondering how
to do this sensibly at run time and not at build time...)


What is "run time" for manual (pdf, html, etc…), do you mean when the 
manual is actually shown in the browser for instance with html?


I was thinking about using python distro-info to set variables to format 
rst_epilog with along with _version and _date. But I guess this is not 
what you expect.


k


OpenPGP_signature
Description: OpenPGP digital signature

Bug#1002544: mpc 0.34 is not compatible with older servers

[kaliko]

Hi Nicolas,

Thanks for your report.

On 12/23/21 9:05 PM, Nicolas George wrote:

mpc 0.34 from Debian Bookworm/sid is not compatible with older versions
of the server or protocol. For example:

cigaes@aimlin ~ $ mpc -h 10.0.1.19 version
warning: MPD 0.21 required
mpd version: 0.19.0

> […]

0.19 is quite old, last MPD release in this branch was in 13 Dec 2016 / 
v0.19.26. MPD with protocol <0.20 is available in Debian old-old-stable 
only (aka stretch).



(10.0.1.19 is running mopidy 2.2.2-1 from Buster; upgrading it is
desirable but not an option right now.)


Well the problem here is mopidy actually. modpidy is stuck with 0.19.0 
in master [0], the issue is known though [1].


I understand introducing mpc 0.34 broke with mopidy and it is annoying 
in your setup, but mopidy MPD protocol support is partial when not 
broken. I've myself stumbled upon issues with it and had to work around 
breakage in my own client.


Unfortunately mopidy-mpd plugin need some care.


If mpc 0.34 cannot be made to work with a 0.19 server, then Debian
should offer the possibility to install mpc 0.33 in parallel, since
users may not control the version of the server they want to connect.


MPD project is actually leading the development of the protocol, mopidy 
should follow. As I wrote, protocol 0.19 is not even in old-stable, I 
don't think it's worth shipping mpc 0.33 in parallel (adds confusion for 
users and extra work for maintainers).


Let's hope the issue [1] will be dealt with in time for bookworm.

Cheers,
k

[0] 
https://github.com/mopidy/mopidy-mpd/blob/master/mopidy_mpd/protocol/__init__.py

[1] https://github.com/mopidy/mopidy-mpd/issues/47



OpenPGP_signature
Description: OpenPGP digital signature

Bug#998310: [Pkg-mpd-maintainers] Bug#998310: mpd: fails to start with "Assertion `sockets.empty()' failed."

[kaliko]

On 11/6/21 10:39 AM, Florian Schlichting wrote:

On Fri, Nov 05, 2021 at 11:52:14AM +0100, kaliko wrote:

Then I believe setting NDEBUG (either at meson level with "b_ndebug=true" or
within "DEB_CXXFLAGS_MAINT_APPEND") will lead to the same result as meson
options "--buildtype=debugoptimized -Db_ndebug=true" since dpkg-buildflags
already set "-g -O2".

What do you think of this Florian?


I think that sounds sensible. 
[…]

Will you make the change?


Pushed to master on salsa. I did not update the changelog.

k.



OpenPGP_signature
Description: OpenPGP digital signature

Bug#998310: mpd: fails to start with "Assertion `sockets.empty()' failed."

[kaliko]

On 11/4/21 8:38 PM, Max Kellermann wrote:

On 2021/11/04 19:32, kaliko  wrote:

I had a look at the 0.23.3-1 build and actually debhelper calls meson with
"--wrap-mode=nodownload --buildtype=plain --prefix=/usr …" plus some *dir
options [2]. Then indeed asserts are not disabled but it's not really a
debug build either in meson terminology at least [0].


It's a debug build if debug options are enabled.  There's are two generic
Meson debug options […]


Thanks for your answer Max :)

Then I believe setting NDEBUG (either at meson level with 
"b_ndebug=true" or within "DEB_CXXFLAGS_MAINT_APPEND") will lead to the 
same result as meson options "--buildtype=debugoptimized 
-Db_ndebug=true" since dpkg-buildflags already set "-g -O2".


What do you think of this Florian?


I am MPD upstream, and I do not just "consider" that, but it's an
undisputable fact.


Sorry for my wording Max, I did not meant to question or doubt your 
expertise. I'm made a build and regarding runtime exe size the gain is 
significant: ~1.8MB → ~1.6MB.



[…]
IMHO all Debian packages should build with NDEBUG, so this should
really be a central debhelper feature.


This has been raised before:

   https://lists.debian.org/debian-devel/2013/02/msg00124.html
   https://lists.debian.org/debian-mentors/2018/04/msg00244.html

It's not even in meson/ninja debhelper implementation (as I thought) but 
actually in global build options exposed by dpkg.

Why dpkg-buildflags does not expose "-DNDEBUG"?
I believe there are no consensus in Debian community (cf. 2013 mail 
above) or, surprisingly, this has yet to be addressed in the project.


But that's beyond the scope of this report and MPD packaging…

k.



OpenPGP_signature
Description: OpenPGP digital signature

Bug#998310: mpd: fails to start with "Assertion `sockets.empty()' failed."

[kaliko]

Hi,

03/11/2021 18:34, Max Kellermann wrote:

On 2021/11/03 18:00, Benjamin Francois  wrote:

Confirmed, I commented out the pid_file line in /etc/mpd.conf and mpd now 
starts properly. Thanks Sir!


Okay, this is now fixed upstream:

  
https://github.com/MusicPlayerDaemon/MPD/commit/14b3c0f0afe691739cdfc71d71adf740114d5a98

This problem affected only debug builds; this was a false-positive
assertion failure, and my fix just works around this by reordering the
destructor calls.

I was surprised to learn that all Debian packages appear to have
debugging enabled, which adds a lot of unnecessary overhead.


I had a look at the 0.23.3-1 build and actually debhelper calls meson 
with "--wrap-mode=nodownload --buildtype=plain --prefix=/usr …" plus 
some *dir options [2]. Then indeed asserts are not disabled but it's not 
really a debug build either in meson terminology at least [0].


Anyway the way we build the package differs from upstream 
recommendations [1]: " --buildtype=debugoptimized -Db_ndebug=true".


Correct me if I'm wrong Max, but upstream considers this has an impact 
on runtime performances.


The question is then, should we add "b_ndebug=true"?
I did not find any mention of NBDEBUG in policies.

k.


[0] https://mesonbuild.com/Builtin-options.html#base-options
[1] https://mpd.readthedocs.io/en/stable/user.html#compiling-from-source
[2] cf. line 2228: 
https://buildd.debian.org/status/fetch.php?pkg=mpd=amd64=0.23.3-1=1635781704=0




OpenPGP_signature
Description: OpenPGP digital signature

Bug#993591: borgmatic: systemd unit not shipped (related to #989322)

[kaliko]

On Fri, 03 Sep 2021 15:21:58 +0200 kaliko  wrote:


Here is a patch (also on salsa
https://salsa.debian.org/debian/borgmatic/-/merge_requests/4)


Patch updated on salsa, please forget the attachment in the bug report.

Please review
Cheers



OpenPGP_signature
Description: OpenPGP digital signature

Bug#994033: mpd: Fails to find ldd libraries from libraspberrypi0 that have moved

[kaliko]

Hi Tim

Max Kellermann wrote :

On 2021/09/10 11:43, Tim Phipps  wrote:

AN upgrade to rasbian stable ahs moved some ldd files included in the 
libraspberrypi0 packages and now mpd fails to start.


MPD doesn't use any of these libraries.  These are indirect
dependencies, maybe via FFmpeg?  In any case, this is not a MPD
packaging problem.


Did you mixed Debian/bullseye repositories with Raspbian|Raspberry Pi 
OS/bullseye?
These are not compatible, especially for non architecture independent package 
like MPD.
libmmal_core.so is provided by libraspberrypi0 package which is not in Debian 
repositories.

This issue is not Debian related IMHO.

By the way, I believe rasbian stable is still based on buster, not bullseye.

Cheers
k



OpenPGP_signature
Description: OpenPGP digital signature

Bug#993591: borgmatic: systemd unit not shipped (related to #989322)

[kaliko]

Package: borgmatic
Version: 1.5.18-1
Severity: important
Tags: patch

Dear Maintainer,

I believe building 1.5.18-1 from salsa ends up with wrong systemd units.

usr/lib/systemd/system/borgmatic.sercice:
   sample/systemd/borgmatic.service

and usr/lib/systemd/system/borgmatic.timer:
   sample/systemd/borgmatic.timer

Here is a patch (also on salsa
https://salsa.debian.org/debian/borgmatic/-/merge_requests/4)

Please review
Thanks

-- System Information:
Debian Release: 11.0
  APT prefers stable-security
  APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_USER, TAINT_WARN
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages borgmatic depends on:
ii  borgbackup 1.1.16-3
ii  python33.9.2-3
ii  python3-colorama   0.4.4-1
ii  python3-jsonschema 3.2.0-3
ii  python3-pkg-resources  52.0.0-4
ii  python3-requests   2.25.1+dfsg-2
ii  python3-ruamel.yaml0.16.12-2

borgmatic recommends no packages.

borgmatic suggests no packages.

-- no debconf information
diff --git a/debian/borgmatic.install b/debian/borgmatic.install
new file mode 100644
index 000..3551078
--- /dev/null
+++ b/debian/borgmatic.install
@@ -0,0 +1,2 @@
+sample/systemd/borgmatic.service usr/lib/systemd/system
+sample/systemd/borgmatic.timer   usr/lib/systemd/system
diff --git a/debian/borgmatic.service b/debian/borgmatic.service
deleted file mode 100644
index 75647e0..000
--- a/debian/borgmatic.service
+++ /dev/null
@@ -1 +0,0 @@
-sample/systemd/borgmatic.service
diff --git a/debian/borgmatic.timer b/debian/borgmatic.timer
deleted file mode 100644
index a643e4f..000
--- a/debian/borgmatic.timer
+++ /dev/null
@@ -1 +0,0 @@
-sample/systemd/borgmatic.timer

Bug#990160: mpd: music players using mpd do not play concatenated mp3 files to the end

[kaliko]

Hi

Le 21/06/2021 à 21:40, js a écrit :

For example: cat mvmt1.mp3 mvmt2.mp3 mvmt3.mp3 > symph1.mp3
will play only mvmt1.mp3 on an mpd-based player when symph1.mp3 is
played.


The report is forwarded upstream (cf. 
https://github.com/MusicPlayerDaemon/MPD/issues/1200 ).

Can you please provide the following to ease debugging:

 * a sample of the combined MP3 file that cannot play past the first file
 * output of "mpd --version"
 * verbose log output

If you can, post these in the bug report on github.

Thanks
k



OpenPGP_signature
Description: OpenPGP digital signature

Bug#973958: mpdscribble: New upstream version 0.23

[kaliko]

Hi :)

There is a new mpdscribble version but the PTS fails to report it (d/watch is 
broken).
I started working on it ( https://bugs.debian.org/973958 ).

I made the meson migration and tried to update d/copyright the best I could.
I left alone the debconf part, I have no expertise with it.

I pushed the code in my own repo only [0].

Please, Could Andrey or anybody interested in this package review these changes?

Cheers
k

[0] https://salsa.debian.org/kaliko/mpdscribble



OpenPGP_signature
Description: OpenPGP digital signature

Bug#973958: mpdscribble: New upstream version 0.23

[kaliko]

Package: mpdscribble
Version: 0.22-6
Severity: normal

Dear Maintainer,

A new version of mpdscribble is available, can you upload it :)

https://www.musicpd.org/clients/mpdscribble/

Thanks
k

-- System Information:
Debian Release: 10.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-12-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages mpdscribble depends on:
ii  adduser3.118
ii  debconf [debconf-2.0]  1.5.71
ii  init-system-helpers1.56+nmu1
ii  libc6  2.28-10
ii  libglib2.0-0   2.58.3-2+deb10u2
ii  libmpdclient2  2.16-1
ii  libsoup2.4-1   2.64.2-2
ii  lsb-base   10.2019051400
ii  ucf3.0038+nmu1

mpdscribble recommends no packages.

Versions of packages mpdscribble suggests:
ii  mpd  0.22.3-1~bpo10+1

Bug#973692: thunderbird: Wrong window size : minimum 837 by 1896 so a part of window is hidden

[kaliko]

Package: thunderbird
Version: 1:78.4.0-1~deb10u1
Followup-For: Bug #973692

Dear Maintainer,

I can confirm this bug is related to CardBook add-ons.
Installing 53.4 did not fix the issue for me though.
Removing CardBook solved the problem on my setup.

Cheers
k

-- System Information:
Debian Release: 10.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-12-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages thunderbird depends on:
ii  debianutils 4.8.6.1
ii  fontconfig  2.13.1-2
ii  libatk1.0-0 2.30.0-2
ii  libbotan-2-92.9.0-2
ii  libbz2-1.0  1.0.6-9.2~deb10u1
ii  libc6   2.28-10
ii  libcairo-gobject2   1.16.0-4
ii  libcairo2   1.16.0-4
ii  libdbus-1-3 1.12.20-0+deb10u1
ii  libdbus-glib-1-20.110-4
ii  libevent-2.1-6  2.1.8-stable-4
ii  libffi6 3.2.1-9
ii  libfontconfig1  2.13.1-2
ii  libfreetype62.9.1-3+deb10u2
ii  libgcc1 1:8.3.0-6
ii  libgdk-pixbuf2.0-0  2.38.1+dfsg-1
ii  libglib2.0-02.58.3-2+deb10u2
ii  libgtk-3-0  3.24.5-1
ii  libjson-c3  0.12.1+ds-2+deb10u1
ii  libpango-1.0-0  1.42.4-8~deb10u1
ii  libstdc++6  8.3.0-6
ii  libx11-62:1.6.7-1+deb10u1
ii  libx11-xcb1 2:1.6.7-1+deb10u1
ii  libxcb-shm0 1.13.1-2
ii  libxcb1 1.13.1-2
ii  libxext62:1.3.3-1+b2
ii  libxrender1 1:0.9.10-1
ii  psmisc  23.2-1
ii  x11-utils   7.7+4
ii  zlib1g  1:1.2.11.dfsg-1

Versions of packages thunderbird recommends:
ii  hunspell-en-us [hunspell-dictionary] 1:2018.04.16-1
ii  hunspell-es [hunspell-dictionary]1:6.2.0-1
ii  hunspell-fr-classical [hunspell-dictionary]  1:6.3-2

Versions of packages thunderbird suggests:
ii  apparmor  2.13.2-10
ii  fonts-lyx 2.3.2-1
ii  libgssapi-krb5-2  1.17-3
ii  libgtk2.0-0   2.24.32-3

-- no debconf information

Bug#964737: mpd: Single mode not working the first time

[kaliko]

Hi Ian, MPD team

Le 10/07/2020 à 12:45, kaliko a écrit :
> Le 09/07/2020 à 19:51, Ian Zimmerman a écrit :
>> Package: mpd
>> Version: 0.21.5-3
>> Severity: normal
>>
>> When mpd restarts and the single mode flag is on, the first song transition 
>> happens anyway.
>> (That is, when it finishes playing the first song it goes on to the second 
>> one in the queue.)
>> When the second song is finished mpd pauses as expected and then continues 
>> to work correctly.
>>
>> This sounds somewhat similar to upstream github issue #556, but it is 
>> completely reproducible
>> for me.
> 
> According to #556 [0] a fix was shipped in 0.21.9 (someone still report the 
> issue
> against 0.21.9 though).
> 
> Can you try installing a more recent version of MPD and check if this is 
> reproducible?
> 
> You can use my onw repo : https://www.musicpd.org/download-unoff-debian/
> 
> Or manually download/install latest buster backport/build :
> 
> wget 
> https://deb.kaliko.me/debian-backports/pool/main/m/mpd/mpd_0.21.22-1~bpo10+1_amd64.deb
> apt install ./mpd_0.21.22-1~bpo10+1_amd64.deb
> […]
> [0] https://github.com/MusicPlayerDaemon/MPD/issues/556

Could you try the latest release of 0.21 branch ?

The latest buster backport/build :

https://deb.kaliko.me/debian-backports/pool/main/m/mpd/mpd_0.21.26-1~bpo10+1_amd64.deb

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#970444: Can't connect to httpd stream on MPD

[kaliko]

Hi James

Le 21/09/2020 à 17:29, James Klaas a écrit :
> On Mon, 21 Sep 2020 16:04:31 +0200 kaliko  wrote:
> This doesn't count?
> ---
> audio_output {
>   type"httpd"
>   name"My HTTP Stream"
>   encoder "vorbis"# optional, vorbis or lame
>   port"8000"
>   bind_to_address "0.0.0.0"   # optional, IPv4 or IPv6
> # quality "5.0"   # do not define if bitrate is 
> defined
>   bitrate "128"   # do not define if quality is 
> defined
>   format  "44100:16:1"
>   enabled "yes"
> # max_clients "0" # optional 0=no limit
> }
> ---
Right, mea culpa, that was eaten by my mail client I guess!

> Anyway, thank you very much for your help. This is solved for me now.

Alrigh, can you close the report then?
Just send a mail to 970444-d...@bugs.debian.org (maybe add a comment in the 
body saying
there is no actual bug regarding http stream).

Cheers & happy listening
k.

Bug#970444: Can't connect to httpd stream on MPD

[kaliko]

Hi James

Le 17/09/2020 à 16:52, James Klaas a écrit :
>> Also, you need to start playing something for MPD to listen on the HTTPD port
> 
> but I can't even get there. Unless something has changed the way I
> start things up is to run
> 
> mpc add http://192.168.47.122:8000
> mpc play

I'm confused here, I suppose 192.168.47.122 is your MPD server.
Then you cannot ask it to play itself.

Try something like that:

# Add some tracks
mpc listall | head | mpc add
# start playing
mpc play

Now if the http output is configured and enabled, mpd should stream some audio 
on
http://192.168.47.122:8000

You can use your browser to listen to the stream:

xdg-open http://192.168.47.122:8000

> Here's my mpd.conf file:
> 
> # An example configuration file for MPD.
> # Read the user manual for documentation: http://www.musicpd.org/doc/user/
> # or /usr/share/doc/mpd/user-manual.html
> […]

There is no audio_output defined in the conf you pasted!

k.



signature.asc
Description: OpenPGP digital signature

Bug#970444: Can't connect to httpd stream on MPD

[kaliko]

Le 21/09/2020 à 16:04, kaliko a écrit :
> Try something like that:
> 
> # Add some tracks
> mpc listall | head | mpc add
> # start playing
> mpc play

Sorry, use this instead:

 # Add some tracks
 mpc ls | head -1 | mpc add
 # start playing
 mpc play

Cheers,
k



signature.asc
Description: OpenPGP digital signature

Bug#970444: Can't connect to httpd stream on MPD

[kaliko]

Hi James

On 16/09/2020 à 19:28, James Klaas wrote :
> […]
> root@myhost:~# service mpd stop
> root@myhost:~# service mpd start
> root@myhost:~# curl http://192.168.144.122:8000
> curl: (7) Failed to connect to 192.168.144.122 port 8000: Connection refused
> 
> I tried other commands you mentioned:
> 
> […]
> root@myhost:/etc/cron.weekly# lsof -Pan -p 10880 -i
> COMMAND   PID USER   FD   TYPEDEVICE SIZE/OFF NODE NAME
> mpd 10880  mpd4u  IPv6 114131524  0t0  TCP *:6600 (LISTEN)
> 
> root@myhost:/etc/cron.weekly# ss -antlp | grep mpd
> LISTEN0 5*:6600
> *:*users:(("mpd",pid=10880,fd=4),("systemd",pid=1,fd=108))
> 
> I greped for mpd since the list of services is quite large. I wanted
> to check there was nothing conflicting on port 8000:
> 
> root@myhost:~# ss -antlp  | grep 8000

Well it looks like MPD is listening on :6600 only (is it playing something?).

> I don't see anything odd in the logs, when set to verbose:
> 
> Sep 14 16:12 : zeroconf: No global port, disabling zeroconf
> Sep 14 16:12 : state_file: Loading state file /var/lib/mpd/state
> Sep 14 16:13 : client: [0] opened from 192.168.47.122:57198
> Sep 14 16:13 : client: [0] malformed command "GET / HTTP/1.1"
> Sep 14 16:13 : client: [0] closed
> Sep 14 16:20 : client: [1] opened from local
> Sep 14 16:20 : client: [1] process command "outputs"
> Sep 14 16:20 : client: [1] command returned 0
> Sep 14 16:20 : client: [1] closed


> I tried adding port 8000 to /lib/systemd/system/mpd.socket under the
> "[Socket]" section and ran "systemctl daemon-reload". But that seems
> to only expose the socket to port 8000.
> 
> Is another section needed in /lib/systemd/system/mpd.socket to open up
> 8000 to the httpd server in mpd?

Systemd socket activation is meant to launch MPD "on demand" when a client 
tries to
connect on port 6600. IMO, you don't need to add 8000 here.

HTTP output is set in the conf, something like:

 /etc/mpd.conf ---8<---

audio_output {
type"httpd"
port"8000"
enabled "yes"
...
}

->8---

Also, you need to start playing something for MPD to listen on the HTTPD port.

Please paste your MPD config as well.

k.



signature.asc
Description: OpenPGP digital signature

Bug#970444: Can't connect to httpd stream on MPD

[kaliko]

Hi James,

16/09/2020 at 15:35, James Klaas wrote :
> […]
> If I try to connect to the httpd stream with curl for testing I get
> the following:
> 
> curl http://192.168.47.122:8000
> curl: (7) Failed to connect to 192.168.47.122 port 8000: Connection refused
> 
> I can connect to the 6600 port without issue:
> 
> curl http://192.168.47.122:6600
> OK MPD 0.21.11
> 
> If I talk to the mpd server and ask for outputs, it says the stream is 
> enabled:
> 
> mpc -h 192.168.47.122 outputs
> Output 1 (My HTTP Stream) is enabled

No firewall running on 192.168.47.122 ?
You can check mpd is actually listening on 8000 with lsof or ss commands :

lsof -Pan -p MPD_PID -i
ss -antlp

Do you have anything in mpd logs (enable verbose logging)?

Cheers,
k



signature.asc
Description: OpenPGP digital signature

Bug#964737: mpd: Single mode not working the first time

[kaliko]

Hi,

Le 09/07/2020 à 19:51, Ian Zimmerman a écrit :
> Package: mpd
> Version: 0.21.5-3
> Severity: normal
> 
> When mpd restarts and the single mode flag is on, the first song transition 
> happens anyway.
> (That is, when it finishes playing the first song it goes on to the second 
> one in the queue.)
> When the second song is finished mpd pauses as expected and then continues to 
> work correctly.
> 
> This sounds somewhat similar to upstream github issue #556, but it is 
> completely reproducible
> for me.

According to #556 [0] a fix was shipped in 0.21.9 (someone still report the 
issue
against 0.21.9 though).

Can you try installing a more recent version of MPD and check if this is 
reproducible?

You can use my onw repo : https://www.musicpd.org/download-unoff-debian/

Or manually download/install latest buster backport/build :

wget
https://deb.kaliko.me/debian-backports/pool/main/m/mpd/mpd_0.21.22-1~bpo10+1_amd64.deb
apt install ./mpd_0.21.22-1~bpo10+1_amd64.deb

Cheers,
k

[0] https://github.com/MusicPlayerDaemon/MPD/issues/556



signature.asc
Description: OpenPGP digital signature

Bug#959380: mpd: Can't disable mpd easily

[kaliko]

Hi,

Le 01/05/2020 à 18:48, eingousef a écrit :
> I'd like to disable mpd at startup to only enable it when I need
> it. (e.g., in a user console : mpd ; ncmpc ; mpd --kill;)

With the current setup and using systemd you can disable mpd.service and keep 
mpd.socket
enabled :

systemctl disable mpd.service
systemctl enable mpd.socket

Then mpd is disable at startup but mpd.socket will launched it as soon as a 
client open
[::]:6600 over the network or locally /run/mpd/socket.


> The only way I've found to disable the service permanently is to
> comment the line […]

What's wrong with systemd commands:

systemctl stop mpd
systemctl disable mpd

That will prevent mpd from starting at boot (both service and socket) but allow 
you to
run it when you want with "systemctl start mpd".

Is this a better solution for your use case?
Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#954362: ncmpc documentation should be split out

[kaliko]

Hi

Thanks for your report Daniel,

20/03/2020 , Daniel Kahn Gillmor wrote:
> ncmpc pulls in a bunch of javascript packages, which i think are just to
> render the documentation:

Right.

20/03/2020 , Daniel Kahn Gillmor wrote:
> Since ncmpc is good for use in a lightweight (non-graphical)
> environment […]
> I recommend either moving ncmpc documentation to a separate package, or
> making these dependencies into Recommends instead.

Here is a bit of context regarding documentation as a separated package.

When we took over maintenance I did split the documentation in a dedicated 
package. But
in order to have the package in time for Buster release we decided not to split 
the
package. Here is the original message :

06/01/2019 , Florian Schlichting wrote:
> - building a new binary package ncmpc-doc will cause the upload to go to
>   NEW for ftp-master approval. This may take several weeks and carries a
>   high risk of missing buster. My advice is to not split off the
>   documentation - not now because of release timing, but also more
>   generally because it's not actually that big (123k installed). In fact
>   I think the ncmpc-lyrics package should be re-integrated with ncmpc
>   (the additional changelog.Debian.gz is twice the size of all the
>   plugins together) but I suggest to do this after the buster release.

The reason for shipping documentation (and lyrics plugin as well) in a 
separated package
is not only a matter of size but also the extra dependencies it pulls.

ncmpc-doc (html only)  168k
libjs-sphinxdoc144k
   ↘ libjs-jquery  746k
   ↘ javascript-common  70k
   ↘ libjs-underscore  302k
TOTAL 1400k

In case of ncmpc-lyrics it's worse since it pulls the ruby interpreter (15M for 
libruby
alone).

Here are my propositions.

 * Keep ncmpc-lyrics a separated package

Either
  1) Move ${sphinxdoc:Depends} to Recommends (as suggested by Daniel)
  2) Disable HTML build altogether ("html_manual=false" build option)

I'm in favor of 2). Actually the html documentation is nothing more than the 
html
version of the man page. As Daniel mentioned ncmpc targets lightweight 
(non-graphical)
environment (and advanced users), the regular manual is enough IMHO.

I'll update the package in a couple of week.

Please comment if you think we should do otherwise or if I forgot something.

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#953110: libmpdclient2: broken request when size exceeds 4096 bytes

[kaliko]

forwarded  953110 https://github.com/MusicPlayerDaemon/libmpdclient/issues/51
thanks

Le 04/03/2020 à 18:23, Damyan Ivanov a écrit :
> […]
> Ideally, libmpdclient should support requests of arbitrary size (eventually 
> reaching the server limit), but if that is not feasible, at least a proper 
> error reporting would be nice.

Hi Dam,

Thanks for reporting, I've forwarded your request upstream :)

I guess the culprit is mpd_buffer src/buffer.h:40-49

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#767440: ncmpc: Blanks screen after unpausing

[kaliko]

Hi Ian,

On Thu, Oct 30, 2014 at 07:18:20PM -0700, Ian Zimmerman wrote:
> When mpd is in a "Paused" state at the time I start ncmpc, and the
> current view is the Queue view (ie. F2), the first time I resume play
> (unpause) the screen goes totally blank
Is this issue still present in the recente release of ncmpc?

Thanks



signature.asc
Description: OpenPGP digital signature

Bug#933301: mpd: systemd service doesn't use user configured UNIX socket since last update

[kaliko]

Hi Simon,

On Sun, 28 Jul 2019 17:14:08 -0400 Simon Désaulniers 
 wrote:
> […] 
> After upgrading from 0.21.5-3 to 0.21.11-1, systemd's mpd service doesn't seem
> to use the UNIX socket configured from my mpd configuration located at
> /home/simon/.config/mpd/mpd.conf.
> […]

I did not manage to reproduce the issue.
I'll try again later on a freshly installed VM upgraded to testing, but so far 
I have
not been able to reproduce the issue (tested also with mpd 0.21.15).

Maybe someone from MPD team is willing to give it a shot.

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#926508: nextcloud-desktop: Cannot login: "You have been logged out of mys...@example.org as user myself. Please login again"

[kaliko]

Package: nextcloud-desktop
Version: 2.5.1-2
Severity: grave

Dear Maintainer,

Recently (end of march), nextcloud-desktop on gnome stopped working.
It looks related to the previous libqt5keychain1/libsecret issue but is
probably not the same issue.

I did not notice it right away but I believe upgrading to libqt5webengine 
5.11.3+dfsg-2+b1 might have triggered the issue.

When login in Gnome nextcloud-desktop pops up and prompts for the web
login page with the following message at the top of the window:
"You have been logged out of mys...@example.org as user myself.
Please login again"

Providing credentials succeeds but then and it ends up in a loop, from
"authorising access" to "connect".

Trying to use a token instead of plain login/password lead to a broken
web page.

I did reproduce it in a fresh buster VM.

Cheers
k

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nextcloud-desktop depends on:
ii  libc6 2.28-8
ii  libgcc1   1:8.3.0-4
ii  libnextcloudsync0 2.5.1-2
ii  libqt5concurrent5 5.11.3+dfsg1-1
ii  libqt5core5a  5.11.3+dfsg1-1
ii  libqt5dbus5   5.11.3+dfsg1-1
ii  libqt5gui55.11.3+dfsg1-1
ii  libqt5keychain1   0.9.1-2
ii  libqt5network55.11.3+dfsg1-1
ii  libqt5positioning55.11.3+dfsg-2
ii  libqt5printsupport5   5.11.3+dfsg1-1
ii  libqt5qml55.11.3-4
ii  libqt5quick5  5.11.3-4
ii  libqt5sql5-sqlite 5.11.3+dfsg1-1
ii  libqt5webchannel5 5.11.3-2
ii  libqt5webenginecore5  5.11.3+dfsg-2+b1
ii  libqt5webenginewidgets5   5.11.3+dfsg-2+b1
ii  libqt5webkit5 5.212.0~alpha2-21
ii  libqt5widgets55.11.3+dfsg1-1
ii  libqt5xml55.11.3+dfsg1-1
ii  libsqlite3-0  3.27.2-2
ii  libssl1.1 1.1.1b-1
ii  libstdc++68.3.0-4
ii  nextcloud-desktop-common  2.5.1-2
ii  nextcloud-desktop-l10n2.5.1-2
ii  zlib1g1:1.2.11.dfsg-1

Versions of packages nextcloud-desktop recommends:
ii  nextcloud-desktop-doc  2.5.1-2

nextcloud-desktop suggests no packages.

-- no debconf information

Bug#784883: mpd: playlist sometimes got emptied after system rebooting

[kaliko]

Hi Adam

On Sun, 10 May 2015 11:22:55 +0800 Adam Lee  wrote:> As 
$Subject,
playlist sometimes got emptied after system rebooting, I
> have to re-run `mpc ls|mpc add` and `mpc random` after it happened, the
> fail rate is about 80%.

This report is pretty old, in case you still use MPD can you confirm the issue 
is now
fixed, I believe it is in the current buster version of MPD.

Thanks
k



signature.asc
Description: OpenPGP digital signature

Bug#920984: nextcloud-desktop: Client forgets credentials

[kaliko]

Thanks Sandro (and everyone involved) for your work on this :)

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#919576: stretch-pu: package ncmpc/0.25-0.1

[kaliko]

Shame /o\

On 04/02/2019 22:26, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2019-01-28 at 14:35 +0100, kaliko wrote:
>> On 27/01/2019 09:14, Salvatore Bonaccorso wrote:
>>> On Thu, Jan 17, 2019 at 01:44:14PM +0100, kaliko wrote:
> [...]
>>>> Update fixing CVE-2018-9240 / #894724
>>> […]> Please use for consistency (although that would be possible if
>>> 0.25-0.2 was never used) rather 0.25-0.1+deb9u1 for the version.
>>
>> I updated the patch according to your review (find attached).
> 
> The diff you provided is reversed. Please feel free to upload the
> correctly-applied version.


Sorry for that, here is the correct patch.

Thanks
k
diff -Nru ncmpc-0.25/debian/changelog ncmpc-0.25/debian/changelog
--- ncmpc-0.25/debian/changelog	2016-10-28 07:05:23.0 +0200
+++ ncmpc-0.25/debian/changelog	2019-01-16 12:51:14.0 +0100
@@ -1,3 +1,10 @@
+ncmpc (0.25-0.1+deb9u1) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2018-9240 (Closes: #894724)
+
+ -- Geoffroy Youri Berret   Wed, 16 Jan 2019 12:51:14 +0100
+
 ncmpc (0.25-0.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch
--- ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch	1970-01-01 01:00:00.0 +0100
+++ ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch	2019-01-16 12:51:14.0 +0100
@@ -0,0 +1,19 @@
+Description: Fix NULL dereference on long messages
+Author: Jonathan Neuschäfer 
+Origin: https://bugs.debian.org/894724
+Applied-Upstream: v0.30
+Last-Update: 2019-01-16
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/mpdclient.h
 b/src/mpdclient.h
+@@ -76,6 +76,9 @@
+ static inline bool
+ mpdclient_finish_command(struct mpdclient *c)
+ {
++	if (!c->connection)
++		return false;
++
+ 	return mpd_response_finish(c->connection)
+ 		? true : mpdclient_handle_error(c);
+ }
diff -Nru ncmpc-0.25/debian/patches/series ncmpc-0.25/debian/patches/series
--- ncmpc-0.25/debian/patches/series	2016-10-28 07:05:23.0 +0200
+++ ncmpc-0.25/debian/patches/series	2019-01-16 12:51:14.0 +0100
@@ -1 +1,2 @@
 lirc.patch
+fix-CVE-2018-9240.patch


signature.asc
Description: OpenPGP digital signature

Bug#920984: [Pkg-owncloud-maintainers] Bug#920984: nextcloud-desktop: Client forgets credentials

[kaliko]

Hi,

On 04/02/2019 17:48, Sandro Knauß wrote:>> I just tried, pbuilder with a buster 
image,
still fails to keep credentials
>> in Gnome pwd manager :|
>
> grmpf.
>
>
> Well the bugreport at qtkeychain may gives more insight. Maybe you also have
> to debug via dbus-monitor:
> https://github.com/frankosterfeld/qtkeychain/issues/114
>
Well I wondering if it is even requesting dbus.

For instance looking at the log with “ dbus-monitor 
"path=/org/freedesktop/secrets" ” I
can see other applications requesting pwd from Seahorse (ie. polari irc client 
or
Chromium), but launching nextcloud-desktop doesn't trigger any similar "method 
call".

Maybe the configure part in the build is failing to activate libsecret feature 
(just a
bold guess as I've not look at the source yet)?

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#920984: [Pkg-owncloud-maintainers] Bug#920984: nextcloud-desktop: Client forgets credentials

[kaliko]

Sandro,

On 04/02/2019 15:38, Sandro Knauß wrote:
> My best guess that the root of the issue lies in qtkeychain. I saw that there 
> is a new qtkeychain 0.9.1 with a quite promising line in Changelog:
> https://github.com/frankosterfeld/qtkeychain/blob/master/ChangeLog#L6
> "Secret: Don't match the schema name #114 "
> 
> So build qtkeychain 0.9.1 and give that a try.

I just tried, pbuilder with a buster image, still fails to keep credentials in 
Gnome pwd
manager :|

I did not take time to investigate any further but building qtkeychain raises a 
warning
from dpkg-shlibdeps:

8<--
package could avoid a useless dependency if debian/[…]/libqt5keychain.so.0.
9.1 was not linked against libsecret-1.so.0 (it uses none of the library's 
symbols)
>8--

You can find packages (src & bin) here if somebody running Gnome is willing to 
reproduce
(please do I may have missed something):

http://media.kaliko.me/src/nextcloud/

Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#920984: [Pkg-owncloud-maintainers] Bug#920984: nextcloud-desktop: Client forgets credentials

[kaliko]

Hi Sandro,

On 04/02/2019 12:05, Sandro Knauß wrote:
>> I can confirm this with XFCE. That is the same issue I filed against the
>> owncloud-client.
>> Building the package with libsecret installed, solved it. I know, there is
>> no dependency
>> on libsecret, but it worked.
> 
> I don't understand why this should help:
> 1. libsecret-1-0 and libsecret-common are already available at build time 
> see, 
> so your solution does not help:
> https://buildd.debian.org/status/fetch.php?pkg=nextcloud-desktop=i386=2.5.1-1=1548676710=0

Can't confirm Thomas fix.

I did force libsecret as a build dependency on nextcloud-desktop, but it did 
not solve
the issue.

Anyway nextcloud-desktop already fetches libsecret with the current build
(nextcloud-desktop build-dep on qt5keychain-dev → libqt5keychain1 → 
libsecret-1-0)

I also tried building nextcloud-desktop with a Build-dep on libsecret-1-dev as 
mentioned
by Thomas in #909588 [0]

In both case I patched d/control and built from a clean chroot (pbuilder).

@Thomas, How did you build your client when you managed to fix this issue ?
You probably fetch something else or setup a different build env when you did.

[0] https://bugs.debian.org/909588



signature.asc
Description: OpenPGP digital signature

Bug#920984: nextcloud-desktop: Client forgets credentials

[kaliko]

Package: nextcloud-desktop
Version: 2.5.1-1
Severity: important
Tags: upstream

Hi,

On X session startup the client keeps asking for the password.

It looks like it fails to communicate with my password manager
(gnome/seahorse in my case).

The issue seems to be known upstream, since libgnome-keyring0 is
deprecated (and out of buster), upstream would need to use libsecret
instead.

https://github.com/nextcloud/desktop/issues/883
https://github.com/nextcloud/desktop/issues/427

By the way, thanks Sandro Knauß for working on these packages :)
Cheers
k


-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.19.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages nextcloud-desktop depends on:
ii  libc6 2.28-5
ii  libgcc1   1:8.2.0-15
ii  libnextcloudsync0 2.5.1-1
ii  libqt5concurrent5 5.11.3+dfsg-2
ii  libqt5core5a  5.11.3+dfsg-2
ii  libqt5dbus5   5.11.3+dfsg-2
ii  libqt5gui55.11.3+dfsg-2
ii  libqt5keychain1   0.9.0-2
ii  libqt5network55.11.3+dfsg-2
ii  libqt5positioning55.11.3+dfsg-2
ii  libqt5printsupport5   5.11.3+dfsg-2
ii  libqt5qml55.11.3-2
ii  libqt5quick5  5.11.3-2
ii  libqt5sql5-sqlite 5.11.3+dfsg-2
ii  libqt5webchannel5 5.11.3-2
ii  libqt5webenginecore5  5.11.3+dfsg-2+b1
ii  libqt5webenginewidgets5   5.11.3+dfsg-2+b1
ii  libqt5webkit5 5.212.0~alpha2-19
ii  libqt5widgets55.11.3+dfsg-2
ii  libqt5xml55.11.3+dfsg-2
ii  libsqlite3-0  3.26.0+fossilbc891ac6b-2
ii  libssl1.1 1.1.1a-1
ii  libstdc++68.2.0-15
ii  nextcloud-desktop-common  2.5.1-1
ii  nextcloud-desktop-l10n2.5.1-1
ii  zlib1g1:1.2.11.dfsg-1

Versions of packages nextcloud-desktop recommends:
ii  nextcloud-desktop-doc  2.5.1-1

nextcloud-desktop suggests no packages.

-- no debconf information

Bug#919576: stretch-pu: package ncmpc/0.25-0.1

[kaliko]

Hi Salvatore

On 27/01/2019 09:14, Salvatore Bonaccorso wrote:
> On Thu, Jan 17, 2019 at 01:44:14PM +0100, kaliko wrote:
>> Package: release.debian.org
>> Severity: normal
>> Tags: stretch
>> User: release.debian@packages.debian.org
>> Usertags: pu
>>
> Hi
> 
> Update fixing CVE-2018-9240 / #894724
> […]> Please use for consistency (although that would be possible if
> 0.25-0.2 was never used) rather 0.25-0.1+deb9u1 for the version.

I updated the patch according to your review (find attached).

I also pushed it in branch stretch-pu:
https://salsa.debian.org/kaliko-guest/ncmpc-gbp/tree/stretch-pu

Cheers
k
diff -Nru ncmpc-0.25/debian/changelog ncmpc-0.25/debian/changelog
--- ncmpc-0.25/debian/changelog	2019-01-16 12:51:14.0 +0100
+++ ncmpc-0.25/debian/changelog	2016-11-10 08:32:55.0 +0100
@@ -1,10 +1,3 @@
-ncmpc (0.25-0.1+deb9u1) stretch; urgency=medium
-
-  * Non-maintainer upload.
-  * Fix CVE-2018-9240 (Closes: #894724)
-
- -- Geoffroy Youri Berret   Wed, 16 Jan 2019 12:51:14 +0100
-
 ncmpc (0.25-0.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch
--- ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch	2019-01-16 12:51:14.0 +0100
+++ ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch	1970-01-01 01:00:00.0 +0100
@@ -1,19 +0,0 @@
-Description: Fix NULL dereference on long messages
-Author: Jonathan Neuschäfer 
-Origin: https://bugs.debian.org/894724
-Applied-Upstream: v0.30
-Last-Update: 2019-01-16

-This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
 a/src/mpdclient.h
-+++ b/src/mpdclient.h
-@@ -76,6 +76,9 @@
- static inline bool
- mpdclient_finish_command(struct mpdclient *c)
- {
-+	if (!c->connection)
-+		return false;
-+
- 	return mpd_response_finish(c->connection)
- 		? true : mpdclient_handle_error(c);
- }
diff -Nru ncmpc-0.25/debian/patches/series ncmpc-0.25/debian/patches/series
--- ncmpc-0.25/debian/patches/series	2019-01-16 12:51:14.0 +0100
+++ ncmpc-0.25/debian/patches/series	2016-11-10 08:32:55.0 +0100
@@ -1,2 +1 @@
 lirc.patch
-fix-CVE-2018-9240.patch


signature.asc
Description: OpenPGP digital signature

Bug#915856: sphinx: Failed cross building with Build-Depends on python3-sphinx

[kaliko]

Dmitry, Helmut

First, thanks for this insightful thread, even though it goes beyond my 
expertise I
learn about cross-building then :)

On 25/01/2019 22:55, Dmitry Shachnev wrote:
> On Fri, Jan 25, 2019 at 05:41:56PM +0100, Helmut Grohne wrote:
>> On Fri, Jan 25, 2019 at 11:14:23AM +0300, Dmitry Shachnev wrote:
>>> Does this mean that packages that are not using autodoc (like ncmpc) can
>>> already build-depend on python3-sphinx:native to become cross-buildable?
>>
>> Yes, that is my understanding. My plan was postponing such patches to
>> simplify stretch-backports. I'm not opposed to them in general, I just
>> didn't want to cause unnecessary work.
> 
> @Kaliko: please test if it works for you.

Indeed it did fix the issue :)
I set "Build-Depends-Indep: python3-sphinx:native" and built with pbuilder on 
testing.
But I'm having other problems later on, not related to sphinx though (some of 
them
probably x-build related).

I don't have enough time to go any further right now, but anyway the issue 
regarding
sphinx is actually fixed.

A final question, would you recommend sbuild rather than pbuilder?
Especially when trying to cross-build packages ?

Thanks Dmitry and Helmut for your help :)
Cheers
k



signature.asc
Description: OpenPGP digital signature

Bug#919576: stretch-pu: package ncmpc/0.25-0.1

[kaliko]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Hi

Update fixing CVE-2018-9240 / #894724

Source for this patch are on salsa, branch stretch-pu:

https://salsa.debian.org/kaliko-guest/ncmpc-gbp/tree/stretch-pu

- -8<---

+--- a/src/mpdclient.h
 b/src/mpdclient.h
+@@ -76,6 +76,9 @@
+ static inline bool
+ mpdclient_finish_command(struct mpdclient *c)
+ {
++  if (!c->connection)
++  return false;
++
+   return mpd_response_finish(c->connection)
+   ? true : mpdclient_handle_error(c);
+ }

- ->8---

See attached debdiff.
Cheers

-BEGIN PGP SIGNATURE-

iQJGBAEBCgAwFiEEE5yJWkSiFjoTmimKdwOcUqy2lK4FAlxAeJ0SHGthbGlrb0Bh
enlsdW0ub3JnAAoJEHcDnFKstpSuMYQP/ihkQJeHx8oyexwcnLyeYo1NJNPnMJTZ
6fkVMCSrlCtTw43zRDgKTbau6ODIygP8N+mD7eJzXIQmuToO5TkQNaZj1MBAxgMt
PWiNQiJ/Lh/SAmZcGuvUpPMbu/puyiZhJFbMakaZtqoVmIFCnV2zqCMZ5rxM4lRb
mRFyPnpn4bW7aXGSCM6AT1gqOkPpV/jIFvaF4c4wQXQvT67yGdC4NPP5cP8EpdgG
ZJlK89EsWEifGe9vV8qEfUHRO4KN8/FD3KFqYpsiMgQ/a/T6QMnucQqXKnv8xdpr
K9cyZiCn128Jb+a1qGBSKpdBWfw6NcBaDxIpNqb+qu6Coa3pNkrelf+T1Z+pA6lP
8zwola012bn3+HIkWP/BaSpbMO3A2SqU3bZuRZ/ooIbK+bYVQVTNnnoYm3dNjiv5
roP5PcB/TjMA6Tg4VVWyz1qjSZ189bNIkZ7S5aIsg5NGtEB4RjZN9WSYqVL31pki
UO3Ome6/YVtzxQ+msZsXmjP+4/pZZVORDEghtXOkmUhn55GgOZ5i5PVzbNZAV/AN
4EMCpUQmbQ1AWN2apflfa0TfSjTsUWXM8PRp3demxroRwjChhYhcscVK79GS5jUP
0t6wOSebgy47wSSo1ZkJtTJ1LcfexqwTONQs4o6hvHum6GIYUOpSlij7rU0MGbAw
c+DTGh+iG3Ik
=v9xZ
-END PGP SIGNATURE-
diff -Nru ncmpc-0.25/debian/changelog ncmpc-0.25/debian/changelog
--- ncmpc-0.25/debian/changelog 2016-10-28 07:05:23.0 +0200
+++ ncmpc-0.25/debian/changelog 2019-01-16 12:51:14.0 +0100
@@ -1,3 +1,10 @@
+ncmpc (0.25-0.2) stretch; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix CVE-2018-9240 (Closes: #894724)
+
+ -- Geoffroy Youri Berret   Wed, 16 Jan 2019 12:51:14 +0100
+
 ncmpc (0.25-0.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch 
ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch
--- ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch   1970-01-01 
01:00:00.0 +0100
+++ ncmpc-0.25/debian/patches/fix-CVE-2018-9240.patch   2019-01-16 
12:51:14.0 +0100
@@ -0,0 +1,19 @@
+Description: Fix NULL dereference on long messages
+Author: Jonathan Neuschäfer 
+Origin: https://bugs.debian.org/894724
+Applied-Upstream: v0.30
+Last-Update: 2019-01-16
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/src/mpdclient.h
 b/src/mpdclient.h
+@@ -76,6 +76,9 @@
+ static inline bool
+ mpdclient_finish_command(struct mpdclient *c)
+ {
++  if (!c->connection)
++  return false;
++
+   return mpd_response_finish(c->connection)
+   ? true : mpdclient_handle_error(c);
+ }
diff -Nru ncmpc-0.25/debian/patches/series ncmpc-0.25/debian/patches/series
--- ncmpc-0.25/debian/patches/series2016-10-28 07:05:23.0 +0200
+++ ncmpc-0.25/debian/patches/series2019-01-16 12:51:14.0 +0100
@@ -1 +1,2 @@
 lirc.patch
+fix-CVE-2018-9240.patch

Bug#916515: Update Maintainer field in d/control

[kaliko]

Package: prosody
Version: 0.11.1-1
Severity: minor

Dear Maintainers,

The Maintainer field in d/control still points to the old alioth lists
pkg-xmpp-de...@lists.alioth.debian.org.

It looks like the list did not migrate to alioth-lists.debian.net [0]
when alioth.debian.org shut down.

What about updating the new list in lists.debian.org?

Cheers
k

[0] https://wiki.debian.org/Alioth/MailingListContinuation

-- System Information:
Debian Release: 9.6
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8),
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages prosody depends on:
ii  adduser 3.115
ii  init-system-helpers 1.48
ii  libc6   2.24-11+deb9u3
ii  libidn111.33-1
ii  libssl1.1   1.1.0j-1~deb9u1
ii  lsb-base9.20161125
ii  lua-bitop [lua5.1-bitop]1.0.2-4
ii  lua-expat [lua5.1-expat]1.3.0-4
pn  lua-filesystem  
ii  lua-socket [lua5.1-socket]  3.0~rc1+git+ac3201d-3
pn  lua5.1  
pn  lua5.1-filesystem   
pn  lua5.1-sec  
ii  ssl-cert1.0.39

Versions of packages prosody recommends:
pn  lua5.1-event  

Versions of packages prosody suggests:
pn  lua-dbi-mysql   
pn  lua-dbi-postgresql  
pn  lua-dbi-sqlite3 
pn  lua-zlib

Bug#915856: sphinx: Failed cross building with Build-Depends on python3-sphinx

[kaliko]

Source: sphinx
Version: 1.4.9-2
Severity: normal

here is a follow up of a discussion started on irc:debian-devel with mitya57.

I'm trying to cross build an "Architecture: any" package [0] (commit:52326679) 
using the following:

sudo pbuilder create --host-arch armhf
sudo pbuilder build --host-arch armhf ncmpc_0.33-1.dsc

building failed on:

"builddeps:/build/ncmpc_0.33-1.dsc:armhf : Depends: python3-sphinx:armhf but it 
is not installable"

I'm using pbuilder-satisfydepends-apt as suggested when cross building [1].
Here is the only line I have in pbuilderrc:

PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends-apt

I also tried moving python3-sphinx to Build-Depends-Indep, same error.

[0] https://salsa.debian.org/kaliko-guest/ncmpc/
[1] https://wiki.debian.org/CrossCompiling#Building_with_pbuilder

Cheers

-- System Information:
Debian Release: 9.6
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.18.0-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), 
LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
I: pbuilder: network access will be disabled during build
I: Current time: Fri Dec  7 11:14:30 CET 2018
I: pbuilder-time-stamp: 1544177670
I: Building the build Environment
I: extracting base tarball [/var/cache/pbuilder/base.tgz]
I: copying local configuration
I: mounting /proc filesystem
I: mounting /sys filesystem
I: creating /{dev,run}/shm
I: mounting /dev/pts filesystem
I: redirecting /dev/ptmx to /dev/pts/ptmx
I: policy-rc.d already exists
I: Doing a cross-architecture build
I: Build architecture: amd64
I: Host architecture: armhf
I: Setting up the environment for a cross build...
Hit:1 http://cdn-fastly.deb.debian.org/debian sid InRelease
Get:2 http://cdn-fastly.deb.debian.org/debian sid/main armhf Packages [8008 kB]
Fetched 8008 kB in 7s (1103 kB/s)
Reading package lists...
I: Obtaining the cached apt archive contents
I: Copying source file
I: copying [ncmpc_0.33-1.dsc]
I: copying [./ncmpc_0.33.orig.tar.xz]
I: copying [./ncmpc_0.33-1.debian.tar.xz]
I: Extracting source
dpkg-source: warning: extracting unsigned source package (ncmpc_0.33-1.dsc)
dpkg-source: info: extracting ncmpc in ncmpc-0.33
dpkg-source: info: unpacking ncmpc_0.33.orig.tar.xz
dpkg-source: info: unpacking ncmpc_0.33-1.debian.tar.xz
I: using fakeroot in build.
I: Installing the build-deps
I: -> Attempting to satisfy build-dependencies
Note, using file '/build/ncmpc_0.33-1.dsc' to get the build dependencies
Reading package lists...
Building dependency tree...
Reading state information...
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
 builddeps:/build/ncmpc_0.33-1.dsc:armhf : Depends: python3-sphinx:armhf but it 
is not installable
E: Unable to correct problems, you have held broken packages.
E: pbuilder-satisfydepends failed.
I: Copying back the cached apt archive contents
I: unmounting dev/ptmx filesystem
I: unmounting dev/pts filesystem
I: unmounting dev/shm filesystem
I: unmounting proc filesystem
I: unmounting sys filesystem
I: cleaning the build env 
I: removing directory /var/cache/pbuilder/build/17140 and its subdirectories

Bug#898202: Current state

[kaliko]

Hi Scott

On 30/11/2018 03:13, Scott Hardin wrote:
> I have not yet. Is there a spot where Debian folks usually throw up
> their code or should I just put it up on GitHub somewhere?

There is salsa [0].
Use a "-guest" suffix to register [1].
Please avoid github.

I pushed the old alioth repo to salsa already, please rebase your work
on it so that we keep the packaging history.
   https://salsa.debian.org/kaliko-guest/mp3gain

We could move the project to debian-multimedia then if you're willing to
have it co-maintained there.

[0] https://salsa.debian.org/
[1] https://wiki.debian.org/Salsa/Doc#Users:_Login_and_Registration

Cheers,
k



signature.asc
Description: OpenPGP digital signature

Bug#898202: Current state

[kaliko]

Hi Scott

On Mon, 19 Nov 2018 Scott Hardin  wrote:
> I'm still working on this. Sorry for lack of updates! I'm a bit busy at 
> work this week, but I would love to show what I've got so far this 
> weekend if you have any advice to offer.

Have you published you work somewhere?

I believe this package should be maintained in "Debian Multimedia Team".

Cheers
k

Bug#898202: Current state

[kaliko]

Hi,

Any news regarding mp3gain packaging?

Cheers
k