Bug#601220: orphaning noip2? (was: Re: Bug#601220: noip2: abuse of debconf)
Hi, Op Sat 25 Dec 2010 om 09:38:19 +0200 schreef Avi Rozen: On 12/25/2010 08:21 AM, Joost van Baal wrote: Andres Mejia wrote: snip this package should be orphaned. snip Is Avi Rozen no longer interested in working on the noip2 Debian package? Not really. If so, it should indeed get orphaned. Googling revealed: You should set the package maintainer to Debian QA Group packa...@qa.debian.org and submit a bug report against the pseudo package wnpp. The bug report should be titled O: package -- short description indicating that the package is now orphaned. The severity of the bug should be set to normal. [...] send a copy to debian-de...@lists.debian.org by putting the address in the X-Debbugs-CC: header of the message [...] I'm still using no-ip.com services, but I've recently switched to using ddclient as the update client. Jakub Wilk wrote: The only place noip2 store configuration data (apart from the debconf cache) is a binary blob in /var/lib/noip2/. This file will be happily overwritten on each upgrade using *only* values supplied by debconf. And the bug should be fixed too, of course... As for the current bug, I'd like to point out that noip2 configuration and runtime state has always been kept in a binary configuration file. This doesn't match the Debian policy, and the current abuse of debconf is the result of a our deliberate attempt to workaround it. As documented in Bug #430842, I just found out. However, this still is a serious bug. Currently, someone who makes local changes to the content of the configuration file /var/lib/noip2/noip2.conf by running the noip2 client will lose her changes at an upgrade. Currently, no-ip offers debconf support for managing username, password, updating, matchlist, netdevice and forcenatoff. I assume this is generally really sufficient to use no-ip. An extra plain text conffile needs to be introduced, and the advice in debconf-devel(7)'s ADVANCED PROGRAMMING WITH DEBCONF - Config file handling needs to be followed. Users should be advised not to change /var/lib/noip2/noip2.conf directly. I believe this way one fully adheres to http://www.debian.org/doc/debian-policy/ch-files.html#s10.7.2 . It won't be trivial... Bye, Joost -- irc:joos...@{oftc,freenode} ∙ http://mdcc.cx/ ∙ http://ad1810.com/ signature.asc Description: Digital signature
Bug#601220: orphaning noip2? (was: Re: Bug#601220: noip2: abuse of debconf)
On 12/25/2010 10:37 AM, Joost van Baal wrote: As for the current bug, I'd like to point out that noip2 configuration and runtime state has always been kept in a binary configuration file. This doesn't match the Debian policy, and the current abuse of debconf is the result of a our deliberate attempt to workaround it. As documented in Bug #430842, I just found out. There's more background in bug #485725 [1]. This issue keeps coming up, our best intentions not withstanding. However, this still is a serious bug. Currently, someone who makes local changes to the content of the configuration file /var/lib/noip2/noip2.conf by running the noip2 client will lose her changes at an upgrade. Currently, no-ip offers debconf support for managing username, password, updating, matchlist, netdevice and forcenatoff. I assume this is generally really sufficient to use no-ip. Well, user changes will not be lost if the user performs them via dpkg-reconfigure. I'm not sure, however, if this is specifically documented anywhere. An extra plain text conffile needs to be introduced, and the advice in debconf-devel(7)'s ADVANCED PROGRAMMING WITH DEBCONF - Config file handling needs to be followed. Users should be advised not to change /var/lib/noip2/noip2.conf directly. I believe this way one fully adheres to http://www.debian.org/doc/debian-policy/ch-files.html#s10.7.2 . It won't be trivial... I was under the impression that the current situation conforms with the debian policy, but I may be wrong. Your suggested solution makes sense, and I agree with your assessment that it won't be trivial to implement. Note that noip2 already contains significant debian-specific patches, in order to support configuration via debconf, and supporting plain a text conffile will only add to this unhealthy situation. In any case, I don't have the time to tackle this, and no real motivation, since, as I mentioned, I'm quite happy using a different update client (namely, ddclient [2]). Thanks, Avi Bye, Joost [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485725 [2] http://packages.debian.org/search?keywords=ddclient signature.asc Description: OpenPGP digital signature
Bug#601220: orphaning noip2? (was: Re: Bug#601220: noip2: abuse of debconf)
Hi, Andres Mejia wrote: snip this package should be orphaned. snip Is Avi Rozen no longer interested in working on the noip2 Debian package? If so, it should indeed get orphaned. Googling revealed: You should set the package maintainer to Debian QA Group packa...@qa.debian.org and submit a bug report against the pseudo package wnpp. The bug report should be titled O: package -- short description indicating that the package is now orphaned. The severity of the bug should be set to normal. [...] send a copy to debian-de...@lists.debian.org by putting the address in the X-Debbugs-CC: header of the message [...] And the bug should be fixed too, of course... Bye, Joost -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: orphaning noip2? (was: Re: Bug#601220: noip2: abuse of debconf)
On 12/25/2010 08:21 AM, Joost van Baal wrote: Hi, Andres Mejia wrote: snip this package should be orphaned. snip Is Avi Rozen no longer interested in working on the noip2 Debian package? Not really. I'm still using no-ip.com services, but I've recently switched to using ddclient as the update client. As for the current bug, I'd like to point out that noip2 configuration and runtime state has always been kept in a binary configuration file. This doesn't match the Debian policy, and the current abuse of debconf is the result of a our deliberate attempt to workaround it. Cheers, Avi If so, it should indeed get orphaned. Googling revealed: You should set the package maintainer to Debian QA Group packa...@qa.debian.org and submit a bug report against the pseudo package wnpp. The bug report should be titled O: package -- short description indicating that the package is now orphaned. The severity of the bug should be set to normal. [...] send a copy to debian-de...@lists.debian.org by putting the address in the X-Debbugs-CC: header of the message [...] And the bug should be fixed too, of course... Bye, Joost signature.asc Description: OpenPGP digital signature
Bug#601220: noip2: abuse of debconf
On Wed, Nov 17, 2010 at 05:31:03PM -0500, Andres Mejia wrote: For anyone looking into resolving this bug, feel free to remove me as uploader. I no longer use the noip service thus I no longer have any interest in maintaining this package. Please google for How to orphan packages properly. -- Andreas Henriksson -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: noip2: abuse of debconf
On Thu, Nov 18, 2010 at 7:00 AM, Andreas Henriksson andr...@fatal.se wrote: On Wed, Nov 17, 2010 at 05:31:03PM -0500, Andres Mejia wrote: For anyone looking into resolving this bug, feel free to remove me as uploader. I no longer use the noip service thus I no longer have any interest in maintaining this package. Please google for How to orphan packages properly. -- Andreas Henriksson Well if the last maintainer doesn't respond or says he no longer wants to maintain no-ip, then yes, this package should be orphaned. -- Regards, Andres Mejia -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: noip2: abuse of debconf
On Sun, Oct 24, 2010 at 8:44 AM, Jakub Wilk jw...@debian.org wrote: Package: noip2 Version: 2.1.9-3 Severity: serious Justification: Policy 10.7 The only place noip2 store configuration data (apart from the debconf cache) is a binary blob in /var/lib/noip2/. This file will be happily overwritten on each upgrade using *only* values supplied by debconf. -- Jakub Wilk -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJMxCocAAoJEC1Os6YBVHX1bBwP/02ty0C3MHO4vcXjLMCnuT4B HTSaoUi/vf+k9PBbtFhaKa5iDE6oSOprOFiGDeuwcFeK+zJU8Hoil3XjheA2x+ak LXsF9OUrQeuOJ63j4HSRnTYspsK7RX3ezKqUzMyOT4PdIgIXxV4WtytX2jWs+oP1 JnbctxKRrwyrfSp9uFvhcc6uUFMZVUGAQRqHq/355qJDKN7b03WFl0gveRFASazn LyLOC5Dvm6T0VFRrwTMuRttZZGaU8RTANaid6fQkS2lC4Wk/U7xHrxhtJqGovx7j CJjH9ZfMuAASPPEJYepNMN6JimLilxl7PYQ8AFLajiK0JOpkIqJsVW7yRLnaIgEc KUKIxShr3tTR48OE+SyiTDU5jRt/+J6cWZz78UgJGfQDnKkNtGu9RYV3Y08Pyy5A cJr7t9iXYrfqcqTigobP7ybB8Wd4kZdNjJN7lKPGTQC7jntPrp7shaBAa7o3SzNa KXIECM2M15hsqZK5bFaV40LTvcmHmUJVM5g4J8pBR4YcJtISzq55uXaYH2DtaixI JvibWOkTdQ4ajHfkEfZzp36PQ+i1Pit55U+KzuRzKCz834eWDtCojLKLsKV63cm8 qDyqZgUchvvUVkWymTRmT2d9vVImfpub5WLrf1BPpz23FaWun+/y/y+JcPjqC79M T99gANkfu3c3BvZQH0Zd =Wlvg -END PGP SIGNATURE- For anyone looking into resolving this bug, feel free to remove me as uploader. I no longer use the noip service thus I no longer have any interest in maintaining this package. -- Regards, Andres Mejia -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: noip2: abuse of debconf
Hello, On Sun, Oct 24, 2010 at 02:44:16PM +0200, Jakub Wilk wrote: Package: noip2 Version: 2.1.9-3 Severity: serious Justification: Policy 10.7 The only place noip2 store configuration data (apart from the debconf cache) is a binary blob in /var/lib/noip2/. This file will be happily overwritten on each upgrade using *only* values supplied by debconf. debconf is set to critical asking those questions. Otavio, could you give us some feedback on this bug? You can read data back (all but password) with noip -S, do you need a patch for this? Best regards -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: noip2: abuse of debconf
On Sun, Nov 14, 2010 at 1:57 PM, Hector Oron zu...@debian.org wrote: Otavio, could you give us some feedback on this bug? You can read data back (all but password) with noip -S, do you need a patch for this? I haven't have time to look at it. If you can look at it please do. It is in collab-maint so please take it over :-D -- Otavio Salvador O.S. Systems E-mail: ota...@ossystems.com.br http://www.ossystems.com.br Mobile: +55 53 9981-7854 http://projetos.ossystems.com.br -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#601220: noip2: abuse of debconf
Package: noip2 Version: 2.1.9-3 Severity: serious Justification: Policy 10.7 The only place noip2 store configuration data (apart from the debconf cache) is a binary blob in /var/lib/noip2/. This file will be happily overwritten on each upgrade using *only* values supplied by debconf. -- Jakub Wilk signature.asc Description: Digital signature