Bug#850967: Clarify /usr/bin/foo should not be hardcoded even in upstream parts
Dear Ian, while I see where you come from, and can empathize with some of your points, I think that Daniel's following of upstream practices in using full paths is both fairly common, and a valid practice in Debian Packages. Le mercredi, 11 janvier 2017, 17.13:44 h CET Ian Jackson a écrit : > I would like the TC to: > > * Declare that Debian policy should be clarified to say that programs >in Debian (not just maintainer scripts) should not hardcode the >location of the binaries in /{usr/,}{bin,sbin} they execute. Asking the TC to declare the above seems _very_ premature to me. In particular, in the frame of §6.3.6, I don't think enough efforts have been put in resolving this via consensus. Rather, I think it _is_ a resolved issue (over the course of years), but that you happen to disagree with the consensus. > * Say that this applies even when the program needs to find pieces of >the same (or closely related) package. Reading this literally (which is what the Debian Policy is for), this would ask the Debian project to patch literally all its archive. For instance, that covers literally all shebang lines. > * Provide an informal opinion that this policy ought to apply to >gpg-agent as requested in #850657. I went and read #850657, and found myself agreeing with all points made by Daniel: if you want a gnupg that runs your custom gpg-agent for debugging purposes, building a patched src:gnupg is there for you; we provide source for a reason. All-in-all, I think that the decisions you would like the TC to issue would be against the project's consensus, and (which is more important for TC decisions) wouldn't be technically sound. I'd be in favour of closing this bug above Further Discussion. Cheers, OdyX P.S. No need to reply asking me to focus on a different issue… signature.asc Description: This is a digitally signed message part.
Bug#841294: Global Ballot Thoughts
Le mercredi, 30 novembre 2016, 14.11:43 h CET Sam Hartman a écrit : > I'd really like to see the TC offer at least the following advice: > > 1) We believe that strong evidence is required to hold back integrating > new versions of software like global. The burden of proof is on those > who propose not to update, not on those who would like Debian to contain > current upstream features. > > 2) This burden has not been met with regard to htags and regressions > related to htags. > > 3) Delays in discussion of this issue over the year suggest that having > more people involved in maintaining the global package would help > address a perception that the maintainer is blocking forward progress. Absolutely. This would be a the very minimal statement I'd like us to emit. > I don't think I'd support giving global to someone else. I would support handing global to new maintainers, really. We have 4 persons who have contributed to the newly-available package in experimental: https://tracker.debian.org/news/820174 Their total work is a magnitude more than what was given to the package by the current maintainer in the last 6 years. > I don't think we even need to say "Ron you did something bad." I do think > that Ron contributed to a harmful perception that damages those who would > use and contribute to global in Debian. I wouldn't support a decision where we state that Ron did something bad. It would be unneeded blaming (especially in a TC decision), and unnecessarily agressive. I'd support a decision handing the package to better hands though. For me, it is now obvious that there exists a group of maintainers out there who would do better service to the maintenance of global, than is currently done. > If we can find a path forward that gets a new global into Debian, I'd be > happy only offering advice. If we get stuck doing that, I think we need > to overrule something. Sure, absolutely. But its really also a question of timing, and allowing Ron to tell the TC (in direct words, through further NAK'ing, or through inaction) "fine, I've won another release with global v5 in, I'll let the package go after the release of stretch", we will have rewarded stop-energy and inertia, over service to our users. Although we probably haven't reached consensus, I'd like to see this subject move forward; what about the following ballot (with options to be refined, of course): A) Using §6.1.5, the TC offers advice (insert Sam's advice above) about the maintenance of src:global. B) Using §6.1.2, the TC decides that the src:global maintainer is now (insert name) C) Further discussion -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#846884: cups-browsed: incomplete app armor profile
Control: tags -1 +help Intri: can you take a look there ? You're our apparmor reference :-) Le samedi, 3 décembre 2016, 16.59:38 h CET Robert Fantini a écrit : > syslog was flooded with thousands of lines like this: > > Mar 14 16:01:32 s022 kernel: [106968.865214] audit: type=1400 > audit(1457985692.167:106957): apparmor="DENIED" operation="connect" > info="Failed name lookup - disconnected path" error=-13 > profile="/usr/sbin/cups-browsed" name="run/cups/cups.sock" pid=7006 > comm="cups-browsed" requested_mask="wr" denied_mask="wr" fsuid=0 ouid=0 > > * I asked about this at proxmox forum [ thread: > https://forum.proxmox.com/threads/cups-print-server-on-pve-floods-logs.2681 > 3/#post-134662 ] > > and was told: > File a bugreport in the Debian bug tracker for the incomplete app armor > profile, extend it locally yourself, don't use cups-browsed or don't > confine it with apparmor (recommended in that order ;)) > > uninstall cups-browsed stopped log flooding. > > PS: > if there is any more info needed ping me. -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#846002: blends-tasks must not be priority:important (was Re: Bug#846002: Lowering severity)
With my Debian Printing Team member hat: Le mardi, 6 décembre 2016, 10.18:23 h CET Philip Hands a écrit : > What is a print server? (CUPS) web server? (apache2) The "print server" entry in tasksel should be rethought, as it nowadays only depends on CUPS, and recommends various helper drivers & co. If one really wants to setup a shared print server, they would install CUPS on a pristine Debian and configure CUPS from there on. If CUPS is "only" meant to be used as local print server, it should really be a recommends of the desktop tools caring about printing. I don't really see the point anymore about having this entry in the d-i tasks selection; and would suggest to remove it entirely, and (eventually) add an entry in the Release Notes saying "if you want a print-server, install CUPS". Btw, there's https://bugs.debian.org/824645 for which I put up a cleanup patch, but I can't push it. :/ OdyX signature.asc Description: This is a digitally signed message part.
Bug#849467: jessie-pu: package hplip/3.14.6-1+deb8u1
Le lundi, 2 janvier 2017, 18.10:15 h CET Adam D. Barratt a écrit : > On Sun, 2017-01-01 at 11:38 +0100, Didier 'OdyX' Raboud wrote: > > Le samedi, 31 décembre 2016, 17.10:09 h CET Adam D. Barratt a écrit : > > > Control: tags -1 + confirmed > > > > > > On Tue, 2016-12-27 at 14:18 +0100, Didier 'OdyX' Raboud wrote: > > > > I'd like to get CVE-2015-0839 fixed in jessie, it's a no-DSA issue, > > > > and > > > > security team members suggested to get it fixed through stable > > > > updates. > > > > > > > > This bug is a simple 'fetching gpg key from keyservers with a short > > > > keyid' problem, and upstream's fix is to use the full fingerprint. > > > > > > Please go ahead. > > > > Uploaded, thanks for the confirmation. > > Automated post-upload lintian checks caught a new issue: > > +E: empty-manual-page usr/share/man/man1/hp-toolbox.1.gz > > and indeed: > > adsb@coccia:/srv/mirrors/debian/pool/main/h/hplip$ dpkg-deb -c > hplip-gui_3.14.6-1_all.deb | grep toolbox.1 -rw-r--r-- root/root 818 > 2014-06-15 07:31 ./usr/share/man/man1/hp-toolbox.1.gz > adsb@coccia:/srv/mirrors/debian/pool/main/h/hplip$ dpkg-deb -c > /srv/ftp-master.debian.org/policy/pool/main/h/hplip/hplip-gui_3.14.6-1+deb8 > u1_all.deb | grep toolbox.1 -rw-r--r-- root/root20 2016-12-27 13:48 > ./usr/share/man/man1/hp-toolbox.1.gz > > Any idea what's going on there? Ah yes. I had fixed this in b1b3f529471d15fb97d1c651f3c60901cc67131b, see attached patch. This is due to new (entirely rightful) restrictions in the buildds (or in my sbuild setup) apparently. So I should cherry-pick that and re-upload (re-using the 3.14.6-1+deb8u1 version number ?) ? -- Cheers, OdyX>From b1b3f529471d15fb97d1c651f3c60901cc67131b Mon Sep 17 00:00:00 2001 From: Didier Raboud <o...@debian.org> Date: Mon, 3 Oct 2016 11:37:37 +0200 Subject: [PATCH] Export HOME when building the manpages to permit hp-toolbox's manpage generation --- debian/rules | 1 + 1 file changed, 1 insertion(+) diff --git a/debian/rules b/debian/rules index d44f11cbf..1aa626d6f 100755 --- a/debian/rules +++ b/debian/rules @@ -167,6 +167,7 @@ override_dh_install: for file in *; do \ if readlink $$file | grep ".py"; then \ PYTHONPATH=../lib/python$(PYTHON_DEFAULT_VERSION)/$(PYTHON_SITENAME)/ \ +HOME=./ \ LD_LIBRARY_PATH=../lib/$(DEB_HOST_MULTIARCH) python3 ./$$file --help-man > $(CURDIR)/$$file.1 ; \ fi; \ done \ -- 2.11.0
Bug#849467: jessie-pu: package hplip/3.14.6-1+deb8u1
Le mardi, 3 janvier 2017, 12.21:36 h CET Adam D. Barratt a écrit : > You can't immediately re-use the version. Either we can reject the > current package and you can then upload a fixed +deb8u1, or you can > upload +deb8u2 which just adds the fix above. It does make sense to re-use the same version, doesn't it? If so, please reject, I'll upload after that. -- Cheers, OdyX
Bug#819092: #819092 win32-loader cannot load dailies because NSISdl doesn't support https
tags -1 +help Le mercredi, 23 mars 2016, 16.41:21 h CET Didier 'OdyX' Raboud a écrit : > As the title says, win32-loader currently can't download dailies, as > d-i.debian.org has moved to enforced https. > > That's a limitation of the NSISdl NSIS builtin plugin. It could be replaced > with the Inetc plugin [0], but it isn't packaged. > > No dailies means no kfreebsd/hurd too, unfortunately. So I've spent a good part of today trying to fix that problem. The path I've picked was to try to in-Debian build the Inetc plugin, and then use that in win32-loader to download d-i assets over https securely. Unfortunately, that didn't work out well enough: * the inetc plugin is not properly licensed, but assuming it is under Zlib … * it (kinda-)builds under Debian, * it supports the NSIS 3.0 API, * but I couldn't manage to make it work in win32-loader, as I was having errors such as "Dialog error (1812)", and then "Connection error", which I couldn't debug. Anyway. Here's the nsis-plugin-inetc packaging: https://anonscm.debian.org/cgit/collab-maint/nsis-plugin-inetc.git/ As for the bug at hand, I will upload a new win32-loader targetted at stretch that doesn't permit dailies or alternative architectures' download (as they later fail anyway), and get that into stretch. -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#849467: jessie-pu: package hplip/3.14.6-1+deb8u1
Le samedi, 31 décembre 2016, 17.10:09 h CET Adam D. Barratt a écrit : > Control: tags -1 + confirmed > > On Tue, 2016-12-27 at 14:18 +0100, Didier 'OdyX' Raboud wrote: > > I'd like to get CVE-2015-0839 fixed in jessie, it's a no-DSA issue, and > > security team members suggested to get it fixed through stable updates. > > > > This bug is a simple 'fetching gpg key from keyservers with a short > > keyid' problem, and upstream's fix is to use the full fingerprint. > > Please go ahead. Uploaded, thanks for the confirmation. -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#845651: lsb-release: --codename returns n/a on stretch without apt sources configured
Control: tags -1 +wontfix Hi there Luca, Le dimanche, 8 janvier 2017, 14.54:16 h CET Luca Boccassi a écrit : > Any chance this could be looked at before Stretch final freeze? Thank you! tl;dr: unfortunately not. I have thought about this issue for some time, and I think that the result is actually correct. Let me explain: When (as currently), stretch is the testing release, /etc/debian_version contains "stretch/sid", as shipped by base-files. It is therefore impossible to rely on that file to differentiate between a host running testing or unstable without asking apt what is actually preferred when installing packages (through parsing `apt-cache policy`). That's how `lsb-release -- codename` returns "sid" _xor_ "stretch". stretch's base-files is currently in version 9.7, and ships with "stretch/sid" in /etc/debian_version. But if you look at base-files in the current stable (8+deb8u6), its /etc/debian_version currently contains "8.6", and with that, `lsb-release --codename` returns "jessie" consistently, and without relying on apt. base-files will be updated in stretch for the release, as happened for jessie: > * Release for jessie as stable: > - Use "8" as version in /etc/issue and /etc/issue.net. As usual, this > is never expected to change once that jessie is released as Debian 8. > - Use 8.0 as version in /etc/debian_version. As usual, this is expected > to change at every point release. So, if you manually replace your /etc/debian_version's content by "9.0", you should get "stretch" consistently, no matter what your apt configuration is. That's all to say that this bug is (to my belief) actually expected behaviour; and fixing it through forcing the codename to be interpreted as "stretch" when apt-cache information is unavailable would be wrong. When /etc/debian_version contains "potato/sid", the codename is either potato xor sid, and only apt- cache can discriminate a testing host from a sid host. Therefore, in such a situation, the correct answer is actually "I can't tell", aka "n/a". -- Cheers, OdyX
Bug#850801: unblock: win32-loader/0.8.1
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org X-Debbugs-Cc: win32-loa...@packages.debian.org, ftpmas...@ftp-master.debian.org Usertags: unblock Please unblock-udeb package win32-loader 0.8.1. as it has some useful stretch'ification (and is always blocked because of the manual migration to be done by ftpmasters): > * As NSIS doesn't support downloading from https (#819092), and as >d-i dailies are now on an https-enforced hosts: don't allow branch >or kernel selection > * Replace the Lines screenshot by a recent softWaves screenshot ftpmaster: please copy debian/tools/win32-loader/unstable into …/testing unblock-udeb win32-loader/0.8.1 Cheers, OdyX
Bug#848889: hplip-data: There are no PPDs in the package
Control: tags -1 +pending Le mardi, 20 décembre 2016, 15.09:16 h CET Brian Potkin a écrit : > This package contains data files for the HP Linux Printing > and Imaging System. > > would reflect the situation better. Thanks for this patch. I should really go with you through the steps of giving you commit access (and confidence) so as to let you do the enhancements like this one yourself. It would reduce our combined work! Do you already have an Alioth account ? -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Control: tag -1 -moreinfo Le samedi, 17 décembre 2016, 11.38:59 h CET Julien Cristau a écrit : > > - and debdiff > > cups_1.7.5-11+deb8u2.debdiff > > The debdiff is the one we tend to look at, but it looks like it was not > attached. Indeed, sorry. Here it comes. -- Cheers, OdyXdiff -Nru cups-1.7.5/debian/changelog cups-1.7.5/debian/changelog --- cups-1.7.5/debian/changelog 2015-06-09 09:45:50.0 +0200 +++ cups-1.7.5/debian/changelog 2016-10-10 10:05:10.0 +0200 @@ -1,3 +1,13 @@ +cups (1.7.5-11+deb8u2) jessie-security; urgency=high + + * Disable SSLv3 and RC4 by default to address POODLE vulnerability +(Closes: #839226) +- Implement SSLOptions to permit the use of AllowSSLv3 and AllowRC4 + respectively + * Refresh patches + + -- Didier RaboudMon, 10 Oct 2016 10:05:10 +0200 + cups (1.7.5-11+deb8u1) jessie-security; urgency=high * Import 1.7 upstream fix for CERT VU#810572: Privilege escalation through diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout.patch 2016-10-10 09:55:05.0 +0200 @@ -27,7 +27,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -246,6 +246,9 @@ +@@ -248,6 +248,9 @@ /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch --- cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/cupsd-idleexittimeout-systemd.patch 2016-10-10 09:55:10.0 +0200 @@ -21,7 +21,7 @@ LaunchdTimeout = 10; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -251,6 +251,9 @@ +@@ -253,6 +253,9 @@ VAR int IdleExitTimeout VALUE(0); /* Time after which an idle cupsd will exit */ @@ -51,7 +51,7 @@ #endif /* HAVE_SYSTEMD */ --- a/man/cupsd.conf.man.in +++ b/man/cupsd.conf.man.in -@@ -521,6 +521,12 @@ +@@ -528,6 +528,12 @@ "notify-events", "notify-pull-method", "notify-recipient-uri", "notify-subscriber-user-name", and "notify-user-data". .TP 5 diff -Nru cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch --- cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/log-debug-history-nearly-unlimited.patch 2016-10-10 09:55:09.0 +0200 @@ -13,7 +13,7 @@ LogTimeFormat= CUPSD_TIME_STANDARD; --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -166,7 +166,7 @@ +@@ -168,7 +168,7 @@ /* Allow overrides? */ ConfigFilePerm VALUE(0640), /* Permissions for config files */ diff -Nru cups-1.7.5/debian/patches/pidfile.patch cups-1.7.5/debian/patches/pidfile.patch --- cups-1.7.5/debian/patches/pidfile.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/pidfile.patch 2016-10-10 09:55:08.0 +0200 @@ -24,7 +24,7 @@ if (!strcmp(CUPS_DEFAULT_PRINTCAP, "/etc/printers.conf")) PrintcapFormat = PRINTCAP_SOLARIS; -@@ -,6 +3335,7 @@ +@@ -3370,6 +3372,7 @@ !_cups_strcasecmp(line, "SystemGroup") || !_cups_strcasecmp(line, "SystemGroupAuthKey") || !_cups_strcasecmp(line, "TempDir") || @@ -34,7 +34,7 @@ cupsdLogMessage(CUPSD_LOG_INFO, --- a/scheduler/conf.h +++ b/scheduler/conf.h -@@ -245,6 +245,8 @@ +@@ -247,6 +247,8 @@ VAR int SSLOptions VALUE(CUPSD_SSL_NONE); /* SSL/TLS options */ #endif /* HAVE_SSL */ diff -Nru cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch --- cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/read-embedded-options-from-incoming-postscript-and-add-to-ipp-attrs.patch 2016-10-10 09:55:07.0 +0200 @@ -11,7 +11,7 @@ --- a/scheduler/ipp.c +++ b/scheduler/ipp.c -@@ -8249,6 +8249,11 @@ +@@ -8206,6 +8206,11 @@ ipp_attribute_t *attr, /* Current attribute */ *attr2, /* Job attribute */ *prev2; /* Previous job attribute */ @@ -23,7 +23,7 @@ /* -@@ -8310,6 +8315,85 @@ +@@ -8267,6 +8272,85 @@ } /* diff -Nru cups-1.7.5/debian/patches/series cups-1.7.5/debian/patches/series --- cups-1.7.5/debian/patches/series 2015-06-09 09:36:38.0 +0200 +++ cups-1.7.5/debian/patches/series 2016-10-10 09:54:51.0 +0200 @@ -6,6 +6,7 @@ str4500-cupsGetPPD3-Only-use-symlink-if-file-is-readable-STR.patch str4551-fix-buffer-overflow-in-cupsRasterReadPixels.patch
Bug#849467: jessie-pu: package hplip/3.14.6-1+deb8u1
Package: release.debian.org Severity: normal Tags: jessie User: release.debian@packages.debian.org Usertags: pu Dear RT, I'd like to get CVE-2015-0839 fixed in jessie, it's a no-DSA issue, and security team members suggested to get it fixed through stable updates. This bug is a simple 'fetching gpg key from keyservers with a short keyid' problem, and upstream's fix is to use the full fingerprint. The debdiff is attached. Cheers, OdyX diff -Nru hplip-3.14.6/debian/changelog hplip-3.14.6/debian/changelog --- hplip-3.14.6/debian/changelog 2014-06-15 09:24:19.0 +0200 +++ hplip-3.14.6/debian/changelog 2016-12-27 09:13:54.0 +0100 @@ -1,3 +1,11 @@ +hplip (3.14.6-1+deb8u1) stable; urgency=medium + + * Backport CVE-2015-0839 fix from upstream's 3.15.7: use full gpg key +fingerprint when fetching key from keyservers +(Closes: #787353, LP: #1432516) + + -- Didier RaboudTue, 27 Dec 2016 09:13:54 +0100 + hplip (3.14.6-1) unstable; urgency=low * New upstream release diff -Nru hplip-3.14.6/debian/patches/cve-2015-0839-insecure-binary-driver-verification.patch hplip-3.14.6/debian/patches/cve-2015-0839-insecure-binary-driver-verification.patch --- hplip-3.14.6/debian/patches/cve-2015-0839-insecure-binary-driver-verification.patch 1970-01-01 01:00:00.0 +0100 +++ hplip-3.14.6/debian/patches/cve-2015-0839-insecure-binary-driver-verification.patch 2016-12-27 09:10:11.0 +0100 @@ -0,0 +1,19 @@ +Description: Use the full key fingerprint, to fix insecure binary driver verification +Bug-CVE: CVE-2015-0839 +Bug-Upstream: https://bugs.launchpad.net/hplip/+bug/1432516 +Bug-Debian: https://bugs.debian.org/787353 +Origin: vendor +Last-Update: 2015-07-15 + +--- a/base/validation.py b/base/validation.py +@@ -40,8 +40,7 @@ + + + class GPG_Verification(DigiSign_Verification): +- +-def __init__(self, pgp_site = 'pgp.mit.edu', key = 0xA59047B9): ++def __init__(self, pgp_site = 'pgp.mit.edu', key = 0x4ABA2F66DBD5A95894910E0673D770CDA59047B9): + self.__pgp_site = pgp_site + self.__key = key + self.__gpg = utils.which('gpg',True) diff -Nru hplip-3.14.6/debian/patches/series hplip-3.14.6/debian/patches/series --- hplip-3.14.6/debian/patches/series 2014-04-04 17:05:13.0 +0200 +++ hplip-3.14.6/debian/patches/series 2016-12-27 09:04:13.0 +0100 @@ -18,3 +18,4 @@ #hp-mkuri-libnotify-so-4-support.dpatch hpaio-option-duplex.diff musb-c-do-not-crash-on-usb-failure.patch +cve-2015-0839-insecure-binary-driver-verification.patch
Bug#848692: reportbug fails with punctuation in name
Package: reportbug Version: 7.1.1 Tags: patch Followup-For: Bug #848692 In reportbug/utils.py, there's a namespace collision between the "import email" on line 38, and the use of 'email' as variable in the get_user_id function, starting from line 282. A possible patch is to rename 'email' to 'emailaddr' in get_user_id, see attached patch. Cheers, OdyX -- Package-specific info: ** Environment settings: DEBEMAIL="o...@debian.org" INTERFACE="text" ** /home/didier/.reportbugrc: reportbug_version "7.1.1" mode expert ui text realname "Didier 'OdyX' Raboud" >From 8f7ae2aa6067b713c02004bbba174849ff513287 Mon Sep 17 00:00:00 2001 From: Didier Raboud <o...@debian.org> Date: Tue, 27 Dec 2016 13:56:36 +0100 Subject: [PATCH] In utils.py's get_user_id, replace email with emailaddr to avoid namespace collision with the 'email' package Closes: #848692 --- reportbug/utils.py | 22 ++ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/reportbug/utils.py b/reportbug/utils.py index 89e0991..53244aa 100644 --- a/reportbug/utils.py +++ b/reportbug/utils.py @@ -279,25 +279,25 @@ def get_email(email='', realname=''): return get_email_addr(get_user_id(email, realname)) -def get_user_id(email='', realname='', charset='utf-8'): +def get_user_id(emailaddr='', realname='', charset='utf-8'): uid = os.getuid() info = pwd.getpwuid(uid) -email = (os.environ.get('REPORTBUGEMAIL', email) or +emailaddr = (os.environ.get('REPORTBUGEMAIL', emailaddr) or os.environ.get('DEBEMAIL') or os.environ.get('EMAIL')) -email = email or find_rewritten(info[0]) or info[0] +emailaddr = emailaddr or find_rewritten(info[0]) or info[0] -if '@' not in email: +if '@' not in emailaddr: if os.path.exists('/etc/mailname'): domainname = open('/etc/mailname').readline().strip() else: domainname = socket.getfqdn() -email = email + '@' + domainname +emailaddr = emailaddr + '@' + domainname # Handle EMAIL if it's formatted as 'Bob <bob@host>'. -if '<' in email or '(' in email: -realname, email = get_email_addr(email) +if '<' in emailaddr or '(' in emailaddr: +realname, emailaddr = get_email_addr(emailaddr) if not realname: realname = (os.environ.get('DEBFULLNAME') or os.environ.get('DEBNAME') @@ -308,14 +308,12 @@ def get_user_id(email='', realname='', charset='utf-8'): realname = realname.replace('&', info[0].upper()) if not realname: -return email +return emailaddr if re.match(r'[\w\s]+$', realname): -return '%s <%s>' % (realname, email) +return '%s <%s>' % (realname, emailaddr) -addr = email.utils.formataddr((realname, email)) - -return addr +return email.utils.formataddr((realname, emailaddr)) statuscache = {} -- 2.11.0
Bug#843128: partially solved
Control: found -1 4.8.11-1 Le vendredi, 9 décembre 2016, 13.03:44 h CET Ben Hutchings a écrit : > fgetty uses dietlibc, and the stable version of dietlibc still uses the > vsyscall feature which is now disabled by default. You can make it > work again by adding 'vsyscall=emulate' to the kernel command line. > > I'll have to reconsider whether to revert the configuration change now > that I know dietlibc is a problem. On a vagrant-lxc setup using Liip's drifter [0], we see two different programs segfaulting immediately after a vsyscall entry in syslog: Dec 19 10:07:55 gyllingar kernel: [ 834.998381] logsave[12259] vsyscall attempted with vsyscall=none ip:ff600400 cs:33 sp:7ffc918c1fc8 ax:ff600400 si:4017c1 di:0 Dec 19 10:07:55 gyllingar kernel: [ 834.998384] logsave[12259]: segfault at ff600400 ip ff600400 sp 7ffc918c1fc8 error 15 Dec 19 10:07:55 gyllingar kernel: [ 834.998934] ip[12261] vsyscall attempted with vsyscall=none ip:ff600400 cs:33 sp:7fff467d8d18 ax:ff600400 si:433d2f di:0 Dec 19 10:07:55 gyllingar kernel: [ 834.998936] ip[12261]: segfault at ff600400 ip ff600400 sp 7fff467d8d18 error 15 So apparently /sbin/logsave from src:e2fsprogs and /sbin/ip from src:iproute2 have the same problem. And this was on linux-image-4.8.0-2-amd64 4.8.11-1. Both problems are circumvented by booting with vsyscall=emulated on the kernel command line. Cheers, OdyX [0] https://github.com/liip/drifter signature.asc Description: This is a digitally signed message part.
Bug#830951: Support usb dongles via usb-modeswitch and network-manager during installation
Le lundi, 26 décembre 2016, 14.42:08 h CET Pirate Praveen a écrit : > I wanted to install using a Tata Photon mobile broadband, but it was not > detected. Will this be addressed for stretch? (I have retitled the bug). No. Not for stretch. This needs at least usb-modeswitch{,-data} & pppd as udebs, and that's only to have the needed binaries in the d-i context. Your best option is probably to start with a Live CD. That's unfortunate, indeed, but it needs someone to work on that at the beginning of the development period, not its end (and I don't have bandwidth for that kind of work currently). -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#847253: Updating the debian-installer-netboot-images Uploaders list
Control: tags -1 +pending Hi Tobias, hi Otavio, Le mardi, 6 décembre 2016, 21.10:26 h CET Tobias Frost a écrit : > Otavio Salvadorwishes no longer to be uploader of > debian-installer-netboot-images. Otavio, you'll be missed; thanks for you past work on d-i-n-i! I wish you good paths with, or without Debian! I've now pushed the removal of your address from d-i-n-i's Uploaders field, it will be part of the next upload. -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#845254: unblock: win32-loader/0.8.0
Le lundi, 21 novembre 2016, 23.30:52 h CET Cyril Brulebois a écrit : > so feel free to let this package get into testing when it's copied over > by ftpmasters. Le lundi, 21 novembre 2016, 21.09:46 h CET Didier 'OdyX' Raboud a écrit : > 0.8.0 is long overdue in stretch, please let it migrate. ftpmaster: please > copy debian/tools/win32-loader/unstable into …/testing ftpmasters: ping ? -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#818875: konqueror: green SSL checkbox despite expired server certificate
Le lundi, 21 mars 2016, 11.03:13 h CET Thorsten Glaser a écrit : > Package: konqueror > Version: 4:15.08.3-1 > Severity: grave > Tags: security > Justification: user security hole > > See attached screenshot – konqueror does not error out when the > certificate is expired and even shows a green checkbox. (I may > or may not have ACK’d the certificate in an earlier session, I > don’t know right now, but showing a green checkbox is still > wrong.) https://expired.identrustssl.com/ is an online example to test that use-case, which I can reproduce. konqueror is RC-buggy in stretch because of that (IMHO rightful) bug. It is also plagued by other bugs, I wonder if konqueror should really be shipped in stretch. How feasible is it to remove it ? -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#859084: unblock: win32-loader/0.8.2
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock-udeb package win32-loader 0.8.2 as it fixes a FTBFS in stretch (and is always blocked because of the manual migration to be done by ftpmasters): > * Fix dpkg-query calls to use source:* for Version and Package directly > - Add Build-Dependency on dpkg (>= 1.16.2) for that support > - Fixes the FTBFS revealed by loadlin's binNMU > (Closes: #858104) debdiff is attached. ftpmaster: please copy debian/tools/win32-loader/unstable into …/testing unblock-udeb win32-loader/0.8.2 Cheers, OdyX diff -Nru win32-loader-0.8.1/debian/changelog win32-loader-0.8.2/debian/changelog --- win32-loader-0.8.1/debian/changelog 2016-12-29 20:57:22.0 +0100 +++ win32-loader-0.8.2/debian/changelog 2017-03-20 21:23:59.0 +0100 @@ -1,3 +1,14 @@ +win32-loader (0.8.2) unstable; urgency=medium + + * The « Iao » release + + * Fix dpkg-query calls to use source:* for Version and Package directly +- Add Build-Dependency on dpkg (>= 1.16.2) for that support +- Fixes the FTBFS revealed by loadlin's binNMU +(Closes: #858104) + + -- Didier RaboudMon, 20 Mar 2017 21:23:59 +0100 + win32-loader (0.8.1) unstable; urgency=medium * The « poipoi » release diff -Nru win32-loader-0.8.1/debian/control win32-loader-0.8.2/debian/control --- win32-loader-0.8.1/debian/control 2016-12-29 19:06:06.0 +0100 +++ win32-loader-0.8.2/debian/control 2017-03-20 21:12:00.0 +0100 @@ -4,6 +4,7 @@ Maintainer: Debian Install System Team Uploaders: Robert Millan , Didier Raboud , Christian Perrier Build-Depends: + dpkg (>= 1.16.2), debhelper (>= 9), nsis (>= 2.48), nsis-pluginapi, mingw-w64, diff -Nru win32-loader-0.8.1/debian/rules win32-loader-0.8.2/debian/rules --- win32-loader-0.8.1/debian/rules 2016-12-29 20:06:05.0 +0100 +++ win32-loader-0.8.2/debian/rules 2017-03-20 21:10:08.0 +0100 @@ -13,23 +13,13 @@ PACKAGES_LIST := $(shell set -e; \ for p in ${B_D_PACKAGES}; \ do \ - if test `dpkg-query --showformat='x$${Source}x' --show $$p` = "xx"; \ - then \ - dpkg-query --showformat='$${Package;-25} $${Version;-25} http://ftp.debian.org/debian/pool/main/$${Package;1}/$${Package}\\n' --show $$p; \ - else \ - dpkg-query --showformat='$${Package;-25} $${Version;-25} http://ftp.debian.org/debian/pool/main/$${Source;1}/$${Source}\\n' --show $$p; \ - fi; \ + dpkg-query --showformat='$${source:Package;-25} $${source:Version;-25} http://ftp.debian.org/debian/pool/main/$${source:Package;1}/$${source:Package}\\n' --show $$p; \ done) BUILT_USING_LIST := $(shell set -e; \ for p in ${B_D_PACKAGES}; \ do \ - if test `dpkg-query --showformat='x$${Source}x' --show $$p` = "xx"; \ - then \ - dpkg-query --showformat='$${Package} (= $${Version}), ' --show $$p; \ - else \ - dpkg-query --showformat='$${Source} (= $${Version}), ' --show $$p; \ - fi; \ + dpkg-query --showformat='$${source:Package} (= $${source:Version}), ' --show $$p; \ done) NSIS_VERSION := $(shell dpkg-query -f='$${Version}' -W nsis )
Bug#858341: cups-daemon: please usr /run instead of /var/run
Control: tags -1 +patch +pending Hi there Russell; thanks for your report! Le mercredi, 22 mars 2017, 00.30:13 h CET Russell Coker a écrit : > /run has been around since 2011, I think it's time to stop using the > /var/run symlink. Supporting the symlink in SE Linux means supporting both > names for the contexts used in the initial creation of files and > directories which I want to remove. Here's a patch to make cups not use > /var/run: Actually, if we are to remove /var/run usages, we might as well want to do it everywhere, and for all usages: * /run/cups/$NAME.pid (in the pidfile.patch, and in the init script) * /run/cups/printcap (through --with-printcap, managed in the postinst) * /run/cups/certs (through --with-rundir, handled in the init script and in the upstart script) * /run/cups/cups.sock (through --with-rundir, used in cups.postinst and trigger, in the upstart script as well as in the autopkgtest A patch for that all is attached, and, given that we have experimental, I will upload that soon. Thanks for the heads' up! -- OdyXAuthor: Didier RaboudDate: Tue Mar 21 21:15:44 2017 +0100 Use /run instead of /var/run everywhere meaningful: * /run/cups: - in debian/rules; pass --with-rundir=/run/cups - update cups.init * /run/cups/cupsd.pid: - update cups.init - update pidfile.patch * /run/cups/printcap: - in debian/rules; update --with-printcap - update cups-daemon postinst * /run/cups/cups.sock: - update cups postinst and postrm for the lpadmin calls - update the autopkgtest for the lpadmin call - update the libcups2 example script - update the upstart script * /run/cups/certs: - update cups.init - update the upstart script Thanks-To: Russell Coker Closes: #858341 diff --git a/debian/client.conf b/debian/client.conf index 5081adeaf..b8e1c0149 100644 --- a/debian/client.conf +++ b/debian/client.conf @@ -34,7 +34,7 @@ # # ServerName: the hostname of your server. By default CUPS will use the -# domain socket /var/run/cups/cups.sock or the value of the CUPS_SERVER +# domain socket /run/cups/cups.sock or the value of the CUPS_SERVER # environment variable. # ONLY ONE SERVER NAME MAY BE SPECIFIED AT A TIME. To use # more than one server you must use a local scheduler with browsing diff --git a/debian/cups-daemon.cups.init b/debian/cups-daemon.cups.init index bfb08d0ad..7b6277524 100644 --- a/debian/cups-daemon.cups.init +++ b/debian/cups-daemon.cups.init @@ -19,7 +19,7 @@ PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/sbin/cupsd NAME=cupsd -PIDFILE=/var/run/cups/$NAME.pid +PIDFILE=/run/cups/$NAME.pid DESC="Common Unix Printing System" SCRIPTNAME=/etc/init.d/cups @@ -28,8 +28,8 @@ unset TMPDIR # Exit if the package is not installed test -x $DAEMON || exit 0 -mkdir -p /var/run/cups/certs -[ -x /sbin/restorecon ] && /sbin/restorecon -R /var/run/cups +mkdir -p /run/cups/certs +[ -x /sbin/restorecon ] && /sbin/restorecon -R /run/cups # Define LSB log_* functions. # Depend on lsb-base (>= 3.2-14) to ensure that this file is present diff --git a/debian/cups-daemon.postinst b/debian/cups-daemon.postinst index cf09db6bc..e485a7526 100644 --- a/debian/cups-daemon.postinst +++ b/debian/cups-daemon.postinst @@ -63,7 +63,7 @@ if [ "$1" = configure ]; then printcap_file=`egrep '^Printcap ' /etc/cups/cupsd.conf | awk '{print $2}' | tail -n 1` if [ -z "$printcap_file" ]; then - printcap_file=/var/run/cups/printcap + printcap_file=/run/cups/printcap fi if [ ! -e /etc/printcap -a -e $printcap_file ]; then ln -s $printcap_file /etc/printcap diff --git a/debian/cups-daemon.postrm b/debian/cups-daemon.postrm index 42c01b083..25cfca367 100644 --- a/debian/cups-daemon.postrm +++ b/debian/cups-daemon.postrm @@ -8,7 +8,7 @@ case "$1" in purge) rm -rf /var/lib/cups rm -rf /var/log/cups - rm -rf /var/run/cups + rm -rf /run/cups rm -rf /var/cache/cups rm -rf /var/spool/cups rm -f /etc/cups/ssl/server.crt diff --git a/debian/cups.postinst b/debian/cups.postinst index 143d2d2c4..093fc2220 100644 --- a/debian/cups.postinst +++ b/debian/cups.postinst @@ -103,7 +103,7 @@ ppd_updater () { for ppd in *.ppd; do [ -r "$ppd" ] || continue queue=${ppd%.ppd} - lpstat -h /var/run/cups/cups.sock -p "$queue" >/dev/null 2>&1 || continue + lpstat -h /run/cups/cups.sock -p "$queue" >/dev/null 2>&1 || continue nickname=`grep '\*NickName:' "$ppd" | cut -d '"' -f 2 | perl -p -e 's/\n$//' | perl -p -e "$gennicknameregexp" | perl -p -e 's/(\W)/$1/g'` lang=`grep '\*LanguageVersion:' "$ppd" | cut -d ' ' -f 2 | perl -e 'print lc(<>)' | perl -p -e 's/[\r\n]//gs'` ppdfound="0" @@ -112,12 +112,12 @@ ppd_updater () { tempfiles="$tempfiles $tmpfile2" cat $tmpfile1 | perl -p -e "$gennicknameregexp; s/\n*$/\n/s" | grep -E '^\S+\s+.*'"$nickname"'$'
Bug#836127: Call for Votes for new CTTE Member
Le lundi, 3 avril 2017, 20.15:46 h CEST Philip Hands a écrit : > ===BEGIN > > The Technical Committee recommends that David Bremner be > appointed by the Debian Project Leader to the Technical Committee. > > A: Recommend to Appoint David Bremner > B: Further Discussion > > ===END I vote A > B -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#860695: win32-loader: FTBFS on i386: segmentation fault
Control: tags -1 -moreinfo +pending Le mercredi, 19 avril 2017, 15.44:00 h CEST Sven Joachim a écrit : > >> Relevant part (hopefully): > > Actually: > >> > # Prepare the README file > >> > awk > >> > (…) > >> > Segmentation fault > > > > `awk` segfaults here. This seems to be an awk bug, or problem. Is the > > command- line for it too long, or is it something else? > > Possibly it's the same problem as #158481. A workaround is to use > original-awk or gawk instead of awk (and build-depend on it, of course). > > I don't feel like debugging this issue, since mawk in Debian is > unmaintained. :-( Thanks for the information; I've successfully reproduced the awk segfault in a i386 porterbox, and I can confirm the gawk replacement fixes that. I will upload a simple fix later today. -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#860520: Voting for TC Chair
Package: tech-ctte Severity: normal Dear TC members, With the appointment of David to the TC and according to our current procedures¹, I am hereby announcing my immediate vacation of the chair position, triggering a new election. For clarity of the process, I am interested to continue serving as chair. The ballot is the following: ===BEGIN=== The chair of the Debian Technical Committee will be: A: Keith Packard B: Didier Raboud C: Tollef Fog Heen D: Sam Hartman E: Phil Hands F: Margarita Manterola G: David Bremner ===END=== -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#860695: win32-loader: FTBFS on i386: segmentation fault
Control: clone -1 -2 Control: reassign -2 mawk 1.3.3-17 Control: reopen -2 o...@debian.org Control: retitle -2 mawk: segfaults on i386 during win32-loader build Control: severity -2 serious Le mercredi, 19 avril 2017, 17.31:26 h CEST Didier 'OdyX' Raboud a écrit : > Le mercredi, 19 avril 2017, 15.44:00 h CEST Sven Joachim a écrit : > > >> Relevant part (hopefully): > > > Actually: > > >> > # Prepare the README file > > >> > awk > > >> > (…) > > >> > Segmentation fault > > > > > > `awk` segfaults here. This seems to be an awk bug, or problem. Is the > > > command- line for it too long, or is it something else? > > > > Possibly it's the same problem as #158481. A workaround is to use > > original-awk or gawk instead of awk (and build-depend on it, of course). > > > > I don't feel like debugging this issue, since mawk in Debian is > > unmaintained. :-( > > Thanks for the information; I've successfully reproduced the awk segfault in > a i386 porterbox, and I can confirm the gawk replacement fixes that. Hereby cloning, reopening and reassigning to mawk, with a severity: serious. Will see if I can reproduce with a simpler test-case. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#860695: win32-loader: FTBFS on i386: segmentation fault
Control: tags -1 +moreinfo +help Le mercredi, 19 avril 2017, 09.28:30 h CEST Lucas Nussbaum a écrit : > During a rebuild of all packages in stretch (in a stretch chroot, not a > sid chroot), your package failed to build on i386. win32-loader is a arch:all package, and is "usually" built on amd64 buildds, on which it builds fine. This i386-specific FTBFS has been visible through the reproducible builds infrastructure for a while: https://tests.reproducible-builds.org/debian/rb-pkg/testing/i386/win32-loader.html > Relevant part (hopefully): Actually: > > # Prepare the README file > > awk > > '{sub(/@PACKAGES_LIST@/,"grub2 2.02~beta3-5 > > http://ftp.debian.org/debian/pool/main/g/grub2\ncpio > > 2.11+dfsg-6 http://ftp.debian.org/debian/pool/main/c/cpi > > o\ngzip 1.6-5 http://ftp.debian.o > > rg/debian/pool/main/g/gzip\ngnupg22.1.18-6 > > http://ftp.debian.org/debian/pool/main/g/gnupg2\ndebian-archive-keyr > > ing2014.3http://ftp.debian.org/debian/pool/main/d/ > > debian-archive-keyring\nloadlin 1.6f-5 > > http://ftp.debian.org/debian/pool/main/l/loadlin\nipxe > > 1.0.0+git-20161027.b991c6 > > http://ftp.debian.org/debian/pool/main/i/ipxe\nnsis > > 2.51-1http://ftp.debian.org/debian/pool/main/n/nsis\nl > > ibgcrypt20 1.7.6-1 http://ftp.debian.org/d > > ebian/pool/main/l/libgcrypt20\nlibgpg-error 1.26-2 > > http://ftp.debian.org/debian/pool/main/l/libgpg-error\n;)}1 \ > > {sub(/@NSIS_VERSION@/,"2.51-1+b1")}1 \ > > {sub(/@W32_VERSION@/,"0.8.2")}1' \ > > debian/win32-loader_doc.txt > win32-loader_0.8.2_all.txt > > Segmentation fault `awk` segfaults here. This seems to be an awk bug, or problem. Is the command- line for it too long, or is it something else? Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#860520: Voting for TC Chair
Le mardi, 18 avril 2017, 08.58:03 h CEST Didier 'OdyX' Raboud a écrit : > ===BEGIN=== > > The chair of the Debian Technical Committee will be: > > A: Keith Packard > B: Didier Raboud > C: Tollef Fog Heen > D: Sam Hartman > E: Phil Hands > F: Margarita Manterola > G: David Bremner > ===END=== I vote: B > E > D = C > F = G > A -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#862051: Call for vote on allowing nodejs to provide /usr/bin/node
Le samedi, 29 juillet 2017, 22.05:34 h CEST Tollef Fog Heen a écrit : > === Resolution === > > The Technical Committee recognises that circumstances change in ways > that make previous resolutions no longer appropriate. In 2012, it was > resolved that the nodejs package should not provide /usr/bin/node due to > the historical conflict with the ax25-node package. Node.js is still > quite popular and the ax25-node package is no longer in stable, testing > or unstable so the requirement for nodejs to not provide /usr/bin/node > no longer applies. > > The Committee therefore resolves that: > > 1. The CTTE decision from 2012-07-12 in bug #614907 is repealed. > > This means Debian's normal policies and practices take over and the > nodejs package is free to provide /usr/bin/node. The migration should > be managed according to Debian's usual backwards-compatibility > arrangements. > > === End Resolution === > > R: Approve resolution and repeal the CTTE decision from 2012-07-12. > F: Further Discussion I vote R>F -- OdyX
Bug#839172: TC decision regarding #741573 menu policy not reflected yet
Control: reassign -1 debian-policy 4.0.0.4 Control: affects -1 + tech-ctte Hi Sean, Le mardi, 1 août 2017, 11.01:10 h CEST Sean Whitton a écrit : > On Thu, Sep 29, 2016 at 02:55:31PM -0400, Sam Hartman wrote: > > We also approved the decision that packages should not include both a > > menu file and a desktop file. > > For reference, Policy currently says that packages should include a > desktop file, and may also include a menu file for the sake of old > window managers. > > So the change that was approved is: For reference, the TC decision was announced on d-d-announce: https://lists.debian.org/debian-devel-announce/2015/09/msg0.html And, as far as I could tell, although the specific commit has made its way into Policy, point 2 of the TC decision still needs wording: >2. In addition to those changes, the Technical Committee resolves > that packages providing a .desktop file shall not also provide a > menu file for the same application. So yes, point 2 corresponds to your: > - delete that paragraph > - add a new paragraph saying "if there is a desktop file, there should > be no menu file" Point 3 & 4 are up to the maintainers of 'menu'; point 5 & 6 just state where in policy the fine-tuning of the menu integration should happen. > This is not strictly equivalent to "packages should not include both a > menu file and a desktop file", but given that we have deprecated menu > files, it seems like the right way to reflect the change. At the risk of sounding procedural, "right way" or not, the TC has used its power under §6.1.1 and set policy for that change. > > The action to draft language for that has stalled in the policy > > process. > > Is there a policy bug that got stalled? If not, maybe this bug should > just be reassigned to policy? We filed that bug at times when the policy team seemed unable to get to that subject on its own; we also set to work on specific wording ever since (without success), and finally decided to assign some of us to work on that during DebConf17. That said, now that thanks to new forces, the process seems vivid and strong again, it does indeed make sense to reassign that to Policy. I'm hereby doing this, marking the TC as "affected". We'd still be happy to help on the wording, ideally during DebConf! Many thanks in advance for your energy to get this to closure! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#839172: TC decision regarding #741573 menu policy not reflected yet
Le jeudi, 3 août 2017, 08.53:09 h CEST Didier 'OdyX' Raboud a écrit : > Le mardi, 1 août 2017, 11.01:10 h CEST Sean Whitton a écrit : > > On Thu, Sep 29, 2016 at 02:55:31PM -0400, Sam Hartman wrote: > > > We also approved the decision that packages should not include both a > > > menu file and a desktop file. > > > > For reference, Policy currently says that packages should include a > > desktop file, and may also include a menu file for the sake of old > > window managers. > > > The action to draft language for that has stalled in the policy > > > process. > > > > Is there a policy bug that got stalled? If not, maybe this bug should > > just be reassigned to policy? I now gathered some old memories and remembered that there was indeed a bug about this that got stalled: #707851 (which was the TC bug). See from message #475 (September 2015), where I tried to push a wording quite similar to yours to Policy: > +Applications that are registred in the desktop menu shall not also > +provide a Debian menu file for the same application. So https://lists.debian.org/debian-policy/2015/09/msg00024.html is the start of the thread that stalled. I read the arguments back then as critics against the TC decision itself, not discussions about the wording. My argument back then (and it has not changed) is that now that the TC decision is made, it should find it's way into the Policy. So… I'm fine with your wording, but thought it'd be useful to point at the previous discussion about this very subject. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#871668: Remote editition of local documents should be opt-in rather than opt-out
Package: gobby Version: 0.5.0-8.1 Severity: normal On initial start (and upgrade), the "allow remote users to edit local documents" checkbox is ticked. At a conference like DebConf17, it led to have plenty of people 'pollute' the list of documents, and makes the "centralized gobby server" use-case more confusing. I also tend to think it's a bad default, especially as it comes along without a requirement to enter a password. Cheers, OdyX -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gobby depends on: ii dpkg1.18.24 ii libatk1.0-0 2.24.0-1 ii libatkmm-1.6-1v52.24.2-2 ii libc6 2.24-14 ii libcairo-gobject2 1.14.10-1 ii libcairo2 1.14.10-1 ii libcairomm-1.0-1v5 1.12.2-1 ii libgcc1 1:7.1.0-13 ii libgdk-pixbuf2.0-0 2.36.5-2 ii libglib2.0-02.53.4-3 ii libglibmm-2.4-1v5 2.50.1-1 ii libgnutls30 3.5.14-2 ii libgsasl7 1.8.0-8+b2 ii libgtk-3-0 3.22.17-1 ii libgtkmm-3.0-1v53.22.1-1 ii libgtksourceview-3.0-1 3.22.2-1 ii libinfgtk3-0.6-00.6.7-2 ii libinfinity-0.6-0 0.6.7-2 ii libpango-1.0-0 1.40.6-1 ii libpangocairo-1.0-0 1.40.6-1 ii libpangomm-1.4-1v5 2.40.1-3 ii libsigc++-2.0-0v5 2.10.0-1 ii libstdc++6 7.1.0-13 ii libxml++2.6-2v5 2.40.1-1 ii libxml2 2.9.4+dfsg1-3 gobby recommends no packages. Versions of packages gobby suggests: ii avahi-daemon 0.6.32-2 -- no debconf information
Bug#871917: hplip-gui: hp-toolbox will not start
Le samedi, 12 août 2017, 18.17:51 h EDT Brad Rogers a écrit : > Actually, that info is in my original bug report, but wy too far > down. I hadn't realised just how much info reportbug had put in place. > I'll know to check next time. Nah, I should have checked, don't worry. Cheers, OdyX
Bug#871917: hplip-gui: hp-toolbox will not start
Control: severity -1 serious Le samedi, 12 août 2017, 15.13:06 h EDT Brad Rogers a écrit : > Since upgrading to v3.17.7+repack0-2 hp-toolbox fails to start, wether from > SysTray, Menu or Shell. > > Attempts to run from shell give the following output; Thanks for the log. That's actually 'serious', and hplip should not IMHO migrate to testing with that bug. Cheers, OdyX
Bug#871784: Apache: Replace redirects by passthroughs so that https://bugs.debian.org/123456 stays as URL
Package: bugs.debian.org Severity: wishlist Hi there Don, following your talk @DebConf17, I just went ahead and wrote a quick patch (two, actually) to replace browser-side redirects with Apache passthroughs. I've only done a quick test without cgi-bin in the loop, but it seems to work directly. It seems like it's merely a s/L,R/PT/ accross the Apache configuration. Cheers, OdyX >From cf9d1519ac04a272f0e32062077154cc0ec4dab0 Mon Sep 17 00:00:00 2001 From: Didier RaboudDate: Thu, 10 Aug 2017 18:27:12 -0400 Subject: [PATCH 1/2] Use PT|passthrough redirects for ^/([0-9]+)$ for bugreport.cgi & ^/([^/]+)$ for pkgreport.cgi --- examples/apache.conf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/apache.conf b/examples/apache.conf index 0c1315d..7ed13c6 100644 --- a/examples/apache.conf +++ b/examples/apache.conf @@ -43,6 +43,7 @@ # RewriteMap fix-chars int:noescape RewriteCond %{REQUEST_URI} ^/(Access\.html|Developer\.html|Reporting\.html|server-request\.html|server-control\.html|server-refcard\.html).* [NC] RewriteRule .* - [L] -RewriteRule ^/([0-9]+)$ /cgi-bin/bugreport.cgi?bug=$1 [L,R,NE] -RewriteRule ^/([^/]+)$ /cgi-bin/pkgreport.cgi?pkg=$1 [L,R,NE] +# PT|passthrough to bugreport.cgi and pkgreport.cgi +RewriteRule ^/([0-9]+)$ /cgi-bin/bugreport.cgi?bug=$1 [PT,NE] +RewriteRule ^/([^/]+)$ /cgi-bin/pkgreport.cgi?pkg=$1 [PT,NE] -- 2.14.0 >From 1b98c0b8958b53d9fd1f32cdd771d6fe400499e8 Mon Sep 17 00:00:00 2001 From: Didier Raboud Date: Thu, 10 Aug 2017 18:30:12 -0400 Subject: [PATCH 2/2] Use PT|passthrough redirects also for all other rewrites --- examples/apache.conf | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/apache.conf b/examples/apache.conf index 7ed13c6..6232e03 100644 --- a/examples/apache.conf +++ b/examples/apache.conf @@ -32,14 +32,14 @@ # The following two redirect to up-to-date pages RewriteRule ^/[[:space:]]*#?([[:digit:]][[:digit:]][[:digit:]]+)([;&].+)?$ /cgi-bin/bugreport.cgi?bug=$1$2 [L,R,NE] RewriteRule ^/([^/+]*)([+])([^/]*)$ "/$1%%{%}2B$3" [N] -RewriteRule ^/[Ff][Rr][Oo][Mm]:([^/]+\@.+)$ /cgi-bin/pkgreport.cgi?submitter=$1 [L,R,NE] +RewriteRule ^/[Ff][Rr][Oo][Mm]:([^/]+\@.+)$ /cgi-bin/pkgreport.cgi?submitter=$1 [PT,NE] # Commented out, 'cuz aj says it will crash master. (old master) # RewriteRule ^/[Ss][Ee][Vv][Ee][Rr][Ii][Tt][Yy]:([^/]+\@.+)$ /cgi-bin/pkgreport.cgi?severity=$1 [L,R] -RewriteRule ^/([^/]+\@.+)$ /cgi-bin/pkgreport.cgi?maint=$1 [L,R,NE] -RewriteRule ^/mbox:([[:digit:]][[:digit:]][[:digit:]]+)([;&].+)?$ /cgi-bin/bugreport.cgi?mbox=yes=$1$2 [L,R,NE] -RewriteRule ^/src:([^/]+)$ /cgi-bin/pkgreport.cgi?src=$1 [L,R,NE] -RewriteRule ^/severity:([^/]+)$ /cgi-bin/pkgreport.cgi?severity=$1 [L,R,NE] -RewriteRule ^/tag:([^/]+)$ /cgi-bin/pkgreport.cgi?tag=$1 [L,R,NE] +RewriteRule ^/([^/]+\@.+)$ /cgi-bin/pkgreport.cgi?maint=$1 [PT,NE] +RewriteRule ^/mbox:([[:digit:]][[:digit:]][[:digit:]]+)([;&].+)?$ /cgi-bin/bugreport.cgi?mbox=yes=$1$2 [PT,NE] +RewriteRule ^/src:([^/]+)$ /cgi-bin/pkgreport.cgi?src=$1 [PT,NE] +RewriteRule ^/severity:([^/]+)$ /cgi-bin/pkgreport.cgi?severity=$1 [PT,NE] +RewriteRule ^/tag:([^/]+)$ /cgi-bin/pkgreport.cgi?tag=$1 [PT,NE] # RewriteMap fix-chars int:noescape RewriteCond %{REQUEST_URI} ^/(Access\.html|Developer\.html|Reporting\.html|server-request\.html|server-control\.html|server-refcard\.html).* [NC] RewriteRule .* - [L] -- 2.14.0
Bug#868283: cups-browsed ignores "DefaultPolicy authenticated" from cupsd.conf
Control: severity -1 important Le vendredi, 14 juillet 2017, 08.54:29 h CEST Christoph Pleger a écrit : > cups-browsed from Debian stretch ignores the "DefaultPolicy > authenticated" entry in my cupsd.conf, so that all browsed-imported > printers in /etc/cups/printers.conf are listed with "OpPolicy default". > That differs from how it was in older Debian versions and their > cups-browseds, and it allows users to print with another user id than > their own without authentication, critical in an environment like ours > where users have to pay for their print quota. Although a bug that needs to be investigated, that certainly doesn't qualify as "critical" in Debian Bug severities [0]. At most 'important'. No time _right now_ to investigate this, but tagging at the correct severity for now. Cheers, OdyX [0] https://www.debian.org/Bugs/Developer#severities signature.asc Description: This is a digitally signed message part.
Bug#864973: stretch-pu: package win32-loader/0.8.3+deb9u1
Le dimanche, 25 juin 2017, 22.53:27 h CEST Cyril Brulebois a écrit : > Looks good to me, feel free to upload, thanks. > > By the way, we probably shouldn't be using “stable” in URLs, but the > target distribution (stretch here)? Uploaded. I noticed 0.8.4 hasn't migrated to testing, which might cause an issue though: do we need to put 0.8.3+deb9u1 in testing, or migrate 0.8.4 (with the ftp- master dance) ? Cheers, OdyX
Bug#867818: No printer listed in some applications when no default printer is set
Control: tags -1 +patch +pending Le lundi, 10 juillet 2017, 09.28:00 h CEST Viktor Jägersküpper a écrit : > Brian Potkin: > > On Sun 09 Jul 2017 at 17:41:00 +, Viktor Jägersküpper wrote: > >> The bug is already fixed upstream. > > > > Reference, please. > > https://github.com/apple/cups/commit/ b2f85109da901eb652babdc4f2a846c1c28228ff Ah, great, thank you for the reference! Will include in the next upload! Cheers, OdyX
Bug#868374: Build failed with sbuild and pdebuilder
Control: tags -1 +unreproducible +moreinfo Le samedi, 15 juillet 2017, 09.06:09 h CEST Jörg Frings-Fürst a écrit : > for the sane-backends transition I test the build and I got errors with > > all build systems: > > $ sbuild Weird, it works on the Debian buildds… Can you make sure you have pyppd installed? Cheers, OdyX
Bug#862051: Allow nodejs to provide /usr/bin/node (draft resolution)
Le mercredi, 19 juillet 2017, 21.35:33 h CEST Tollef Fog Heen a écrit : > === DRAFT Resolution v2 === > > The Technical Committee recognises that circumstances change in ways > that make previous resolutions no longer appropriate. In 2012, it was > resolved that the nodejs package should not provide /usr/bin/node due to > the historical conflict with the ax25-node package. Node.js is still > quite popular and the ax25-node package is no longer in stable, testing > or unstable so the requirement for nodejs to not provide /usr/bin/node > no longer applies. > > The Committee therefore resolves that: > > 1. The CTTE decision from 2012-07-12 in bug #614907 is repealed. > > This means Debian's normal policies and practices take over and the > nodejs package is free to provide /usr/bin/node. The migration should > be managed according to Debian's usual backwards-compatibility > arrangements. > > === End DRAFT Resolution v2 === Thank you for that draft; we can vote on it as far as I'm concerned. Cheers, OdyX
Bug#840643: jessie-pu: package cups/1.7.5-11+deb8u1
Le mardi, 27 juin 2017, 20.32:11 h CEST Cyril Brulebois a écrit : > Assuming that this was successfully tested (including by setting those > two options to restore support for insecure crypto) on a jessie system, > and once you've fixed the codename in debian/changelog (you want jessie > rather than jessie-security), feel free to upload. Uploaded now after testing. I also fixed a typo in the changelog: AllowSSLv3 vs AllowSSL3 (superfluous 'v'). Sorry for the delay. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#869547: udev-rule-missing-subsystem false-positive when rules file uses a GOTO
Package: lintian Version: 2.5.52 Severity: minor usb-modeswitch-data ships with 40-usb_modeswitch.rules [0] which has 388 rules that all trigger the udev-rule-missing-subsystem lintian warning. Point is, that file has all the matching entries within a SUBSYSTEM/GOTO block (see lines 12 and 1181); that makes the lintian warning a false positive. I have added this lintian warning override in the package but figured it would be nice to let you know. Cheers, OdyX [0] http://sources.debian.net/src/usb-modeswitch-data/20170205-1/40-usb_modeswitch.rules/
Bug#868743: gutenprint FTBFS on mips64el: check-TESTS killed with signal TERM after 150 minutes of inactivity
Control: severity -1 important Control: retitle -1 gutenprint sometimes FTBFS on mips64el: check-TESTS killed with signal TERM after 150 minutes of inactivity Le mardi, 18 juillet 2017, 11.05:34 h CEST Adrian Bunk a écrit : > https://buildd.debian.org/status/fetch.php?pkg=gutenprint=mips64el= > 5.2.13-1=1500347072=0 > > ... > Making check in cups > make[4]: Entering directory '/<>/src/cups' > make check-TESTS > make[5]: Entering directory '/<>/src/cups' > make[6]: Entering directory '/<>/src/cups' > E: Build killed with signal TERM after 150 minutes of inactivity It built when it was retried on mipsel-aql-03; hereby downgrading the severity accordingly. Cheers, OdyX
Bug#866778: lsb-release: lsb_release --all displays inconsistent information
Control: tags -1 +wontfix Le samedi, 1 juillet 2017, 18.38:28 h CEST GT a écrit : >* What led up to the situation? > use of the command lsb_release --all > > :~$ lsb_release --all > > No LSB modules are available. > Distributor ID: Debian > Description:Debian GNU/Linux oldstable-updates (sid) > Release:oldstable-updates > Codename: sid > > >* What outcome did you expect instead? > > An accurate report: > :~$ cat /usr/lib/os-release > > PRETTY_NAME="Debian GNU/Linux buster/sid" > NAME="Debian GNU/Linux" > ID=debian > HOME_URL="https://www.debian.org/; > SUPPORT_URL="https://www.debian.org/support; > BUG_REPORT_URL="https://bugs.debian.org/; > > > why lsb-release diplays sid while i am using buster? lsb-release cannot _know_ that you're u sing buster and not sid, as the /usr/lib/os-release file (as shipped by base-files) contains this "buster/ sid" string (you also find this in /etc/debian_version, which is what lsb_release.py uses). That's specifically made to avoid having to have one base-files package per suite, which would make base-files more of a special package than it already is. As, technically, a set of "unstable" packages could also be a valid set of "testing" packages (5 days without bugs or uploads later, for instance), it's impossible to guess from the files on the system whether it's running "testing" or "unstable". And finally, don't rely on lsb_release's output for anything non-stable; it's bound to be unreliable, by construction. One should really rely on feature-detection rather than version-matching. Hereby closing as not-a-bug. Cheers, OdyX
Bug#732445: debian-policy should encourage verification of upstream cryptographic signaturse
Le lundi, 7 août 2017, 09.40:22 h EDT Russ Allbery a écrit : > Daniel Kahn Gillmorwrites: > > debian-policy should encourage verification of upstream cryptographic > > signatures. Yes. > diff --git a/policy.xml b/policy.xml > index 6086901..c14d9b4 100644 > --- a/policy.xml > +++ b/policy.xml > @@ -2556,11 +2556,28 @@ endif > > > This is an optional, recommended configuration file for the > -uscan utility which defines how to > +uscan utility which defines how to > automatically scan ftp or http sites for newly available updates > of the package. This is used Debian QA tools to help with quality While were at patching this, this sentence should read: > This is used _by_ Debian QA tools … or > This is used _by some_ Debian QA tools… Other than that, seconded! Cheers, OdyX
Bug#871262: override: Downgrading priorities of sensible-utils, lsb-base, multiarch-support
Le lundi, 7 août 2017, 14.53:25 h EDT Andreas Henriksson a écrit : > lsb-base -> optional (previously required) > - sysvinit-core pulls in lsb-base (via a dependency chain) > - under systemd packages should either: >- have a masking native unit >- directly depend on lsb-base if needed (lintian check exists already) Fwiw, just uploaded src:lsb with that change. -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#862732: cups-filters: unreadable file /usr/lib/cups/backend/serial
Control: tags -1 +moreinfo Le mardi, 16 mai 2017, 12.13:23 h CEST Alexander Kurtz a écrit : > Your package ships a file in /usr which is unreadable for regular > users. That's the justification from the source: # Make the serial backend run as root, since /dev/ttyS* are # root:dialout and thus not accessible as user lp chmod 700 debian/cups-filters/usr/lib/cups/backend/serial … but I think it would work with a chmod 744. Alexander: do you have a serial printer; and could you test? Till: as you're the initial committer of that code; any opinion ? Cheers, OdyX
Bug#862732: cups-filters: unreadable file /usr/lib/cups/backend/serial
Control: tags -1 +pending -moreinfo Le mardi, 16 mai 2017, 15.04:26 h CEST Till Kamppeter a écrit : > The "serial" backend is a CUPS backend which has to run as root to > correctly work. CUPS decides which backends run as roo by the file > permissions of the backends. One of the backends which comes with CUPS > and has to run as root is the "usb" backend: > > -r-xr--r-- 2 root root 34808 Mar 23 14:55 /usr/lib/cups/backend/usb > > This backend is still world-readable and only omits the execution bit > for anyone else than root itself (644 permissions). This should also > work with the "serial" backend in cups-filters. Ack, thanks for the explanation. I've fixed this in the upcoming 1.14.0 experimental upload. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#865485: Voting for TC Chair
Le mercredi, 21 juin 2017, 22.21:57 h CEST Didier 'OdyX' Raboud a écrit : > ===BEGIN=== > > The chair of the Debian Technical Committee will be: > > A: Keith Packard > B: Didier Raboud > C: Tollef Fog Heen > D: Sam Hartman > E: Phil Hands > F: Margarita Manterola > G: David Bremner > H: Niko Tyni > ===END=== I vote B > E > D = C > F = G = H > A -- OdyX signature.asc Description: This is a digitally signed message part.
Bug#865485: Voting for TC Chair
Package: tech-ctte Severity: normal Dear TC members, With the appointment of Niko to the TC and according to our current procedures¹, I am hereby announcing my immediate vacation of the chair position, triggering a new election. For clarity of the process, I am interested to continue serving as chair. The ballot is the following: ===BEGIN=== The chair of the Debian Technical Committee will be: A: Keith Packard B: Didier Raboud C: Tollef Fog Heen D: Sam Hartman E: Phil Hands F: Margarita Manterola G: David Bremner H: Niko Tyni ===END=== -- Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#862051: Refer #862051 to ctte (WAS: nodejs-legacy: possibly drop this package, now that ax25-node has been removed?)
Le vendredi, 19 mai 2017, 11.05:28 h CEST Margarita Manterola a écrit : > This, compounded with the fact that the old node will be gone in stretch, > means that it makes sense for nodejs to become node. > > Does anyone think differently? I concur with your analysis; thank you for getting through the archives! OdyX
Bug#836127: Call for Votes for new TC member
Le mardi, 13 juin 2017, 20.08:38 h CEST Didier 'OdyX' Raboud a écrit : > ===BEGIN > The Technical Committee recommends that Niko Tyni <nt...@debian.org> be > appointed by the Debian Project Leader to the Technical Committee. > > N: Recommend to Appoint Niko Tyni <nt...@debian.org> > F: Further Discussion > ===END I vote: N > F Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#864973: stretch-pu: package win32-loader/0.8.3+deb9u1
Package: release.debian.org Severity: normal Tags: stretch User: release.debian@packages.debian.org Usertags: pu As discussed on debian-boot starting from https://lists.debian.org/4374235.3xk2uo9...@odyx.org , win32-loader (in stretch) still doesn't use the deb.debian.org agreed-upon mirror. Also, as it's standalone version embeds multiple other packages (as listed on https://deb.debian.org/debian/tools/win32-loader/stable/win32-loader.txt ), the 0.8.3 version as released with Stretch still contains jessie's debian-archive-keyring. Specifically, we held this upload back then because we were waiting on gnupg's 2.1.18-8 (which pu request is tracked in #863734) It would be good to have an updated win32-loader in Stretch; the possible debdiff would be attached. Cheers, OdyX diff -Nru win32-loader-0.8.3/branch.nsi win32-loader-0.8.3+deb9u1/branch.nsi --- win32-loader-0.8.3/branch.nsi 2017-01-01 11:40:06.0 +0100 +++ win32-loader-0.8.3+deb9u1/branch.nsi2017-06-18 10:21:47.0 +0200 @@ -63,7 +63,7 @@ StrCpy $base_path_images "netboot/debian-installer/hurd-$arch" ${EndIf} ${Else} -StrCpy $base_url "http://httpredir.debian.org/debian/dists/stable/; +StrCpy $base_url "http://deb.debian.org/debian/dists/stable/; ${If} $kernel == "linux" ; Only Debian GNU/Linux will have a stable branch for the stretch cycle StrCpy $base_path_hashes"main/installer-$arch/current/images/" diff -Nru win32-loader-0.8.3/debian/changelog win32-loader-0.8.3+deb9u1/debian/changelog --- win32-loader-0.8.3/debian/changelog 2017-04-19 18:03:11.0 +0200 +++ win32-loader-0.8.3+deb9u1/debian/changelog 2017-06-18 10:25:41.0 +0200 @@ -1,3 +1,10 @@ +win32-loader (0.8.3+deb9u1) stretch; urgency=medium + + * Drop bz2 compression for source + * Replace all mirror urls with deb.debian.org + + -- Didier RaboudSun, 18 Jun 2017 10:25:41 +0200 + win32-loader (0.8.3) unstable; urgency=low * The « Pippita » release diff -Nru win32-loader-0.8.3/debian/rules win32-loader-0.8.3+deb9u1/debian/rules --- win32-loader-0.8.3/debian/rules 2017-04-19 18:03:11.0 +0200 +++ win32-loader-0.8.3+deb9u1/debian/rules 2017-06-18 10:21:47.0 +0200 @@ -13,7 +13,7 @@ PACKAGES_LIST := $(shell set -e; \ for p in ${B_D_PACKAGES}; \ do \ - dpkg-query --showformat='$${source:Package;-25} $${source:Version;-25} http://ftp.debian.org/debian/pool/main/$${source:Package;1}/$${source:Package}\\n' --show $$p; \ + dpkg-query --showformat='$${source:Package;-25} $${source:Version;-25} http://deb.debian.org/debian/pool/main/$${source:Package;1}/$${source:Package}\\n' --show $$p; \ done) BUILT_USING_LIST := $(shell set -e; \ diff -Nru win32-loader-0.8.3/debian/source/options win32-loader-0.8.3+deb9u1/debian/source/options --- win32-loader-0.8.3/debian/source/options2014-08-28 20:34:04.0 +0200 +++ win32-loader-0.8.3+deb9u1/debian/source/options 1970-01-01 01:00:00.0 +0100 @@ -1,2 +0,0 @@ -# Compress source using bz2 -compression = bzip2 diff -Nru win32-loader-0.8.3/Makefile win32-loader-0.8.3+deb9u1/Makefile --- win32-loader-0.8.3/Makefile 2017-03-20 20:56:38.0 +0100 +++ win32-loader-0.8.3+deb9u1/Makefile 2017-06-18 10:21:47.0 +0200 @@ -181,7 +181,7 @@ $(NULL) genisoimage -r -J -o $@ netboot/daily -BASE_URL=http://ftp.nl.debian.org/debian/dists/stable/main +BASE_URL=http://deb.debian.org/debian/dists/stable/main netboot/download-stable-stamp: mkdir -p netboot/stable/install.{386,amd}/gtk wget $(BASE_URL)/installer-i386/current/images/netboot/debian-installer/i386/linux \
Bug#836127: Call for Votes for new TC member
I call for votes on the following ballot to fill a vacant seat in the TC. The voting period starts immediately and lasts for up to one week, or until the outcome is no longer in doubt (§6.3.1). ===BEGIN The Technical Committee recommends that Niko Tynibe appointed by the Debian Project Leader to the Technical Committee. N: Recommend to Appoint Niko Tyni F: Further Discussion ===END signature.asc Description: This is a digitally signed message part.
Bug#861843: unblock: (pre-approval) hplip/3.16.11+repack0-3
Control: tags -1 -moreinfo Le dimanche, 7 mai 2017, 16.25:00 h CEST Niels Thykier a écrit : > Didier 'OdyX' Raboud: > > I plan to upload hplip with a simple fix for #861731 (UnicodeDecodeError > > on some filenames) that has apparently been committed upstream. > > Ack, please go ahead and remove the moreinfo tag once the upload has > been ACCEPTed and the package built on all relevant release architectures. These have happened. Cheers, OdyX
Bug#861729: unblock: win32-loader/0.8.3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock Please unblock-udeb package win32-loader 0.8.3 as it fixes an FTBFS on i386 in stretch (and is always blocked because of the manual migration to be done by ftpmasters): > * Fix FTBFS on i386: use gawk to prepare README file (Closes: #860695) (This is a bug in mawk, reported as #860751) debdiff is attached. ftpmaster: please copy debian/tools/win32-loader/unstable into …/testing unblock-udeb win32-loader/0.8.3 Cheers, OdyX diff -Nru win32-loader-0.8.2/debian/changelog win32-loader-0.8.3/debian/changelog --- win32-loader-0.8.2/debian/changelog 2017-03-20 21:23:59.0 +0100 +++ win32-loader-0.8.3/debian/changelog 2017-04-19 18:03:11.0 +0200 @@ -1,3 +1,11 @@ +win32-loader (0.8.3) unstable; urgency=low + + * The « Pippita » release + + * Fix FTBFS on i386: use gawk to prepare README file (Closes: #860695) + + -- Didier RaboudWed, 19 Apr 2017 18:03:11 +0200 + win32-loader (0.8.2) unstable; urgency=medium * The « Iao » release diff -Nru win32-loader-0.8.2/debian/control win32-loader-0.8.3/debian/control --- win32-loader-0.8.2/debian/control 2017-03-20 21:12:00.0 +0100 +++ win32-loader-0.8.3/debian/control 2017-04-19 18:03:11.0 +0200 @@ -10,6 +10,7 @@ mingw-w64, libgcrypt-mingw-w64-dev, libgpg-error-mingw-w64-dev, librsvg2-bin, icoutils, + gawk, gettext, grub-pc-bin (>= 1.99~rc1-3), imagemagick, diff -Nru win32-loader-0.8.2/debian/rules win32-loader-0.8.3/debian/rules --- win32-loader-0.8.2/debian/rules 2017-03-20 21:10:08.0 +0100 +++ win32-loader-0.8.3/debian/rules 2017-04-19 18:03:11.0 +0200 @@ -39,9 +39,9 @@ dh_auto_build # Prepare the README file - awk '{sub(/@PACKAGES_LIST@/,"$(PACKAGES_LIST)")}1 \ - {sub(/@NSIS_VERSION@/,"$(NSIS_VERSION)")}1 \ - {sub(/@W32_VERSION@/,"$(W32_VERSION)")}1' \ + gawk '{sub(/@PACKAGES_LIST@/,"$(PACKAGES_LIST)")}1 \ + {sub(/@NSIS_VERSION@/,"$(NSIS_VERSION)")}1 \ + {sub(/@W32_VERSION@/,"$(W32_VERSION)")}1' \ debian/win32-loader_doc.txt > $(W32_BYHAND_NAME).txt cat debian/copyright >> $(W32_BYHAND_NAME).txt endif
Bug#861843: unblock: (pre-approval) hplip/3.16.11+repack0-3
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: unblock I plan to upload hplip with a simple fix for #861731 (UnicodeDecodeError on some filenames) that has apparently been committed upstream. This is the changelog entry: > [ Gaurav Sood ] > * Fix handling of unicode filenames in sixext.py > (Closes: #861731, LP: #1480152) Please see the attached debdiff diff -Nru hplip-3.16.11+repack0/debian/changelog hplip-3.16.11+repack0/debian/changelog --- hplip-3.16.11+repack0/debian/changelog 2017-01-30 21:36:12.0 +0100 +++ hplip-3.16.11+repack0/debian/changelog 2017-05-04 18:35:44.0 +0200 @@ -1,3 +1,11 @@ +hplip (3.16.11+repack0-3) unstable; urgency=low + + [ Gaurav Sood ] + * Fix handling of unicode filenames in sixext.py +(Closes: #861731, LP: #1480152) + + -- Didier RaboudThu, 04 May 2017 18:35:44 +0200 + hplip (3.16.11+repack0-2) unstable; urgency=medium [ Brian Potkin ] diff -Nru hplip-3.16.11+repack0/debian/gbp.conf hplip-3.16.11+repack0/debian/gbp.conf --- hplip-3.16.11+repack0/debian/gbp.conf 2017-01-30 19:42:12.0 +0100 +++ hplip-3.16.11+repack0/debian/gbp.conf 2017-05-04 18:34:48.0 +0200 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/master +debian-branch = debian/stretch upstream-branch = upstream/latest pristine-tar = True diff -Nru hplip-3.16.11+repack0/debian/.git-dpm hplip-3.16.11+repack0/debian/.git-dpm --- hplip-3.16.11+repack0/debian/.git-dpm 2017-01-30 19:42:12.0 +0100 +++ hplip-3.16.11+repack0/debian/.git-dpm 2017-05-04 18:34:48.0 +0200 @@ -1,6 +1,6 @@ # see git-dpm(1) from git-dpm package -23ef661a83d0a96ba61be2eef3ac502a2c000724 -23ef661a83d0a96ba61be2eef3ac502a2c000724 +602e2d8fb42cf4b62bf245702f314fecf6a2227c +602e2d8fb42cf4b62bf245702f314fecf6a2227c eafc834119e19d43010499f9205cd5f4485973f4 eafc834119e19d43010499f9205cd5f4485973f4 hplip_3.16.11+repack0.orig.tar.xz diff -Nru hplip-3.16.11+repack0/debian/patches/0024-Fix-handling-of-unicode-filenames-in-sixext.py.patch hplip-3.16.11+repack0/debian/patches/0024-Fix-handling-of-unicode-filenames-in-sixext.py.patch --- hplip-3.16.11+repack0/debian/patches/0024-Fix-handling-of-unicode-filenames-in-sixext.py.patch 1970-01-01 01:00:00.0 +0100 +++ hplip-3.16.11+repack0/debian/patches/0024-Fix-handling-of-unicode-filenames-in-sixext.py.patch 2017-05-04 18:34:48.0 +0200 @@ -0,0 +1,29 @@ +From 602e2d8fb42cf4b62bf245702f314fecf6a2227c Mon Sep 17 00:00:00 2001 +From: Gaurav Sood +Date: Thu, 4 May 2017 18:32:08 +0200 +Subject: Fix handling of unicode filenames in sixext.py + +LP: #1480152 +Closes: #861731 +--- + base/sixext.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/base/sixext.py b/base/sixext.py +index 0bf4fc4f4..311bf72c6 100644 +--- a/base/sixext.py b/base/sixext.py +@@ -110,11 +110,11 @@ if PY3: + + + def to_string_utf8(s): +-return s.decode("utf-8") ++return s.decode("utf-8", 'ignore') + + + def to_string_latin(s): +-return s.decode("latin-1") ++return s.decode("latin-1", 'ignore') + + + def to_unicode(s, enc=None): diff -Nru hplip-3.16.11+repack0/debian/patches/series hplip-3.16.11+repack0/debian/patches/series --- hplip-3.16.11+repack0/debian/patches/series 2017-01-30 19:42:12.0 +0100 +++ hplip-3.16.11+repack0/debian/patches/series 2017-05-04 18:34:48.0 +0200 @@ -21,3 +21,4 @@ 0021-Fix-erroneous-tabs-in-hpps-python-code.patch 0022-Add-include-cups-ppd.h-in-various-places-as-CUPS-2.2.patch 0023-Fix-list-wrapping-in-scan.py-to-fix-generated-manpag.patch +0024-Fix-handling-of-unicode-filenames-in-sixext.py.patch
Bug#878641: ITP: argagg -- Argument Aggregator - Simple C++11 command line argument parser
Package: wnpp Severity: wishlist Owner: Didier 'OdyX' Raboud <o...@debian.org> Package name: argagg Version : 0.4.6 Upstream Author : Viet The Nguyen <vietjtngu...@gmail.com> URL : https://github.com/vietjtnguyen/argagg License : MIT Programming Lang: C++ Description : Argument Aggregator - Simple C++11 command line argument parser This is yet another C++ command line argument/option parser. It was written as a simple and idiomatic alternative to other frameworks like getopt, Boost program options, TCLAP, and others. The goal is to achieve the majority of argument parsing needs in a simple manner with an easy to use API. It operates as a single pass over all arguments, recognizing flags prefixed by - (short) or -- (long) and aggregating them into easy to access structures with lots of convenience functions. It defers processing types until you access them, so the result structures end up just being pointers into the original command line argument C-strings. . argagg supports POSIX recommended argument syntax conventions. Justification : argagg is a build dependency of "Planet Blupi" (http://blupi.org) which I intend to package for Debian. Package names : argagg-dev & argagg-dev-doc
Bug#878673: ITP: sdl-kitchensink -- FFmpeg and SDL2 based library for audio and video playback
Package: wnpp Severity: wishlist Owner: Didier 'OdyX' Raboud <o...@debian.org> Package name: sdl-kitchensink Version : 0.0.7 Upstream Author : Tuomas Virtanen <katajak...@gmail.com> URL : https://github.com/katajakasa/SDL_kitchensink License : MIT Programming Lang: C Description : FFmpeg and SDL2 based library for audio and video playback * Decoding video & audio via FFmpeg * Dumping video data on SDL_textures * Dumping audio data in the usual mono/stereo interleaved formats * Automatic audio and video conversion to SDL2 friendly formats * Synchronizing video & audio to clock * Seeking forwards and backwards * Bitmap & libass subtitle support. Justification : sdl-kitchensink is a build dependency of "Planet Blupi" (http://blupi.org) which I intend to package for Debian. Package names : libsdl-kitchensink0 libsdl-kitchensink-dev
Bug#878148: cups: Default ServerName wrong/not in sync with manual
Le jeudi, 12 octobre 2017, 16.34:48 h CEST Dominik George a écrit : > I said that I cannot access CUPS from the local network, not from loopback. The title of this bug is "Default ServerName wrong/not in sync with manual". I'm not sure I understand whether you think the documentation should be changed, or whether the _code_ should be changed. Could you please clarify? From the documentation, you need to have both a network-accessible IP in a `Listen` stanza, as well as the hostnames you want the scheduler to be accesssible to be listed in either `ServerName` and/or `ServerAlias`. What I can say is that from the source (scheduler/conf.c, around lines 956 in stable) https://sources.debian.net/src/cups/2.2.1-8/scheduler/conf.c/#L956 > else > { > if (gethostname(temp, sizeof(temp))) > { > cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to get hostname: %s", > strerror(errno)); > strlcpy(temp, "localhost", sizeof(temp)); > } > cupsdSetString(, temp); … ServerName is set from gethostname(2), which, by their manpages, return the same value as hostname(1), aka uname(2)'s nodename, which you can retrieve from $ uname -n. ServerName is set around these lines and there are various heuristics which add ServerAliases to that configuration. All these are logged at the 'debug' level. I've added a patch to log the ServerName cups takes: --- a/scheduler/conf.c +++ b/scheduler/conf.c @@ -891,6 +891,7 @@ cupsdReadConfiguration(void) } cupsdSetString(, temp); +cupsdLogMessage(CUPSD_LOG_DEBUG, "Set ServerName %s", temp); With this in place, and debugging enabled via `cupsctl --debug-logging` (see [0] for a very good documentation), a restart of the server gives me: D [12/Oct/2017:17:21:25 +0200] Set ServerName gyllingar D [12/Oct/2017:17:21:25 +0200] Added auto ServerAlias gyllingar And: $ hostname -f gyllingar What is it that you get? And do you still think there's discrepancy between code and documentation? If so, which one do you think is wrong? Thanks in advance, Cheers, OdyX [0] https://wiki.debian.org/ DissectingandDebuggingtheCUPSPrintingSystem#The_CUPS_Error_Log
Bug#878326: cups FTCBFS: runs host architecture utilities during build again
Control: tags -1 +pending Le jeudi, 12 octobre 2017, 22.56:25 h CEST Helmut Grohne a écrit : > Thank you for applying my patch from #837936 to make cups cross build. > Unfortunately, that no longer works. When cross building cups, mantohtml > fails to run again (and #837936 was meant to fix that). > > It turns out that man/Makefile is now duplicated to man/Makefile.l10n > and it compiles its own mantohtml there with the builtin rule. Thus it > ends up using the wrong compiler and wrong flags. After copying the > relevant rule to man/Makefile.l10n, cups cross builds again. Please > consider applying the attached patch. Thanks for your scrutiny and your patch. Is there a "Cross-Builds Status" page I could monitor myself to proactively detect these ? Cheers, OdyX
Bug#754462: Bug#862051: nodejs (6.11.2~dfsg-1) experimental; urgency=medium
Le mardi, 29 août 2017, 17.46:22 h CEST Thorsten Glaser a écrit : > Leave /usr/bin/nodejs there for at least one more release. I'll just note for the purpose of the TC discussion that as of nodejs 6.11.2~dfsg-3 (the version currently in unstable) , the /usr/bin/nodejs → node symlink still exists, so at this point, I don't consider there is material for a TC decision either way, but it's an important conversation to be had. Jérémy: could you maybe clarify your plan and your rationale? This would help putting everyone on common grounds. Cheers, OdyX
Bug#754462: Bug#862051: nodejs (6.11.2~dfsg-1) experimental; urgency=medium
Le mardi, 29 août 2017, 12.32:19 h CEST Sam Hartman a écrit : > > "Thorsten" == Thorsten Glaserwrites: > Thorsten> Hi, > > >> * Restore /usr/bin/node following CTTE #862051 Let's try to drop > >> /usr/bin/nodejs before buster. Replaces and Conflicts > >> nodejs-legacy. Closes: #754462. > > Thorsten> please do NOT completely replace an ABI between releases. > Thorsten> Leave /usr/bin/nodejs there for at least one more release. > > > I agree. > Even if you get everything in Debian fixed, you won't know about user > scripts that have been designed around what Debian does. Right. Searching for "/usr/bin/nodejs" on github [0] shows around 27'500 occurences. > Giving people a release to deal with transitions is a great thing to do > when there's no good reason not to. > Maintaining a symlink for a release seems a low cost. True. On the other hand, the fact that Debian "created" /usr/bin/nodejs also means it's on Debian's hands to eventually remove it. For good reasons, Debian forcibly introduced a special-case when Node.js first appeared in a stable release through only shipping it under /usr/bin/nodejs. That forced hundreds of projects to cope with that, probably often through supporting both /usr/bin/node and /usr/bin/nodejs I suspect. I'm quite convinced that large parts of the Node.js ecosystem will cope well without any /usr/bin/nodejs available in stretch. So I'm not convinced it's really worth the trouble to keep it around for another stable release; I'd probably be fine with a swap of the setup we had (with the convenience symlink in a different and not-installed-by-default package). > For that matter I really can't see a good reason to ever drop the > symlink. I want Debian to be able to move on and ahead; cleaning up past special-cases from our stable releases is good. We only support stable-to-stable upgrades for good reasons and removing such convenience symlinks falls in the same category as cleanup of maintainer scripts' code for oldstable-to-stable paths. I would strongly support removal of the symlink in bullseye. Cheers, OdyX [0] https://github.com/search?utf8=%E2%9C%93=%22%2Fusr%2Fbin%2Fnodejs %22=Code
Bug#873706: mdraid2 (pulling mdadm in) should not be required by udisks2 core
Package: udisks2 Version: 2.6.5-2 Severity: important udisks2 is a dependency of multiple Desktop Environments (through plasma-workspace, kde-plasma-workshop, gvfs-daemons) and pulls mdadm through libblockdev-mdraid2 dependencies. mdadm is the full-fledged daemon that handles MD RAID arrays, and I don't think it is useful or necessary in all Desktop Environments. Please make sure the mdraid2 libblockdev plugin is not _required_ by udisks2 core. Cheers, OdyX -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental'), (1, 'experimental-debug'), (1, 'buildd-unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.12.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages udisks2 depends on: ii dbus 1.11.16+really1.10.22-1 ii init-system-helpers1.49 ii libacl12.2.52-3+b1 ii libatasmart4 0.19-4+b1 ii libc6 2.24-17 ii libglib2.0-0 2.53.6-1 ii libgudev-1.0-0 230-3 ii libpam-systemd 234-2.3 ii libpolkit-agent-1-00.105-18 ii libpolkit-gobject-1-0 0.105-18 ii libsystemd0234-2.3 pn libudisks2-0 ii parted 3.2-17 ii udev 234-2.3 Versions of packages udisks2 recommends: ii dosfstools 4.1-1 ii eject2.1.5+deb1+cvs20081104-13.2 ii exfat-utils 1.2.7-1 ii gdisk1.0.1-1 ii ntfs-3g 1:2016.2.22AR.2-2 ii policykit-1 0.105-18 Versions of packages udisks2 suggests: pn btrfs-progs | btrfs-tools ii cryptsetup-bin 2:1.7.3-4 pn mdadm ii reiserfsprogs 1:3.6.25-7 ii xfsprogs 4.9.0+nmu1 -- no debconf information
Bug#429938: /usr/bin/pinentry-qt: pinentry-qt: does not show up in window list
Le mardi, 26 septembre 2017, 14.54:11 h CEST Daniel Kahn Gillmor a écrit : > With no followup for more than 6 months, i'm closing this bug report. > > Feel free to reopen if anyone is still having this problem! Sorry for my inaction there; it seems to work now for me, or I have a workaround in place. Thank you for the cleanup! -- OdyX
Bug#873090: RM: lsb-compat -- NBS; Deprecation for Buster
Package: ftp.debian.org Severity: normal Hi there, since it's 9.20170807 upload, src:lsb doesn't build the lsb-compat package anymore. The fact that lsb-compat is still around in unstable seems to confuse dak, and lsb-compat doesn't seem to be catched by the autodecruft. Please remove the lsb-compat binary package from unstable. Cheers, OdyX
Bug#870463: lp no longer honours default printers
Hi there martin, and thanks for your bugreport, Le mercredi, 2 août 2017, 10.22:13 h CEST martin f krafft a écrit : > Possibly related to #867818, /usr/bin/lp no longer honours a default > printer configured: > > albatross:~/FOR_FILING% head -1 ~/.cups/lpoptions > Default mfc9465cdn > albatross:~/FOR_FILING% lp -P 30 2017-08-02-Scans.pdf > lp: Error - no default destination available. I can't reproduce this; it works fine here for me. Let's see from some things fixed upstream: * https://github.com/apple/cups/issues/5072 - Do you happen to use a ServerAlias ? * https://github.com/apple/cups/commit/ c536b6c583abd9ea1b750f15e887b313ed7ad951 maybe ? Can you rebuild cups with these patches or would you like me to build a patched version for you? (I'd probably upload an upstream snapshot to experimental then) Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#676472: cups: please suggest a compatible inet server (for lpd support)
Control: tags -1 +wontfix Control: severity -1 wishlist Hi there Vincent, Le jeudi, 7 juin 2012, 17.47:59 h CEST Vincent McIntyre a écrit : > Somehow my system got installed with update-inetd but not inetutils-inetd. > > I wanted to turn on lpd support so installed cups-bsd. > update-inetd ran without apparrent errors when I did > # dpkg-reconfigure cups-bsd > to enable the lpd server, but there was no inetd.conf file to append to > and none was created. No error was indicated. > > Once I installed inetutils-inetd and reconfigured cups-bsd again, > things worked as expected. > > Possibly this is actually a bug in update-inetd but I'll leave that to > your discretion. As of 2017, I tend to think that lpd support should disappear for Buster. Iff we'd want to keep it, having cups-bsd get a Suggests: inetutils-inetd | inet-superserver, update-inetd _could_ make sense. I'm not going to investigate more than that; so if someone wants that in 2017's CUPS, please answer to this bug by saying so and confirming the above strategy makes sense. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#865649: cups HTTPS issues -- Lack of SHA-2 certificate, weak TLSv1.0 crypto
Le samedi, 26 août 2017, 15.47:20 h CEST Didier Raboud a écrit : > > * Generate SHA-2 signed certificates by default. This will lessenthe > > additional browser warnings. > > The CUPS server certificates are setup to be ssl-cert's (see symlinking code > in cups-daemon.postinst, so that's a good suggestion for that to be fixed > centrally in ssl-cert. Oh. As I was explaining bug #865598, I actually noticed that that symlinking code was just useless now (it symlinks to `…/server.crt` where CUPS uses `…/$(gethostname()).crt`). So the certificate creation indeed happens in CUPS (cups/tls-gnutls.c, line 184): > gnutls_x509_crt_sign(crt, crt, key); But I stand to my initial position: I'm not going to maintain a non-upstream patch queue of crypto code. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#863270: cups: https uses SHA-1 signature algorithm
Control: tags -1 +confirmed +upstream Control: forcemerge 865649 -1 Hi Henrich, and thank you for your bugreport, Le mercredi, 24 mai 2017, 18.26:11 h CEST Heinrich Schuchardt a écrit : > the cups webserver on port 631 supports the https protocol. > > When browsing cups using the https protocol a certificate/key pair is > created in /etc/cups/ssl. > > $ openssl x509 -in /etc/cups/ssl/hostname.crt -text > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 1495639838 (0x5925a71E) > Signature Algorithm: sha1WithRSAEncryption > Issuer: C = US, CN = hostname, O = hostname, OU = Unknown, ST = >(…) > > Using SHA-1 as signature algorithm is unsafe. > This algorithm will not be accepted in future browser versions. That's very much a problem yes, but upstream is aware of the problem. See https://github.com/apple/cups/issues/4876 for a somewhat recent discussion about this. > I have no clue why the country is set to US. That is not where my system is. > Please, remove this bogus when fixing the SHA-1 issue. http://sources.debian.net/src/cups/2.2.4-3/cups/tls-gnutls.c/#L151 is where this happens; the country code is guessed from the end of your locale setting. But all that is vain; we're talking about a self-signed certificate, which is not trusted (nor trustable nowadays) in modern browsers. Finally, from a Debian maintenance point of view, I'm not going to diverge from upstream code on crypto. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#865598: cups: CUPS server ignores SSL key and certificate setting
Control: tags -1 +upstream Control: tags -1 +wontfix Le vendredi, 23 juin 2017, 05.13:19 h CEST Drexl Johannes a écrit : > I've just upgraded to Stretch and noticed CUPS won't use my certificate/key > files any longer. It seems the options ServerCertificate and ServerKey have > moved somewhere else (or dropped without upgrade notice), and this isn't > really documented. CUPS now refuses to use those options alltogether, > insisting on FQDN.key and FQDN.crt for no apparent reason whatsoever, > generating the files as soon as one visits the web interface. The possible > solution to this was to manually symlink the intended certificate/key to > the hardcoded file names. While this works without (apparent) problems, I > don't think this should be necessary nor forced upon the user. ServerCertificate & ServerKey configuration directives' support has been dropped in CUPS 2.2~b1, so is replaced by ServerKeyChain (in /etc/cups/cups-files.conf) which indicates a keychain path (`ssl`, so `/etc/cups/ssl/` by default). The auto-generation is controlled by the option CreateSelfSignedCerts, that defaults to 'yes'. Actually, looking at the code, it seems that : cupsSetServerCredentials(…) is called with ServerName as second argument, without a possibility of that getting changed. ServerName is set as the result of gethostname(). All-in-all: * the cups.postinst certificate symlinking is not achieving what it wants: the symlinks are not used, and CUPS will generate new self-signed certificates on- demand anyway. We should either stop the symlinking (and defer to CUPS' code) or fix it (put ssl-cert's back). * I certainly agree that this migration away from ServerCertificate and ServerKey was suboptimally documented by upstream (and hence by Debian), but that's too late. :-/ * The forced certificate name is unfortunate, but of upstream' realm, and I don't really fancy forcefully changing that back to 'server.crt', as using the hostname is somewhat better, isn't it? Looking forward to your feedback! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#870463: lp no longer honours default printers
Control: tags -1 +upstream Control: severity -1 wishlist Control: forwarded -1 https://github.com/apple/cups/issues/5096 Control: retitle -1 lp error message when the configured default printer isn't available could be clearer Le samedi, 26 août 2017, 17.20:08 h CEST martin f krafft a écrit : > also sprach Didier 'OdyX' Raboud <o...@debian.org> [2017-08-26 15:20 +0200]: > > > albatross:~/FOR_FILING% head -1 ~/.cups/lpoptions > > > Default mfc9465cdn > > > albatross:~/FOR_FILING% lp -P 30 2017-08-02-Scans.pdf > > > lp: Error - no default destination available. > > I am sorry, I totally forgot about this bug report. Don't worry. I was just doing some routine bug triaging. > The problem was that the cups-browsed upgrade ended up with new device > names, so obviously the previous one "mfc9465cdn" no longer works. The error > message could be improved, i.e. "Invalid default destination specified in > config file: mfc9465cdn", but other than that, this isn't really a bug. > > What do you want me to do? Take this upstream? Downgrade? Close? Just did all of that. :-) See the control tags above. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#784512: Is anybody working on PySide2?
Le dimanche, 27 août 2017 16.53:30 h CEST, vous avez écrit : > Hi, > > python-ghost depends on pyside, which will be removed with Qt4. > Upstream already ported to pyside2, but I can't find pyside2 in > Debian, not even an ITP or RFP. But somewhere I read, that > pyside2 will be part of Qt. Is somebody working on this? It > would be bad to remove pyside from Debian before pyside2 is in > place, right? For what is worth: I'm not working on pyside, nor pyside2. I removed myself from both shiboken and pyside's uploader fields (but should really have mailed debian-python about that earlier). Cheers, OdyX
Bug#868316: cups-bsd: lpr does not print with "DefaultPolicy authenticated" in cupsd.conf
Control: tags -1 +upstream Le lundi, 28 août 2017, 14.47:40 h CEST Christoph Pleger a écrit : > I believe that I found a complete solution: > > What introduced the bug, is that httpAddrPort() from http-addr.c now > returns 0 in the case when connection type is AF_UNIX. That differs from > the cups version in jessie, where httpAddrPort returned 631 in that > case. Right. This was changed for CUPS 2.2~ b1. > As in my opinion, it makes sense to return 0 as port number in an > AF_UNIX connection, I did not change http-addr.c, but request.c so that > the port comparison is only relevant if the connection type is not > AF_UNIX. Thank you for the patch. It seems, from what I understand, that this change could have unintended consequences outside of the scope of fixing your very bug; it also really looks like something I'd like upstream to vouch for. Would you be interested to push a pull-request to upstream? It doesn't make a lot of sense for me to play proxy… https://github.com/apple/cups I'll happily backport whatever patch upstream has accepted! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#868316: cups-bsd: lpr does not print with "DefaultPolicy authenticated" in cupsd.conf
Le lundi, 28 août 2017, 16.39:57 h CEST Christoph Pleger a écrit : > Done, though I do not understand what you see as a possible problem > there. I guess that comparison of port numbers in an AF_UNIX connection > never makes sense ... Thank you; I've marked this bug as 'forwarded', accordingly. You might want to edit your pull-request to either target the branch-2.1 from upstream, or rebase yours on top of upstream's master; as-it-is it's quite confusing :-/ https://github.com/apple/cups/pull/5098 Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#868316: cups-bsd: lpr does not print with "DefaultPolicy authenticated" in cupsd.conf
Le mardi, 29 août 2017, 09.00:57 h CEST Christoph Pleger a écrit : > The request has already been acted on and the issue is closed. They did > not exactly apply my patch, but their solution does quite the same. Yep. I've seen; I am uploading the upstream snapshot to experimental and will backport that patch to unstable immediately after. Thank you very much for your time and energy! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#862051: nodejs (6.11.2~dfsg-1) experimental; urgency=medium
Le jeudi, 31 août 2017, 12.25:50 h CEST Ian Jackson a écrit : > Philip Hands writes ("Bug#862051: nodejs (6.11.2~dfsg-1) experimental; urgency=medium"): > > I guess that one could do something like moving the symlink into another > > -legacy style package, and recomend that from the main package for one > > release to keep upgrades happy. Then drop the recomendation, and wait > > for popcon to show that people are not installing the package any more. > > Then remove the package in testing early in a cycle and see if anyone > > reports bugs about it. > > Even that would be quite unfriendly, because third party scripts might > easily be deployed onto new Debian installs as well as existing ones. > > Also, it is imposing an administrative burden on all Debian users (the > metadata for the -legacy package, spurious search hits, etc.). That > burden might be small but would be completely unjustified. This exact argument stands against not allowing NodeJS to use /usr/bin/node in the first place, really. We accepted to enforce that change for the /usr/bin/ namespace "first-come-first-served" reason. We imposed a quite heavy administrative burden of either targetting /u/b/nodejs additionally or (finding out and) installing nodejs-legacy for anyone wanting to use NodeJS on Debian. Now, there are two categories of scripts affected by this discussion: * All scripts which support /u/b/nodejs *in addition* to /u/b/node. These do so _because_ of a Debian-specific change, and removing the /u/b/nodejs symlink is not going to break those. * All scripts which support /u/b/nodejs *exclusively*. These do so _because_ of a Debian-specific change, and don't support *any* non-Debian-derivative target (checked Fedora's nodejs RPMs: no /u/b/nodejs). Maintainers of those scripts have at one point decided to support only Debian{, and derivatives}. There are _plenty_ of changes that one needs to care about in a stable upgrade: things like mandatory postfixing of Apache configuration files, removal of specific Python3 versions, removal of upstart, etc. Having to change a shebang isn't a big deal given the amount of things one has to check accross a stable release upgrade. All that to say that despite the very small cost of keeping the symlink around, I do see value in closing the Debian-specific /u/b/nodejs chapter *at some point*. We should not clutter our future releases indefinitely with convenience symlinks for historical reasons, especially not when these were created _by_ Debian and have only been _in_ Debian. Le jeudi, 31 août 2017, 13.52:00 h CEST Jérémy Lal a écrit : > How about printing a "nice" warning explaining it would be a good idea to > move to /usr/bin/node ? Then in next next release drop the nodejs symlink. This seems like a very good plan to me: let /u/b/nodejs spit out a deprecation warning to stderr / syslog but pass all arguments to /u/b/node in Buster; remove it entirely in Bullseye & get proper release note entries for both Buster and Bullseye. Cheers. OdyX signature.asc Description: This is a digitally signed message part.
Bug#754462: Bug#862051: nodejs (6.11.2~dfsg-1) experimental; urgency=medium
Le jeudi, 31 août 2017, 13.58:23 h CEST Thorsten Glaser a écrit : > Do not drop it before *after* the next release, so people have, > at the very least, one full release of time to switch their > scripts in a way that works with both the old and new names > *first*, gradually. They have Stretch for that; it has both /usr/bin/nodejs and /usr/bin/node (in nodejs-legacy). Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#879103: ITP: doctest -- Light and feature-rich C++ testing framework
Package: wnpp Severity: wishlist Owner: Didier 'OdyX' Raboud <o...@debian.org> Package name: doctest Version : 1.2.5 Upstream Author : Viktor Kirilov <vik.kiri...@gmail.com> URL : https://github.com/onqtam/doctest License : MIT Programming Lang: C++ Description : Light and feature-rich C++ testing framework doctest is a light and feature-rich C++98 / C++11 single-header testing framework for unit tests and TDD. . It is inspired by the unittest {} functionality of the D programming language and Python's docstrings - tests can be considered a form of documentation and should be able to reside near the production code which they test. This isn't possible (or at least practical) with any other testing framework for C++. Justification: doctest is a B-D of argagg (ITP #878641) Package name: doctest-dev, as the package installs /usr/lib/doctest/doctest.h I welcome suggestions on the source or binary names, as well as packaging :)
Bug#878867: cups-filters: unreadable file /usr/lib/cups/backend/cups-brf
Le mardi, 17 octobre 2017, 23.08:52 h CEST Samuel Thibault a écrit : > Yes, this is on purpose, just like in the cups-pdf package: it has to be > run as root. Right, but couldn't CUPS (be changed to) use a different heuristic than the filter's access rights to determine if it has to be run as root? Cheers, OdyX
Bug#879526: dgit broken by recent dpkg (Can't locate object method "new" via package "Dpkg::Compression::Process" …)
Package: dgit Version: 3.12 Severity: important I finally wanted to try dgit today, but… $ dgit clone argagg canonical suite name for unstable is sid starting new git history downloading http://ftp.debian.org/debian//pool/main/a/argagg/argagg_0.4.6-2.dsc... downloading http://ftp.debian.org/debian//pool/main/a/argagg/argagg_0.4.6-1.dsc... last upload to archive: NO git hash % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 109k 100 109k0 0 109k 0 0:00:01 --:--:-- 0:00:01 381k % Total% Received % Xferd Average Speed TimeTime Time Current Dload Upload Total SpentLeft Speed 100 25308 100 253080 0 25308 0 0:00:01 --:--:-- 0:00:01 118k Can't locate object method "new" via package "Dpkg::Compression::Process" (perhaps you forgot to load "Dpkg::Compression::Process"?) at /usr/bin/dgit line 2185. Cheers, OdyX -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental'), (1, 'experimental-debug'), (1, 'buildd-unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages dgit depends on: ii apt 1.5 ii ca-certificates 20170717 ii coreutils 8.28-1 ii curl 7.55.1-1 ii devscripts2.17.10 ii dpkg-dev 1.19.0.3 ii dput-ng [dput]1.15 ii git [git-core]1:2.15.0~rc1-1 ii git-buildpackage 0.9.0 ii git-core 1:2.15.0~rc0-1 ii libdpkg-perl 1.19.0.3 ii libjson-perl 2.94-1 ii liblist-moreutils-perl0.416-1+b3 ii libperl5.24 [libdigest-sha-perl] 5.24.1-7 ii libperl5.26 [libdigest-sha-perl] 5.26.0-8 ii libtext-glob-perl 0.10-1 ii libtext-iconv-perl1.7-5+b6 ii libwww-perl 6.27-1 ii perl 5.26.0-8 Versions of packages dgit recommends: ii openssh-client [ssh-client] 1:7.6p1-2 Versions of packages dgit suggests: pn sbuild -- no debconf information
Bug#879535: doctest.h convenience copy: please use the Debian-provided doctest.h
Source: manaplus Version: 1.7.9.2-1 Severity: normal Tags: patch src:doctest just got accepted in Debian unstable and provides /usr/include/doctest/doctest.h in doctest-dev. In order to reduce the use of convenience copies, please patch manaplus to use this file instead of the src/unittests/doctest.h copy. A possible patch is attached. (I also note that the doctest.h's authorship and license are not represented in d/copyright) Cheers, OdyX diff -Nru manaplus-1.7.9.2/debian/changelog manaplus-1.7.9.2/debian/changelog --- manaplus-1.7.9.2/debian/changelog 2017-09-12 15:42:48.0 +0200 +++ manaplus-1.7.9.2/debian/changelog 2017-10-22 18:17:45.0 +0200 @@ -1,3 +1,10 @@ +manaplus (1.7.9.2-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Add doctest-dev Build-Depends and patch to use its doctest.h (Closes: #-1) + + -- Didier RaboudSun, 22 Oct 2017 18:17:45 +0200 + manaplus (1.7.9.2-1) unstable; urgency=medium * New upstream release. diff -Nru manaplus-1.7.9.2/debian/control manaplus-1.7.9.2/debian/control --- manaplus-1.7.9.2/debian/control 2017-09-12 15:42:48.0 +0200 +++ manaplus-1.7.9.2/debian/control 2017-10-22 18:17:45.0 +0200 @@ -5,6 +5,7 @@ Maintainer: Patrick Matthäi Standards-Version: 4.1.0 Build-Depends: debhelper (>= 10), + doctest-dev, libcurl4-gnutls-dev, libgl1-mesa-dev, libsdl1.2-dev, diff -Nru manaplus-1.7.9.2/debian/patches/series manaplus-1.7.9.2/debian/patches/series --- manaplus-1.7.9.2/debian/patches/series 1970-01-01 01:00:00.0 +0100 +++ manaplus-1.7.9.2/debian/patches/series 2017-10-22 18:09:53.0 +0200 @@ -0,0 +1 @@ +use_system_doctest.h diff -Nru manaplus-1.7.9.2/debian/patches/use_system_doctest.h manaplus-1.7.9.2/debian/patches/use_system_doctest.h --- manaplus-1.7.9.2/debian/patches/use_system_doctest.h1970-01-01 01:00:00.0 +0100 +++ manaplus-1.7.9.2/debian/patches/use_system_doctest.h2017-10-22 18:17:45.0 +0200 @@ -0,0 +1,28 @@ +Description: Use Debian-provided /usr/include/doctest/doctest.h instead of the convenience copy +Author: Didier Raboud +Last-Update: 2017-10-22 + +--- a/src/Makefile.am b/src/Makefile.am +@@ -2067,10 +2067,6 @@ + manaplustests_SOURCES += \ + unittests/catch.hpp + endif +-if ENABLE_UNITTESTS_DOCTEST +-manaplustests_SOURCES += \ +-unittests/doctest.h +-endif + + if MINGW + manaplustests_SOURCES += manaplus.rc +--- a/src/maingui.cpp b/src/maingui.cpp +@@ -60,7 +60,7 @@ + #endif // UNITTESTS_CATCH + #ifdef UNITTESTS_DOCTEST + #define DOCTEST_CONFIG_IMPLEMENT +-#include "unittests/doctest.h" ++#include "doctest/doctest.h" + #endif // UNITTESTS_DOCTEST + #else // UNITTESTS + #include "utils/xml.h"
Bug#881619: /etc/cups/cups-files.conf: cannot job-edit as root: root missing from SystemGroup
Control: tags -1 +wontfix Le lundi, 13 novembre 2017, 15.34:25 h CET Alban Browaeys a écrit : > per the man page root should be in cups-files.conf SystemGroup. > JobPrivateAccess requires @SYSTEM or @OWNER but root in not in any of > those. Thus root cannot job-edit (cancel jobs) > This forbid cups-pk-helper from cancelling jobs as it run as root. > > A workaround is adding "root" to "SystemGroup" (which includes > only lpadmin on debian). This was discussed last year: https://lists.debian.org/debian-printing/2016/11/msg00045.html > In other words, letting cups-pk-helper run as 'root' (but accept commands > from any allowed users) leads to a user-to-lpadmin privilege escalation. At > least, it defers access control away from CUPS to cups-pk-helper. See also https://bugs.debian.org/698504 https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/934291 The point is that we don't want to let anyone with access to cups-pk-helper delete jobs through it as that defeats the security mechanism put in place by CUPS. The solution is to get cups-pk-helper run as root but use the requesting user when using the CUPS API (so that it respects the "system group" restrictions of CUPS). In other words, I think this is a bug in how cups-pk-helper runs in Debian. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#880658: dgit server rejects unattributed commits
Package: dgit Version: 3.13 Severity: normal I want to use dgit to upload src:cups, but it fails when pusing to the server: dgit-repos-server: reject: corrupted object 5b59c734bfc13c2e40061b90d002bfe4794a646c (missing metadata) Indeed, 5b59c734bfc13c2e40061b90d002bfe4794a646c has a broken author: > commit 5b59c734bfc13c2e40061b90d002bfe4794a646c > Author: martin-eric.rac...@iki.fi <> > Date: Sat Jan 28 17:01:18 2012 +0200 > > [ Martin-Éric Racine ] > Removed myself from Uploaders. > (…) That's unfortunate, but it's history, and I wouldn't like to need to rewrite all of CUPS's history. What could be done on that front? Cheers, OdyX -- System Information: Debian Release: buster/sid APT prefers buildd-unstable APT policy: (990, 'buildd-unstable'), (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages dgit depends on: ii apt 1.6~alpha3 ii ca-certificates 20170717 ii coreutils 8.28-1 ii curl 7.56.1-1 ii devscripts2.17.11 ii dpkg-dev 1.19.0.4 ii dput-ng [dput]1.15 ii git [git-core]1:2.15.0-1 ii git-buildpackage 0.9.1 ii git-core 1:2.15.0~rc0-1 ii libdpkg-perl 1.19.0.4 ii libjson-perl 2.94-1 ii liblist-moreutils-perl0.416-1+b3 ii libperl5.24 [libdigest-sha-perl] 5.24.1-7 ii libperl5.26 [libdigest-sha-perl] 5.26.1-2 ii libtext-glob-perl 0.10-1 ii libtext-iconv-perl1.7-5+b6 ii libwww-perl 6.27-1 ii perl 5.26.1-2 Versions of packages dgit recommends: ii openssh-client [ssh-client] 1:7.6p1-2 Versions of packages dgit suggests: pn sbuild -- no debconf information
Bug#880658: dgit server rejects unattributed commits
Le vendredi, 3 novembre 2017, 15.39:20 h CET Ian Jackson a écrit : > Mattia Rizzolo writes ("Bug#880658: dgit server rejects unattributed commits"): > > Can you try creating a new repository and push it anew? > > At least for other cases (I'm not sure if this is one of them) github > > started to reject malformed objects after several were already there > > (happened with a several pbuilder tags, and ISTR it also happened with > > some Xorg thing) Just did that, with that commit as HEAD: https://github.com/OdyX/test-broken-commits The push went through without problem. > Erk. > > Well, if that's the case then I guess I will have to have a > grandfathering ability where I can make an exception for specific > commits. How many are there like this, in this instance ? Oh, plenty. That commit is the most recent of very ancient history converted away from svn. I don't get why it makes sense to block on git commits which are valid in git's eyes… dgit doesn't seem like the right place to be strict about these, frankly. Cheers, OdyX
Bug#880658: dgit server rejects unattributed commits
Le vendredi, 3 novembre 2017, 12.44:57 h CET Ian Jackson a écrit : > Didier 'OdyX' Raboud writes ("Bug#880658: dgit server rejects unattributed commits"): > > dgit-repos-server: reject: corrupted object > > 5b59c734bfc13c2e40061b90d002bfe4794a646c (missing metadata) > > (…) > Who else accepts/rejects this commit ? At least GitHub has it: https://github.com/OdyX/cups/commit/5b59c734bfc13c2e40061b90d002bfe4794a646c I just got myself an account on Gitlab.com to test that: https://gitlab.com/OdyX/cups/commit/5b59c734bfc13c2e40061b90d002bfe4794a646c > The "corrupted object" check is there to stop the dgit repos server > containing commits that will be rejected by popular git hosting > sites. > > But maybe if this commit is accepted by gitlab and github I can make > the check more subtle. Good, thanks in advance! Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#880721: FTBFS: fatal error: doctest/doctest.h: No such file or directory
Control: reassign -1 src:doctest 1.2.5+repack0-2 Control: retitle -1 doctest-dev built without doctest.h Control: affects -1 argagg Le samedi, 4 novembre 2017, 14.27:07 h CET Andreas Moog a écrit : > Source: argagg > Severity: serious > Justification: fails to build from source (but built successfully in the > past) > > argagg seems to FTBFS in a clean sid environment: Oh. That's pretty bad. The doctest I uploaded just recently doesn't ship it's doctest.h anymore. Reassigning; fix in progress. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#877024: Modemmanager probing of unknown Devices
Le lundi, 30 octobre 2017, 14.06:01 h CET Ian Jackson a écrit : > I can see why the TC might want to avoid making a final ruling without > proper input from the maintainers. > But, should I upload to experimental, and later, to sid, as I have > proposed ? It's not quite clear whose permission I need. To some > people I have already overstepped the mark[1]. > [1] Apparently referring the matter to the TC a mere 5 years after > the maintainers rejected changing the behaviour is too hasty. I > accept of course that the way I recently brought my renewed awareness > of this problem to the attention of the maintainers wasn't ideal. My personal take is that waiting only two days between saying "I'm likely to escalate to the TC" and doing so [2,3] is quite pushy "against" the maintainers who haven't had a reasonable chance to react, especially after two years inactivity on a 5 year-old bug. [2] https://bugs.debian.org/683839#77 [3] https://bugs.debian.org/877024#5 > The dev ref says "Have you geared the NMU towards helping the > maintainer?" and it all seems rather awkward to me to claim I am > "helping the maintainer" when AFAICT the maintainers are quite > unenthusiastic about these proposals. Claiming that they are unenthusiastic is far-reaching IMHO. We just don't know what they think of the change, really. I wouldn't necessarily interpret the removal from the maintainers' field as a statement of opinion on these proposed changes, but much more about who the process went, and was handled by the TC too. Le lundi, 30 octobre 2017, 13.45:00 h CET Sam Hartman a écrit : > Wou/ld it be reasonable for him to make an NMU to experimental, and then > if there is no objection after testing to unstable? > > In parallel, it seems desirable to see if any of the maintainers are > active. The latter looks like a prerequisite to me, frankly. It seems to me from reading the bug log again that a solution is being worked out by upstream; and that this solution seems fine to the people who have intervened in this very bug. So it looks like the solution is ahead, "just" not yet in a Debian package. That bug exists in Debian for 5+ years, so I really don't see the urgency for an NMU, and would much rather let the current maintainers include the upstream version which includes the fix (and configure it appropriately) when they see fit. Cheers, OdyX
Bug#883573: Reevaluate libpam-systemd systemd-sysv dependency ordering (746578)
Hi Julian, Le mardi, 5 décembre 2017, 12.26:43 h CET Julian Andres Klode a écrit : > In 746578, the CTTE decided that the dependency be swapped > to systemd-shim | systemd-sysv in order to prevent systems > from being upgraded installing systemd. > > (…) > > I thus opened bug 883569 against systemd, but mbiebl would like to > get permission from the you first. Thank you for filiing this bug. This is just a short answer to acknowledge it as well as provide visibility upon the timeframe for its resolution. As you might be aware from discussions on the debian-ctte@l.d.o list, we are currently discussing seat-filling, both concretely and meta, so our energy is spread accross these topics already. Also, December is notorious for being a dense period in the year for many, TC members included. My hope is that the TC will be able to spend enough energy to get this ball rolling, with a resolution somewhere in January. With my best regards, OdyX
Bug#879495: gbp dch fails with UnboundLocalError
Package: git-buildpackage Version: 0.9.0 Severity: normal File: gbp-dch On multiple of my repositories, `gbp dch` fails with the following error: (That's on https://anonscm.debian.org/cgit/pkg-games/planetblupi.git ) $ gbp dch --release --verbose gbp:debug: ['git', 'rev-parse', '--show-cdup'] gbp:debug: ['git', 'rev-parse', '--is-bare-repository'] gbp:debug: ['git', 'rev-parse', '--git-dir'] gbp:debug: ['git', 'symbolic-ref', 'HEAD'] gbp:debug: ['git', 'show-ref', 'refs/heads/debian/master'] gbp:debug: ['git', 'tag', '-l', 'debian/1.11.0-1'] gbp:debug: ['git', 'rev-parse', '--quiet', '--verify', 'debian/1.11.0-1^0'] gbp:debug: ['git', 'log', '--pretty=format:%H', 'a1f72589d8e0285b65438bb924197a3dd5a93bb2..HEAD', '--no-merges', '--'] gbp:debug: ['git', 'merge-base', 'HEAD', 'upstream/latest'] gbp:debug: ['git', 'describe', '--match', 'upstream/*', '--abbrev=0', 'e0ace8819512553d3680e912e419a5df1b8295ab'] gbp:debug: Found upstream version None. gbp:debug: /usr/bin/dpkg ['--compare-versions'] [None, 'lt', '1.11.0-1'] Traceback (most recent call last): File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 232, in call ret = self.__call(args) File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 125, in __call stderr=stderr_arg) File "/usr/lib/python3.6/subprocess.py", line 709, in __init__ restore_signals, start_new_session) File "/usr/lib/python3.6/subprocess.py", line 1275, in _execute_child restore_signals, start_new_session, preexec_fn) TypeError: expected str, bytes or os.PathLike object, not NoneType During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/bin/gbp", line 151, in sys.exit(supercommand()) File "/usr/bin/gbp", line 147, in supercommand return module.main(args) File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 506, in main options.upstream_branch, cp) File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 52, in guess_version_from_upstream if compare_versions(version, cp.version) > 0: File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 111, in compare_versions return DpkgCompareVersions()(version1, version2) File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 66, in __call__ res = self.call([version1, 'lt', version2]) File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 237, in call if ret and not quiet: UnboundLocalError: local variable 'ret' referenced before assignment -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental'), (1, 'experimental-debug'), (1, 'buildd-unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages git-buildpackage depends on: ii devscripts 2.17.10 ii git1:2.15.0~rc1-1 ii man-db 2.7.6.1-2 ii python33.6.3-1 ii python3-dateutil 2.6.1-1 ii python3-pkg-resources 36.2.7-2 ii python3-six1.11.0-1 Versions of packages git-buildpackage recommends: ii cowbuilder0.85 ii pbuilder 0.228.9 ii pristine-tar 1.42 ii python3-requests 2.18.1-1 Versions of packages git-buildpackage suggests: ii python3-notify2 0.3-3 ii sudo 1.8.21p2-2 ii unzip6.0-21 -- no debconf information
Bug#879495: gbp dch fails with UnboundLocalError
Le dimanche, 22 octobre 2017, 12.04:37 h CEST Didier 'OdyX' Raboud a écrit : > Le dimanche, 22 octobre 2017, 11.52:25 h CEST Didier 'OdyX' Raboud a écrit : > > $ gbp dch --release --verbose > > gbp:debug: ['git', 'rev-parse', '--show-cdup'] > > gbp:debug: ['git', 'rev-parse', '--is-bare-repository'] > > gbp:debug: ['git', 'rev-parse', '--git-dir'] > > gbp:debug: ['git', 'symbolic-ref', 'HEAD'] > > gbp:debug: ['git', 'show-ref', 'refs/heads/debian/master'] > > gbp:debug: ['git', 'tag', '-l', 'debian/1.11.0-1'] > > gbp:debug: ['git', 'rev-parse', '--quiet', '--verify', > > 'debian/1.11.0-1^0'] > > gbp:debug: ['git', 'log', '--pretty=format:%H', > > 'a1f72589d8e0285b65438bb924197a3dd5a93bb2..HEAD', '--no-merges', '--'] > > gbp:debug: ['git', 'merge-base', 'HEAD', 'upstream/latest'] > > gbp:debug: ['git', 'describe', '--match', 'upstream/*', '--abbrev=0', > > 'e0ace8819512553d3680e912e419a5df1b8295ab'] gbp:debug: Found upstream > > version None. > > gbp:debug: /usr/bin/dpkg ['--compare-versions'] [None, 'lt', '1.11.0-1'] > > > > Traceback (most recent call last): > > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 232, > > > > in call ret = self.__call(args) > > > > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 125, > > > > in __call stderr=stderr_arg) > > > > File "/usr/lib/python3.6/subprocess.py", line 709, in __init__ > > > > restore_signals, start_new_session) > > > > File "/usr/lib/python3.6/subprocess.py", line 1275, in _execute_child > > > > restore_signals, start_new_session, preexec_fn) > > > > TypeError: expected str, bytes or os.PathLike object, not NoneType > > > > During handling of the above exception, another exception occurred: > > > > Traceback (most recent call last): > > File "/usr/bin/gbp", line 151, in > > > > sys.exit(supercommand()) > > > > File "/usr/bin/gbp", line 147, in supercommand > > > > return module.main(args) > > > > File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 506, in > > > > main options.upstream_branch, cp) > > > > File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 52, in > > > > guess_version_from_upstream if compare_versions(version, cp.version) > 0: > > File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 111, in > > > > compare_versions return DpkgCompareVersions()(version1, version2) > > > > File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 66, in > > > > __call__ res = self.call([version1, 'lt', version2]) > > > > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 237, > > > > in call if ret and not quiet: > > UnboundLocalError: local variable 'ret' referenced before assignment > > This fails because I did `git tag upstream/1.11.0 v1.11.0` but that creates > a tag pointing to a tag. Doing `git tag -m v1.11.0 upstream/1.11.0` fixes > the above. $ git tag upstream/1.11.0 `git rev-parse v1.11.0` sorry… OdyX
Bug#879495: gbp dch fails with UnboundLocalError
Le dimanche, 22 octobre 2017, 11.52:25 h CEST Didier 'OdyX' Raboud a écrit : > $ gbp dch --release --verbose > gbp:debug: ['git', 'rev-parse', '--show-cdup'] > gbp:debug: ['git', 'rev-parse', '--is-bare-repository'] > gbp:debug: ['git', 'rev-parse', '--git-dir'] > gbp:debug: ['git', 'symbolic-ref', 'HEAD'] > gbp:debug: ['git', 'show-ref', 'refs/heads/debian/master'] > gbp:debug: ['git', 'tag', '-l', 'debian/1.11.0-1'] > gbp:debug: ['git', 'rev-parse', '--quiet', '--verify', 'debian/1.11.0-1^0'] > gbp:debug: ['git', 'log', '--pretty=format:%H', > 'a1f72589d8e0285b65438bb924197a3dd5a93bb2..HEAD', '--no-merges', '--'] > gbp:debug: ['git', 'merge-base', 'HEAD', 'upstream/latest'] > gbp:debug: ['git', 'describe', '--match', 'upstream/*', '--abbrev=0', > 'e0ace8819512553d3680e912e419a5df1b8295ab'] gbp:debug: Found upstream > version None. > gbp:debug: /usr/bin/dpkg ['--compare-versions'] [None, 'lt', '1.11.0-1'] > Traceback (most recent call last): > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 232, > in call ret = self.__call(args) > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 125, > in __call stderr=stderr_arg) > File "/usr/lib/python3.6/subprocess.py", line 709, in __init__ > restore_signals, start_new_session) > File "/usr/lib/python3.6/subprocess.py", line 1275, in _execute_child > restore_signals, start_new_session, preexec_fn) > TypeError: expected str, bytes or os.PathLike object, not NoneType > > During handling of the above exception, another exception occurred: > > Traceback (most recent call last): > File "/usr/bin/gbp", line 151, in > sys.exit(supercommand()) > File "/usr/bin/gbp", line 147, in supercommand > return module.main(args) > File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 506, in > main options.upstream_branch, cp) > File "/usr/lib/python3/dist-packages/gbp/scripts/dch.py", line 52, in > guess_version_from_upstream if compare_versions(version, cp.version) > 0: > File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 111, in > compare_versions return DpkgCompareVersions()(version1, version2) > File "/usr/lib/python3/dist-packages/gbp/deb/__init__.py", line 66, in > __call__ res = self.call([version1, 'lt', version2]) > File "/usr/lib/python3/dist-packages/gbp/command_wrappers.py", line 237, > in call if ret and not quiet: > UnboundLocalError: local variable 'ret' referenced before assignment This fails because I did `git tag upstream/1.11.0 v1.11.0` but that creates a tag pointing to a tag. Doing `git tag -m v1.11.0 upstream/1.11.0` fixes the above. Cheers, OdyX
Bug#897221: Session logout doesn't TERMinate all processes
!Holà Maxy! Le jeudi, 3 mai 2018, 17.53:12 h CEST Maximiliano Curia a écrit : > El 2018-04-30 a las 12:21 +0200, Didier 'OdyX' Raboud escribió: > > I routinely run two sessions in parallel (pro & private); and I noticed > > that sddm (which I assume is handling the logind session) doesn't > > coherently TERMinate (or KILL after some delay) processes from a > > logged-out session. > > > > Some of these consume ressources (akonadiserver is the usual culprit), but > > more importantly; keeping these alive will break subsequent sessions for > > the same user (plasma, akonadi, etc). > > I guess akonadiserver is started as a detached process, so ksmserver doesn't > know about it. > > Anyway the problem are the processes that are in the systemd concept of > session but not in the kde concept of session, those are the ones that > systemd is waiting for, and ksmserver has long forgotten about them. > > Please check loginctl session-status (The id can be obtained with > loginctl list-sessions) I noticed it also appears when disconnecting, and reconnecting back. Akonadi is then broken, etc etc. Hereattached is a log of the processes from a stopped session. It really feels like plasma doesn't stop its child processes from the systray either. > Mmh, this is a complex problem. Debian systemd reverts the default logind > configuration KillUserProcesses, that effectively terminates the session > when the user logs out, and most desktop environments assume this is set to > it's default value, so they don't have to deal with the processes started > by systemd --user, which, by the way, the desktop environment had nothing > to do with. > > Also, kde does nothing to remember which processes were started as autostart > desktop files. > > Gnome "fixes" this by terminating the logind session, as if > KillUserProcesses was set, at the cost of breaking tmux and screen (which is > the reason why Debian reverts the KillUserProcesses setting on the first > place). > > So, either we need to fix tmux and screen to they can be detached from the > logind session, or fix the kde concept of session so it matches better what > logind expects. The first alternative looks like the correct thing to do to me. So a route to fix this is for systemd to revert the KillUserProcesses back to upstream's default, right? This was apparently last reinforced in systemd 234-3 and was discussed in #825394. But it doesn't seem like this would gather consensus currently. How hard is it to get KDE to grow better login session processes handling? Cheers, OdyX3 - didier (1000) Since: Wed 2018-06-06 18:38:57 CEST; 45min ago Leader: 1849 Seat: seat0; vc7 Display: :0 Service: sddm; type x11; class user Desktop: KDE State: closing Unit: session-3.scope ├─ 2690 /usr/lib/postgresql/9.6/bin/postgres -D /home/didier/.local/share/akonadi/db_data -k/tmp/akonadi-didier.bR0FSO -h ├─ 2695 postgres: checkpointer process ├─ 2696 postgres: writer process ├─ 2697 postgres: wal writer process ├─ 2698 postgres: autovacuum launcher process ├─ 2699 postgres: stats collector process ├─ 2955 /usr/lib/at-spi2-core/at-spi-bus-launcher --launch-immediately ├─ 2976 /usr/bin/dbus-daemon --config-file=/usr/share/defaults/at-spi2/accessibility.conf --nofork --print-address 3 ├─ 2986 /usr/bin/perl /usr/bin/parcimonie-applet ├─ 3083 /usr/bin/python3 /usr/bin/hp-systray -x ├─ 3086 /usr/bin/python3 /usr/bin/hp-systray -x ├─ 3920 /usr/lib/x86_64-linux-gnu/libexec/kf5/kio_http_cache_cleaner ├─20252 postgres: didier akonadi [local] idle ├─20277 postgres: didier akonadi [local] idle ├─20278 postgres: didier akonadi [local] idle ├─20507 postgres: didier akonadi [local] idle ├─20509 postgres: didier akonadi [local] idle ├─20792 /usr/lib/at-spi2-core/at-spi2-registryd --use-gnome-session ├─21250 postgres: didier akonadi [local] idle ├─21252 postgres: didier akonadi [local] idle ├─21318 postgres: didier akonadi [local] idle └─21377 postgres: didier akonadi [local] idle jun 06 18:38:57 gyllingar sddm-helper[1871]: Adding cookie to "/home/didier/.Xauthority" jun 06 18:39:04 gyllingar /hp-systray[2797]: hp-systray[2797]: error: option -s not recognized jun 06 18:39:54 gyllingar sudo[3695]: didier : TTY=pts/0 ; PWD=/home/didier ; USER=root ; COMMAND=/usr/bin/aptitude jun 06 18:39:54 gyllingar sudo[3695]: pam_unix(sudo:sessi
Bug#902226: debian-installer-netboot-images: FTBFS in stretch, even when allowing network access
Hi theres, Le lundi, 25 juin 2018, 01.33:38 h CEST Cyril Brulebois a écrit : > Cyril Brulebois (2018-06-24): > > At first glance, it seems to me this bug could be addressed in two > > different ways, which don't seem to be too convoluted. The first way > > would be to try the s-p-u download and fall back to s download, for each > > and every download. But this could (probably only theoretically) lead to > > inconsistent downloads, mixing bits and pieces from s-p-u and from s. > > Plus plenty of errors when the default location isn't the right one. Exactly. If a pure s-p-u build fails, it's because the s-p-u debian-installer isn't built on all architectures, so the d-i-n-i s-p-u build should really fail. (acronyms ftw) > > I suppose a better way would be to figure out with an early test if the > > target version is available in s-p-u or in s, and then pick the right > > suite for all downloads. Patches for this second approach are welcome. That seems more fool-proof and consistent: download from a single suite: either from s-p-u or from stretch only, and for all archs. > I've pushed a prospective branch (pu/fix-ftbfs-in-stretch) with two commits: > https://salsa.debian.org/installer-team/debian-installer-netboot-images/com > mit/86f910f8e1e60e308747a7f53045862705b0a132 > https://salsa.debian.org/installer-team/debian-installer-netboot-images/com > mit/eb2e5b3fb437b288c4c83427fb1c0d213f7b5a5e Looks good to me, given that strategy. > Only checked with the first few architectures (still on limited bandwidth), > but that seems to do the trick. Slightly not happy about having that check > and fallback done for each and every architecture (instead of once and for > all), which could again lead to bits and pieces from both sources mixed > together); but I guess that's a reasonable compromise (no big changes needed > in the code). I've tried for some time to (ab)use make targets to modify DISTRIBUTION depending on partial calls to get_images, but failed. Given my failed attempts, I suspect your patches are the lesser evilfor solving this. But I'm not convinced that solving this is better than ensuring we only ever build "pure-stretch" or "pure-stretch-proposed-updates" d-i-n- i's. > I'll let others comment on this bug report plus proposed solution; Didier > maybe? Thanks for the explicit ping; I'm not on top of Debian things these days. Cheers, OdyX
Bug#897221: Session logout doesn't TERMinate all processes
Package: sddm Version: 0.17.0-1 Severity: important Tags: upstream I routinely run two sessions in parallel (pro & private); and I noticed that sddm (which I assume is handling the logind session) doesn't coherently TERMinate (or KILL after some delay) processes from a logged-out session. Some of these consume ressources (akonadiserver is the usual culprit), but more importantly; keeping these alive will break subsequent sessions for the same user (plasma, akonadi, etc). Running: # loginctl terminate-user circumvents the issue, but that should really be done by the login manager. Please tell me if there's something I can do to help here. Cheers, OdyX -- System Information: Debian Release: buster/sid APT prefers buildd-unstable APT policy: (990, 'buildd-unstable'), (500, 'unstable-debug'), (500, 'oldstable-proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (100, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_CH.UTF-8, LC_CTYPE=fr_CH.UTF-8 (charmap=UTF-8), LANGUAGE=fr_CH:fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages sddm depends on: ii adduser 3.117 ii debconf [debconf-2.0] 1.5.66 ii libc6 2.27-3 ii libgcc1 1:8-20180425-1 ii libpam0g1.1.8-3.7 ii libqt5core5a5.10.1+dfsg-5 ii libqt5dbus5 5.10.1+dfsg-5 ii libqt5gui5 5.10.1+dfsg-5 ii libqt5network5 5.10.1+dfsg-5 ii libqt5qml5 5.10.1-4 ii libqt5quick55.10.1-4 ii libstdc++6 8-20180425-1 ii libsystemd0 238-4 ii libxcb-xkb1 1.13-1 ii libxcb1 1.13-1 ii qml-module-qtquick2 5.10.1-4 ii x11-common 1:7.7+19 ii xserver-xorg [xserver] 1:7.7+19 ii xvfb [xserver] 2:1.19.6-1 Versions of packages sddm recommends: ii libpam-systemd 238-4 ii sddm-theme-breeze [sddm-theme] 4:5.12.4-1 Versions of packages sddm suggests: ii libpam-kwallet5 5.12.1-1 pn qtvirtualkeyboard-plugin -- debconf information: sddm/daemon_name: /usr/bin/sddm * shared/default-x-display-manager: sddm
Bug#879214: ITP: planetblupi -- Planet Blupi - A delirious spell-binding game
Package: wnpp Severity: wishlist Owner: Didier 'OdyX' Raboud <o...@debian.org> Package name: planetblupi Version : 1.11.0 Upstream Author : Mathieu Schroeter, Daniel Roux, EPSITEC SA & Denis Dumoulin URL : http://blupi.org/ License : GPL-3+ Programming Lang: C++ Description : Planet Blupi - A delirious spell-binding game Planet Blupi is a strategy and adventure game. It subtly blends action with thought-provoking challenges. Behind the quiet and gentle facade, you'll enjoy a fascinating diversion full of surprises. This is another of the finally-freed games from Epsitec. The other one is Colobot (src:colobot), already in Debian. Its build-dependencies have reached NEW already. I will put it under the Debian Games Team umbrella.
Bug#880014: Call for (self-)nominations for a Technical Committee seat
Dear Debian Contributors, Our Constitution imposes an expiry on Technical Committee terms, and it's that time of the year again: Keith Packard 's term will expire on December 31st 2017. The Technical Committee would like to thank Keith for serving since November 2013, in addition to all the other work he does for Debian. To fill this seat, we are soliciting nominations, including self-nominations. To nominate yourself or someone else, please send an e-mail to debian-ctte-priv...@debian.org with the subject "TC Nomination of loginname", where loginname is the nominee's Debian account login¹. Please let us know in the body of the e-mail why the nominee would be a good fit for the TC, specifically instances where the nominee was able to help resolve disagreements, both technical and non-technical. We would like to start our selection process on or about the first of December. Being a member of the TC does require a time commitment. Members should be able to follow e-mail discussions on an ongoing basis and respond within a couple of days so that discussions progress. Members should ideally be able to spend 10 hours a month for relatively busy months, but typical time requirements will be less. We are in the process of documenting how the TC implements the nomination process as outlined in §6.2, including clarifying what is made public (such as nominations) and when. Any nominee is of course free to drop off the process at any point in time. Regards, OdyX, for the TC ¹ See http://db.debian.org/ if you need to look the login up signature.asc Description: This is a digitally signed message part.
Bug#880014: 2018 - New TC member
Package: tech-ctte User: tech-c...@packages.debian.org According to our Constitution's §6.2, Keith's term will expire at the end of this year, freeing one seat on the TC from January 1st 2018 on. This bug will track that process.
Bug#888743: pidofproc returns PIDs in foreign chroots and containers
Hi there Harald, Le lundi, 29 janvier 2018, 14.19:53 h CET Harald Dunkel a écrit : > Apparently pidofproc returns the PIDs of programs running > in a chroot or in a container, if there is no local PID file. > This is a *huge* problem for me, because either the init > scripts on the host fail to restart services, or they affect > services running in a container/chroot. > (…) > lsb-base version 9.20170808 has the same problem. I would highly > appreciate a fix for stretch and sid. For all practical concerns, you should consider the LSB package orphaned (and I should probably just go ahead and orphan it). For the bug at hand, I would recommend checking what Ubuntu has in their pidofproc command in lsb-base, but I've long resisted re-using theirs as the list of conditionals is really scary. Any update of src:lsb goes on _all possible Debian machines_, so that didn't leave me with a lot of willingness to change anything there. I'm not opposed to a change there, and I don't challenge the validity of that bug, I'm merely saying that I won't be the one pushing it. Patches and NMUs welcome, but please upload to experimental first! :-) Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#889493: tech-ctte: Please review if systemd is reliable enough to be the default
Le samedi, 3 février 2018, 22.22:19 h CET Philip Hands a écrit : > On Sat, 03 Feb 2018, "Kingsley G. Morse Jr."wrote: > > Package: tech-ctte > > I don't formally have the right to simply close this bug (as I am now > doing), so if anyone else on the TC thinks there is any merit whatsoever > in this bug report, please feel free to reopen it. I concur with the closing of this bug, thank you for promptly doing so. Cheers, OdyX signature.asc Description: This is a digitally signed message part.
Bug#880014: Call for Votes for new TC member
The current number of nominees is: 1 The current number of accepted nominations is: 0. (The request for accept/decline has just been sent now.) Cheers, OdyX signature.asc Description: This is a digitally signed message part.