Bug#340343: 'man adduser' typo: usefull
tags #340343 patch confirmed pending thanks On Thu, Nov 17, 2005 at 02:08:35PM -0500, A Costa wrote: Found a typo in '/usr/share/man/man8/adduser.8.gz', see attached '.diff'. Fixed in svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#340327: adduser: [INTL:pl] Polish man pages didn't get installed + updated Polish translations
tags #340327 l10n patch confirmed pending thanks On Tue, Nov 22, 2005 at 06:53:54PM +0100, Robert Luberda wrote: The Polish man pages didn't get included into the binary package, because the po4a_paths section of po4a.conf does not contain the `pl:po/pl.po' entry. Please apply the following patch: Fixed. thanks for spotting. Also, attached are updated Polish translations of adduser. Please include them in the next version of your package. Applied in svn. Thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#340560: reportbug: leaves /tmp file behind
Package: reportbug Version: 3.17 Severity: normal Hi, some time ago, reportbug stopped cleaning up after itself and now leaves files like /tmp/reportbug-package-mmdd-p-r behind, with mmdd being the current date, p probably the pid, and r some random suffix. The file contains the bug report as it was successfully sent. Greetings Marc -- Package-specific info: ** Environment settings: EDITOR=/usr/bin/jed VISUAL=/usr/bin/jed DEBEMAIL=[EMAIL PROTECTED] DEBFULLNAME=Marc Haber DEBNAME=Marc Haber ** /home/mh/.reportbugrc: no-query-bts smtphost smtp email [EMAIL PROTECTED] realname Marc Haber -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.14.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages reportbug depends on: ii python2.3 2.3.5-9An interactive high-level object-o Versions of packages reportbug recommends: pn python2.3-cjkcodecs | python2 none (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#381806: fcron works without needing a fcrontab entry
On Sun, Nov 05, 2006 at 09:07:30AM +0100, Andreas Metzler wrote: On 2006-11-05 R.Ramkumar [EMAIL PROTECTED] wrote: The daily cron job does get executed out of the box with fcron, contrary to the explanation given. fcron package (I have 3.0.1-1) installs a systab entry in /var/spool/fcron which runs `run-parts --report /etc/cron.daily` daily. Thus, the script shipped by exim4-base is executed. So, a cron | fcron depends (I don't know about bcron) should do. Moreinfo: fcron nowadays executes /etc/cron.{daily,weekly,monthly} however it still does not support /etc/cron.d/. Therefore it cannot provide cron, but while exim only uses the former it would probably work with fcron. Just for the record, we'll make this change post-etch. I surely hope that fcron catches up wrt/ /etc/cron.d before I start using cron.d without remembering. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397289: nagios2-common: various ways of init script failing cause package installation to fail
On Mon, Nov 06, 2006 at 11:27:27AM +0100, Sean Finney (or someone using his address) wrote: upgrading nagios2 with a configuration file error means the init script fails, meaning the package installation fails. I'd say that's a feature. What behavior do you suggest? but more importantly, upgrading nagios2 when it isn't running results in a nonzero-failing init script, causing the upgrade to fail. Hm. I cannot reproduce this. installed nagios2 2.5-1 stopped nagios daemon verified that no nagios daemon was running dpkg --install nagios2 2.6-1 and dependencies upgrade finished without error, nagios 2.6 daemon running Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396003: 396003: exim4 paniclog reports
package exim4-base tags #396003 - wontfix user [EMAIL PROTECTED] usertags #396003 send-patch thanks On Tue, Nov 21, 2006 at 12:52:13PM -0800, Ross Boylan wrote: I also think it would be better if the cron job only reported when new material was in the paniclog. tiger, for example, takes this approach to its warnings. I would be willing to accept a patch implementing both schemes (report daily, report only on change), as long as the user can choose the scheme to use (via /etc/default/exim4, for example) and report daily is the default. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402247: adduser: [INTL:fr] French translations updates
tags #402247 confirmed pending thanks On Sat, Dec 09, 2006 at 02:46:55AM +0100, Nicolas François wrote: Please find attached the French translation of the adduser binaries and manpages, proofread by the debian-l10n-french mailing list. po_fr.po to be dropped in po/fr.po doc_po4a_po_fr.po to be dropped in doc/po4a/po/fr.po Committed to svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402288: [Adduser-devel] Bug#402288: adduser allows UIDs 100
On Sat, Dec 09, 2006 at 06:31:47PM +, Stephen Gran wrote: This one time, at band camp, Antti-Juhani Kaijanaho said: The discussion up to now seems to be concentrated on Tuukka's point 1. I agree that it is probably unnecessarily invasive. However, the other points seem valid to me (informing the user that there is this potential problem). I agree with that. I will make the documentation changes (although not tonight - Marc, if you want them in right away, go ahead). I'll happily wait for you. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#400790: exim4-config: Reject mail to system users from non-local sources
On Wed, Nov 29, 2006 at 08:10:42AM +, Dominic Hargreaves wrote: On Wed, Nov 29, 2006 at 08:33:18AM +0100, Marc Haber wrote: We are somewhat reluctant to fix this as this means deviating far from what an experienced Unix admin might expect. Even as a configurable option defaulting to off? I wasn't suggesting that this should be the default behaviour; clearly some sites will be relying on the existing remote deliverability of those addresses. Again, I currently plan to re-think this issue post-etch. Most probably there will be a whitelist mechanism. My current idea is having a new file /etc/low-uid-aliases which would be honored for all low-uid accounts (uid smaller than a configurable x, defaulting to 500). If an uid is smaller than x, and the account is not listed in /etc/low-uid-aliases, incoming mail would be 550'ed. Accounts with uid x would be handled normally, no change at all. If /etc/low-uid-aliases does not exist, behavior is unchanged to what we have today. What do you think about that? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402604: debian/rules: this is a kludge
Package: exim4-daemon-heavy Severity: normal debian/rules: build-exim4-daemon-heavy/exim: configure-stamp echo build-exim4-daemon-heavy dh_testdir rm -rf $(BUILDDIR)/build-$(buildname) # Add here command to compile/build the package. mkdir -p $(BUILDDIR)/Local cp EDITME.exim4-heavy $(BUILDDIR)/Local/Makefile cd $(BUILDDIR) $(MAKE) Local/Makefile configure # This is a kludge. The upstream Makefile should be fixed, really. cd $(BUILDDIR) $(MAKE) -C build-$(buildname) checklocalmake Makefile os.h os.c config.h buildpcre buildlookups buildrouters buildtransports buildauths exim Task: Find out why this is a kludge, whether upstream Makefile has already been fixed or not. If yes, remove kludge and replace with non-kludge. If no, file upstream wishlist request to have Makefile fixed. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.19-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#399930: logrotation race condition with exim writing to logs
block #399930 with #400198 thanks On Fri, Nov 24, 2006 at 01:15:01PM +0100, Marc Haber wrote: This might as well be a logrotate bug which I plan to investigate in due time. I have filed this as a bug in logrotate, #400198. I have additionally opened exim wishlist item #418 (http://www.exim.org/bugzilla/show_bug.cgi?id=418), where I ask for an exim option to write to a log file to be created. This option could be abused to force exim to generate the log file in a postrotate script. Other than this and listing a manual change to logrotate.d/exim4-base as a possible workaround, I do not plan to do anything more about this. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402665: STARTTLS causes segfault
package exim4-daemon-heavy reassign #402665 libgnutls13 thanks On Tue, Dec 12, 2006 at 10:55:31AM +1100, [EMAIL PROTECTED] wrote: Package: exim4-daemon-heavy Version: 4.63-11 When I try to send authenticated email through my server using TLS, the server crashes. libgnutls13 version is 1.4.4-3 Reverting to 1.4.2-2 solves the problem. Feel free to reassign this problem to gnutls13 if the problem's really there. snip strace and more debugging info Since going back to libgnutls13 1.4.2-2 solves the problem, and exim hasn't changed there in a long time, I really really suspect a gnutls issue. I am therefore reassigning the bug. GnuTLS people, if you disagree, please move the bug back to exim4-daemon-heavy and notify [EMAIL PROTECTED] Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#245423: /sbin is always changed directly after doing a aide --update
On Fri, Apr 23, 2004 at 01:54:57PM +1000, Pete de Zwart wrote: After doing a: aide --update mv /var/lib/aide/aide.db.new /var/lib/aide.db aide --check All the files in /sbin are declared as added, which seems a bit odd, sometimes a further --update cycle will fix it, sometime the DB needs to be initialised again. During further debugging, this was tracked down to gzip_dbout=yes being set in the Debian configuration. After going through another update round, changing both upstream aide and the aide cron job, can you guys please re-try with aide 0.13 from Debian testing (it backports nicely if you're running stable) and gzip_dbout enabled? I would really like to know if we finally catched this issue. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#226138: aide: Aide does not report a meaningful error status
tags #226138 - upstream tags #226138 confirmed notforwarded #226138 thanks On Sun, Jan 04, 2004 at 10:21:05AM -0800, Tim Freeman wrote: Aide should return different error statuses depending on whether differences were found. Since aide always generates output now, and the exit status is meaningless, in the present situation I have to go parse the output to determine whether any checksums changed or not. This has now changed upstream with 0.13: DIAGNOSTICS Normally, the exit status is 0 if no errors occurred. Except when the --check command was requested, in which case the exit status is defined as: 1 * (new files detected?) + 2 * (removed files detected?) + 4 * (changed files detected?) Additionally, the following exit codes are defined for generic error conditions: 14 Error writing error 15 Invalid argument error 16 Unimplemented function error 17 Invalid configureline error 18 IO error I am thus removing the upstream and forwarded markers. I am not closing the bug, since aide.wrapper does not yet hand the exit code down to the calling code (making the exit code only useable if you call aide directly with your own configuration), and the cron job still parses the output instead of relying on the exit code. Expect both of these things to change RSN, and expect this bug to be (finally) closed soon. Thanks for your patience. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402785: aide: gzip_dbout broken in a new way
Package: aide Version: 0.13-1 Severity: normal $ sudo cat /var/lib/aide/aide.db | gunzip | head -n 10 @@begin_db # This file was generated by Aide, version 0.13 # Time of generation was 2006-12-12 16:18:47 @@db_spec name lname attr perm uid gid lcount inode bcount size mtime ctime md5 sha1 rmd160 tiger crc32 haval gost whirlpool /lost+found 0 4029 40700 0 0 2 11 24 12288 MTEzNTI0ODI3OQ== MTE1OTQ0NzE4NA== 0 0 0 0 0 0 0 0 /mnt 0 4029 40755 0 0 7 26209 2 1024 MTE0Nzg3NDkyMg== MTE1OTQ0OTc4Ng== 0 0 0 0 0 0 0 0 /bin 0 4029 40755 0 0 2 14113 6 3072 MTE2NTY1ODY1MQ== MTE2NTY1ODY1MQ== 0 0 0 0 0 0 0 0 /boot 0 4029 40755 0 0 3 30241 2 1024 MTE2NTA1MjQwNQ== MTE2NTA1MjQwNQ== 0 0 0 0 0 0 0 0 /etc 0 2589 40755 0 0 75 34273 0 0 0 0 0 0 0 0 0 0 0 0 /initrd 0 4029 40755 0 0 2 4033 2 1024 MTAyNzQyMDUzNw== MTE1OTQ0NzE4NA== 0 0 0 0 0 0 0 0 $ sudo cat /var/lib/aide/aide.db | gunzip | grep '^@@db_spec' @@db_spec name lname attr perm uid gid lcount inode bcount size mtime ctime md5 sha1 rmd160 tiger crc32 haval gost whirlpool $ sudo aide --config /var/lib/aide/aide.conf.autogenerated --check File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification File database must have one db_spec specification repeats ad lib until Ctrl-C Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.19-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages aide depends on: ii debconf [debconf 1.5.9 Debian configuration management sy ii liblockfile1 1.06.1 NFS-safe locking library, includes ii mailx1:8.1.2-0.20050715cvs-1 A simple mail user agent ii ucf 2.0017 Update Configuration File: preserv Versions of packages aide recommends: ii cron 3.0pl1-99 management of regular background p -- debconf information excluded -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390712: Cloning to libgnutls13
clone #390712 -1 reassign -1 libgnutls13 retitle -1 errors establishing TLS session from Nokia and SE mobile phones submitter -1 [EMAIL PROTECTED] block #390712 with -1 thanks According to the discussion in http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/2006-December/000349.html and previous articles, it has been established that this is a gnutls issue. I am therefore cloning the bug to libgnutls13. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402880: kdm: please bring back theme with logo area and user list
Package: kdm Version: 3.5.5a.dfsg.1-3 Severity: wishlist Hi, in the latest kdm, one can still configure values for the Logo Area and the User List that used to be part of kdm's default theme. However, none of the four themes delivered by kdm itself and kde-kdm-themes shows a Logo Area or a User List any more. Please consider providing a theme that still shows these nice-to-have elements of the login screen. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.19-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#399823: kdebase-bin: please support other root gaining methods like sudo
retitle #399823 please document kdesu sudo backend thanks On Mon, Nov 27, 2006 at 07:28:53AM +0100, Peter Wiersig wrote: On Wed, Nov 22, 2006 at 09:44:05AM +0100, Marc Haber wrote: Please consider adding support for other root gaining methods, for example sudo. That way, I would only need to enter my user password if sudo is appropriately configured. to activate the sudo backend which got included in 3.5.5 use this command line: kwriteconfig --group super-user-command --key super-user-command sudo Great, thanks. Please have this documented so that people like me find the option. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#390712: Same problem, nearly same hardware
On Tue, Dec 05, 2006 at 05:18:25PM +0100, Hanno 'Rince' Wagner wrote: I also have a Sony-Ericsson P990i (Germany, non-branded by a phone provider) The P990i seems to have issues when connecting to a GnuTLS server. We have verified this by having the phone connect to gnutls-serv. The phone and gnutls-serv negotiate TLS 1.0 with AES128 and SHA-1, and this seems to be the culprit. The phone does not support TLS 1.1. The connection works fine when gnutls-serv is configured to use SSL3.0 instead of TLS 1.0, and it works as well when TLS1.0 is allowed but SHA-1 is forbidden. Unfortunately, the cipher falls back to ARCFOUR when SHA-1 is forbidden. In exim, the MAC can only be influenced by modifying the actual source code, and I have verified that an exim compiled with SHA-1 disabled in the sources can talk to Hanno's phone. The GnuTLS people are in on this, and I'll report back as soon as we have new findings. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403072: exim4-daemon-light fails to use equifax SSL cert/key obtained from 11 hosting
On Thu, Dec 14, 2006 at 02:55:19PM +0100, Felix Palmen wrote: Package: exim4-daemon-light Version: 4.50-8sarge2 When trying to use the equifax key/cert, STARTTLS triggers the following log: 2006-12-14 13:03:29 TLS error on connection from pd9e39091.dip.t-dialin.net (palmen.homeip.net) [217.227.144.145] (cert/key setup: cert=/etc/exim4/exim.crt key=/etc/exim4/exim.key): Base64 decoding error. It works fine when compiling the package with OpenSSL instead of GnuTLS. What happens when you use a current version of GnuTLS? Using exim 4.50 suggests that you're working on sarge, which has a rather old version of gnutls. Things have evolved since then and I am not willing to debug the old stuff (since this bug is not going to be fixed in sarge anyway). Do I see correctly that Equifax is a CA that has issued you a certificate? If so, how did you create the private key belonging to the certificate request / certificate? So please provide optional contrib daemon packages built with OpenSSL, because this seems to be more compatible than GnuTLS. That won't happen for license reasons. While it might currently be possible to link exim with OpenSSL without violating license, I am too lazy to evaluate licenses whenever I change compile options. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403072: exim4-daemon-light fails to use equifax SSL cert/key obtained from 11 hosting
reopen 403072 thanks On Thu, Dec 14, 2006 at 04:33:19PM +0100, Felix Palmen wrote: * Marc Haber [EMAIL PROTECTED] [20061214 16:19]: I just remembered the exim on my notebook (etch) and tested there. Result is the same with the following versions: libgcrypt11 1.2.3-2 libgnutls13 1.4.4-3 exim4-daemon-light 4.63-11 Ok. Can you please install gnutls-bin and try starting gnutls-serv with the appropriate --x509keyfile and --x509certfile options. If that gives the same error message, we have a gnutls-issue and this bug needs to be reassigned appropriately. Unfortunately, I had to take the key from the hoster, so I don't know I don't think that's a good option. For obvious reasons, I can't give out the problematic key/cert files, Yes, that makes debugging a little hard. but maybe 11 could provie the necessary informations, I'll try to email them. Don't hold your breath. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403072: exim4-daemon-light fails to use equifax SSL cert/key obtained from 11 hosting
reassign #403072 libgnutls13 retitle #403072 gnutls cannot use equifax SSL cert/key: Base64 decoding error. thanks On Thu, Dec 14, 2006 at 05:22:33PM +0100, Felix Palmen wrote: * Marc Haber [EMAIL PROTECTED] [20061214 16:45]: Ok. Can you please install gnutls-bin and try starting gnutls-serv with the appropriate --x509keyfile and --x509certfile options. If that gives the same error message, we have a gnutls-issue and this bug needs to be reassigned appropriately. You're right: --- photon:/etc/exim4# gnutls-serv --x509keyfile exim.key --x509certfile exim.crt Error reading 'exim.crt' or 'exim.key' Error: Base64 decoding error. --- photon:/etc/exim4# openssl s_server -key exim.key -cert exim.crt Using default temp DH parameters Using default temp ECDH parameters ACCEPT --- Reassigning to libgnutls13. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403211: dpkg: please allow No override present. error message to be turned off
Package: dpkg Version: 1.13.24 Severity: wishlist Hi, some postrm scripts use dpkg-statoverride --force --remove to get rid of overrides during purge. Recent versions of dpkg-statoverride give an error message No override present. in this case, which can not be turned of via --quiet. They therefore redirect dpkg-statoverride's stderr to /dev/null which switches off other errors as well. Please consider making it possible to switch off this error message without dumping all errors into the void. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.19.1-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages dpkg depends on: ii coreutils5.97-5.2The GNU core utilities ii libc62.3.6.ds1-9 GNU C Library: Shared libraries dpkg recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402303: Error: Command 'check_dns' has already been defined
tags #402303 confirmed pending thanks On Sat, Dec 09, 2006 at 01:37:49PM +0100, Dr. Tilo Levante wrote: 'check_dns' is defined in /etc/nagios-plugins/conf.d/dns.cfg and /etc/nagios2/commands.cfg removing the defineion from commands.cfg solves the issue Thanks for spotting this (I didn't test with n-p-standard installed). Fix committed to svn. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#403199: exim4: [INTL:it] Please fix typos in Italian translation
tags #403199 confirmed pending thanks On Fri, Dec 15, 2006 at 11:17:31AM +0100, Davide Viti wrote: The patch below fixes some typos in the Italian po file; it'd be great if it could be applied before Etch is out. Committed to svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#402785: aide: gzip_dbout broken in a new way
The attached dpatch (delivered from upstream) seems to solve this. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 #! /bin/sh /usr/share/dpatch/dpatch-run ## 20-lseek-402785.dpatch by Marc Haber [EMAIL PROTECTED] ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: No description. @DPATCH@ diff -urNad trunk~/src/commandconf.c trunk/src/commandconf.c --- trunk~/src/commandconf.c2006-11-24 19:25:02.0 +0100 +++ trunk/src/commandconf.c 2006-12-15 10:07:29.0 +0100 @@ -1,8 +1,7 @@ /* aide, Advanced Intrusion Detection Environment * * Copyright (C) 1999,2000,2001,2002 Rami Lehti, Pablo Virolainen - * $Header: /cvsroot/aide/aide/src/commandconf.c,v 1.17 2006/11/24 18:25:02 rvdb Exp $ - * + * $Header: /cvsroot/aide/aide/src/commandconf.c,v 1.19 2006/12/14 16:09:24 rvdb Exp $ * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License as * published by the Free Software Foundation; either version 2 of the @@ -334,9 +333,15 @@ if(c==(unsigned char)'\213'){ /* We got gzip header. */ error(255,Got Gzip header. Handling..\n); - fseek(*db_filep,0L,SEEK_SET); + lseek(fileno(*db_filep),0L,SEEK_SET); *db_gzp=gzdopen(fileno(*db_filep),rb); c=gzgetc(*db_gzp); +error(255,First character after gzip header is: %c(%#X)\n,c,c); +if(c==-1) { + int xx; + error(0,Error reading gzipped file: %s\n,gzerror(*db_gzp,xx)); + abort(); +} }else { /* False alarm */ ungetc(c,*db_filep);
Bug#403300: nagios2-common: resource.cfg missing
tags #403300 confirmed pending thanks On Sat, Dec 16, 2006 at 12:48:53AM +, Tristan Hill wrote: Setting up nagios2-common (2.6-1) ... Adding system-user for nagios Creating config file /etc/nagios2/apache2.conf with new version Creating config file /etc/nagios2/conf.d/host-gateway_nagios2.cfg with new version Reloading web server config...10950 .. Adding password for user nagiosadmin chown: cannot access `/etc/nagios2/resource.cfg': No such file or directory Ouch. Upstream stopped shipping resource.cfg, so it is not any more in the packages, but I decided to keep it in the config. That means, that upgrading works, and installing anew after purging works as well. Only a fresh install does not work. Fixed in the packages by shipping a resource.cfg file from the Debian branch. Local workaround: touch /etc/nagios2/resource.cfg. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386554: exim4-config: update-exim4.conf does not complain about invalid spit_config value
Package: exim4-config Version: 4.63-3 Severity: serious Justification: rc in maintainer's opinion Hi, when split_config in u4cc is set to 'false'! (note the exclamation mark), /var/lib/exim4/config.autogenerated ends up empty (besides the no not touch disclaimer). Greetings Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386090: [pkg-wpa-devel] Bug#386090: wpasupplicant: no association to unencrypted network
On Sat, Sep 09, 2006 at 10:59:05AM +1000, Kel Modderman wrote: That is your conf file, but how is wpa_supplicant initiated? In other bug reports you mention wpa_action, do you use wpa-roam? You use 'id_str' so I assume you do, but please give more information about your setup. Yes, I have auto eth1 iface eth1 inet manual wpa-driver wext wpa-roam /etc/wpa_supplicant.conf.local and one stanza per network: iface wlan-l21 inet dhcp wpa-driver wext wpa-ssid snip wpa-key-mgmt WPA-PSK wpa-psk snip I am not sure whether the network stanzas are still used. You show network blocks, does you conf also contain ap_scan or other non-network wpa_supplicant options? ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 dot11RSNAConfigSATimeout=10 eapol_version=1 ap_scan=2 fast_reauth=1 Besides that, I only have network stanzas in my wpa_supplicant.conf.local. I can think of two things that may be the problem here, but will require some more info about your setup, and will try to set up a test case myself. Quite possibly, having 'id_str' in the connect-any block is causing issues. Try removing id_str=wlan-open, and allow wpa-roam to fallback to the default logical mapping. So I need to remove the id_str statement, and an iface default inet dhcp stanza in /e/n/i? Take some info from 'wpa_cli -i eth1 status' or 'iwconfig eth1' during and after attempted association. I will do so when I encounter the hotspot for the next time. It's a railroad station I am usually only passing through, so I'll either need to disembark from the train next time I am there or am limited to the like ten-minute stop of the train en route to my girlfriend's site. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386362: [pkg-wpa-devel] Bug#386362: wpasupplicant: how to control association timeout?
On Sat, Sep 09, 2006 at 11:07:20AM +1000, Kel Modderman wrote: On Thursday 07 September 2006 14:45, Marc Haber wrote: wpasupplicant waits 60 seconds for the interface to associate with a network before trying the next. How to control this timeout? Do you use ap_scan=2 or so? Yes, I do. The only obvious configuration option controlling this is dot11RSNAConfigSATimeout which does not seem to be the right one. iirc, Jouni mentioned this on a recent thread on hostapd mailing list. If I find it (could not find yet) I'll be sure to let you know about it. I'd really appreciate that. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386152: nagios2-common: Wrong path in submit_check_result
tags #386152 confirmed pending thanks On Tue, Sep 05, 2006 at 10:15:34AM -0700, Richard A Nelson wrote: In /usr/share/nagios2/plugins/eventhandlers/submit_check_result, the path to the pipe is incorrect: CommandFile=/usr/local/nagios/var/rw/nagios.cmd it should be /var/lib/nagios2/rw/nagios.cmd Fixed in svn, thanks. dpatch attached. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 #! /bin/sh /usr/share/dpatch/dpatch-run ## 20_submit_check_result_386152.dpatch by Marc Haber [EMAIL PROTECTED] ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: fix wrong path in contrib/eventhandlers/submit_check_result @DPATCH@ diff -urNad nagios2~/contrib/eventhandlers/submit_check_result nagios2/contrib/eventhandlers/submit_check_result --- nagios2~/contrib/eventhandlers/submit_check_result 2002-02-26 05:03:37.0 +0100 +++ nagios2/contrib/eventhandlers/submit_check_result 2006-09-09 16:43:53.945631182 +0200 @@ -24,7 +24,7 @@ echocmd=/bin/echo -CommandFile=/usr/local/nagios/var/rw/nagios.cmd +CommandFile=/var/lib/nagios2/rw/nagios.cmd # get the current date/time in seconds since UNIX epoch datetime=`date +%s`
Bug#385999: aide: Invalid debconf priority (and probable misuse of debconf)
tags #385999 confirmed pending thanks On Mon, Sep 04, 2006 at 05:48:08PM +0200, Thomas Huriaux wrote: I would rephrase the copynew template as following: _Description: Copy aide.db.new to aide.db? It is advisable for you to first look over /var/lib/aide/aide.db.new file before replacing the existing db. You can have the package replace the database anyway here. . If you do not choose this option, you will need to copy the file /var/lib/aide/aide.db.new to /var/lib/aide/aide.db before aide can use it. and remove the warnnew template. I have done so in svn. Thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386783: 'man exim4' typos: ...the options that specifies a specific...
tags #386783 upstream forwaded #386783 http://www.exim.org/bugzilla/show_bug.cgi?id=387 thanks On Sun, Sep 10, 2006 at 03:14:14AM -0400, A. Costa wrote: Found some typos in '/usr/share/man/man8/exim4.8.gz', see attached '.diff'. Notes: corrected the inconsistent plural, reduced redundancy, and reordered for clarity. I have forwarded this upstream. To keep in sync with upstream, I am not planning to create a Debian-specific patch for this. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386875: exim4: doesn't support outgoing SSL connections on port 465
On Mon, Sep 11, 2006 at 06:27:34PM +0930, Arthur Marsh wrote: Marc Haber wrote, On 2006-09-11 18:14: On Mon, Sep 11, 2006 at 04:56:14AM +0930, Arthur Marsh wrote: I've used a guide at http://www.technovelty.org/linux/tips/exim4ssmtp.html to get outbound ssl connections to my ISP's secure mail server working, and wondered by exim4 didn't support outbound mail connections over ssl using port 465? smtp-over-tls on port 465 is a legacy protocol. Upstream is not planning to implement this at the current time. Please pester your ISP to support current Internet Standards. All I can offer is to forward this upstream, getting a new statement we won't implement this and keep this bug open as wontfix in the Debian BTS. I don't think that makes sense, so I'll close this bug. If you disagree, please feel free to re-open. OK, but what are the current Internet standards for secure smtp connections? ESMTP STARTTLS on Port 25. My ISP's current secure email connection information is at: http://www.internode.on.net/support/email/secure/index.php They seem to provide you sub-standard service. Try educating them. I suspect that there is a number of mail clients that cannot do smtp-over-tls on tcp/465 in the first place. (FYI, I'm one of the people that doesn't believe the telnet is insecure, ssh is safe mantra that others keep stating, having run secure-only telnet servers and read of man-in-the-middle attacks on ssh). When people say telnet is insecure, they are usually referring to unencrypted telnet. Personally, I have never run telnet over TSL, but I suspect that ssh is more widely used because of its vastly superior feature set. mitm attacks are usually caused by people clicking away the new host key warning, but it's the same with classical TLS as well. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386407: module-assistant: error message source tarball could not be found unhelpful
On Sun, Sep 10, 2006 at 12:47:59PM +0200, Eduard Bloch wrote: #include hallo.h * Marc Haber [Thu, Sep 07 2006, 01:20:41PM]: Package: module-assistant Severity: normal Hi, $ module-assistant --text-mode --userdir /tmp/mh build vmware-kernel The source tarball could not be found! Package vmware-kernel-source not installed? It would help if module-assistant would give information _where_ it has looked for the source tarball. /usr/src/vmware-kernel.tar.gz exists, and vmware-kernel-source is installed. Does the -d option display helpful details? They are definetely not helpful for me: [EMAIL PROTECTED]:~$ module-assistant -d --text-mode --userdir /tmp/mh build vmware-kernel Known compliant: acx100-source Known compliant: affix-source Known compliant: alsa-source Known compliant: arla-modules-source Known compliant: at76c503a-source Known compliant: bcm4400-source Known compliant: bcm5700-source Known compliant: cdfs-src Known compliant: cipe-source Known compliant: cloop-src Known compliant: comedi-source Known compliant: cpad-kernel-source Known compliant: cryptoapi-core-source Known compliant: cryptoloop-source Known compliant: dazuko-source Known compliant: ddrmat-source Known compliant: device3dfx-source Known compliant: drbd0.7-module-source Known compliant: drbd8-module-source Known compliant: dvb-driver-source Known compliant: e100-source Known compliant: eagle-usb-modules-source Known compliant: em8300-source Known compliant: exmap-modules-source Known compliant: fglrx-kernel-src Known compliant: freeswan-modules-source Known compliant: ftape-source Known compliant: ftpfs-src Known compliant: fwatch-modules-src Known compliant: fuse-source Known compliant: gpib-modules-source Known compliant: hostap-source Known compliant: hubcot-source Known compliant: i2c-source Known compliant: ieee80211-source Known compliant: ipw2100-source Known compliant: ipw2200-source Known compliant: ivtv-source Known compliant: linux-wlan-ng-source Known compliant: lirc-modules-source Known compliant: lm-sensors-source Known compliant: loop-aes-ciphers-source Known compliant: loop-aes-source Known compliant: lufs-source Known compliant: madwifi-source Known compliant: mga-vid-source Known compliant: misdn-kernel-source Known compliant: ndiswrapper-source Known compliant: nvidia-kernel-legacy Known compliant: nvidia-kernel-source Known compliant: nozomi-source Known compliant: openafs-modules-source Known compliant: openswan-modules-source Known compliant: ov511-source Known compliant: plex86-kernel-src Known compliant: ppscsi-source Known compliant: qc-usb-source Known compliant: qla2x00-source Known compliant: realtime-lsm-source Known compliant: rt2400-source Known compliant: rt2500-source Known compliant: rt2570-source Known compliant: shfs-source Known compliant: sl-modem-source Known compliant: spca5xx-source Known compliant: squashfs-source Known compliant: sysprof-module-source Known compliant: thinkpad-source Known compliant: tidev-modules-source Known compliant: translucency-source Known compliant: tun-source Known compliant: unicorn-source Known compliant: unionfs-source Known compliant: userlink-source Known compliant: vaiostat-source Known compliant: video4linux-nw802-source Known compliant: wacom-kernel-source Known compliant: xdslusb-source Known compliant: xlibmesa-drm-src Known compliant: zaptel-source Known compliant: zd1211-source Known with extensions/workarounds: . Known with extensions/workarounds: .. Known with extensions/workarounds: pcmcia-source Known with extensions/workarounds: default.sh Known with extensions/workarounds: generic.sh Known with extensions/workarounds: rtai-source Known with extensions/workarounds: vmware-kernel-source Known overrides: . Known overrides: .. PROBE: vmware-kernel PROBE: vmware-kernel-source GOT NAME: vmware-kernel-source Setting environment: KDREV: 2.6.17-5 KVERS: 2.6.17-1-686 KSRC: /lib/modules/2.6.17-1-686/build KPKG_DEST_DIR: /tmp/mh The source tarball could not be found! Package vmware-kernel-source not installed? Running m-a -f get vmware-kernel-source may help. Reading output from /usr/share/modass/packages/vmware-kernel-source lastpkg Reading output from /usr/share/modass/packages/vmware-kernel-source echodebfile The source tarball could not be found! Package vmware-kernel-source not installed? Running m-a -f get vmware-kernel-source may help. Build failed. Press Return to continue... Reading output from /usr/share/modass/packages/vmware-kernel-source echodebfile [EMAIL PROTECTED]:~$ Yes, vmware-kernel is a local, unofficial package. Pulled from Ubuntu? No. I haven't yet understood the mechanics of the Ubuntu vmware packages. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make
Bug#386790: aide: [INTL:ru] Updated Russian translation for debconf template
tags #386790 confirmed pending thanks On Sun, Sep 10, 2006 at 12:58:37PM +0400, Yuri Kozlov wrote: Updated Russian translation for debconf template is attached. Committed to svn, thanks. I have corrected my typo in the template as well. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#386090: [pkg-wpa-devel] Bug#386090: wpasupplicant: no association to unencrypted network
: $ sudo iwconfig eth1 essid any $ sudo iwconfig eth1 eth1 IEEE 802.11g ESSID:T-Mobile_T-Com Mode:Managed Frequency:2.412 GHz Access Point: 00:14:69:04:DB:20 Bit Rate=54 Mb/s Tx-Power=20 dBm Sensitivity=8/0 Retry limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=75/100 Signal level=-52 dBm Noise level=-85 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:89 Missed beacon:7 That came kind of as a surprise, since this didn't work the last times I tried. Why didn't the interface associate to the hotspot with wpa_supplicant running? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387078: exim4-config: local_host_whitelist man page entries a bit confusing
On Mon, Sep 11, 2006 at 11:15:19PM -0700, Ross Boylan wrote: The man page describing local_host_whitelist could be a little clearer. First, there is no subhead in the DESCRIPTION section for local_host_whitelist. Second, the fact that this file was only mentioned under local_host_blacklist, along with the text For convenience, as an additional method to whitelist addresses from being blocked, an explicit whitelist is read in from /etc/exim4/local_host_whitelist. Entries in the whitelist override corresponding blacklist entries. supported the 2nd of 2 interpretations: 1) if the sending host is on the whitelist, the message will be accepted. 2) if the sending host is on the blacklist and the whitelist, it will not be blocked because of the whitelist, but it might be blocked for other reasons. I think, after looking at the code, that 1) is what is happening. Right. At the moment, it happens to be what I want (in particular, someone is sending me mail from a machine without proper DNS entries). So I think it would be good to give local_host_whitelist a separate entry, and to clarify if interpreation 1, 2, or something else is correct. I agree. Can you give a text proposal or a patch for the man page? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387078: exim4-config: local_host_whitelist man page entries a bit confusing
On Tue, Sep 12, 2006 at 09:09:56AM -0700, Ross Boylan wrote: On Tue, Sep 12, 2006 at 09:39:08AM +0200, Marc Haber wrote: On Mon, Sep 11, 2006 at 11:15:19PM -0700, Ross Boylan wrote: The man page describing local_host_whitelist could be a little clearer. First, there is no subhead in the DESCRIPTION section for local_host_whitelist. Second, the fact that this file was only mentioned under local_host_blacklist, along with the text For convenience, as an additional method to whitelist addresses from being blocked, an explicit whitelist is read in from /etc/exim4/local_host_whitelist. Entries in the whitelist override corresponding blacklist entries. supported the 2nd of 2 interpretations: 1) if the sending host is on the whitelist, the message will be accepted. 2) if the sending host is on the blacklist and the whitelist, it will not be blocked because of the whitelist, but it might be blocked for other reasons. I think, after looking at the code, that 1) is what is happening. Right. I don't seem to be getting the behavior of 1). /etc/exim4/local_host_whitelist 63.123.252.6 but I still get 2006-09-12 02:48:48 Direct remote connection from 63.123.252.6 claiming to be EXCHFR102.domain-01.com 2006-09-12 02:49:08 no IP address found for host EXCHFR102.domain-01.com (during SMTP connection from (EXCHFR102.domain-01.com) [63.123.252.6]) 2006-09-12 02:49:48 63.123.252.6 pretending to be EXCHFR102.domain-01.com 2006-09-12 02:50:09 H=(EXCHFR102.domain-01.com) [63.123.252.6] F=[EMAIL PROTECTED] rejected RCPT [EMAIL PROTECTED]: Can you use exim -bh 63.123.252.6 to find out why the rejection happens? I've customized my rules significantly, not only enabling the check of reverse DNS but plugging in some of my own ACL's or fragments. I need to check exactly what's going on. exim -bh ip-address or exim -d -bh ip-address will be a big helper. It expects you to simulate an SMTP session. At the moment, it happens to be what I want (in particular, someone is sending me mail from a machine without proper DNS entries). So I think it would be good to give local_host_whitelist a separate entry, and to clarify if interpreation 1, 2, or something else is correct. I agree. Can you give a text proposal or a patch for the man page? I can do that after I make sure I understand how it's working. As I said, I suspect it's just some local stuff that is breaking the expected behavior. I suspect that as well. Whitelist honoring is configured inside each access list stanza. Whenever you see something like !acl = acl_whitelist_local_deny in an ACL stanza, the whitelist is honored for _this_ acl stanza only. So, if it's one of your local rules that denies a whitelisted host, you are probably not mentioning the white list in your local acl stanza. Maybe it can help to take a look at the default configuration to find out whether you have locally broken things or if our logic is at fault. You can find the default configuration on Debian svn. We only hold the split config in svn, though - refer to http://svn.debian.org/wsvn/pkg-exim4/exim/trunk/debian/debconf/conf.d/?rev=0sc=0. The non-split config is built from the split config at package build time. Hope this helps. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387448: empty entropy pool leads to DOS
reassign #387448 exim4-daemon-light,exim4-daemon-heavy tags #387448 confirmed upstream help user [EMAIL PROTECTED] usertags #387448 gnutls forwarded #387448 http://www.exim.org/bugzilla/show_bug.cgi?id=390 thanks On Thu, Sep 14, 2006 at 02:57:38PM +0200, Yuri D'Elia wrote: I know this has been reported before to death [since gnutls is being used], but I will just add another twist, since I'm tired of rebuilding exim with OpenSSL manually. GnuTLS drains the entropy pool much more quickly than OpenSSL. On server systems without hardware generators, /dev/random drains very quickly, meaning that exim will often block. But exim should NOT block, or even wait, in STARTTLS. As far as I know, exim blocks if no dh-parameters are available. The package regenerates the dh-parameters from outside exim if the gnutls-bin package is installed. exim4-base suggests gnutls-bin for this reason. This is a bug in exim. exim should NOT block in STARTTLS. keys must be generated in background or by other means, This is already been done. and the unavailability of data at STARTTLS should generate and immediate temporary failure to avoid other DOS conditions. Forwarded upstream. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387448: empty entropy pool leads to DOS
tags #387448 wontfix thanks Upstream has indicated that this is impossible to fix in exim. Please look in upstream's bugzilla, verify their arguments and take up the argument with them. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#343085: exim4: Exim SMTP_AUTH hangs since today...
On Fri, Sep 15, 2006 at 09:55:58AM +0200, Micha Lenk wrote: I now struggled about the same problem here: Exim hangs after STARTTLS in outgoing connections. I observed this behaviour with exim4-heavy-daemon 4.50-8sarge2 and 4.62-0bpo1 equally. What strikes me: Usually my mailserver is simply working fine. But every morning at more or less 6:25 AM (apparently after logrotation) it tends to hang. May be this gives a hint how to trigger this bug. In the daily cron job, the diffie-hellman parameter file is deleted and exim tries to regenerate it on the next TLS connection initialization. Starting with exim4 4.52-2, if the gnutls-bin package is installed, the dh-parameters are generated asynchronously and only replaced after new ones have been successfully generated. This will still starve your entropy (since GnuTLS is very uneconomically using the entropy), but exim will continue using the old dh parameters until the new ones have been generated. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387607: module-assistant: still _severely_ underdocumented
Package: module-assistant Severity: normal [severity: normal, since the package is unuseable with the docs that come with it. In my opinion, this bug should be important.] The interaction of module-assistant with the actual module source is completely underdocumented. I have here an (inofficial) module package which builds fine if invoked directly with fakeroot debian/rules binary-modules, but does not build with module-assistant build modulename. To debug this, I desperately need module-assistant to be a lot more verbose in what is does (like invoking debian/rules some-target), or I need documentation about which parts of the kernel sources, m-a and the module source interfere with each other. Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.13-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387448: empty entropy pool leads to DOS
On Sat, Sep 16, 2006 at 06:09:35PM +0200, Yuri D'Elia wrote: On 16 Sep 2006, at 15:39, Andreas Metzler wrote: The only thing causing exim to block on STARTTLS is key and dh-param generation. Both is done offline (/etc/cron.daily/exim4-base invoking /usr/share/exim4/exim4_refresh_gnutls-params which uses certtool). I noticed that gnutls-bin was suggested after the maintainer reply. Since I already have openssl installed, I simply ignored the suggestion. I'm happy the parameters can be generated outside of exim, as this downgrades the severity (somewhat) of the problem. It is now more clearly documented. Upstream quickly tagged as this as can't be done: I'd say this simply wrong. Everything can be done, provided enough time is given. Do you really think that it should be exim's job to re-implement a good part of a TLS library? Please take this up with upstream or the tech ctte. About Debian. Since the race _can_ be avoided (my bad I didn't notice), I'd say that it's a priority to inform users enough. A simple Suggest isn't enough, as proven by the reports already filed. What should we do? Maybe examples/exim-gencert in exim4-base should call the cron job in order to generate the keys immediately. I'd rather invoke a key generation process in the background from the init script if dh parameters are not present. README.Debian, instead of suggesting to check /dev/random, should inform that generation of keys in STARTTLS is subject to dossability, and thus, when setting up TLS and generating the certificates, the relative keys should be generated immediately too (this should be enough since README.Debian is referenced in main/03_exim4-config_tlsoptions), mentioning that gnutls-bin is _required_ to perform the task. Please send a patch. Please notice that i reserve the right to change your words while applying the patch. Also note that openssl can be used to generate the keys (in fact, I'm using openssl now), which is a problem less. Please send a patch. Maybe the Suggest: can also be raised to a Recommend too. I think that Suggests: is appopriate, as of Policy 7.2. If you disagree, please take this to the tech ctte. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387448: empty entropy pool leads to DOS
On Sun, Sep 17, 2006 at 05:26:04PM +0200, Yuri D'Elia wrote: On 16 Sep 2006, at 23:48, Marc Haber wrote: Upstream quickly tagged as this as can't be done: I'd say this simply wrong. Everything can be done, provided enough time is given. Do you really think that it should be exim's job to re-implement a good part of a TLS library? Please take this up with upstream or the tech ctte. This is not what I meant. I clearly don't want to touch and library code. exim upstream has just said that it is impossible to avoid blocking from within exim as the gnutls calls themselves block. My point is that this behavior in Exim is broken, and tagging it as won'tfix is not admitting it is. Please discuss this with upstream. I'd rather invoke a key generation process in the background from the init script if dh parameters are not present. If you can you check if exim has TLS enabled, looks fine. Yes, we can check that. I have build that intelligence into the script and have also refactored the code in a way that it allows exim4_refresh_gnutls-params to be called any time. Please send a patch. Please notice that i reserve the right to change your words while applying the patch. I'm not native english speaker, so I did my best. Thanks. I will commit some changes to the docs, but am not going to make it sound like using the gnutls-bin/openssl based approach is mandatory. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#387448: empty entropy pool leads to DOS
On Sun, Sep 17, 2006 at 06:14:07PM +0200, Andreas Metzler wrote: Thanks, I have commited the fallback-to-openssl stuff to SVN (I have changed preferences to still prefer gnutls, though). May I ask why you hae gnutls preferred? openssl is more economically handling entropy, and if both are present, I don't think that it hurts to have the more economic tool used. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#388082: security issues fixed in dokuwiki 20060309d
Package: dokuwiki Version: 0.0.20060309-5 Severity: grave Tags: security Justification: user security hole Hi, upstream's 20060309_d_ release fixes four security issues, one of them, http://bugs.splitbrain.org/index.php?do=detailsid=906, allowing attackers to place any code on the server where the webserver has write access. http://bugs.splitbrain.org/index.php?do=detailsid=823 http://bugs.splitbrain.org/index.php?do=detailsid=820 http://bugs.splitbrain.org/index.php?do=detailsid=825 http://bugs.splitbrain.org/index.php?do=detailsid=906 Please package and upload the new version asap. Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.13-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#388137: wpasupplicant: immediately disassociates from Apple AirPort Express allowing both WPA and WPA2
Package: wpasupplicant Version: 0.5.4-5 Severity: normal Hi, when trying to connect to an Apple AirPort Express which is configured to allow both WPA and WPA2, it is necessary to manually set group and pairwise to TKIP. Otherwise the interface will associate and immediately disassociate again, with the wpa_cli error message WPA: IE in 3/4 msg does not match with IE in Beacon/ProbeResp (src=00:03:93:ee:6d:c7). Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.13-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#388137: [pkg-wpa-devel] Bug#388137: wpasupplicant: immediately disassociates from Apple AirPort Express allowing both WPA and WPA2
On Tue, Sep 19, 2006 at 09:22:41PM +1000, Kel Modderman wrote: On Tuesday 19 September 2006 05:43, Marc Haber wrote: when trying to connect to an Apple AirPort Express which is configured to allow both WPA and WPA2, it is necessary to manually set group and pairwise to TKIP. Otherwise the interface will associate and immediately disassociate again, with the wpa_cli error message WPA: IE in 3/4 msg does not match with IE in Beacon/ProbeResp (src=00:03:93:ee:6d:c7). This could also be a flaw in the access point firmware (quite likely in those agere based ap's). I am not so sure you could blame this completely on wpa_supplicant. I am not sure as well. Perhaps it would be good to send this same report to hostap mailing lists Marc? Please go ahead and forward. I do not have much time to follow just another mailing list. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397404: dovecot: building package puts config.{guess|sub} in diff
Package: dovecot Severity: wishlist Hi, building the package seems to replace config.guess and config.sub, making them end up in the package .diff. This is unnecessary. The package build should move away the old config.guess and config.sub, replace them with the files from the system, and move the old files back after building. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397407: dovecot: second build fails, does not seem to correctly clean up
Package: dovecot Version: 1.0.rc12-1 Severity: important Hi, after the first successful build with debuild, there are still object files around in dovecot-sieve/src. This prevents a second build from completing (unrepresentable changes to source). Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396944: exim4-daemon-light: upgrading causes panic
tags #396944 unreproducible usertags [EMAIL PROTECTED] usertags #396944 close-20061130 thanks On Sat, Nov 04, 2006 at 05:50:03AM -0700, Bruce Sass wrote: On Sat November 4 2006 05:09, Marc Haber wrote: On Sat, Nov 04, 2006 at 04:40:01AM -0700, Bruce Sass wrote: Unfortunately I can not reliably reproduce this bug. Nine attempts at: #apt-get --reinstall install exim4-daemon-light got me two failures initially then seven successes. I have another box running the light daemon and one running the heavy daemon, neither of them have had a panic. :-/ I am afraid that then there is nothing to do except tagging this bug unreproducible and closing it by the end of November. Sounds reasonable. I am tagging the bug appropriately. For the record of the BTS: We tried debugging this quite verbosely and I ended up sshing to Bruce's host to find out what was going on. Unfortunately, we were not able to reproduce the real issue but only the symptom, by removing the pidfile manually. However, removing the pidfile manually may reproduce the symptom, but that symptom in that case has a clear cause, which does not aid in debugging the real issue. If somebody else sees the behavior Bruce has seen as well, please report here. If no reports come in, I'll close this bug by the end of November 2006. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397409: dovecot: needs build-conflict with automake1.4
Package: dovecot Severity: important If automake1.4 is installed while building (on sarge), build fails. I would thus recommend a build-conflict with automake1.4. When I try building on sid with automake1.4 installed, build fails later than it does on sarge. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397434: findutils: no option to find devices for major/minor number
Package: findutils Version: 4.2.28-1 Severity: wishlist Tags: upstream find does not have the ability to find device nodes with given major/minor number. It should. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages findutils depends on: ii libc62.3.6.ds1-7 GNU C Library: Shared libraries findutils recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397435: findutils: -ls does not show major/minor device number
Package: findutils Version: 4.2.28-1 Severity: normal The docs say that find -ls behaves as ls -dils. This is not true: $ find /dev/hda -ls 16290 brw-rw 1 root disk Nov 7 12:23 /dev/hda $ ls -dils /dev/hda 1629 0 brw-rw 1 root disk 3, 0 Nov 7 12:23 /dev/hda $ Find should print the device numbers for device nodes. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages findutils depends on: ii libc62.3.6.ds1-7 GNU C Library: Shared libraries findutils recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397646: exim4-config: reportbug mail issue
tags #397646 wontfix user [EMAIL PROTECTED] usertags #39646 i-dont-like-the-default-config thanks On Wed, Nov 08, 2006 at 08:02:58PM +0100, Olaf van der Spek wrote: Since exim4 is configured for local mail only by default, reportbug can no longer send emails to the BTS. I'm not sure how this should be solved and by which package, but I think it's an undesired situation to have by default. *sigh* A wonder it took so long time for this bug to be filed for the first time. See #392609. The exim4 maintainers were strongly urged by the installer guys to have exim refrain from asking configuratino questions during install and have complied reluctantly. That meant choosing a default, and - of course - regardless of what you choose as the default the choice is considered wrong by everybody. To make it short: Please take this to debian-devel or to the tech ctte to have them tell me what to choose as default. I don't care. And I am not going to change this default just to have somebody else complain a day later. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397646: exim4-config: reportbug mail issue
On Thu, Nov 09, 2006 at 08:14:23PM -0800, Blars Blarson wrote: In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes: Reportbug installs who do not have exim installed correctly should be using reportbug's built-in SMTP handling abilities and either relaying to their upstream smtp server or bugs.debian.org; the latter as the default if nothing else is selected. Since this is the way that reportbug works currently, I really don't see the problem. [Perhaps the only bug here is that it even asks whether to use the local smtp server in the novice case.] bugs.debian.org isn't always willing to accept mail. Besides the times like last night when a denial of service attack[0] made it so no mail was accepted for half an hour, spohr also uses greylisting. I don't think reportbug does mail queueing. Best idea would be reporting bugs via an http[s]-based API. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397916: adduser: unclear warning message
package adduser tags #397916 confirmed user [EMAIL PROTECTED] usertags #397916 post-etch thanks On Fri, Nov 10, 2006 at 01:56:41PM +0100, Peter Eisentraut wrote: I occasionally see this message (sometimes during package installation): Warning: that home directory does not belong to the user you are currently creating. But I don't find any information about what that home directory might be. Either the directory should be spelled out in the message, or it should be something like the home directory specified on the command line or whatever it is, although I would prefer the former. Agreed. I have added the directory name to the string, but am going to leave that change commented out until post-etch. I really would like to avoid changes in the program translation templates at this stage of release. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#397947: developers-reference: please suggest that all network services should bind to 127.0.0.1 by default
Package: developers-reference Version: 3.3.7 Severity: wishlist In my opinion, the developers' reference should suggest that network services should bind to 127.0.0.1 only by default and not be reachable from external hosts without explicit configuration by the local user (which might be debconf-driven). If you signal to me that this change would be acceptable for the developers' reference, I'll happily deliver a text suitable for the package. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) developers-reference depends on no packages. Versions of packages developers-reference recommends: ii debian-policy 3.7.2.2Debian Policy Manual and related d -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398033: kwlan: please allow configuration for which interfaces to show
Package: kwlan Version: 0.5.5-1 Severity: wishlist kwlan shows an icon for every interface of the local system. This includes, for example vmware*-Interfaces. Please allow the local user to give a list of interfaces for which a kwlan icon is never to be shown. Additionally, please allow an interface to be configured in a way that an icon only shows when the interface is up and configured. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398032: kwlan: totally undocumented
Package: kwlan Version: 0.5.5-1 Severity: important The kwlan package does not contain any documentation. This greatly affects its usability and should be fixed. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398286: ICQ: You are not allowed to add yourself to the contact list.
Package: kopete Version: 3.5.5-2 Severity: normal In a period when I was using gaim to access ICQ, I have added myself to my contact list to see which status my account was set to. This works. Since migrating back to kopete, I get at every program start the error message You are not allowed to add yourself to the contact list. The addition of my-uin to account my-uin will not take place. I'd like this to be possible with kopete. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398287: kopete: ICQ: add contacts to server list list popping up at every program start
Package: kopete Version: 3.5.5-2 Severity: normal I have been using kopete to access ICQ for quite a while. For a period of three months, I used gaim instead. Since I have migrated back to kopete, at every program start I get a dialog box titled Add contacts to server list, containing a list of UINs and the question The following contacts are not on your contact list. Would you like to add them? and an Add and a Do not add button. Whatever I do, the dialog comes back every time, and it always contains the same UINs. It doesn't care whether I marked an UIN and clicked on do not add the last time, it always shows the same UIN list over and over. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.2-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398365: exim4-config: exim4_files(5) recommends unreasonable file modes
tags #398365 confirmed pending thanks On Mon, Nov 13, 2006 at 02:08:49PM +0100, Georg Neis wrote: The exim4_files(5) manpage states that the recommended file mode for /etc/exim/passwd and /etc/exim/passwd.client is 750. I don't see why they should be executable. That is a cp error and now fixed in svn. Thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398593: clamav-data: [INTL:ja] updated Japanese debconf translation
tags #398593 confirmed pending thanks On Tue, Nov 14, 2006 at 10:06:15PM +0900, Kenshi Muto wrote: I updated Japanese translation of debconf messages (ja.po). Please apply this. Committed to svn, thanks. Can you look whether clamav-getfiles also needs an update? clamav-data and clamav-getfiles are built from the same source package. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398593: clamav-data: [INTL:ja] updated Japanese debconf translation
On Tue, Nov 14, 2006 at 11:24:47PM +0900, Kenshi Muto wrote: At Tue, 14 Nov 2006 15:06:39 +0100, Marc Haber wrote: Can you look whether clamav-getfiles also needs an update? clamav-data and clamav-getfiles are built from the same source package. It seems 100%, so I don't need to update it. :) Great. I just wanted to ask because it would be bad to upload a new source package to find your next translation of -getfiles coming in tomorrow. Most translators go alphabetically and hit -getfiles just a short while after -data. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398718: exim4: Please build with sqlite
tags #398718 confirmed pending thanks On Wed, Nov 15, 2006 at 10:45:47AM +0100, Adrian Phillips wrote: Would it be possible to get exim4-daemon-heavy built with sqlite ? Sure. Committed to experimental svn. I'll compile and upload this afternoon. I am unsure whether we'd be able to get this change into etch. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#245423: aide regularly forgets about /sbin and /dev
On Wed, Nov 15, 2006 at 09:09:10PM +0100, Bill Allombert wrote: On Mon, Oct 02, 2006 at 04:19:17PM +0200, Marc Haber wrote: On Wed, Sep 27, 2006 at 10:56:09AM +0200, Bill Allombert wrote: I never experienced the bug with gzip_dbout=no for some months now, so I am confident this fixed it. Very well, thanks. Can you set dzip_dbout again to verify that hypothesis? I did that and today the bug occured again. Which version of aide? Any chance that a cron job and a manual aide run were running concurrently? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398793: [Adduser-devel] Bug#398793: adduser: Non system wide readable (home) directories should not be 751
On Wed, Nov 15, 2006 at 05:56:42PM +, Stephen Gran wrote: This one time, at band camp, Olaf van der Spek said: Non system wide readable (home) directories should be 750, not 751. Or, the question should be made more clear, for example by replacing readable by listable. That seems reasonable on the face of it. Mark, opinions? I think that 751 is still appropriate just in case one wants to make a subdirectory group accessible. But I am unemotional here. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#398793: [Adduser-devel] Bug#398793: adduser: Non system wide readable (home) directories should not be 751
On Wed, Nov 15, 2006 at 11:07:24PM +0100, Olaf van der Spek wrote: In that case, could you change the question to a multiselect that also allows 750 to be chosen? That is a non-option for etch because it would invalidate translations. After conferring with aba about this issue, it seems that nobody besides you seems to have a strong opinion about this change, and I am therefore inclined to say don't change. I would appreciate if you could bring this up on debian-devel so that we can see what is rough consensus about this issue. Please take ~/public_html into this consideration. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393294: aide: French debconf templates translation
tags #393294 confirmed pending thanks On Sun, Oct 15, 2006 at 11:54:20PM +0200, Gregory Colpart wrote: Please find attached the French debconf templates translation, proofread by the debian-l10n-french mailing list contributors. Committed to svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#338319: [Pkg-gnutls-maint] not draining entrophy is a good thing
On Tue, Oct 17, 2006 at 04:26:32AM +1000, Anand Kumria wrote: The simplest fix, that should stop exim4 from blocking is to make gnutls-bin a Depend rather than a Suggest. NACK. I am not yet sure that the changes to exim4_refresh_gnutls-params will actually fix the issue, and it will introduce an unnecessary dependency for systems that to not run TLS at all. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393721: module-assistant: shouldnt CVERSION be the cosmetic version?
Package: module-assistant Severity: minor Hi, /usr/share/modass/include/generic.make says: @echo - Version is $(VERSION) @echo - Cosmetic version is $(VERSION) This confuses me. I'd expect CVERSION to be the cosmetic version. Or am I wrong here? Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.13-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393843: update-exim4.conf fails if user already included ;
tags #393843 confirmed thanks On Tue, Oct 17, 2006 at 06:15:18PM -0700, Vineet Kumar wrote: Just glancing at the script (I haven't read it all or claim to understand it all) it looks like it just uses grep to prepend the ; if the string contains any ; -- that's a bug. If the user-specified value begins with , the script shouldn't prepend its own ;. Your diagnosis seems to be correct. I'm going to fix this, but not before the version currently in sid has migrated to etch. Using full exim list features in debconf answers has never been officially supported. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393843: update-exim4.conf fails if user already included ;
tags #393843 patch pending thanks On Wed, Oct 18, 2006 at 10:01:29AM +0200, Marc Haber wrote: On Tue, Oct 17, 2006 at 06:15:18PM -0700, Vineet Kumar wrote: Just glancing at the script (I haven't read it all or claim to understand it all) it looks like it just uses grep to prepend the ; if the string contains any ; -- that's a bug. If the user-specified value begins with , the script shouldn't prepend its own ;. Your diagnosis seems to be correct. I'm going to fix this, but not before the version currently in sid has migrated to etch. The following patch seems to fix this. Can you please verify? Index: debian/debconf/update-exim4.conf === --- debian/debconf/update-exim4.conf(revision 1722) +++ debian/debconf/update-exim4.conf(working copy) @@ -309,8 +309,10 @@ for field in $UPEX4C_semicolon; do if eval echo \$$field | grep -q ;; then eval temp=\$$field -temp=; $temp -eval $field='$temp' +if ! echo $temp | grep -q ^; then + temp=; $temp + eval $field='$temp' +fi fi done Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393781: aide: [l10n] spanish translation update
tags #393781 confirmed pending thanks On Tue, Oct 17, 2006 at 02:14:53PM -0500, Rudy Godoy wrote: Hi, please find attached the spanish translation update for the po-debconf. Committed to svn, thanks. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#393930: Missing delivery_date_add in conf.d/transport/35_exim4-config_address_directory
tags #393930 confirmed pending thanks On Wed, Oct 18, 2006 at 03:37:52PM +0100, Dominic Hargreaves wrote: Please add delivery_date_add to the latter file as per the attached patch. Done in svn. This is, however, not an issue I would risk resetting the etch counter for, so the next upload will probably only be after current exim4 has migrated to testing. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394090: module-assistant: please add option to prevent build from cleaning after build
Package: module-assistant Severity: wishlist Hi, if a build completes, but generates a broken package, it would be nice to be able to see what actually happened in the build directory. This is currently not possible since the build target cleans the directory afterwards. Please add an option to prevent the clean from happening. Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17.13-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392998: closed by Laurence J. Lane [EMAIL PROTECTED] (Re: Bug#392998: IPMARK extension removed)
On Sat, Oct 14, 2006 at 11:45:15PM -0400, Laurence J. Lane wrote: On 10/14/06, Aaron Dummer [EMAIL PROTECTED] wrote: Please provide a better response than I would really rather not. If you have a good reason for not including these official netfilter extensions, I'd like to know. I do not have to include any patch-o-matic extensions. Yes, of course, but you did in the past, so your latest policy change has introduced a regression for your users. I think it is within their rights to ask you for a better explanation than I don't feel like doing so any more. Please, make it easier for people to understand your decisions. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394138: ITP: vmware-package -- utility for building Vmware related Debian packages
Package: wnpp Severity: wishlist Owner: Marc Haber [EMAIL PROTECTED] * Package name: vmware-package Version : 0.0 Upstream Author : Marc Haber [EMAIL PROTECTED] * URL : none yet * License : GPL Programming Lang: shell Description : utility for building Vmware related Debian packages This package provides the capability to create Debian packages for various VMware products and related software by obtaining VMware tarballs and then just running make-vmpkg. It can currently build Debian packages for the following VMware and VMware related products: * VMware kernel modules for Linux, using the vmware-any-any tarball It is planned to extend make-vmkg to build Debian packages for the following VMware products: * VMware Player 1.0.2 Please note that you need to download the corresponding tarballs yourself, and that the resulting .deb files are non-free and non-distributeable. The package is meant to aid a local admin to roll out VMware products to their local systems by means of the packaging system. Greetings Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394138: ITP: vmware-package -- utility for building Vmware related Debian packages
On Fri, Oct 20, 2006 at 11:16:59AM +0100, Steve Kemp wrote: On Thu, Oct 19, 2006 at 06:45:08PM +0200, Marc Haber wrote: Please note that you need to download the corresponding tarballs yourself, and that the resulting .deb files are non-free and non-distributeable. Is it not possible to do a wget to fetch these images as part of the package postinstall? I'd like people to explicitly know that they're building something non-free and non-distributeable. At least the vmware-player itself requires an EULA before download is allowed. vmware-any-any is freely available for download, yes. It just seems that if you're expecting users to download a tarball anyway that automating things further is a little strange. My goal is to have the files properly registered with the packaging system. Automating things is a side-effect of that. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394438: exim4: allow SMTP from remote when configuring for smarthost
On Sat, Oct 21, 2006 at 01:21:26PM +0200, A Mennucc wrote: On Sat, Oct 21, 2006 at 12:41:28PM +0200, Andreas Metzler wrote: The packages also asks IP-addresses to listen on for incoming SMTP connections: at debconf priority medium. - This question is definitely asked at the correct priority, as it has a reasonable default value. AFAICR, this question was not asked during my test install. In current sid, exim does not ask any questions at high priority, so during d-i installation, there is no question asked by exim and exim defaults to a local mail only setup. If you dpkg-reconfigure exim4-config at a later time, all questions are asked. This behavior was strongly requested by the Debian installer people and I do not intend to change this unless the tech ctte overrides me (and the installer team). I surely hope that the version that introduces this change makes it to etch in time. So, it really seems that that question is not asked during standard install. Feature. See /usr/share/doc/exim4-config/NEWS.Debian.gz for 4.62-4. even if exim only listens on 127.0.0.1 it will except mail by SMTP, (I suppose s/except/accept/ ) (SMTP from the local machine), so the question is formally correct. The question IP-addresses to listen on for incoming SMTP connections: is formally correct, but is not asked during install, and its default is not what people do expect from a SMTP server that is configured to mail sent by smarthost; received via SMTP or fetchmail I disagree here. IMHO, when the person installing Debian chooses mail sent by smarthost; received via SMTP or fetchmail s/he most probably is sending email anywhere on the Internet, and is expecting replies from anywhere on the Internet. I disagree here. But IP-addresses to listen on for incoming SMTP connections: will be silently set to 127.0.0.1 . This is not what people do expect. I think it is not expected by people that their exim accepts connections from anywhere by default. My suggestion is: if the user chooses to configure Exim4 to only do local delivery, then set the default of IP-addresses to listen on for incoming SMTP connections: to 127.0.0.1 ; in all other cases, set it to accept all connections. Thanks for this suggestion. I am not going to accept it. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394617: Acknowledgement (Typo in /usr/share/doc/exim4-base/README.Debian.gz)
On Sun, Oct 22, 2006 at 03:28:40PM +0200, Olaf van der Spek wrote: impleicit - implicit manlog - mainlog doign - doing Thanks for spotting these, fixed. Now, enable TLS by setting the macro MAIN_TLS_ENABLE in a local configuration file (documented below). Shouldn't that be documented above? Yes. I have replaced the wording with a direct link. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394598: exim4-daemon-heavy: Upgrade breaks TLS
tags #394598 confirmed pending thanks On Sat, Oct 21, 2006 at 10:05:05PM -0500, John Goerzen wrote: This is a serious upgrade-from-sarge issue that could break things. Agreed. I have committed a patch to exim4-base.postinst that will check file(1)'s output and zap the file if it is classified as application/octet-stream. Do you agree that this fixes things? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394651: exim4: Minor suspected typos in Debconf templates
On Sun, Oct 22, 2006 at 03:18:19PM +0200, Christian Perrier wrote: Quoting Jens Seidel ([EMAIL PROTECTED]): Package: exim4 Severity: minor Hi, during proofread of the German translation update I recognised a few suspected minor errors in the debconf template: Really late. It is like two full weeks that I'm nagging translators to update their translations and suggested changes come at the very end of this. So, I'll only make the changes that do not require translation updates. /usr/share/doc/exim4-base/README.Debian needs to be /usr/share/doc/exim4-base/README.Debian.gz (already fixed?) Actually we use /usr/share/doc/exim4-base/README.Debian as a shorthand for any version of README.Debian as we also ship a HTML version that has working internal links. For example, if a mail address on the local host is [EMAIL PROTECTED], then : example is according to http://www.ietf.org/rfc/rfc2606.txt a reserved domain. Maybe you should add a comment for translators that it might be a good idea not to translate it. Isn't mails the ordinary plural of mail? I miss this s multiple times, e.g. in The option to hide the local mail name in outgoing mailS was enabled. It is Here, this could be considered a generic plural to mean the outgoing mail (flow) or so. We will probably change the templates post-etch to consequently say e-mail messages or something similiar. The following sentence is hard to understand. Just set one or two commas and you will get completely different meanings (I don't know how to improve it): If this system does only receive e-mail directly from local services like fetchmail or your e-mail program (MUA) talking to localhost (and not from other hosts), it is adviseable to prohibit external connections to the local Exim. This can be accomplished by entering 127.0.0.1 here. This will disable listening on public network interfaces. So I thought for example first, that s/from/to/ is missing in the second line. No. The sentence is awkward but correct. It means if the system does only receive from foo or bar (and not from other hosts). What would be a suitable wording for post-etch? In normal mode of operation Exim does DNS lookups at startup, and when receiving or delivering messages. This is for logging purposes and allows keeping down the number of hard-coded values in the configuration. values refers to IP values in /etc/hosts, right? If so, please mention this. I guess not necessarily. I would say lower the number of hardcoded anything. So, no change, IMHO. Yes, right. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394598: exim4-daemon-heavy: Upgrade breaks TLS
On Mon, Oct 23, 2006 at 02:25:18PM -0500, John Goerzen wrote: On Mon, Oct 23, 2006 at 08:39:22PM +0200, Marc Haber wrote: On Sat, Oct 21, 2006 at 10:05:05PM -0500, John Goerzen wrote: This is a serious upgrade-from-sarge issue that could break things. Agreed. I have committed a patch to exim4-base.postinst that will check file(1)'s output and zap the file if it is classified as application/octet-stream. Will it be recreated automatically then? If so, then that sounds good. As with a fresh install, next STARTTLS command will recreate the file. This might be subject to entropy starvation, but that's not a new issue, and the removal of RSA_EXPORT might fix it. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394438: received via SMTP or fetchmail
On Mon, Oct 23, 2006 at 09:18:34PM +0200, Olaf van der Spek wrote: Marc Haber wrote: On Sun, Oct 22, 2006 at 11:15:41AM +0200, Olaf van der Spek wrote: mail sent by smarthost; received via SMTP or fetchmail Maybe a more detailed explanation should be given for that question. If you only listen on localhost:smtp, receiving email is going to be a bit hard. This is perfectly reasonable for receiving via fetchmail. True, but the or doesn't make that clear. Something like 'received via SMTP combined with fetchmail' would be more clear. In the original sentence, it sounds like SMTP can be used on it's own. It can. Just configure exim to listen on a publicly reachable interface. If you are qualified for running a publicly reachable SMTP server on the Internet, you should be able to figure that out by yourself. Greeetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394438: received via SMTP or fetchmail
On Sun, Oct 22, 2006 at 11:15:41AM +0200, Olaf van der Spek wrote: mail sent by smarthost; received via SMTP or fetchmail Maybe a more detailed explanation should be given for that question. If you only listen on localhost:smtp, receiving email is going to be a bit hard. This is perfectly reasonable for receiving via fetchmail. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394651: exim4: Minor suspected typos in Debconf templates
clone #394651 -1 reopen -1 retitle -1 exim4/dc_local_interfaces re-wording submitter -1 [EMAIL PROTECTED] user [EMAIL PROTECTED] usertags -1 post-etch debconf thanks On Tue, Oct 24, 2006 at 08:56:07AM +0200, Jens Seidel wrote: If this system does only receive e-mail directly from local services like fetchmail or your e-mail program (MUA) talking to localhost (and not from other hosts), it is adviseable to prohibit external connections to the local Exim. This can be accomplished by entering 127.0.0.1 here. This will disable listening on public network interfaces. If this system does only receive e-mails directly from local services (and not from other hosts), it is suggested to prohibit external connections to the local Exim. Such services include e-mail programs (MUAs) which talk to localhost only as well as fetchmail. This can be accomplished by entering 127.0.0.1 here[,?] which will disable listening on public network interfaces. Maybe you want to add parentheses around the explanation (Such services ...) or replace This with This restriction since it does no longer refer to the last sentence ... Nevertheless I think this is easier to understand. PS: adviseable contains a typo: advisable. Lets use suggested, we all know how to spell it :-) (Where is the bug report from a native speaker?) Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394651: exim4: Minor suspected typos in Debconf templates
clone #394651 -1 retitle -1 README.Debian references submitter -1 [EMAIL PROTECTED] user [EMAIL PROTECTED] usertags -1 post-etch debconf thanks On Tue, Oct 24, 2006 at 08:56:07AM +0200, Jens Seidel wrote: On Tue, Oct 24, 2006 at 07:10:10AM +0200, Christian Perrier wrote: Actually we use /usr/share/doc/exim4-base/README.Debian as a shorthand for any version of README.Debian as we also ship a HTML version that has working internal links. Don't do this. If I see a path somewhere I expect it's a valid one. It could also make trouble with automatic future path checks, automatic link creations (not currently supported in debconf). You could rephrase it as see the Debian specific README file in /usr/share/doc/exim4-base/ to achieve it. Agreed. Filing a bug for post-etch. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394651: exim4: Minor suspected typos in Debconf templates
On Tue, Oct 24, 2006 at 07:10:10AM +0200, Christian Perrier wrote: /usr/share/doc/exim4-base/README.Debian needs to be /usr/share/doc/exim4-base/README.Debian.gz (already fixed?) Actually we use /usr/share/doc/exim4-base/README.Debian as a shorthand for any version of README.Debian as we also ship a HTML version that has working internal links. Hmmm, OK. Based on a previous remark, I however changed the two references to this file into README.Debian.gz (one was README.Debian, another was README.Debian.html). I actually assumed that README.Debian.html was a mistkae, which it is obviously not. This can be changed back, if you prefer. Translations *can* be unfuzzied for this. I'm going to leave that decision to you, for etch. For etch+1, I'd prefer to have it fixed. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394942: exim4-config: RCPT ACL prevents some legitimate relaying
tags #394942 wontfix thanks On Tue, Oct 24, 2006 at 02:19:53AM +0200, William Steve Applegate wrote: After upgrading my backup MX server, running Exim, mail stopped flowing to the primary MX. The log file showed every mail being rejected with `550 relay not permitted'. I traced this to the following directive in /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt: require message = relay not permitted domains = +local_domains : +relay_to_domains The problem is, this line is placed _above_ the call to CHECK_RCPT_LOCAL_ACL_FILE. In my setup, the file pointed by this option contains the following configuration: accept condition = ${if match{${lookup dnsdb{mx=$domain}}}{ my.primary.mx.host(\\n|\$)}{yes}{no}} log_message = Permitted backup MX for $domain. Which allows relaying to my domains without them being entered by hand in the relay_to_domains option. Trouble is, due to the aforementioned directive, this one is never evaluated. Could you please move the no-relay directive below the call to CHECK_RCPT_LOCAL_ACL_FILE? I'm sorry, but that would mean deviating too far from upstream's configuration. The check for local domains and relay_to_domains is done early on purpose since that check is relatively cheap. The following methods can be used to work around this: - edit the ACL file (it's a dpkg-conffile and meant to be edited) - point the ACL processor to a different, local ACL by means of the MAIN_ACL_CHECK_RCPT macro. This different ACL might call acl_check_rcpt as a sub-acl. I am tagging this bug wontfix. If you find the suggested workaround unacceptable, please say so. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394651: exim4: Minor suspected typos in Debconf templates
clone #394651 -1 reopen -1 retitle -1 e-mail messages instead of mails submitter -1 [EMAIL PROTECTED] user [EMAIL PROTECTED] usertags -1 post-etch debconf thanks On Tue, Oct 24, 2006 at 07:10:10AM +0200, Christian Perrier wrote: Here, this could be considered a generic plural to mean the outgoing mail (flow) or so. We will probably change the templates post-etch to consequently say e-mail messages or something similiar. Yes, that could be an interesting change. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#394138: ITP: vmware-package -- utility for building Vmware related Debian packages
On Sun, Oct 22, 2006 at 01:41:06AM +0100, Sam Morris wrote: You might be interested in checking out some of the work I did on packaging vmware. Debian diffs are available from http://robots.org.uk/debian/unofficial/vmware/. Would you be willing to co-maintain vmware-package? You seem to have invested a lot of work. I tried to integrate as much with Debian as possible. Easy stuff included desktop entries, doc-base registration, and using existing packages where they already exist in Debian (e.g., point the user at dhcp3-server instead of shipping VMware's modified version). My package does not do a lot of these. Patches would be appreciated. Harder stuff included network setup, and replacing the init script with if-{pre-post}-{up,down}.d scripts, which allows the user to configure their virtual networks by editing /etc/networking/interfaces. That looks quite neat. I have preliminary packages on http://ivanova.notwork.de/~mh/debian. I am going to test them on a clean system and against Debian kernel sources later this week. There seems to be an issue of the dhcp daemon answering requests on non-vmnet interfaces. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396003: exim4-base: rotation of paniclog could be better
tags #396003 wontfix thanks On Sun, Oct 29, 2006 at 10:24:48PM +1100, Richard Salts wrote: The rotation of /var/log/exim4/paniclog is currently set to do so when the filesize reaches 10 Meg. When the daily exim cron job runs it reports an paniclog with non-zero size. I would think it would be better for the paniclog to be rotated daily or the cron job to use the mtime and the size of the paniclog before sending the email. Please read README.Debian.html chapter 2.5.1. If after reading there are still things to discuss, please mention this here so that we can improve the docs or even change the default. Tagging the bug wontfix for the mean time. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396173: nagios2-common: removed logrotate file still left around
Package: nagios2-common Version: 2.5-2 Severity: important The logrotate file that was removed in 2.5-2 is not removed on existing systems. This seems to be a dpkg flaw (or a feature). We need to take local care about removing the file. I do not have a clue about how to do this in a policy conformant way. Greetings Marc -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.1-zgsrv Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396173: nagios2-common: removed logrotate file still left around
On Mon, Oct 30, 2006 at 11:22:24AM +0100, Marc Haber wrote: We need to take local care about removing the file. I do not have a clue about how to do this in a policy conformant way. Possibly ugly code to do this: # Remove a no-longer used conffile rm_conffile() { CONFFILE=$1 if [ -e $CONFFILE ]; then md5sum=$(md5sum \$CONFFILE\ | sed -e \s/ .*//\) old_md5sum=$(sed -n -e \/^Conffiles:/,/^[^ ]/{' $CONFFILE'{s/.* //;p}}\ /var/lib/dpkg/status) if [ $md5sum != $old_md5sum ]; then echo Obsolete conffile $CONFFILE has been modified. echo Saving as $CONFFILE.dpkg-bak ... mv -f $CONFFILE $CONFFILE.bak else echo Removing obsolete conffile $CONFFILE ... rm -f $CONFFILE fi fi } preinst code: case $1 in install|upgrade) if dpkg --compare-versions $2 lt 2.5-3; then rm_conffile filename fi ;; esac -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396391: kopete: Cannot login to icq network
On Tue, Oct 31, 2006 at 08:19:16PM +0100, Juergen Richtsfeld wrote: I cannot connect to my icq account. I ran kopete with --nofork and logged the output. It contails lots of kopete (oscar/icq): WARNING: [ICQ::Presence ICQ::OnlineStatusManager::presenceOf(uint)] No presence exists for internal status 99! Returning Offline messages. I can confirm this behavior and think this warrants a higher severity. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#392831: exim4-config: colons or semi colons as separators (debconf templates issue)
On Tue, Oct 31, 2006 at 11:48:13PM +0100, Binzberger Viktor wrote: Your 'fix' just caused us a few hours of clueless debugging. Sorry about that. Using lsearch;/etc/mail/domains in dc_other_domains is a very common method of implementing simple virtual domains. It was never supported. The value has always only be documented as a list of domains. We actually documented that in NEWS.Debian for exim4 4.62-7, so your debugging session would have been significantly shorter if you had actually read the docs before installing the software. Now, with your update, our existing setup broke, and it just simply didn't occur to us, that the update script could be so stupid as to REPLACE the semicolons, instead of HALTING WITH AN ERROR (or a warning), which would be a reasonable behaviour in such situations. Halting with an error if semicolons are found in an input field that is supposed to be a semicolon-separated list is kind of a non-option, don't you agree? If you disagree with the maintainer's decision, please take this to debian-devel, and/or to the tech ctte. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396867: gnutls-bin: does not seem to properly handle rehandshake request
Package: gnutls-bin Version: 1.4.4-2 Severity: normal Hi, I have one internal https server (running IIS on Windows Server 2003) which seems to request a rehandshake after the http request was transmitted. This seems to badly confuse gnutls-cli: | $ gnutls-cli -p 443 a.b.c.d | Resolving 'a.b.c.d'... | Connecting to 'a.b.c.d:443'... | - Certificate type: X.509 | - Got a certificate list of 1 certificates. | | - Certificate[0] info: | # The hostname in the certificate does NOT match 'a.b.c.d'. | # valid since: Wed Jul 20 12:23:32 CEST 2005 | # expires at: Wed Sep 9 12:34:44 CEST 2009 | # fingerprint: 6B:22:44:F3:22:CC:BA:36:64:70:0F:C0:D5:CD:87:9E | # Subject's DN: C=DE,ST=BW,L=City,O=Site,OU=Site,CN=some.invalid.host.name.example | # Issuer's DN: CN=unqualifiedname | | | - Peer's certificate issuer is unknown | - Peer's certificate is NOT trusted | - Version: TLS 1.0 | - Key Exchange: RSA | - Cipher: ARCFOUR 128 | - MAC: MD5 | - Compression: NULL | - Handshake was completed | | - Simple Client Mode: | | GET / HTTP/1.0 | | *** Non fatal error: Rehandshake was requested by the peer. After this, nothing happens any more. Ctrl-C out. Trying the same with openssl s_client -connect a.b.c.d:443 works fine. With other servers (for example running apache on Linux), gnutls-cli works fine as well. Greetings Marc -- System Information: Debian Release: 4.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18.1-scyw00225 Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1) Versions of packages gnutls-bin depends on: ii libc62.3.6.ds1-7 GNU C Library: Shared libraries ii libgcrypt11 1.2.3-2 LGPL Crypto library - runtime libr ii libgnutls13 1.4.4-2 the GNU TLS library - runtime libr ii libgpg-error01.4-1 library for common error values an ii libopencdk8 0.5.9-2 Open Crypto Development Kit (OpenC ii libtasn1-3 0.3.6-2 Manage ASN.1 structures (runtime) ii zlib1g 1:1.2.3-13 compression library - runtime gnutls-bin recommends no packages. -- no debconf information -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]