Bug#999646: How can I help move this forward?
Hey, Thanks for your kind offer to help! I uploaded a new version to unstable today that adds the patch, so if you could double check that things are good now (and maybe close the bug if it works for you now) that would be great! Thanks, Michael On Thu, May 23, 2024, at 14:45, Charles Suprin wrote: > Hello, > > This seems to have a fix and a patch and How does one get it > incorporated into bookworm? > > Thanks.
Bug#1061764: unattended-upgrades ftbfs with Python 3.12 as default
Hey Doko, thanks for your bugreport. This is should be fixed in the git repo at github, at least a test-build with the python3 from experimental on debian/unstable build fine. I will look into a new release. Cheers, Michael On Mon, Jan 29, 2024, at 13:54, Matthias Klose wrote: > Package: src:unattended-upgrades > Version: 2.9.1+nmu4 > Severity: serious > Tags: sid trixie ftbfs > User: debian-pyt...@lists.debian.org > Usertags: python3.12 > > With python3-defaults from experimental, the package fails to build: > > [...] > Running ./test_pep484.py with python3 > s > -- > Ran 0 tests in 0.000s > > NO TESTS RAN (skipped=1) > make[2]: *** [Makefile:9: check] Error 5 > make[2]: Leaving directory '/<>/test' > make[1]: *** [debian/rules:16: override_dh_auto_test] Error 2 > > 5 is a new exit value when all tests are skipped.
Bug#1011678: python-apt: FTBFS: deblistparser.h:48:65: error: ‘pkgTagSection::Key’ has not been declared
Hey, thanks for reaching out. Julian was kind enough to merge the fix in https://salsa.debian.org/apt-team/apt/-/merge_requests/249 so as soon as apt gets a new upload this issue should be fixed. Cheers, Michael On Sat, Jul 23, 2022, at 23:33, Boyuan Yang wrote: > X-Debbugs-CC: m...@debian.org j...@debian.org > > Hi, > > On Thu, 26 May 2022 08:41:04 +0200 Lucas Nussbaum wrote: >> Source: python-apt >> Version: 2.3.0 >> Severity: serious >> Justification: FTBFS >> Tags: bookworm sid ftbfs >> User: lu...@debian.org >> Usertags: ftbfs-20220525 ftbfs-bookworm >> >> Hi, >> >> During a rebuild of all packages in sid, your package failed to build >> on amd64. > > This is getting serious since an archive-wide rebuild to drop python3.9 > support was just made. Your package fails to build from source in the > rebuild [1], which would block the python3.10-only transition [2]. > > Please consider looking into this bug. If you have time, please also fix the > other RC bug https://bugs.debian.org/994348 , which is also long overdue. > > Thanks, > Boyuan Yang > > > [1] https://buildd.debian.org/status/package.php?p=python-apt > [2] https://release.debian.org/transitions/html/python3.10-only.html > > Attachments: > * signature.asc
Bug#1011688: Thank you for the synaptic NMU
Hey, just wanted to send a quick THANK YOU note for the NMU diff. I uploaded a new version of synaptic with it and various other collected fixes/changes. But I realized I did not reply with a thank you :) Cheers, Michael
Bug#1011688: Thank you!
Hey Boyuan Yang, thank you so much your NMU and the diff. I will merge it into the git tree and may do a new upload with some more pending github fixes merged. Hope that is okay with you. Thanks again for your help! Michael
Bug#1001999: snapd: packaging not up to Debian standards
Thanks for reaching out and reporting this bug. Fwiw, I did reply to the original mail too bug for some reason it seems that the reply did not made it to you, not sure what happened here, sorry for that. I am preparing an upload of the latest 2.54.1 release of snapd that partly addresses the points you raised. Unfortunately I won't be able to fix it all in this upload (time constraints) but it should improve the situation quite a bit. Thanks, Michael
Bug#993783: snapd: AppArmor profile breaks snaps
Hi, thanks for your bugreport. I can reproduce the issue and it seems like it is triggered by the recent move to apparmor 3 in unstable. The profile loading for snaps used to be done directly by apparmor but with apparmor3 we need a patch in snapd to do it ourselfs. I will push a fix ASAP (testing right now). Sorry for the trouble, Michael
Bug#923500: snapd: non-classic snap not confined
Just a quick update - we looked at this and we think the apparmor support in Debian is sufficient to enable it in snaps by default. This is being worked on in https://github.com/snapcore/snapd/pull/9936 and once that lands I will upload to Debian. The goal is within this week. In addition to the spread tests we manually validated some key snaps and did not see regressions. With that upload we can close this bug because snaps are confined on Debian. Snaps will see the read only version of the "base" snap (e.g. core or core20) and only what access is granted via snap "interfaces". Cheers, Michael
Bug#942135: Bug#891877: Have either synaptic removed or have it rebuilt with libgtk3-perl in it recommends.
On Sun, Oct 13, 2019 at 05:58:30AM +0200, intrigeri wrote: > Hi, Hi, > shirish शिरीष: > > Dunno if this is the right place to discuss it or not. Integri asked > > hence sharing. [..] > AFAICT: > > - The synaptic codebase does not use libgtk2-perl directly. > - This Recommends is historically in place so that the user >can benefit from debconf's GNOME frontend. > - debconf's GNOME frontend has been ported to libgtk3-perl 1.5 years >ago (first released in 1.5.66): >https://salsa.debian.org/pkg-debconf/debconf/commit/0250616b > > Hence, the current "Recommends: libgtk2-perl" has been useless > for a year an a half. With libgtk2-perl being phased out, > this Recommends is now a more serious problem. On top of that, > a suitable dependency on libgtk3-perl is missing. > > Jeremy Bicha filed #891877 a while ago, requesting that Synaptic's > dependencies are updated accordingly. I believe the actions Jeremy > suggested on #891877 will solve the problem shirish is raising here, > improve the life of Synaptic's users, and make it clearer what is the > status of libgtk2-perl in the archive. > > Thoughts? > > (Oh my, so many words for a bug that can be fixed by s/2/3/ in one > single place :) Thanks for looking into this and sorry that this slipped my radar. I updated the dependency in git and depending on urgency can do an upload very soon - I guess we want one quickly? Cheers, Michael
Bug#915298: Thank you and +1
Hi Axel, thanks for the NMU diff - the proposed patch looks good. Cheers, Michael
Bug#849718: Can not reproduce from fresh git checkout
Hi, I tried this from a fresh git build and can not reproduce it. Could you please double check that "Settings/Preferences/Marking Changes/Ask to confirm changes that also affect other packages" is set? Cheers, Michael
Bug#841763: in apt marked as pending
Control: tag 841763 pending Hello, Bug #841763 in apt reported by you has been fixed in the Git repository. You can see the commit message below, and you can check the diff of the fix at: https://anonscm.debian.org/cgit/apt/apt.git/diff/?id=e133bb5 (this message was generated automatically based on the git commit message) --- commit e133bb5e81b10bf059b3abeab2d9e41f7206e446 Author: Michael Vogt Date: Wed Nov 9 15:09:44 2016 +0100 Do not (re)start "apt-daily.system" This unit runs unattended-upgrades. If apt itself is part of the upgrade a restart of the unit will kill unattended-upgrades. This will lead to an inconsistent dpkg status. Closes: #841763 Thanks: Alexandre Detiste
Bug#841763: unattended-upgrades: Breaks hard when apt is upgraded
On Sun, Oct 23, 2016 at 01:55:37PM +0200, Alexandre Detiste wrote: > Le dimanche 23 octobre 2016, 13 h 43 min 59 s CEST Santiago Vila a écrit : > > Aha! I can reproduce this too. On the machines where this happens, > > I believe I answered "yes" to a debconf question about restarting > > services automatically (one of the times I upgraded by hand and not > > using unattended-upgrades). > > > > Maybe something like this would work as a workaround? > > > > echo "libc6 libraries/restart-without-asking boolean false" | > > debconf-set-selections > > > > Thanks a lot. > > Hi, > > I think that adding this snippet to apt's debian/rules would fix this problem, > not tested tough. > > > > override_dh_systemd_start: > dh_systemd_start apt-daily.timer > Yes, I think you are right. This appears to be what is happening. I have commited this fix to git and it will be part of the next upload. Thanks, Michael > > Without this override, we get this: apt got -daily.service got "try-restart"ed > bit this statement in atp.postinst: > - > > > # Automatically added by dh_systemd_start > if [ -d /run/systemd/system ]; then > systemctl --system daemon-reload >/dev/null || true > if [ -n "$2" ]; then > _dh_action=try-restart > else > _dh_action=start > fi > deb-systemd-invoke $_dh_action apt-daily.service apt-daily.timer > >/dev/null || true > fi > # End automatically added section > > > > > Greets, > > Alexandre Detiste
Bug#788026: synaptic: Uses obsolete vte3 which is going away
On Sat, Aug 29, 2015 at 12:15:16PM +0200, Egmont Koblinger wrote:
> Hi,
Hi,
[..]
> - The big piece is spawning a process for the terminal, and here my
> patch is definitely incomplete as it'd require more thorough
> understanding of the code:
>
> -- argv needs to be populated with the command to be launched
> -- the possible pty flags and spawn should be carefully revised
> -- I _think_ that whatever happened so far between the
> vte_whatever_fork() and the exec() [now I replaced vte_whatever_fork()
> by vte_whatever_spawn(), but I haven't traced down where the exec()
> happens], which I believe is probably what DoInstallPostFork() does,
> needs to be moved into the child_setup method of vte_whatever_spawn().
> It's going to be a bit of refactoring.
[..]
Thanks for your initial patch. I finally managed to look at this issue
and I updated the code. It was a bit tricky as synaptic really needs
forkpty() instad of spawn_{,a}sync support. But that should work
now. If you have time it would be awsome to test the latest git.
Cheers,
Michael
Bug#763780: apt-get: Insecure temporary changelog handling
On Thu, Oct 02, 2014 at 06:29:45PM +0200, Guillem Jover wrote: > Package: apt > Version: 0.8.7 > Severity: serious > Tags: security patch Thanks for your bugreport and your patch! > I've found an instance of insecure temporary filenames handling. The > problem is that the code correctly creates a temporary directory, but > then uses that name as just a prefix for the created changelog > filename, thus creating it alongside the tamporary directory (instead > of inside of it), and making it very much predictable. This is worsened > due to the time it takes apt-get to download the changelog from the net, > which gives a very huge window to use that pathname. > > Attached a patch fixing this. This affects all versions starting from > the one in squeeze. > > I'm not sure if this deserves a CVE or perhaps a lower severity? [..] I uploaded a fix for wheezy now, squeeze is not affected, this feature got added in 0.8.11 in debian so we should be safe here. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Mon, Jun 16, 2014 at 11:18:27AM +0200, Jakub Wilk wrote:
> * Michael Vogt , 2014-06-16, 09:35:
> >+ _error->Warning(_("The data from '%s' is not signed. All packages from "
> >+ "that repository can not be authenticated."),
>
> s/can not/cannot/
>
> Also, "All" with a negated verb sounds awkward to me (but that may
> be due to my non-native-englishness). How about:
>
> "No packages from that repository can be authenticated."
>
> or simply
>
> "Packages from that repository cannot be authenticated."
>
> ?
I like the second string, I updated my branch. Thanks!
Cheers,
Michael
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Mon, Jun 16, 2014 at 02:58:28PM +0200, Christoph Anton Mitterer wrote: > On Mon, 2014-06-16 at 09:35 +0200, Michael Vogt wrote: > > I think for the future we actually should not allow a apt-get update > > of untrusted repos without --allow-unauthenticated or > > [trusted=no]. But this will probably break some setups so we need to > > be careful and not rush it. > > And what about the setups, which assume secure data to be retrieved (as > far as I can see the whole build stack of Debian), which is already > broken now? > > Security is much more critical here then things continuing to work... if > someone's setup really depend on not verifying integrity... he will > immediately notice (and can add the flag),... but no one notices if his > security is compromised by MitMs... :-( > > So I see not much of a reason to not implement that right away. Absolutely, security is (much!) more important. However with the fix that recently went into -security "apt-get source foo" will fail if foo comes from a not-authenticated source. What I wrote above is about not allowing "apt-get update" at all for unsigned repositories (unless --allow-unauthenticated is used). But maybe you are right and the warning that I added to git should be a error that tells the user to use --allow-unauthenticated if he/she really wants to use a repository that we can not authenticate. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Fri, May 30, 2014 at 03:21:20PM +0200, Michael Vogt wrote:
[..]
> > Hmm. There is no warning suggesting that anything fishy is going on,
> > and the exit code indicates success. (Perhaps the "Ign"s could raise
> > suspicion of an observant sysadmin. But who knows what "Ign" exactly
> > means? At least the apt-get(1) manpage doesn't know.)
>
> Right, I think apt should show a more prominent warning here. I will
> look into this next.
[..]
I create a git branch that shows a warning if it comes accross a
unauthenticated repository:
"""
+ _error->Warning(_("The data from '%s' is not signed. All packages from "
+ "that repository can not be authenticated."),
+ MetaIndexURIDesc.c_str());
"""
I think for the future we actually should not allow a apt-get update
of untrusted repos without --allow-unauthenticated or
[trusted=no]. But this will probably break some setups so we need to
be careful and not rush it.
Cheers,
Michael
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Thu, Jun 12, 2014 at 11:44:20AM +0200, Thijs Kinkhorst wrote:
[..]
> > apt: no authentication checks for source packages
>
> The Debian security team has assigned CVE-2014-0478 to this issue.
[..]
> As for squeeze, if it's not too much extra work it would be great if an
> update for squeeze was also possible. Perhaps it could also even include
> the fix for https://security-tracker.debian.org/tracker/CVE-2011-3634?
Attached is the debdiff for squeeze. Additional testing welcome (work
in my debian-squeeze environment).
Cheers,
Michael
diff -Nru apt-0.8.10.3+squeeze1/cmdline/apt-get.cc
apt-0.8.10.3+squeeze2/cmdline/apt-get.cc
--- apt-0.8.10.3+squeeze1/cmdline/apt-get.cc2011-04-15 09:30:33.0
+0200
+++ apt-0.8.10.3+squeeze2/cmdline/apt-get.cc2014-06-12 15:03:48.0
+0200
@@ -959,25 +959,8 @@
return true;
}
/*}}}*/
-// CheckAuth - check if each download comes form a trusted source /*{{{*/
-// -
-/* */
-static bool CheckAuth(pkgAcquire& Fetcher)
+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
{
- string UntrustedList;
- for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I <
Fetcher.ItemsEnd(); ++I)
- {
- if (!(*I)->IsTrusted())
- {
- UntrustedList += string((*I)->ShortDesc()) + " ";
- }
- }
-
- if (UntrustedList == "")
- {
- return true;
- }
-
ShowList(c2out,_("WARNING: The following packages cannot be
authenticated!"),UntrustedList,"");
if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
@@ -986,6 +969,9 @@
return true;
}
+ if (PromptUser == false)
+ return _error->Error(_("Some packages could not be authenticated"));
+
if (_config->FindI("quiet",0) < 2
&& _config->FindB("APT::Get::Assume-Yes",false) == false)
{
@@ -1003,6 +989,27 @@
return _error->Error(_("There are problems and -y was used without
--force-yes"));
}
/*}}}*/
+// CheckAuth - check if each download comes form a trusted source /*{{{*/
+// -
+/* */
+static bool CheckAuth(pkgAcquire& Fetcher, bool PromptUser=true)
+{
+ string UntrustedList;
+ for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I <
Fetcher.ItemsEnd(); ++I)
+ {
+ if (!(*I)->IsTrusted())
+ {
+ UntrustedList += string((*I)->ShortDesc()) + " ";
+ }
+ }
+
+ if (UntrustedList == "")
+ {
+ return true;
+ }
+
+ return AuthPrompt(UntrustedList, PromptUser);
+}
// InstallPackages - Actually download and install the packages
/*{{{*/
// -
/* This displays the informative messages describing what is going to
@@ -2229,6 +2236,7 @@
// Load the requestd sources into the fetcher
unsigned J = 0;
+ std::string UntrustedList;
for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
{
string Src;
@@ -2237,6 +2245,9 @@
if (Last == 0)
return _error->Error(_("Unable to find a source package for
%s"),Src.c_str());
+ if (Last->Index().IsTrusted() == false)
+ UntrustedList += Src + " ";
+
string srec = Last->AsStr();
string::size_type pos = srec.find("\nVcs-");
while (pos != string::npos)
@@ -2319,6 +2330,11 @@
}
}
+ // check authentication status of the source as well
+ if (UntrustedList != "" && !AuthPrompt(UntrustedList, false))
+ return false;
+
+
// Display statistics
unsigned long long FetchBytes = Fetcher.FetchNeeded();
unsigned long long FetchPBytes = Fetcher.PartialPresent();
diff -Nru apt-0.8.10.3+squeeze1/debian/changelog
apt-0.8.10.3+squeeze2/debian/changelog
--- apt-0.8.10.3+squeeze1/debian/changelog 2011-04-15 09:30:33.0
+0200
+++ apt-0.8.10.3+squeeze2/debian/changelog 2014-06-12 15:07:49.0
+0200
@@ -1,3 +1,14 @@
+apt (0.8.10.3+squeeze2) squeeze-security; urgency=high
+
+ * SECURITY UPDATE: apt-get source validation (closes: #749795)
+- CVE-2014-0478
+ * SECURITY UPDATE: sensitive information disclosure via incorrect
+hostname validation (LP: #868353)
+- methods/https.cc: properly set CURLOPT_SSL_VERIFYHOST.
+- CVE-2011-3634
+
+ -- Michael Vogt Thu, 12 Jun 2014 14:30:59 +0200
+
apt (0.8.10.3+squeeze1) stable; urgency=low
[ Michael Vogt ]
diff -Nru apt-0.8.10.3+squeeze1/methods/https.cc
apt-0.8.10.3+squeeze2/methods/https.cc
--- apt-0.8.10.3+squeeze1/methods/htt
Bug#749795: apt: no authentication checks for source packages
On Thu, Jun 12, 2014 at 11:44:20AM +0200, Thijs Kinkhorst wrote:
> > apt: no authentication checks for source packages
>
> The Debian security team has assigned CVE-2014-0478 to this issue.
>
> APT developers: we should fix this in wheezy. Are you able to provide an
> update for wheezy for this issue?
[..]
Attached is the fix for wheezy with a regression test, a additional
test run is very welcome (works in my wheezy container both the
testcase and a manual test when removing /var/lib/apt/lists/*Release*).
Cheers,
Michael
diff -Nru apt-0.9.7.9+deb7u1/cmdline/apt-get.cc
apt-0.9.7.9+deb7u2/cmdline/apt-get.cc
--- apt-0.9.7.9+deb7u1/cmdline/apt-get.cc 2013-03-01 11:51:21.0
+0100
+++ apt-0.9.7.9+deb7u2/cmdline/apt-get.cc 2014-06-12 13:35:58.0
+0200
@@ -1046,25 +1046,8 @@
return true;
}
/*}}}*/
-// CheckAuth - check if each download comes form a trusted source /*{{{*/
-// -
-/* */
-static bool CheckAuth(pkgAcquire& Fetcher)
+static bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
{
- string UntrustedList;
- for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I <
Fetcher.ItemsEnd(); ++I)
- {
- if (!(*I)->IsTrusted())
- {
- UntrustedList += string((*I)->ShortDesc()) + " ";
- }
- }
-
- if (UntrustedList == "")
- {
- return true;
- }
-
ShowList(c2out,_("WARNING: The following packages cannot be
authenticated!"),UntrustedList,"");
if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
@@ -1073,6 +1056,9 @@
return true;
}
+ if (PromptUser == false)
+ return _error->Error(_("Some packages could not be authenticated"));
+
if (_config->FindI("quiet",0) < 2
&& _config->FindB("APT::Get::Assume-Yes",false) == false)
{
@@ -1090,6 +1076,27 @@
return _error->Error(_("There are problems and -y was used without
--force-yes"));
}
/*}}}*/
+// CheckAuth - check if each download comes form a trusted source /*{{{*/
+// -
+/* */
+static bool CheckAuth(pkgAcquire& Fetcher, bool PromptUser=true)
+{
+ string UntrustedList;
+ for (pkgAcquire::ItemIterator I = Fetcher.ItemsBegin(); I <
Fetcher.ItemsEnd(); ++I)
+ {
+ if (!(*I)->IsTrusted())
+ {
+ UntrustedList += string((*I)->ShortDesc()) + " ";
+ }
+ }
+
+ if (UntrustedList == "")
+ {
+ return true;
+ }
+
+ return AuthPrompt(UntrustedList, PromptUser);
+}
// InstallPackages - Actually download and install the packages
/*{{{*/
// -
/* This displays the informative messages describing what is going to
@@ -2483,6 +2490,7 @@
// Load the requestd sources into the fetcher
unsigned J = 0;
+ std::string UntrustedList;
for (const char **I = CmdL.FileList + 1; *I != 0; I++, J++)
{
string Src;
@@ -2492,6 +2500,9 @@
delete[] Dsc;
return _error->Error(_("Unable to find a source package for
%s"),Src.c_str());
}
+
+ if (Last->Index().IsTrusted() == false)
+ UntrustedList += Src + " ";
string srec = Last->AsStr();
string::size_type pos = srec.find("\nVcs-");
@@ -2576,6 +2587,10 @@
Last->Index().SourceInfo(*Last,*I),Src);
}
}
+
+ // check authentication status of the source as well
+ if (UntrustedList != "" && !AuthPrompt(UntrustedList, false))
+ return false;
// Display statistics
unsigned long long FetchBytes = Fetcher.FetchNeeded();
diff -Nru apt-0.9.7.9+deb7u1/debian/changelog
apt-0.9.7.9+deb7u2/debian/changelog
--- apt-0.9.7.9+deb7u1/debian/changelog 2013-11-16 12:47:12.0 +0100
+++ apt-0.9.7.9+deb7u2/debian/changelog 2014-06-12 13:22:44.0 +0200
@@ -1,3 +1,10 @@
+apt (0.9.7.9+deb7u2) wheezy; urgency=low
+
+ * SECURITY UPDATE: apt-get source validation
+- CVE-2014-0478
+
+ -- Michael Vogt Thu, 12 Jun 2014 12:47:25 +0200
+
apt (0.9.7.9+deb7u1) wheezy; urgency=low
* Non-maintainer upload.
diff -Nru apt-0.9.7.9+deb7u1/test/integration/framework
apt-0.9.7.9+deb7u2/test/integration/framework
--- apt-0.9.7.9+deb7u1/test/integration/framework 2013-03-01
11:51:21.0 +0100
+++ apt-0.9.7.9+deb7u2/test/integration/framework 2014-06-12
13:21:11.0 +0200
@@ -130,7 +130,7 @@
mkdir rootdir aptarchive keys
cd rootdir
mkdir -p etc/apt/apt.conf.d etc/apt/sources.lis
Bug#749795: apt: no authentication checks for source packages
On Thu, Jun 12, 2014 at 11:44:20AM +0200, Thijs Kinkhorst wrote: > Hi, > > > apt: no authentication checks for source packages > > The Debian security team has assigned CVE-2014-0478 to this issue. > > APT developers: we should fix this in wheezy. Are you able to provide an > update for wheezy for this issue? Yes, I will work on a backport for this today. > As for squeeze, if it's not too much extra work it would be great if an > update for squeeze was also possible. Perhaps it could also even include > the fix for https://security-tracker.debian.org/tracker/CVE-2011-3634? I look into this too, I don't know yet how much extra work it is. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Sat, May 31, 2014 at 12:07:48AM +0200, David Kalnischkies wrote: > On Fri, May 30, 2014 at 03:21:20PM +0200, Michael Vogt wrote: > > >From b7f501b5cc8583f61467f0c7a0282acbb88e4b29 Mon Sep 17 00:00:00 2001 > > From: Michael Vogt > > Date: Fri, 30 May 2014 14:47:56 +0200 > > Subject: [PATCH] Show unauthenticated warning for source packages as well > > > > This will show the same unauthenticated warning for source packages > > as for binary packages and will not download a source package if > > it is unauthenticated. This can be overriden with > > typo: overridden Thanks, fixed. > > + // check authentication status of the source as well > > + if (UntrustedList != "" && !AuthPrompt(UntrustedList, true)) > > + return false; > > As said, I don't think 'apt-get source' should be interactive, so this > true should be a false, right? > > Reasons (as a repeat): > - it was not interactive before > - the error message on 'no' talks about install, so we would need a new > string > - 'apt-get download' isn't interactive either > (- it is more in line with your own commit summary) > > Counter arguments? [..] Good point! No counter arguments, the risk of breaking script by prompting is indeed a good reason not to show the prompt (and we do the same for download). I changed it to non-interactive now. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#749795: apt: no authentication checks for source packages
On Thu, May 29, 2014 at 11:04:35PM +0200, Jakub Wilk wrote:
> Package: apt
> Version: 1.0.3
> Severity: grave
> Tags: security
Thanks for your bugreport. You raise a important issue, but I agree
with David that its best if this goes through the security team for
coordination.
> I've been investigating how apt behaves when the repository doesn't
> contain any Release signatures (possibly because they were stripped
> off by a man-in-the-middle attacker).
>
> This is what I found out:
>
> | # cat /etc/apt/sources.list
> | deb http://ftp.debian.org/debian/ unstable main
> | deb-src http://ftp.debian.org/debian/ unstable main
> |
> | # apt-get update
> | Ign http://ftp.debian.org unstable InRelease
> | Ign http://ftp.debian.org unstable Release.gpg
> | Get:1 http://ftp.debian.org unstable Release [205 kB]
> | Get:2 http://ftp.debian.org unstable/main Sources [7249 kB]
> | Get:3 http://ftp.debian.org unstable/main amd64 Packages [6758 kB]
> | Fetched 14.2 MB in 29s (479 kB/s)
> | Reading package lists... Done
> |
> | # echo $?
> | 0
>
> Hmm. There is no warning suggesting that anything fishy is going on,
> and the exit code indicates success. (Perhaps the "Ign"s could raise
> suspicion of an observant sysadmin. But who knows what "Ign" exactly
> means? At least the apt-get(1) manpage doesn't know.)
Right, I think apt should show a more prominent warning here. I will
look into this next.
[..]
> So far, so good. However, apt-get happily downloads unauthenticated
> source packages, with no warning:
>
> | $ apt-get source -d nyancat
> | Reading package lists... Done
> | Building dependency tree
> | Reading state information... Done
> | Selected version '1.2.2-1' (unstable) for nyancat
> | Need to get 20.6 kB of source archives.
> | Get:1 http://ftp.debian.org/debian/ unstable/main nyancat 1.2.2-1 (dsc)
> [1782 B]
> | Get:2 http://ftp.debian.org/debian/ unstable/main nyancat 1.2.2-1 (tar)
> [14.1 kB]
> | Get:3 http://ftp.debian.org/debian/ unstable/main nyancat 1.2.2-1 (diff)
> [4748 B]
> | Fetched 20.6 kB in 0s (1838 kB/s)
> | Download complete and in download only mode
[..]
Indeed, this is a problem that needs fixing. Attached is a patch that
addresses the issue.
Cheers,
Michael
>From b7f501b5cc8583f61467f0c7a0282acbb88e4b29 Mon Sep 17 00:00:00 2001
From: Michael Vogt
Date: Fri, 30 May 2014 14:47:56 +0200
Subject: [PATCH] Show unauthenticated warning for source packages as well
This will show the same unauthenticated warning for source packages
as for binary packages and will not download a source package if
it is unauthenticated. This can be overriden with
--allow-unauthenticated
Closes: #749795
---
apt-private/private-download.cc| 5 +
apt-private/private-download.h | 6 +
cmdline/apt-get.cc | 9
test/integration/test-apt-get-source-authenticated | 26 ++
4 files changed, 46 insertions(+)
create mode 100755 test/integration/test-apt-get-source-authenticated
diff --git a/apt-private/private-download.cc b/apt-private/private-download.cc
index a095f0c..be7d23c 100644
--- a/apt-private/private-download.cc
+++ b/apt-private/private-download.cc
@@ -28,6 +28,11 @@ bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser)
if (UntrustedList == "")
return true;
+ return AuthPrompt(UntrustedList, PromptUser);
+}
+
+bool AuthPrompt(std::string UntrustedList, bool const PromptUser)
+{
ShowList(c2out,_("WARNING: The following packages cannot be authenticated!"),UntrustedList,"");
if (_config->FindB("APT::Get::AllowUnauthenticated",false) == true)
diff --git a/apt-private/private-download.h b/apt-private/private-download.h
index a108aa5..a90ac7e 100644
--- a/apt-private/private-download.h
+++ b/apt-private/private-download.h
@@ -5,7 +5,13 @@
class pkgAcquire;
+// Check if all files in the fetcher are authenticated
APT_PUBLIC bool CheckAuth(pkgAcquire& Fetcher, bool const PromptUser);
+
+// show a authentication warning prompt and return true if the system
+// should continue
+APT_PUBLIC bool AuthPrompt(std::string UntrustedList, bool const PromptUser);
+
APT_PUBLIC bool AcquireRun(pkgAcquire &Fetcher, int const PulseInterval, bool * const Failure, bool * const TransientNetworkFailure);
#endif
diff --git a/cmdline/apt-get.cc b/cmdline/apt-get.cc
index 0f18b0e..d74d6d5 100644
--- a/cmdline/apt-get.cc
+++ b/cmdline/apt-get.cc
@@ -76,6 +76,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -755,6 +756,7 @@ static bool DoSource(CommandLine &CmdL)
// Load the requestd sources into the fetcher
unsigned J = 0;
+ std::string UntrustedList;
for (const char **I = CmdL.FileList
Bug#738961: synaptic: Application is closing at the moment that any key is pressed
On Fri, Feb 14, 2014 at 10:51:58AM +0100, AndresBurbano wrote: > Package: synaptic > Version: 0.75.13 > Severity: grave > Tags: d-i > Justification: causes non-serious data loss Thanks for your bugreport. > Dear Maintainer, > >* What led up to the situation? > I always develop in Debian, so I got a New PC, then I installed the latest > version and when I use the synaptec for install some packages, I realized that > every time pressed I key it was automatically closing the app. >* What exactly did you do (or not do) that was effective (or > ineffective)? > I Open the application, Accept the Quick Introduction dialog, I put the > cursor > in the Quick filter and write the app name. At the first key that I press it > get close. I tried several different keys(a, b, z, t..). However if I select > the package with the mouse it install normally. [..] Would it be possible to get a gdb backtrace of the situation? For this you will need to open a terminal windows (like gnome-terminal) and run: $ sudo gdb synaptic [enter password] (gdb) run [make synaptic crash] (gdb) bt full and send me the output? Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#730490: apt: invoking dpkg no longer respects APT::Keep-Fds
On Mon, Nov 25, 2013 at 04:51:12PM +, Colin Watson wrote: > Package: apt > Version: 0.9.13 > Severity: grave > Justification: breaks d-i > Tags: patch > User: ubuntu-de...@lists.ubuntu.com > Usertags: origin-ubuntu ubuntu-patch trusty Thanks for your bugreport and your patch. > This bug originated as: > > https://bugs.launchpad.net/bugs/1254696 > > The ExecFork refactoring in 0.9.13~exp1 broke d-i, because APT::Keep-Fds > is no longer respected when invoking dpkg. Here's a patch, although > perhaps you want this laid out in some way that duplicates less code; > however I couldn't readily see how to do that without just undoing the > refactoring. Sorry for this regression. I had hoped to get rid of the APT::Keep-Fds and replace it with a proper APT::Progress::PackageManager object. But obviously its not ready yet. I merged your patch but moved the Keep-Fd reading into its own function. > I spent a couple of hours trying to write an integration test that > exercises the whole debconf-apt-progress path. I failed because that > requires actually executing the postinst in a test package, which > requires chrooting because we use dpkg --root, and I couldn't get > fakechroot to do the right thing. Suggestions gratefully appreciated if > you think this is important. > > * Fix two subprocess calls to continue to honour APT::Keep-Fds > (LP: #1254696). Having a test for this would be good - it will keep me from breaking it again :) If you could post the current state of your test that would be helpful. Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#717615: 01autoremove-kernels is created too late
On Tue, Jul 23, 2013 at 01:59:47AM +0100, Ben Hutchings wrote: > Package: apt > Version: 0.9.9.2 > Severity: serious > > The configuration file /etc/apt/apt.conf.d/01autoremove-kernels is > only created when a kernel package is installed. It must be created > on upgrade of apt, otherwise all kernel packages are immediately > auto-removable. Thanks for your bugreport. This is fixed now in git and will be part of the next upload. > (But thanks for adding this, I've been wanting it for years!) Indeed, its a really nice feature, kudos to Steve Langasek and Adam Conrad! Cheers, Michael > Ben. > > -- Package-specific info: > > -- (no /etc/apt/preferences present) -- > > > -- (no /etc/apt/sources.list present) -- > > > -- System Information: > Debian Release: jessie/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') > Architecture: i386 (x86_64) > Foreign Architectures: amd64 > > Kernel: Linux 3.10-1-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages apt depends on: > ii debian-archive-keyring 2012.4 > ii gnupg 1.4.12-7 > ii libapt-pkg4.12 0.9.9.2 > ii libc6 2.17-7 > ii libgcc1 1:4.8.1-6 > ii libstdc++6 4.8.1-6 > > apt recommends no packages. > > Versions of packages apt suggests: > pn apt-doc > ii aptitude0.6.8.2-1 > ii dpkg-dev1.16.10 > ii python-apt 0.8.9.1 > ii synaptic0.80.2 > ii xz-utils5.1.1alpha+20120614-2 > > -- no debconf information > > > -- > To UNSUBSCRIBE, email to deity-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: > http://lists.debian.org/20130723005947.30241.31262.report...@deadeye.wl.decadent.org.uk > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#709581: [synaptic] crashes when started it in terminal with and without sudo
On Fri, May 24, 2013 at 08:49:25AM +0200, Roman Stingler wrote: > Package: synaptic > Version: 0.80.1 > Severity: critical Thanks for your bugreport. Could you please try running synaptic with "gdb" ? $ sudo -s # gdb synaptic (gdb) run [wait for crash] (gdb) backtrace and send me the output of the backtrace? Thanks, Michael > --- Please enter the report below this line. --- > Worked normal in 0.80.0 but today after updating to 0.80.1 i get > following error > > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:289:20: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:323:20: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:1828:20: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:1845:21: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:1861:20: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets.css:2146:20: Not using units is deprecated. Assuming > 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:16:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:93:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:183:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:503:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:850:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:925:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:941:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:957:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:1012:21: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:1020:21: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:1034:21: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:1103:21: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gtk-widgets-backdrop.css:1237:20: Not using units is deprecated. > Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > gnome-panel.css:94:21: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > nautilus.css:18:18: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > nautilus.css:18:20: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > nautilus.css:81:20: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > nautilus.css:86:20: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Theme parsing error: > nautilus.css:145:20: Not using units is deprecated. Assuming 'px'. > (synaptic:28118): Gtk-WARNING **: Style property > "border-top-left-radius" is not gettable > (synaptic:28118): GLib-GObject-WARNING **: > /tmp/buildd/glib2.0-2.36.1/./gobject/gtype.c:4239: type id `0' is > invalid > (synaptic:28118): GLib-GObject-WARNING **: can't peek value table > for type `' which is not currently referenced > > I had this problem once before when I installed 0.80~exp from the > experimental repository about 2 months ago. > > > --- System information. --- > Architecture: amd64 > Kernel: Linux 3.8-2-amd64 > > Debian Release: jessie/sid > 500 unstable http.debian.net > 500 stable dl.google.com > 1001 waldorf packages.crunchbang.org > > --- Package information. --- > Depends (Version) | Installed > -+-== > libapt-inst1.5 (>= 0.8.16~exp12) | 0.9.8.1 > libapt-pkg4.12 (>= 0.8.16~exp12) | 0.9.8.1 > libatk1.0-0 (>= 1.12.4) | 2.8.0-2 > libc6 (>= 2.14) | > libcairo-gobject2 (>= 1.10.0) | > libcairo2 (>= 1.2.4) | > libept1.4.12 (>= 1.0.9) | > libgcc1 (>= 1:4.1.1) | > libgdk-pixbuf2.0-0 (>= 2.22.0) | > libglib2.0-0 (>= 2.14.0) | > libgtk-3-0 (>= 3.0.0) | > libpango1.0-0 (>
Bug#706521: FTBFS: missing build-dependency on lsb-release
On Wed, May 01, 2013 at 10:33:17AM +0200, Felix Geyer wrote: > Source: squid-deb-proxy > Version: 0.7 > Severity: serious > Tags: patch > Justification: fails to build from source Thanks for your bugreport and your patch! > squid-deb-proxy calls lsb_release without build-depending on lsb-release. > I've attached a patch that uses dpkg-vendor so no new build-dependency is > necessary. Merged and it will be part of the next upload. Cheers, Michael > Build log: > > # use hte right default mirrors file for the distro > ln -s mirror-dstdomain.acl. mirror-dstdomain.acl > make[1]: Leaving directory `/build/buildd/squid-deb-proxy-0.7' >dh_auto_test > /usr/bin/fakeroot debian/rules binary > dh binary >dh_testroot >dh_prep >dh_installdirs >dh_auto_install > make[1]: Entering directory `/build/buildd/squid-deb-proxy-0.7' > # dir > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/allowed-networks-src.acl.d > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/mirror-dstdomain.acl.d > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/pkg-blacklist.d > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/autogenerated > install -m 644 README.autogenerated > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/autogenerated > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/apt/apt.conf.d > install -d -m 755 > /build/buildd/squid-deb-proxy-0.7/debian/tmp/usr/share/squid-deb-proxy-client/ > # files > install -m 644 squid-deb-proxy.conf > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/ > install -m 644 allowed-networks-src.acl > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/ > install -m 644 mirror-dstdomain.acl > /build/buildd/squid-deb-proxy-0.7/debian/tmp/etc/squid-deb-proxy/ > install: cannot stat 'mirror-dstdomain.acl': No such file or directory > make[1]: *** [install] Error 1 > make[1]: Leaving directory `/build/buildd/squid-deb-proxy-0.7' > dh_auto_install: make -j1 install > DESTDIR=/build/buildd/squid-deb-proxy-0.7/debian/tmp AM_UPDATE_INFO_DIR=no > returned exit code 2 > make: *** [binary] Error 29 > diff -Nru squid-deb-proxy-0.7/debian/rules squid-deb-proxy-0.7/debian/rules > --- squid-deb-proxy-0.7/debian/rules > +++ squid-deb-proxy-0.7/debian/rules > @@ -1,6 +1,6 @@ > #!/usr/bin/make -f > > -DIST=$(shell lsb_release -i -s) > +DIST=$(shell dpkg-vendor --query Vendor) > > %: > dh $@ -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#702509: unattended-upgrades: does not run autonomously, even after it was enabled
On Thu, Mar 07, 2013 at 04:43:03PM +0100, g0to wrote:
> Package: unattended-upgrades
> Version: 0.79.4
> Severity: grave
> Tags: security
> Justification: renders package unusable
Thanks for your bugreport.
> after trying to make it run by myself and googling and make a few questions
> here[1] and there[2], I've decided to contact you to report what seems to be
> a lack of functionality of the package.
>
> Following the instructions in "/usr/share/doc/unattended-upgrades/README",
> after installing the package, I enabled it
>
> sudo dpkg-reconfigure -plow unattended-upgrades
>
> uncommented the proper lines in "/etc/apt/apt.conf.d/50unattended-upgrades"
> (below) and waited for it to unattendedly keeps my system update. But that
> didn't happen.
> After checking the logs in "/var/log/unattended-upgrades/" and
> "/var/log/apt/history.log" for several days, no activity was recorded there.
> I also tried running it in the "--dry-run" way and it "dry worked" with no
> errors.
>
> I've tagged the bug like a security issue because someone could trust the
> security updates of their system after installing and enabling the package
> and don't check if it's working after a long, and potentially insecure, time.
>
> Thank you for your time and for your job maintaining the package.
The way you enabled it should work so I would need some additional
information from you to figure out what is going on. Could you please
send me the output of:
$ apt-config dump|grep Periodic
and then the debug output that:
$ sudo unattended-upgrade --debug --dry-run > /tmp/un.output 2&>1
This will generate a file /tmp/un.output that I need too.
and finally the file:
/var/log/unattended-upgrades/unattended-upgrades.log
That hopefully gives me enough information to figure out what is going
on. I suspect for some reason the script is not run in your cron which
is strange. It hooks into /etc/cron.daily/apt, you can also run:
$ sudo sh -x /etc/cron.daily/apt
and add the output to this report as well. Note that this code has a
sleep (to distribute load better) in it, so the command will take some
minutes to complete.
Cheers,
Michael
> Cheers,
> g0to
>
> [1]
> http://serverfault.com/questions/483751/unattended-upgrades-doesnt-upgrade-or-does-nothing-at-all
> [2] http://lists.debian.org/debian-user/2013/03/msg00394.html
>
>
> -- System Information:
> Debian Release: 7.0
> Architecture: armhf (armv6l)
>
> Kernel: Linux 3.6.11+ (PREEMPT)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages unattended-upgrades depends on:
> ii apt0.9.7.7+rpi1
> ii apt-utils 0.9.7.7+rpi1
> ii debconf [debconf-2.0] 1.5.49
> ii lsb-base 4.1+Debian8+rpi1
> ii lsb-release4.1+Debian8+rpi1
> ii python 2.7.3-4
> ii python-apt 0.8.8.1
> ii ucf3.0025+nmu3
> ii xz-utils 5.1.1alpha+20120614-2
>
> unattended-upgrades recommends no packages.
>
> Versions of packages unattended-upgrades suggests:
> pn bsd-mailx
> pn mail-transport-agent
>
> -- Configuration Files:
> /etc/apt/apt.conf.d/50unattended-upgrades changed:
> // Automatically upgrade packages from these origin patterns
> Unattended-Upgrade::Origins-Pattern {
> // Codename based matching:
> // This will follow the migration of a release through different
> // archives (e.g. from testing to stable and later oldstable).
> "o=Debian,n=wheezy";
> "o=Debian,n=wheezy-updates";
> "o=Debian,n=wheezy-proposed-updates";
> "o=Debian,n=wheezy,l=Debian-Security";
> // Archive or Suite based matching:
> // Note that this will silently match a different release after
> // migration to the specified archive (e.g. testing becomes the
> // new stable).
> // "o=Debian,a=stable";
> // "o=Debian,a=stable-updates";
> // "o=Debian,a=proposed-updates";
> // "origin=Debian,archive=stable,label=Debian-Security";
> };
> // List of packages to not update
> Unattended-Upgrade::Package-Blacklist {
> //"vim";
> //"libc6";
> //"libc6-dev";
> //"libc6-i686";
> };
> // This option allows you to control if on a unclean dpkg exit
> // unattended-upgrades will automatically run
> // dpkg --force-confold --configure -a
> // The default is true, to ensure updates keep getting installed
> //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
> // Split the upgrade into the smallest possible chunks so that
> // they can be interrupted with SIGUSR1. This makes the upgrade
> // a bit slower but it has the benefit that shutdown while a upgrade
> // is running is possible (with a small delay)
> //Unattended-Upgrade::MinimalSteps "true";
> // Install all unattended-upgrades when the machine is shuting down
> // instead of doing it in the background while the machine is running
> // This
Bug#698552: unattended-upgrades - Fails with xz compress debs
On Sun, Jan 20, 2013 at 01:13:52PM +0100, Bastian Blank wrote:
> Package: unattended-upgrades
> Version: 0.79.3
> Severity: grave
Thanks for your bugreport.
> unattended-upgrades fails completely with xz compressed debs:
>
> | # unattended-upgrade
> | Traceback (most recent call last):
> | File "/usr/bin/unattended-upgrade", line 1011, in
> | main(options)
> | File "/usr/bin/unattended-upgrade", line 870, in main
> | if conffile_prompt(item.destfile):
> | File "/usr/bin/unattended-upgrade", line 433, in conffile_prompt
> | deb = apt_inst.DebFile(destFile)
> | SystemError: No debian archive, missing data.tar.{bz2,gz,uncompressed,}
I just tried to reproduce this without success, I added a regression
test that calls conffile_prompt() on a xz compressed test deb.
Could you please check if you have xz-utils installed and what output
# apt-config dump|grep Compressor::xz
is giving (if any)?
When I uninstall xz-utils I see a similar error message in my test. So
it might simply be a missing dependency in unattended-upgrades on
"xz-utils" (or adding it in python-apt/apt directly). But double
checking/confirming would be great.
Cheers,
Michael
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#695832: apt: CVE-2012-0961
On Thu, Dec 13, 2012 at 08:49:42AM +0100, Moritz Muehlenhoff wrote: > Package: apt > Severity: grave > Tags: security > Justification: user security hole > > This was assigned CVE-2012-0961: > https://bugs.launchpad.net/ubuntu/+source/apt/+bug/975199 > > Stable is not affected, the logging as done as 0600 there. Thanks for your bugreport. I uploaded a fix to unstable as 0.9.7.7 and send a unblock request as bug #695841. Cheers, Michael > Cheers, > Moritz > > > -- > To UNSUBSCRIBE, email to deity-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: > http://lists.debian.org/20121213074942.25033.89000.report...@m25s06.vlinux.de > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#670131: AttributeError: 'Version' object has no attribute 'policy_priority'
On Mon, Apr 23, 2012 at 12:41:01PM +0300, Teodor wrote:
> Package: unattended-upgrades
> Version: 0.76.2
> Severity: grave
> Justification: renders package unusable
Thanks for your bugreport.
This should work with current sid but it will not work with older
version of python-apt. I added a check into do the code to not crash
if it runs with older versions of python-apt.
Cheers,
Michael
> Hi,
>
> I upgraded u-a on one 32-bit server to test if another problem is fixed and
> found that it doesn't work anymore:
>
> | root@goliath:~# unattended-upgrades --debug
> | INFO:root:Initial blacklisted packages: locales libc6-i686 libc-bin libc6
> linux-image-2.6.32-5-486 linux-image-2.6.32-5-686-bigmem firmware-linux-free
> linux-base libupsclient1 nut nut-cgi squid3-common squid3
> | Initial blacklisted packages: locales libc6-i686 libc-bin libc6
> linux-image-2.6.32-5-486 linux-image-2.6.32-5-686-bigmem firmware-linux-free
> linux-base libupsclient1 nut nut-cgi squid3-common squid3
> | INFO:root:Starting unattended upgrades script
> | Starting unattended upgrades script
> | INFO:root:Allowed origins are: ['o=Debian,a=stable',
> 'o=Debian,a=stable-updates', 'o=Debian,a=proposed-updates',
> 'origin=Debian,archive=stable,label=Debian-Security']
> | Allowed origins are: ['o=Debian,a=stable', 'o=Debian,a=stable-updates',
> 'o=Debian,a=proposed-updates',
> 'origin=Debian,archive=stable,label=Debian-Security']
> | Traceback (most recent call last):
> | File "/usr/bin/unattended-upgrades", line 920, in
> | main(options)
> | File "/usr/bin/unattended-upgrades", line 699, in main
> | allowed_origins=allowed_origins)
> | File "/usr/bin/unattended-upgrades", line 70, in __init__
> | self.adjust_candidate_versions()
> | File "/usr/bin/unattended-upgrades", line 94, in adjust_candidate_versions
> | if ver.policy_priority < 0:
> | AttributeError: 'Version' object has no attribute 'policy_priority'
>
> (on this system I do many u-a tests, that's why it has many packages
> blacklisted)
>
> Thanks
>
>
> -- System Information:
> Debian Release: 6.0.4
> APT prefers stable-updates
> APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500,
> 'stable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.32-5-686-bigmem (SMP w/2 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages unattended-upgrades depends on:
> ii apt 0.8.10.3+squeeze1 Advanced front-end for dpkg
> ii apt-utils 0.8.10.3+squeeze1 APT utility programs
> ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management
> sy
> ii lsb-release 3.2-23.2squeeze1 Linux Standard Base version
> report
> ii python2.6.6-3+squeeze6 interactive high-level
> object-orie
> ii python-apt0.7.100.1+squeeze1 Python interface to libapt-pkg
> ii ucf 3.0025+nmu1Update Configuration File:
> preserv
>
> unattended-upgrades recommends no packages.
>
> Versions of packages unattended-upgrades suggests:
> pn bsd-mailx (no description available)
>
> -- Configuration Files:
> /etc/apt/apt.conf.d/50unattended-upgrades changed:
> // Automatically upgrade packages from these origin patterns
> Unattended-Upgrade::Origins-Pattern {
> // Codename based matching:
> // This will follow the migration of a release through different
> // archives (e.g. from testing to stable and later oldstable).
> // "o=Debian,n=squeeze";
> // "o=Debian,n=squeeze-updates";
> // "o=Debian,n=squeeze-proposed-updates";
> // "o=Debian,n=squeeze,l=Debian-Security";
> // Archive or Suite based matching:
> // Note that this will silently match a different release after
> // migration to the specified archive (e.g. testing becomes the
> // new stable).
> "o=Debian,a=stable";
> "o=Debian,a=stable-updates";;
> "o=Debian,a=proposed-updates";
> "origin=Debian,archive=stable,label=Debian-Security";
> };
> // List of packages to not update
> Unattended-Upgrade::Package-Blacklist {
> //"vim";
> //"libc6";
> //"libc6-dev";
> //"libc6-i686";
> };
> // This option allows you to control if on a unclean dpkg exit
> // unattended-upgrades will automatically run
> // dpkg --force-confold --configure -a
> // The default is true, to ensure updates keep getting installed
> //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
> // Split the upgrade into the smallest possible chunks so that
> // they can be interrupted with SIGUSR1. This makes the upgrade
> // a bit slower but it has the benefit that shutdown while a upgrade
> // is running is possible (with a small delay)
> //Unattended-Upgrade::MinimalSteps "true";
> // Install all unattended-upgrades when the machine is shuting down
> // instead of doing it in the background while the m
Bug#669583: OSError: [Errno 1] Operation not permitted
On Fri, Apr 20, 2012 at 04:11:16PM +0300, Teodor MICU wrote: > 2012/4/20 Michael Vogt : > > Sure, the setsid() call makes the process a session leader and removes > > the controlling tty. The rational is that if you run > > unattended-upgrades in a shell and then shutdown your tty goes away > > and unattended-upgrades gets killed even if its in the middle of a > > operation (like a upgrade). The unattended-upgrades-shutdown script is > > there to avoid that and keep the system running long enough to finish > > the upgrade - but for that unattended-upgrades must not be terminated > > by the tty going away. > > I think this protection is necessary only if U-A::Automatic-Reboot is > set to "true", right? If affirmative, why not wait until u-a finish > the pkgs upgrade and then do the reboot? Thanks for your mail! It protects against e.g. a user manually running unattended-upgrade in a terminal and then someone shuting down the machine. In this case the running unattended-upgades would get killed even if its in the middle of the upgrade leaving the system in a bad state. It will also help if cron does not put u-n into its own process-group (I don't know if it will do that or not, but I assume it will) and on shutdown cron might get killed and with it the running u-n. The goal is to keep u-n alive and let the "unattended-upgrades-shutdown" script deal with stopping it or waiting until its finished. Given that I think that cron puts it into its own process group already its just a minor protection, but AFAICT there are no downsides either :) Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#669583: OSError: [Errno 1] Operation not permitted
On Fri, Apr 20, 2012 at 12:57:29PM +0300, Teodor MICU wrote: > 2012/4/20 Michael Vogt : > > Thanks for your bugreport. I fixed that now. I guess in your case it > > was already the session-leader for some reason (maybe because of > > systemd?). > > Yes, I use «systemd» but I don't know what being session-leader means. > Most times u-a is run automatically by Cron, only when I check or > debug some problem its run from a tty/pts console. > > Just for my curiosity, can you shortly explain what problem does > os.setsid() fix or avoid? Sure, the setsid() call makes the process a session leader and removes the controlling tty. The rational is that if you run unattended-upgrades in a shell and then shutdown your tty goes away and unattended-upgrades gets killed even if its in the middle of a operation (like a upgrade). The unattended-upgrades-shutdown script is there to avoid that and keep the system running long enough to finish the upgrade - but for that unattended-upgrades must not be terminated by the tty going away. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#669583: OSError: [Errno 1] Operation not permitted
B1;3100;0cOn Fri, Apr 20, 2012 at 08:48:49AM +0300, Teodor wrote:
> Package: unattended-upgrades
> Version: 0.76.1
> Severity: grave
> Justification: renders package unusable
>
> Hi,
>
> The os.setsid() changes makes u-a abort on every invocation:
> | root@r2:~# unattended-upgrade
> | Traceback (most recent call last):
> | File "/usr/bin/unattended-upgrade", line 913, in
> | os.setsid()
> | OSError: [Errno 1] Operation not permitted
> |
> | root@r2:~# unattended-upgrade --debug
> | Traceback (most recent call last):
> | File "/usr/bin/unattended-upgrade", line 913, in
> | os.setsid()
> | OSError: [Errno 1] Operation not permitted
>
> Thanks
Thanks for your bugreport. I fixed that now. I guess in your case it
was already the session-leader for some reason (maybe because of
systemd?).
Cheers,
Michael
>
> -- System Information:
> Debian Release: wheezy/sid
> APT prefers unstable
> APT policy: (500, 'unstable'), (500, 'testing')
> Architecture: amd64 (x86_64)
>
> Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores)
> Locale: LANG=ro_RO.utf8, LC_CTYPE=ro_RO.utf8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages unattended-upgrades depends on:
> ii apt0.9.1
> ii apt-utils 0.9.1
> ii debconf [debconf-2.0] 1.5.42
> ii lsb-release4.1+Debian1
> ii python 2.7.2-10
> ii python-apt 0.8.4
> ii ucf3.0025+nmu3
>
> unattended-upgrades recommends no packages.
>
> Versions of packages unattended-upgrades suggests:
> pn bsd-mailx
>
> -- Configuration Files:
> /etc/apt/apt.conf.d/50unattended-upgrades changed:
> // Automatically upgrade packages from these origin patterns
> Unattended-Upgrade::Origins-Pattern {
> // Codename based matching:
> // This will follow the migration of a release through different
> // archives (e.g. from testing to stable and later oldstable).
> // "o=Debian,n=squeeze";
> // "o=Debian,n=squeeze-updates";
> // "o=Debian,n=squeeze-proposed-updates";
> // "o=Debian,n=squeeze,l=Debian-Security";
> // Archive or Suite based matching:
> // Note that this will silently match a different release after
> // migration to the specified archive (e.g. testing becomes the
> // new stable).
> "o=Debian,a=unstable";
> // "o=Debian,a=stable";
> // "o=Debian,a=stable-updates";
> // "o=Debian,a=proposed-updates";
> "origin=Debian,archive=stable,label=Debian-Security";
> };
> // List of packages to not update
> Unattended-Upgrade::Package-Blacklist {
> //"vim";
> //"libc6";
> //"libc6-dev";
> //"libc6-i686";
> };
> // This option allows you to control if on a unclean dpkg exit
> // unattended-upgrades will automatically run
> // dpkg --force-confold --configure -a
> // The default is true, to ensure updates keep getting installed
> //Unattended-Upgrade::AutoFixInterruptedDpkg "false";
> // Split the upgrade into the smallest possible chunks so that
> // they can be interrupted with SIGUSR1. This makes the upgrade
> // a bit slower but it has the benefit that shutdown while a upgrade
> // is running is possible (with a small delay)
> //Unattended-Upgrade::MinimalSteps "true";
> // Install all unattended-upgrades when the machine is shuting down
> // instead of doing it in the background while the machine is running
> // This will (obviously) make shutdown slower
> //Unattended-Upgrade::InstallOnShutdown "true";
> // Send email to this address for problems or packages upgrades
> // If empty or unset then no email is sent, make sure that you
> // have a working mail setup on your system. A package that provides
> // 'mailx' must be installed.
> Unattended-Upgrade::Mail "root";
> // Set this value to "true" to get emails only on errors. Default
> // is to always send a mail if Unattended-Upgrade::Mail is set
> Unattended-Upgrade::MailOnlyOnError "true";
> // Do automatic removal of new unused dependencies after the upgrade
> // (equivalent to apt-get autoremove)
> Unattended-Upgrade::Remove-Unused-Dependencies "true";
> // Automatically reboot *WITHOUT CONFIRMATION* if a
> // the file /var/run/reboot-required is found after the upgrade
> //Unattended-Upgrade::Automatic-Reboot "false";
> // Use apt bandwidth limit feature, this example limits the download
> // speed to 70kb/sec
> //Acquire::http::Dl-Limit "70";
>
>
> -- debconf information:
> * unattended-upgrades/enable_auto_updates: true
>
>
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#646620: Another stable server having the same issue but with weird results
On Thu, Feb 16, 2012 at 09:12:44PM +0100, Santiago Garcia Mantinan wrote: > Hi! Hi, thanks for your bugreport. > I was revising other servers and found severl others having the same issue, > this one is a bit extrange as the upgrade that took place is the same as the > one on the i686 server I reported a bit earlier, the differences are: > > 1- on time, this server due to mirrors timings did the upgrade on the 29th > while my previous reported stable server had done the upgrade on the 30th > > 2- on sizes, as this new server has more things installed (like X server) > > 3- on the result, on this server the process holding things was not samba, > even though it also has samba and it was upgraded, this time is hald, while > hal was not upgraded [..] > Looks like some of the packages made hal triggers get processed and thus > hald got restarted inheriting every fd. Indeed, I uploaded a new version of unattended-upgrades into unstable now that fixes the fd leak and that should fix this problem as well, please keep me updated if the problem vanishes or reappears. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#663016: [synaptic] Segmentation fault after upgrade to 0.75.5
On Thu, Mar 08, 2012 at 01:38:22AM +0100, Hans-Georg Bork wrote: > Package: synaptic > Version: 0.75.5 > Severity: grave Thanks for your bugreport! > --- Please enter the report below this line. --- > > Hi, > > after upgrade from 0.75.4 to current 0.75.5, synaptic gives a segfault > at start (see attached strace). A simple reinstall of 0.75.4 solves it. > > syslog shows: > Mar 8 01:31:18 linprofs-hgb kernel: [ 8440.806485] synaptic[7794]: > segfault at 0 ip 0047ec41 sp 7fffab0cd3d0 error 4 in > synaptic[40+b7000] > > Thanks for looking at it. Could you please run synpatic under "gdb" ? To do that, you need to install it first and then run: $ sudo gdb synaptic (gdb) run [wait for crash] (gdb) backtrace full and send me the output? Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#646620: mdadm
On Tue, Feb 28, 2012 at 12:39:18PM +0500, Timur Irmatov wrote:
> Hi,
>
> I can also add that same thing (apt hanging as zombie and run-parts not
> collecting its status) happened during mdadm upgrade. After restarting
> mdadm by hand, apt and run-parts finish as they should.
Thanks for your bugreport and thanks to Santiago Garcia for the
detailed analysis in the previous mail too!
Could you please try the attached patch (you can ignore the diff in
the test_*.py file) that hopefully fixes the leaking of the fds and
the subsequent issues? This probably needs to be pushed up to
python-apt/libapt too.
I did some light testing with it and it seems to be fine here, but
please be careful and let me know how it goes. Review on the patch
itself is of course welcome too!
Thanks!
Michael
=== modified file 'debian/changelog'
--- debian/changelog 2012-01-02 13:14:02 +
+++ debian/changelog 2012-02-28 10:48:18 +
@@ -5,6 +5,8 @@
* test improvements
* fix mispelled "Unattended-Upgrade::MinimalSteps" (and add compat
mode)
+ * unattended-upgrade:
+- cleanup FDs to hopefully fix zombies (closes: #646620)
-- Michael Vogt Mon, 02 Jan 2012 14:00:03 +0100
=== modified file 'test/test_against_real_archive.py'
--- test/test_against_real_archive.py 2011-11-18 10:46:15 +
+++ test/test_against_real_archive.py 2012-02-28 10:48:18 +
@@ -39,10 +39,12 @@
logfile = os.path.join(logdir, "unattended-upgrades.log")
apt_pkg.config.set("APT::UnattendedUpgrades::LogDir", logdir)
unattended_upgrade.DISTRO_CODENAME = "lucid"
-unattended_upgrade.main(options, os.path.abspath("./aptroot"))
+res = unattended_upgrade.main(options, os.path.abspath("./aptroot"))
# check if the log file exists
self.assertTrue(os.path.exists(logfile))
log = open(logfile).read()
+# check that stuff worked
+self.assertFalse(" ERROR " in log)
# check if we actually have the expected ugprade in it
self.assertTrue(
re.search("INFO Packages that are upgraded:.*awstats", log))
=== modified file 'unattended-upgrade'
--- unattended-upgrade 2012-01-02 13:14:02 +
+++ unattended-upgrade 2012-02-28 10:48:18 +
@@ -27,6 +27,7 @@
import ConfigParser
import copy
import datetime
+import fcntl
import re
import os
import string
@@ -106,6 +107,45 @@
f.write(_("Progress: %s %% (%s)") % (percent, pkg))
f.close()
+def _fixup_fds(self):
+required_fds = [ 0, 1, 2, # stdin, stdout, stderr
+ self.writefd,
+ self.write_stream.fileno(),
+ self.statusfd,
+ self.status_stream.fileno()
+ ]
+# ensure that our required fds close on exec
+for fd in required_fds[3:]:
+old_flags = fcntl.fcntl(fd, fcntl.F_GETFD)
+fcntl.fcntl(fd, fcntl.F_SETFD, old_flags | fcntl.FD_CLOEXEC)
+# close all fds
+proc_fd = "/proc/self/fd"
+if os.path.exists(proc_fd):
+error_count = 0
+for fdname in os.listdir(proc_fd):
+try:
+fd = int(fdname)
+except Exception as e:
+print "ERROR: can not get fd for '%s'" % fdname
+if fd in required_fds:
+continue
+try:
+os.close(fd)
+#print "closed: ", fd
+except OSError as e:
+# there will be one fd that can not be closed
+# as its the fd from pythons internal diropen()
+# so its ok to ignore one close error
+error_count += 1
+if error_count > 1:
+print "ERROR: os.close(%s): %s" % (fd, e)
+
+def fork(self):
+pid = os.fork()
+if pid == 0:
+self._fixup_fds()
+return pid
+
class Unlocked:
""" context manager for unlocking the apt lock while cache.commit()
Bug#649451: hard-coded gzip-only support in apt-cdrom
On Wed, Nov 23, 2011 at 04:09:23PM +, Steve McIntyre wrote: > On Wed, Nov 23, 2011 at 05:01:13PM +0100, Michael Vogt wrote: > >On Mon, Nov 21, 2011 at 06:57:41PM +0100, Julian Andres Klode wrote: > >> On Mon, Nov 21, 2011 at 01:03:08PM +0100, David Kalnischkies wrote: > >> > On Mon, Nov 21, 2011 at 01:26, Steve McIntyre wrote: > >> > > I've just added support for translated description files into [..] > >> It would be great if someone who actually needs it takes a look > >> at it. That said, I have pushed out the following patch to > >> the debian-experimental2 branch, please test it (I didn't > >> test it, but it compiles and looks logically right). > >[..] > > > >Thanks! This looks fine, I still changed it a bit to make use of the > >APT::Configuration::getCompressionTypes() code so that we have only a > >single place to add new compression types. Needs some serious testing > >still. > > My own testing suggests it's necessary but not sufficient. The code in > indexcopy.cc needs updating too to support things other than > uncompressed and gzipped files. I've got a grotty patch that works for > me but you *will* want to refactor. :-) Oh, indeed, that code needs some serious love in general. But please send us the patch :) Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#649451: hard-coded gzip-only support in apt-cdrom
On Mon, Nov 21, 2011 at 06:57:41PM +0100, Julian Andres Klode wrote: > On Mon, Nov 21, 2011 at 01:03:08PM +0100, David Kalnischkies wrote: > > On Mon, Nov 21, 2011 at 01:26, Steve McIntyre wrote: > > > I've just added support for translated description files into > > > debian-cd, creating Translation-$LANG.bz2 on CDs to match the > > > archive. A problem report from a user shortly afterwards described > > > apt-cdrom issues using a DVD generated with this new code. [1] I've > > > dug through the code in cdrom.cc and tagfile.cc and I've found that > > > apt simply does not support .bz2 versions of the Translation files > > > *from CD*. AFAICS it *does* support them in the main archive via HTTP > > > etc. That's a bit of a surprise, to say the least. > > > > I am not that surprised, given that apt-cdrom is touched only once > > in a blue moon - last serious change is from 2009 (udev), the one > > before that is adding Translation support in 2007, the 2005 change > > is imported from the previous vcs… You get the pattern. > > All in all its properly save to say that the code you looked at mostly > > comes straight from the last millennium (literally speaking!)… > > > > My personal excuse is that i haven't used it a single time, so i am > > properly not the best one to hack on it, but i fear the rest of the > > (lets count optimistic) trio seems to have the same excuse… > > Yes, definitely the same here. I don't even have a single Debian > CD/DVD/Blu-Ray disc. I exclusively install systems via network, > and do not use optical discs at all. > > It would be great if someone who actually needs it takes a look > at it. That said, I have pushed out the following patch to > the debian-experimental2 branch, please test it (I didn't > test it, but it compiles and looks logically right). [..] Thanks! This looks fine, I still changed it a bit to make use of the APT::Configuration::getCompressionTypes() code so that we have only a single place to add new compression types. Needs some serious testing still. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#648216: Installation failure: update-rc.d: error: start|stop arguments not terminated by "."
On Wed, Nov 09, 2011 at 06:06:07PM +0100, Paul Menzel wrote: > Package: unattended-upgrades > Version: 0.74.1 > Severity: grave > Justification: renders package unusable Thanks for your bugreport. > Dear Debian folks, > > running `sudo aptitude safe-upgrade` and upgrading to version 0.74.1 I get > the following error. This should be fixed now. I'm a bit puzzled why this happend, it did not happen on my debian-box. What version of update-rc.d do you use? thanks, Michael > […] > Setting up unattended-upgrades (0.74.1) ... > Installing new version of config file > /etc/apt/apt.conf.d/50unattended-upgrades ... > Installing new version of config file > /etc/pm/sleep.d/10_unattended-upgrades-hibernate ... > Installing new version of config file /etc/init.d/unattended-upgrades > ... > update-rc.d: error: start|stop arguments not terminated by "." > usage: update-rc.d [-n] [-f] remove >update-rc.d [-n] defaults [NN | SS KK] >update-rc.d [-n] start|stop NN runlvl [runlvl] > [...] . >update-rc.d [-n] disable|enable [S|2|3|4|5] > -n: not really > -f: force > > The disable|enable API is not stable and might change in the future. > dpkg: error processing unattended-upgrades (--configure): > subprocess installed post-installation script returned error exit > status 1 > Processing triggers for menu ... > configured to not write apport reports > Errors were encountered while > processing: > unattended-upgrades > E: Sub-process /usr/bin/dpkg returned an error code (1) > A package failed to install. Trying to recover: > Setting up unattended-upgrades (0.74.1) ... > update-rc.d: error: start|stop arguments not terminated by "." > usage: update-rc.d [-n] [-f] remove >update-rc.d [-n] defaults [NN | SS KK] >update-rc.d [-n] start|stop NN runlvl [runlvl] > [...] . >update-rc.d [-n] disable|enable [S|2|3|4|5] > -n: not really > -f: force > > The disable|enable API is not stable and might change in the future. > dpkg: error processing unattended-upgrades (--configure): > subprocess installed post-installation script returned error exit > status 1 > Errors were encountered while processing: > unattended-upgrades > > > Thanks, > > Paul > > -- System Information: > Debian Release: wheezy/sid > APT prefers unstable > APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, > 'experimental') > Architecture: i386 (x86_64) > > Kernel: Linux 3.0.0-2-amd64 (SMP w/2 CPU cores) > Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/bash > > Versions of packages unattended-upgrades depends on: > ii apt0.8.15.9 > ii apt-utils 0.8.15.9 > ii debconf [debconf-2.0] 1.5.41 > ii lsb-release3.2-28 > ii python 2.7.2-9 > ii python-apt 0.8.0 > ii ucf3.0025+nmu2 > > unattended-upgrades recommends no packages. > > Versions of packages unattended-upgrades suggests: > ii bsd-mailx 8.1.2-0.20100314cvs-1 > > -- debconf information: > unattended-upgrades/enable_auto_updates: false -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#645919: unattended-upgrades: Unattended-upgrade in progress during shutdown, sleeping for 5s
On Tue, Nov 01, 2011 at 01:04:54PM +0200, Teodor MICU wrote: > 2011/10/31 Michael Vogt : > > I think I found the issue now and fixed it in trunk. The issue is that > > the init scripts are run on upgrade, but they really should only run > > on actual shutdown. Its a bit confusing why this is happening as the > > header of the init script says that it should not run in any runlevel > > and only stop in runlevel 0 6. So there might be a bug in the init > > system here as well. Which one do you use? > > I'm using the default init system in Debian: sysvinit + insserv. Thanks for this info! > > With the fix there will be one more hang on upgrade because the old > > (and buggy) prerm is run that will try to stop > > unattended-upgrades. But from that point on it should be fixed. > > Can be fixed by a targetted fix on Debian 6.0 squeeze? Could this > create a problem on manual dist-upgrade from Debian 6.0 to 7.0? The version in squeeze is not affected by this bug, only testing/unstable AFAICT. So people upgrading from there should be fine. Its just unfortunate for people running it on testing/unstable :/ I added some code now that will avoid the failure but given the way maintainer scripts are called I don't think I can do anything about the delay (the shutdown script will timeout after 10minutes automatically). It will have to timeout, then the error can be ignored by the updated script. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#646620: Any news on this bug?
On Tue, Nov 08, 2011 at 12:16:41PM +0100, Santiago Garcia Mantinan wrote: > Do you need any other info to help solve this bug? Sorry for the slow reply, I was traveling. I am currently a bit lost what might cause this TBH. I tried to reproduce this in a clean VM and have apache upgraded from from 2.2.16-6+squeeze3 to 2.2.16-6+squeeze4 (just like in your example), it also upgaded libpam and openssl. This worked here, no defunct process. However I ran it by hand, not from cron.daily. I wonder if there is anything else missing to make this reproducable, is there anything special on your apache setup or anything else that might help me to reproduce the issue? > I really think that having the upgrades block daily cron jobs on a stable > machine is something that should not happen, thus I think we should try to > get this solved asap. Yes, this is definitely a critical bug in my book too, I just need some more clues (or a way to reproduce) to figure out how to fix it :/ Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#645919: unattended-upgrades: Unattended-upgrade in progress during shutdown, sleeping for 5s
On Mon, Oct 31, 2011 at 06:46:43AM +0200, Teodor MICU wrote:
> severity 645919 grave
> stop
Thanks for your bugreport.
I think I found the issue now and fixed it in trunk. The issue is that
the init scripts are run on upgrade, but they really should only run
on actual shutdown. Its a bit confusing why this is happening as the
header of the init script says that it should not run in any runlevel
and only stop in runlevel 0 6. So there might be a bug in the init
system here as well. Which one do you use?
With the fix there will be one more hang on upgrade because the old
(and buggy) prerm is run that will try to stop
unattended-upgrades. But from that point on it should be fixed.
Cheers,
Michael
> 2011/10/19 Teodor :
> > I guess the only option is to kill u-a and upgrade manually. Severity set to
> > 'important' instead of 'grave' just because it might have to be specific to
> > my
> > custom config for automatic reboot after u-a runs (if needed).
>
> Well, my assumtion was wrong. It happened again today (u-a 0.73.1
> migrated to testing) on my laptop were I don't have any automatic
> reboot configured for u-a. Thus raising severity since it affects
> normal configurations too.
>
> These are all the u-a processes running now:
> 1715 /bin/sh /usr/sbin/invoke-rc.d unattended-upgrades stop
> 1735 /bin/sh /etc/init.d/unattended-upgrades stop
> 1736 python /usr/share/unattended-upgrades/unattended-upgrade-shutdown
> 28040 /usr/bin/python /usr/bin/unattended-upgrade
> 28144 /usr/bin/python /usr/bin/unattended-upgrade
> 28205 /usr/bin/dpkg --status-fd 132 --unpack --auto-deconfigure
> /var/cache/apt/archives/[..]
> /var/cache/apt/archives/unattended-upgrades_0.73.1_all.deb [..]
>
> The pstree looks like this:
> init─┬─NetworkManager─┬─dhclient
> │└─2*[{NetworkManager}]
> ├─acpi_fakekeyd
> ├─acpid
>
> ├─anacron───sh───run-parts───apt───unattended-upgr───unattended-upgr───dpkg───prerm───invoke-rc.d───unattended-upgr───python
>
> 27381 ?Ss 0:00 /usr/sbin/anacron -s
> 27893 ?S 0:00 \_ /bin/sh -c nice run-parts --report
> /etc/cron.daily
> 27894 ?SN 0:00 \_ run-parts --report /etc/cron.daily
> 27938 ?SN 0:00 \_ /bin/sh /etc/cron.daily/apt
> 28040 ?SN 0:29 \_ /usr/bin/python
> /usr/bin/unattended-upgrade
> 28144 ?SN 0:00 \_ /usr/bin/python
> /usr/bin/unattended-upgrade
> 28205 ?SN 0:03 \_ /usr/bin/dpkg
> --status-fd 132 --unpack --auto-deconfigure /var/cache/apt/archives
> 1714 ?SN 0:00 \_ /bin/sh
> /var/lib/dpkg/tmp.ci/prerm failed-upgrade 0.72.3
> 1715 ?SN 0:00 \_ /bin/sh
> /usr/sbin/invoke-rc.d unattended-upgrades stop
> 1735 ?SN 0:00 \_ /bin/sh
> /etc/init.d/unattended-upgrades stop
> 1736 ?SN 0:00 \_
> python /usr/share/unattended-upgrades/unattended-upgrade-shutdown
> ro
>
> After "kill 1736" it goes to:
> 28205 ?SN 0:03 \_ /usr/bin/dpkg
> --status-fd 132 --unpack --auto-deconfigure /var/cache/apt/archives
> 1923 ?SN 0:00 \_ /usr/bin/perl
> -w /usr/share/debconf/frontend /var/lib/dpkg/info/unattended-up
> 1926 ?SN 0:00 \_ /bin/sh
> /var/lib/dpkg/info/unattended-upgrades.postinst abort-upgrade 0.7
> 1929 ?SN 0:00 \_ /bin/sh
> /usr/sbin/invoke-rc.d unattended-upgrades start
> 1945 ?SN 0:00 \_
> /bin/sh /etc/init.d/unattended-upgrades start
> 1946 ?SN 0:00 \_
> python /usr/share/unattended-upgrades/unattended-upgrade-shut
>
> A final "kill 1946" made it stop all u-a processes and
> /etc/cron.daily/apt (the other cron daily tasks continued to run).
>
> A manual "apt-get dist-upgrade" completed the upgrade and
> configuration of all packages left:
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Calculating upgrade... Done
> The following packages have been kept back:
> gnome-utils metacity
> The following packages will be upgraded:
> aptitude unattended-upgrades
> 2 upgraded, 0 newly installed, 0 to remove and 2 not upgraded.
> 39 not fully installed or removed.
> Need to get 3,909 kB/3,945 kB of archives.
> After this operation, 64.5 kB disk space will be freed.
> Do you want to continue [Y/n]?
> Get:1 http://ftp.ro.debian.org/debian/ unstable/main aptitude amd64
> 0.6.4-1.2 [3,909 kB]
> Fetched 3,909 kB in 1s (2,151 kB/s)
> Reading changelogs... Done
> Preconfiguring packages ...
> (Reading database ... 185672 files and directories currently installed.)
> Preparing to replace unattended-upgrades 0.72.3 (using
> .../unattended-upgrades_
Bug#646620: apt-get defunct when run on unattended-upgrades
On Tue, Oct 25, 2011 at 09:11:17PM +0200, Santiago Garcia Mantinan wrote: > Package: unattended-upgrades > Version: 0.62.2 > Severity: critical Thanks for your bugreport. > This is the status of this machine right now: > > root 1718 0.0 0.0 22912 1040 ?Ss Sep13 0:02 > /usr/sbin/cron > root 29687 0.0 0.0 33292 1100 ?SOct10 0:00 \_ > /USR/SBIN/CRON > root 29688 0.0 0.0 11072 1304 ?Ss Oct10 0:00 \_ > /bin/sh -c test -x /usr/sbin/anacron || ( cd / && run-parts --report > /etc/cron.daily ) > root 29689 0.0 0.0 11076 676 ?SOct10 0:00 \_ > /bin/sh -c test -x /usr/sbin/anacron || ( cd / && run-parts --report > /etc/cron.daily ) > root 29690 0.0 0.0 3852 588 ?SOct10 0:00 > \_ run-parts --report /etc/cron.daily > root 29692 0.0 0.0 0 0 ?ZOct10 0:00 > \_ [apt] > > As you can see it is 25th Oct now and the apt that is in a zombie state is > from the 10th, I've seen this happen on i386 and amd64 arches at least in > stable, I can't confirm if this has happened on testing/sid as well, but I > think I has happened to me on those as well before. Thanks for this output, this is puzzling. So this ps output indicates that the script /etc/cron.daily/apt itself is in a zombie state. That means that run-parts has not collected the result of the apt cron shell script. Do you have anything in the logs (e.g. /var/log/unattended-upgrades.log or /var/log/apt/history.log) from around this time that might give a clue why this happend? Does this mean that since the 10th no other cron.daily runs for apt happend? > It seems weird I have not found this bug as it is hitting me from some time > now on machines at work and at home, I tried to look at /proc a bit to find > info on the process but didn't know what to look for and didn't find > anything relevant. > > I hope to hear back from you soon and leave the process in that state in > case you want to have a look at some of the data of the running process or > similar. It might be interessting to get a "strace -p 29690" to see what the parent is doing and if its waiting for a different PID maybe? > Please tell me how to proceed from here as I don't know what info to add I > can tell you that this doesn't always happen, it happens from time to time. > > I'm setting some of the machines with APT::Periodic::Verbose 3; to gather > some info on other machines that are also seing this. I think that is the best course of action for now, I would really like to know what happend before this process exited and turned into a zombie. Cheers, Michael P.S. I might be a bit slow responding in the next days as I will be traveling, but I will do my best to keep up. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#624148: asterisk-config: System goes down due to unattended-upgrades
On Thu, Apr 28, 2011 at 08:51:15AM -0500, John Goerzen wrote: > On 04/28/2011 02:36 AM, Michael Vogt wrote: > >The code in unattended-upgrades should catch conffile changes like > >this, so this looks like you hit a bug in that detection. Or the [..] > I ultimately sent it here because I don't think that a security > patch should be attempting to modify my config files anyway. > Security updates should just install automatically with minimal > impact on the system. I can't recall the last time I've had one > that does this. Do you know if it was necessary? I agree, I think conffile changes like this should be avoided if possible. I looked at the diff for the conffile prompt and it appears its not really needed but I'm not familiar enough with the package to properly judge. Still, u-n should be able to handle it :) > That said, u-a didn't do a very intelligent thing here either. I pushed a fix for the bug into: bzr get http://bzr.debian.org/apt/unattended-upgrades/debian-squeeze and prepared a update to stable. The asterisk package will now be held back from the upgrade and unattended-upgrades warns about that in its logfile and in the mail that is send out (as expected). It does not print anything to stdout though so it will not trigger cron mails. This was part of the original design, but thinking further about it I wonder if it should, just to make sure that the users are aware of it (i.e. I wonder if people bother checking the logs/mails every now and then). Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#624148: asterisk-config: System goes down due to unattended-upgrades
On Thu, Apr 28, 2011 at 08:51:15AM -0500, John Goerzen wrote: > On 04/28/2011 02:36 AM, Michael Vogt wrote: > >The code in unattended-upgrades should catch conffile changes like > >this, so this looks like you hit a bug in that detection. Or the > > Hi Michael, > > Yeah, I wasn't sure exactly where to send this bug report. Maybe I > should have sent another one there. Thanks for bringing it to my attention, I'm looking into the issue with unattended-upgrades now. > I ultimately sent it here because I don't think that a security > patch should be attempting to modify my config files anyway. > Security updates should just install automatically with minimal > impact on the system. I can't recall the last time I've had one > that does this. Do you know if it was necessary? I don't know, sorry. I just looked at the diff and its a commented out change, so I doubt its strictly necessary. > That said, u-a didn't do a very intelligent thing here either. Indeed, I'm debugging this currently and keep you updated. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#624148: asterisk-config: System goes down due to unattended-upgrades
On Mon, Apr 25, 2011 at 08:05:17PM -0500, John Goerzen wrote:
> Package: asterisk-config
> Version: 1:1.6.2.9-2+squeeze2
> Severity: grave
> Justification: renders package unusable
Thanks for your bugreport.
> I use unattended-upgrades to provide security updates. This normally works
> fine,
> and although I expect that an upgrade might take down Asterisk for a few
> minutes,
> this took the system down and did not bring it back up. I'm going to guess
> it was
> related to this:
The code in unattended-upgrades should catch conffile changes like
this, so this looks like you hit a bug in that detection. Or the
asterisk package is modifiying by some out-of-band mechanism like in a
maintainer script. That case is not handled by u-n and the failure
below is to be expected (the program could do better by providing a
default answer, but its hard to pick a good default here :/).
What version of unattended-upgrades did you use? The regular 0.62.2
from squeeze?
Thanks,
Michael
> Setting up asterisk-config (1:1.6.2.9-2+squeeze2) ...
>
> Configuration file `/etc/asterisk/sip.conf'
> ==> Modified (by you or by a script) since installation.
> ==> Package distributor has shipped an updated version.
>What would you like to do about it ? Your options are:
> Y or I : install the package maintainer's version
> N or O : keep your currently-installed version
> D : show the differences between the versions
> Z : start a shell to examine the situation
> The default action is to keep your current version.
> *** sip.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing
> asterisk-config (--configure):
> EOF on stdin at conffile prompt
>
> I can't imagine why the shipped conffile would have had to change for a
> security update.
>
> And, indeed:
>
> dpkg: dependency problems prevent configuration of asterisk:
> asterisk depends on asterisk-config (= 1:1.6.2.9-2+squeeze2) |
> asterisk-config-custom; however:
> Package asterisk-config is not configured yet.
> Package asterisk-config-custom is not installed.
> dpkg: error processing asterisk (--configure):
> dependency problems - leaving unconfigured
> Setting up asterisk-doc (1:1.6.2.9-2+squeeze2) ...
> configured to not write apport reports
> Errors were encountered while processing:
> asterisk-config
> asterisk
>
>
> Unattended-upgrades log:
> Initial blacklisted packages:
> Starting unattended upgrades script
> Allowed origins are: ["('Debian', 'stable')", "('Debian',
> 'squeeze-security')"]
> Packages that are upgraded: asterisk asterisk-config asterisk-doc
> asterisk-sounds-main
> Writing dpkg log to
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2011-04-25_16:35:07.929825.log'
> Installing the upgrades failed!
> error message: 'E:Sub-process /usr/bin/dpkg returned an error code (1)'
> dpkg returned a error! See
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2011-04-25_16:35:07.929825.log'
> for details
>
>
> -- System Information:
> Debian Release: 6.0.1
> APT prefers stable
> APT policy: (990, 'stable')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores)
> Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
> Shell: /bin/sh linked to /bin/bash
>
> asterisk-config depends on no packages.
>
> Versions of packages asterisk-config recommends:
> pn asterisk (no description available)
>
> asterisk-config suggests no packages.
>
> -- no debconf information
>
>
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#613859: python-apt: FTBFS: SyntaxError: invalid syntax
On Thu, Feb 17, 2011 at 08:46:29PM +0100, Jakub Wilk wrote: > Source: python-apt > Version: 0.7.100.1 > Severity: serious > Justification: fails to build from source > Tags: sid Thanks for your bugreport. This is actually a bug in python-distutils-extra, it uses a feature not yet available for pyhton2.5 in the latest upload. All packages that use it will fail to build. Cheers, michael > python-apt FTBFS in a clean up-to-date sid chroot. Tail of the build > log: > > | fakeroot debian/rules clean > | dh --with python2,python3 clean > |dh_testdir > |dh_auto_clean > | running clean > | 'build/lib.linux-i686-2.6-pydebug' does not exist -- can't clean it > | 'build/bdist.linux-i686' does not exist -- can't clean it > | 'build/scripts-2.6' does not exist -- can't clean it > | [77848 refs] > | /usr/lib/python2.5/site-packages/DistUtilsExtra/auto.py:348: Warning: 'as' > will become a reserved keyword in Python 2.6 > | Traceback (most recent call last): > | File "setup.py", line 13, in > | from DistUtilsExtra.auto import clean_build_tree > | File "/usr/lib/python2.5/site-packages/DistUtilsExtra/auto.py", line 348 > | except SyntaxError as e: > | ^ > | SyntaxError: invalid syntax > | [9007 refs] > | dh_auto_clean: python2.5-dbg setup.py clean -a returned exit code 1 > > -- > Jakub Wilk > > > > -- > To UNSUBSCRIBE, email to deity-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org > Archive: http://lists.debian.org/20110217194629.ga8...@jwilk.net > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#610333: unattended-upgrades: delaying hibernation until crob job finishes is unacceptable
On Mon, Jan 17, 2011 at 06:30:38PM +0100, Bjørn Mork wrote: > Package: unattended-upgrades > Version: 0.62.2 > Severity: critical > Justification: breaks unrelated software > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > The hook /etc/pm/sleep.d/10_unattended-upgrades-hibernate deliberately breaks > pm-utils by preventing the system from hibernating while unattended-upgrades > is running. There is absolutely *no* relation between unattended-upgrades and > pm-utils. Any process running at the time of hibernation could consider > itself > just as important as unattended-upgrades, thereby preventing the system from > ever hibernating. > > Please refrain from abusing such hook interfaces, even if they lack a proper > policy. Thanks. Thanks for your bugreport. unattended-upgrades is special in the way that while it runs packages are "broken" if you shutdown during a long package install your system is unbootable in the worst case (because of kernel/X upgrade that has not quite finished). The intention of the hook is to delay the hibernation until the packages have finished installing. I'm open for better suggestions but it seems preferable to delay hibernation than to potentially break the system. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
On Wed, Sep 29, 2010 at 08:09:14PM +0200, Piotr Ożarowski wrote: > [Piotr Ozarowski, 2010-09-29] > > attached > > here's a version of the patch that also uses dh_python2 (so that > python-central is not needed anymore) Many thanks for that patch! I commited it to bzr and uploaded a new version :) Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#598432: python-apt: upgrade fails
On Wed, Sep 29, 2010 at 08:22:56PM +0200, Julian Andres Klode wrote: > On Mi, 2010-09-29 at 19:51 +0200, Piotr Ozarowski wrote: > > tags 598432 + patch > > thanks > > > > [Piotr Ożarowski, 2010-09-29] > > > I'll try to send you a patch this evening > > > > attached > > > > Luca: If python-apt maintainers will decide to use my patch, please > > fast-process it in NEW if possible (it's part of the python3 in Squeeze > > goal we talked about before, TIA) Thanks for the new patch! > Maybe you missed it, but I already wrote 5 hours ago that doko provided > a patch[1] and mvo is testing it already. We should probably merge both > patches into a single one. The patch from doko has some issues and I was too busy this afternoon to properly fix them, the new one looks much better, I test-build it currently. They are both very similar, but the one from Piotr is working better. Thanks, Michael > [1] http://people.canonical.com/~doko/tmp/3.diff > -- > Julian Andres Klode - Debian Developer, Ubuntu Member > > See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. > > -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#596408: Only segmentation faults when called...
On Fri, Sep 24, 2010 at 07:28:08PM +0100, Steven Chamberlain wrote:
> On 24/09/10 18:33, Steven Chamberlain wrote:
> >>python/acquire.cc: In function 'PyObject* PkgAcquireNew(PyTypeObject*,
> >>PyObject*, PyObject*)':
> >>python/acquire.cc:331: warning:
> >>'pkgAcquire::pkgAcquire(pkgAcquireStatus*)' is deprecated (declared at
> >>/usr/include/apt-pkg/acquire.h:352)
[..]
> --- python-apt-0.7.97.1~orig/python/acquire-item.cc 2010-05-19
> 11:48:44.0 +0100
> +++ python-apt-0.7.97.1/python/acquire-item.cc2010-09-24
> 19:07:39.0 +0100
> @@ -162,7 +162,7 @@
> return 0;
> return PyString_FromFormat("<%s object: "
> "Status: %i Complete: %i Local: %i IsTrusted:
> %i "
> - "FileSize: %lu DestFile:'%s' "
> + "FileSize: %llu DestFile:'%s' "
> "DescURI: '%s' ID:%lu ErrorText: '%s'>",
> Self->ob_type->tp_name,
> Itm->Status, Itm->Complete, Itm->Local,
> Itm->IsTrusted(),
One more odd thing I discovered is that %llu apparently is only
available in python 2.7+ (see [1]). When it encounters the first
unknown format string it stops. That is what I see in the debug
output, %llu and no further strings. That is rather unfortunate from
python.
I guess PyString_FromFormat() in 2.6 can not be used for this and a
normal snprintf() is required on older python versions.
Cheers,
Michael
[1] http://docs.python.org/c-api/string.html
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#596408: Only segmentation faults when called...
On Fri, Sep 24, 2010 at 07:28:08PM +0100, Steven Chamberlain wrote:
> On 24/09/10 18:33, Steven Chamberlain wrote:
> >>python/acquire.cc: In function 'PyObject* PkgAcquireNew(PyTypeObject*,
> >>PyObject*, PyObject*)':
> >>python/acquire.cc:331: warning:
> >>'pkgAcquire::pkgAcquire(pkgAcquireStatus*)' is deprecated (declared at
> >>/usr/include/apt-pkg/acquire.h:352)
>
> Actually, here's our culprint:
>
> >python/acquire-item.cc: In function 'PyObject* acquireitem_repr(PyObject*)':
> >python/acquire-item.cc:170: warning: format '%lu' expects type 'long
> >unsigned int', but argument 7 has type 'long long unsigned int'
>
> A 'long unsigned int' became a 'long long unsigned int', but on
> amd64 those data types are the same, which is why we only saw an
> issue on i386.
[..]
It turns out that there are two more issues in the code, I attached a
updated patch. Could you please give it a try and see if its good or
causing any issues?
Thanks,
Michael
=== modified file 'python/acquire-item.cc'
--- python/acquire-item.cc 2010-06-01 15:14:30 +
+++ python/acquire-item.cc 2010-09-24 19:25:37 +
@@ -65,7 +65,7 @@
static PyObject *acquireitem_get_filesize(PyObject *self, void *closure)
{
pkgAcquire::Item *item = acquireitem_tocpp(self);
-return item ? Py_BuildValue("i", item->FileSize) : 0;
+return item ? Py_BuildValue("K", item->FileSize) : 0;
}
static PyObject *acquireitem_get_id(PyObject *self, void *closure)
@@ -95,7 +95,7 @@
static PyObject *acquireitem_get_partialsize(PyObject *self, void *closure)
{
pkgAcquire::Item *item = acquireitem_tocpp(self);
-return item ? Py_BuildValue("i", item->PartialSize) : 0;
+return item ? Py_BuildValue("K", item->PartialSize) : 0;
}
static PyObject *acquireitem_get_status(PyObject *self, void *closure)
@@ -162,7 +162,7 @@
return 0;
return PyString_FromFormat("<%s object: "
"Status: %i Complete: %i Local: %i IsTrusted: %i "
- "FileSize: %lu DestFile:'%s' "
+ "FileSize: %llu DestFile:'%s' "
"DescURI: '%s' ID:%lu ErrorText: '%s'>",
Self->ob_type->tp_name,
Itm->Status, Itm->Complete, Itm->Local, Itm->IsTrusted(),
Bug#596408: Only segmentation faults when called...
On Fri, Sep 24, 2010 at 07:28:08PM +0100, Steven Chamberlain wrote: > On 24/09/10 18:33, Steven Chamberlain wrote: > >>python/acquire.cc: In function 'PyObject* PkgAcquireNew(PyTypeObject*, > >>PyObject*, PyObject*)': > >>python/acquire.cc:331: warning: > >>'pkgAcquire::pkgAcquire(pkgAcquireStatus*)' is deprecated (declared at > >>/usr/include/apt-pkg/acquire.h:352) > > Actually, here's our culprint: > > >python/acquire-item.cc: In function 'PyObject* acquireitem_repr(PyObject*)': > >python/acquire-item.cc:170: warning: format '%lu' expects type 'long > >unsigned int', but argument 7 has type 'long long unsigned int' [..] > Please try rebuilding python-apt with my patch to fix this, attached. [..] > It's working for me on the same 32-bit squeeze OpenVZ VE that I > reproduced the bug on, and I've also tested this on a native amd64 > system to ensure the patched version still works on that > architecture too. > > Thank you everyone for your help to reproduce and debug this. [..] You rock! Thanks a lot for this patch, I commit it to the python-apt bzr repository now and it will be part of the next upload. Thanks! Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#596408: Only segmentation faults when called...
On Fri, Sep 24, 2010 at 05:05:02PM +0100, Steven Chamberlain wrote: > On 24/09/10 15:29, Anthony Callegaro wrote: > >Can you try a 32 bits version or do you want me to give you a SSH access > >to one test VZ ? [..] > python-apt 0.7.96.1 works fine, but is only installable with older > packages apt-utils 0.7.25.3 and apt 0.7.25.3 > > If I upgrade to python-apt 0.7.97.1, which requires newer apt-utils > 0.8.0 and apt 0.8.0, the segfault happens quite consistently when > trying to upgrade any package. An easy way to trigger this is to > downgrade something older version, eg. tzdata 2010k-1, and then it > will try (and fail) to upgrade to the latest version from testing. [..] Let me first say a big THANK YOU (to you and the rest of the people helping with this report) for the excellent report and the level of detail. I would appreciate feedback if the different python-apt version make a difference. I more suspect that its the new apt/libapt (the amount of changes in python-apt is relatively small), any more findings/information about that will help. Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#594369: [patch] fix
Hi,
attached is a patch that should fix the problem.
Cheers,
Michael
Index: apt-transport-debtorrent-0.1.1ubuntu1/connect.cc
===
--- apt-transport-debtorrent-0.1.1ubuntu1.orig/connect.cc 2007-11-13 15:53:38.0 +0100
+++ apt-transport-debtorrent-0.1.1ubuntu1/connect.cc 2007-11-13 16:11:45.0 +0100
@@ -18,6 +18,7 @@
#include
#include
#include
+#include
// Internet stuff
#include
@@ -66,12 +67,10 @@
wrong this will get tacked onto the end of the error message */
if (LastHostAddr->ai_next != 0)
{
- char Name2[NI_MAXHOST + NI_MAXSERV + 10];
- snprintf(Name2,sizeof(Name2),"[IP: %s %s]",Name,Service);
- Owner->SetFailExtraMsg(string(Name2));
- }
- else
- Owner->SetFailExtraMsg("");
+ std::stringstream ss;
+ ioprintf(ss, "[IP: %s %s]",Name,Service);
+ Owner->SetIP(ss.str());
+ }
// Get a socket
if ((Fd = socket(Addr->ai_family,Addr->ai_socktype,
@@ -88,7 +87,7 @@
/* This implements a timeout for connect by opening the connection
nonblocking */
if (WaitFd(Fd,true,TimeOut) == false) {
- Owner->SetFailExtraMsg("\nFailReason: Timeout");
+ Owner->SetFailReason("Timeout");
return _error->Error("Could not connect to %s:%s (%s), "
"connection timed out",Host.c_str(),Service,Name);
}
@@ -103,7 +102,7 @@
{
errno = Err;
if(errno == ECONNREFUSED)
- Owner->SetFailExtraMsg("\nFailReason: ConnectionRefused");
+ Owner->SetFailReason("ConnectionRefused");
return _error->Errno("connect","Could not connect to %s:%s (%s).",Host.c_str(),
Service,Name);
}
@@ -168,7 +167,7 @@
if (Res == EAI_AGAIN)
{
- Owner->SetFailExtraMsg("\nFailReason: TmpResolveFailure");
+ Owner->SetFailReason("TmpResolveFailure");
return _error->Error("Temporary failure resolving '%s'",
Host.c_str());
}
Bug#549312: Looks as if this only occurs with more than 1 dvd
On Tue, Jan 19, 2010 at 10:29:24AM +, ael wrote: > This bug is still present on all my machines including on a netbook > with a freshly installed squeeze. > > However, I am fairly sure that it only occurs when multiple dvds > need to be mounted (necessarily sequentially, since there is only > a single mount point). It is as if the path to the deb on the earlier > dvds is cached somewhere: the dvd is changed, and when that cached path > is used later, it is, of course, no longer valid. > > This bug would seem to make debian installation from multiple DVDs > nearly impossible: so pretty serious for those without high > bandwidth connections. I debugged the multi cdrom install today and fixed a bug in it, it works for me now. The fix is in bzr and we plan another point release soon (hopefully this weekend) that includes this fix and some more fixes from David. It would be nice if you could test once its available and see if it fixes the bug you see as well. You can build directly from bzr if you want to test it right away too: $ bzr get http://bzr.debian.org/bzr/apt/apt/debian-sid/ $ cd debian-cd $ bzr-buildpackage (bzr-buildpackage needs the bzr-builddeb package). Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#561852: apt: Method http has died unexpectedly (undefined symbol:)
On Sun, Dec 20, 2009 at 12:31:06PM -0430, Ramon Ramos wrote: > Package: apt > Version: 0.7.25 > Justification: renders package unusable > Severity: grave > > Hi guys. the system show me this message when i try to update it, > > Zen2:/home/ramon# apt-get update > 0% [Conectando a ftp.debian.org (130.89.149.226)]/usr/lib/apt/methods/http: > symbol lookup error: /usr/lib/apt/methods/http: undefined symbol: > _Z14maybe_add_authR3URISs > E: Method http has died unexpectedly! > E: El subproceso http devolvió un código de error (127) Can you please give me the output of: $ ldd /usr/lib/apt/methods/http and $ ls -l /usr/lib/libapt-pkg-libc6.9-6.so.4.8 Thanks, Michael > -- Package-specific info: > > -- apt-config dump -- > > APT ""; > APT::Architecture "i386"; > APT::Build-Essential ""; > APT::Build-Essential:: "build-essential"; > APT::Install-Recommends "1"; > APT::Install-Suggests "0"; > APT::Acquire ""; > APT::Acquire::Translation "environment"; > APT::Authentication ""; > APT::Authentication::TrustCDROM "true"; > APT::NeverAutoRemove ""; > APT::NeverAutoRemove:: "^linux-image.*"; > APT::NeverAutoRemove:: "^linux-restricted-modules.*"; > Dir "/"; > Dir::State "var/lib/apt/"; > Dir::State::lists "lists/"; > Dir::State::cdroms "cdroms.list"; > Dir::State::userstatus "status.user"; > Dir::State::status "/var/lib/dpkg/status"; > Dir::Cache "var/cache/apt/"; > Dir::Cache::archives "archives/"; > Dir::Cache::srcpkgcache "srcpkgcache.bin"; > Dir::Cache::pkgcache "pkgcache.bin"; > Dir::Etc "etc/apt/"; > Dir::Etc::sourcelist "sources.list"; > Dir::Etc::sourceparts "sources.list.d"; > Dir::Etc::vendorlist "vendors.list"; > Dir::Etc::vendorparts "vendors.list.d"; > Dir::Etc::main "apt.conf"; > Dir::Etc::parts "apt.conf.d"; > Dir::Etc::preferences "preferences"; > Dir::Etc::preferencesparts "preferences.d"; > Dir::Bin ""; > Dir::Bin::methods "/usr/lib/apt/methods"; > Dir::Bin::dpkg "/usr/bin/dpkg"; > Dir::Log "var/log/apt"; > Dir::Log::Terminal "term.log"; > DPkg ""; > DPkg::Pre-Install-Pkgs ""; > DPkg::Pre-Install-Pkgs:: "/usr/sbin/apt-listbugs apt || exit 10"; > DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true"; > DPkg::Tools ""; > DPkg::Tools::Options ""; > DPkg::Tools::Options::/usr/sbin/apt-listbugs ""; > DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2"; > > -- /etc/apt/preferences -- > > > Explanation: Pinned by apt-listbugs at Mon Dec 07 01:00:34 -0430 2009 > Explanation: #559135: gedit-latex-plugin: installation fails > Package: gedit-latex-plugin > Pin: version 0.2rc2-2 > Pin-Priority: 1000 > > Explanation: Pinned by apt-listbugs at Tue Dec 08 22:23:03 -0430 2009 > Explanation: #547038: Still dash vs bash problems > Package: bash > Pin: version 4.0-4 > Pin-Priority: 1000 > > -- /etc/apt/sources.list -- > > > # deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 > 20070820-20:21]/ etch contrib main > > > # deb cdrom:[Debian GNU/Linux 4.0 r1 _Etch_ - Official i386 NETINST Binary-1 > 20070820-20:21]/ etch contrib main > > deb http://ftp.debian.org/debian/ unstable main non-free contrib > deb-src http://ftp.debian.org/debian/ unstable main non-free contrib > > # deb http://debian.unesr.edu.ve/debian/ unstable main non-free contrib > # deb-src http://debian.unesr.edu.ve/debian/ unstable main non-free contrib > > > > # deb http://ppa.launchpad.net/synce/ubuntu/ hardy main > # deb-src http://security.debian.org/ unstable/updates main contrib > non-free > > # deb http://people.debian.org/~stigge/packages/ ./ > # deb-src http://people.debian.org/~stigge/packages/ ./ > > # deb http://mirror-01.cantv.net/debian/ sid main non-free contrib > > # deb http://mirror-01.cantv.net/debian-security/ sid main non-free contrib > > -- System Information: > Debian Release: squeeze/sid > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: i386 (i686) > > Kernel: Linux 2.6.31-1-686-bigmem (SMP w/2 CPU cores) > Locale: LANG=es_VE.UTF-8, LC_CTYPE=es_VE.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/bash > > Versions of packages apt depends on: > ii debian-archive-keyring2009.01.31 GnuPG archive keys of the > Debian a > ii libc6 2.10.2-2 GNU C Library: Shared libraries > ii libgcc1 1:4.4.2-5 GCC support library > ii libstdc++64.4.2-5The GNU Standard C++ Library v3 > > apt recommends no packages. > > Versions of packages apt suggests: > pn apt-doc(no description available) > ii aptitude 0.6.1.3-3 terminal-based package manager > (te > ii bzip2 1.0.5-3high-quality block-sorting file > co > ii dpkg-dev 1.15.4.1 Debian package development > tools > ii lzma 4.43-14Compression method of 7z format > in > ii python-apt0.7.13.4 Python interface to libapt-pkg > ii synaptic 0.63
Bug#554349: apt: Method rred has died unexpectedly!
On Wed, Nov 04, 2009 at 11:12:25AM +0100, David Kalnischkies wrote:
> tags 554349 + confirmed
> thanks
>
> Hello Faheem Mitha & all other co-bug-reporters :)
>
> First of all: Thanks for the report!
>
> I have currently no time to dig into it a bit deeper,
> (hopefully i can do it tonight or tomorrow)
> but my first guess is an overflow of an internal variable:
> apt-get update -o Debug::pkgAcquire::RRed=1 -qq
> results in 65,442 lines of output which is near the value
> of a signed integer (65,535).
>
> A patch of this size (~9 MB) is a bit uncommon as it
> is bigger than the complete download of the new file.
> It would be good if APT could detect it... we will see. :)
[..]
Attached is a patch that should add detection for patches that are
bigger than the actual file to patch. Unfortuantely I can no longer
reproduce the failure. Testing/feedback is welcome.
Cheers,
Michael
=== modified file 'apt-pkg/acquire-item.cc'
--- apt-pkg/acquire-item.cc 2009-06-30 19:37:30 +
+++ apt-pkg/acquire-item.cc 2009-11-04 17:07:24 +
@@ -247,7 +247,7 @@
std::clog << "SHA1-Current: " << ServerSha1 << std::endl;
// check the historie and see what patches we need
- string history = Tags.FindS("SHA1-History");
+ string history = Tags.FindS("SHA1-History");
std::stringstream hist(history);
while(hist >> d.sha1 >> size >> d.file)
{
@@ -258,6 +258,16 @@
// from that point on, we probably need all diffs
if(found)
{
+ string sha1, size, file;
+ std::stringstream patches(Tags.FindS("SHA1-Patches"));
+ while(patches >> sha1 >> size >> file) {
+ if (sha1 == d.sha1 && atoi(size.c_str()) > fd.Size()) {
+ std::clog << "patch size bigger than package file size?!?" << std::endl;
+ return false;
+ }
+ }
+
+
if(Debug)
std::clog << "Need to get diff: " << d.file << std::endl;
available_patches.push_back(d);
=== modified file 'apt-pkg/acquire-item.h'
--- apt-pkg/acquire-item.h 2009-06-30 19:37:30 +
+++ apt-pkg/acquire-item.h 2009-11-04 16:55:25 +
@@ -267,10 +267,10 @@
/** The filename of the diff. */
string file;
- /** The sha1 hash of the diff. */
+ /** The sha1 hash of the patched file. */
string sha1;
- /** The size of the diff. */
+ /** The size of the patched file. */
unsigned long size;
};
/*}}}*/
=== modified file 'debian/changelog'
--- debian/changelog 2009-10-29 10:53:01 +
+++ debian/changelog 2009-11-04 14:56:53 +
@@ -9,6 +9,8 @@
* apt-pkg/packagemanager.cc:
- add output about pre-depends configuring when debug::pkgPackageManager
is used
+ * apt-pkg/acquire-item.cc:
+- ignore patches if the patch is larger than the file
[ Brian Murray ]
* apt-pkg/depcache.cc, apt-pkg/indexcopy.cc:
Bug#554349: apt: Method rred has died unexpectedly!
It turns out that the unusual size of the diff causes a the stack to overflow, a different workaround is "ulimit -s 12288" (or something like that). Clearly its still a bug in rred.cc. -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#518473: lp:~mvo/apt/netrc branch
Hi, Thanks for the discussion and sorry that I'm so late joining it. I like the idea of havng a netrc like file so that the sources.list does not have to hold username/password anymore and I agree with David that we should support the netrc file for all protcols where it makes sense (ftp, http, https), not just https. I created a lp:~mvo/apt/netrc branch that adds the netrc parser from maemons apt (git://gitorious.org/maemo-af/apt.git, David pointed me to the branch) and I plan to merge that to the debian-sid branch soon. One issue that we need to think about is that it looks like netrc does support machine, user, password. But often we want different users/passwords for different urls on the same machine. I guess it makes sense to extend the code that it first looks at machine+url and fallback to machine (currently the code in the branch will only look at the host part). Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#548858: apt fails to upgrade
On Tue, Sep 29, 2009 at 09:52:29AM +0200, Norbert Preining wrote:
[..]
> ithrandir:~# apt-get upgrade
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
[..]
> 46 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.
> Need to get 0B/49.6MB of archives.
> After this operation, 541kB of additional disk space will be used.
> Do you want to continue [Y/n]?
> E: Internal Error, Could not perform immediate configuration (2) on perl
>
> Same with aptitude and anything else
[..]
The ordering algorithm is failing here (its too agressive when
propergating the Immediate flag), the attached patch seems to fix the
problem (and thanks to David Kalnischkies who debugged the failure
with me).
Cheers,
Michael
=== modified file 'apt-pkg/packagemanager.cc'
--- apt-pkg/packagemanager.cc 2009-07-21 16:31:36 +
+++ apt-pkg/packagemanager.cc 2009-09-29 13:43:54 +
@@ -122,7 +122,7 @@
/* This adds the immediate flag to the pkg and recursively to the
dependendies
*/
-void pkgPackageManager::ImmediateAdd(PkgIterator I, bool UseInstallVer)
+void pkgPackageManager::ImmediateAdd(PkgIterator I, bool UseInstallVer, unsigned const int &Depth)
{
DepIterator D;
@@ -140,12 +140,16 @@
for ( /* nothing */ ; D.end() == false; D++)
if (D->Type == pkgCache::Dep::Depends || D->Type == pkgCache::Dep::PreDepends)
{
+ // ignore dependencies if no instal/upgrade/remove is going to happen
+ if (D.TargetPkg() == 0 || Cache[D.TargetPkg()].Keep())
+ continue;
+
if(!List->IsFlag(D.TargetPkg(), pkgOrderList::Immediate))
{
if(Debug)
- clog << "ImmediateAdd(): Adding Immediate flag to " << I.Name() << endl;
+ clog << OutputInDepth(Depth) << "ImmediateAdd(): Adding Immediate flag to " << D.TargetPkg() << " cause of " << D.DepType() << " " << I.Name() << endl;
List->Flag(D.TargetPkg(),pkgOrderList::Immediate);
- ImmediateAdd(D.TargetPkg(), UseInstallVer);
+ ImmediateAdd(D.TargetPkg(), UseInstallVer, Depth + 1);
}
}
return;
=== modified file 'apt-pkg/packagemanager.h'
--- apt-pkg/packagemanager.h 2008-01-03 10:25:58 +
+++ apt-pkg/packagemanager.h 2009-09-29 13:41:50 +
@@ -49,7 +49,7 @@
bool Debug;
bool DepAdd(pkgOrderList &Order,PkgIterator P,int Depth = 0);
- void ImmediateAdd(PkgIterator P, bool UseInstallVer);
+ void ImmediateAdd(PkgIterator P, bool UseInstallVer, unsigned const int &Depth = 0);
virtual OrderResult OrderInstall();
bool CheckRConflicts(PkgIterator Pkg,DepIterator Dep,const char *Ver);
bool CreateOrderList();
Bug#543669: synaptic crashes on specific package selection
On Sun, Sep 06, 2009 at 12:28:14PM -0400, Tony Freeman wrote: > I too experienced this bug but after some playing around I found that it was > a specific package causing he crash. The very last package listed in > "Status: Installed (auto removable)" seems to be the culprit ... in my case > it is openoffice.org-writer2latex. If that package is selected from > anywhere (search, filter, etc) the program will crash. > > I suspect that it may not be the package at all, but rather the > treeview/treemodel logic used ... could the iter be incremented one too many > times? I fixed a crash in 0.62.9 recently that looks like it might be the same. Could you please try to reporduce this failure with the new version? Thanks, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#523213: /etc/cron.daily/apt does not check return code of date
On Wed, Apr 08, 2009 at 05:39:37PM -0500, Jamie Strandboge wrote: > Package: apt > Version: 0.7.20.2 > Severity: grave > Tags: security patch > Justification: user security hole [..] Thanks for the bugreport and the patch. I merged the patch into the debian-sid bzr branch. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#514402: FTBFS: non-valid XML document doc/apt-get.8.xml
On Sat, 07 Feb 2009 15:50:38 +0200, "Eugene V. Lyubimkin" said: > Hello Daniel, > > Daniel Leidert wrote: > > Reassigning back. Fix(es) attached. > > > > Hi guys, > > > > xmlto reports you an error in an XML document, which is clearly a bug in > > apt, not in xmlto. The recent change in xmlto added a switch to the > > xmllint call to resolve entities in XML documents. Thus the resulting > > document resolves to: > [snip] > > For the moment I suggest you simply use option (a) for which I attached > > the fix and change to option (b) later (snippet attached too). > Hello Daniel, thanks for explanation and fix. > > Hello Otavio, hello Michael, please upload the fix with the 'medium' > severity. I cannot > even prepare the upload because debian-sid branch doesn't contain valid > 0.7.20.1 entry by > the time of writing. Thanks Eugene for your quick action on this and sorry for the branch inconsistency.I commited the outstanding entry and merged the 0.7.20.2 upload into the branch, it should be consistent again. Cheers, Michael -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#501253: Reappear on 0.7.19
On Tue, Nov 25, 2008 at 07:08:10AM +0100, Christian Perrier wrote: > Quoting Deng Xiyue ([EMAIL PROTECTED]): > > Followup-For: Bug #501253 [..] > > Now apt-utils 0.7.19 brings back libdb4.4 again, at least on i386. > > Hope it's just a unclean build environment. If it is the case, it'll > > be great for apt maintianers to consider using clean chroot like > > pbuilder so that it won't happen again. > > > Indeed. Michael, don't you build APT with pbuilder? *cough* that is indeed a bit embarrassing. I normally use a virtual machine for my building (that is a pretty clear install), however my HDD broke a couple of days ago and I had to restore it from a backup. This is why the problem reappeared :/ Cheers, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#495331: 495331
Hi, I noticed that this bug got reopened. If this still affects you, could you please: - check if the current 0.7.16 version of apt is installed - if it still fails with that, could you please attach your /etc/apt/sources.list and everything in /etc/apt/sources.list.d ? I was not able to reproduce this anymore with german (or french) and stable, testing, unstable, security and volatile in my sources.list - apt-cache stats gives me 55k descriptions with german. Don't get me wrong, I think the current limit is a problem, but personally I think its not a RC problem if its not triggered with stable+testing+unstable. The patch to increase the limit will be applied once development is fully open again but for now I think rebuilding the dependencies of apt because of the ABI break is not ideal. I'm happy to reconsider if the release managers think its not a problem (with bin-NMU etc) or if new evidence suggests its triggered more easily (e.g. by adding dvd/cd sets etc). Thanks, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400768: Please test the version in experimental
Hi, I uploaded a new version of apt into experimental that hopefully fixes the issue (its not experimental, I jut put it there because of extra carefulness). Please test and give me feedback. Thanks, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400768: duplicate detection
Hi, I had a look at the source and the output of "apt-cache stats" and it looks like the problem is that libapt does not detect duplicated description version. I.e. if ftp.de.debian.org and ftp.debian.org are present in the sources.list, that doubles the amount of descrptions it seems. I'm looking into that. Cheers, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#475611: NMU for unattended-upgrades: Missing dependency on apt (>= 0.7.0)
On Sat, Jun 14, 2008 at 03:52:24PM +0200, Bas Zoetekouw wrote:
> tag 475611 + pending
> thanks
>
> Hi!
>
> I'm planning to upload an NMU to fix bug #475611 in
> unattended-upgrades. The diff with the previous version is reproduced
> below.
Thanks for the debdiff. I'm fine with that NMU, I can can do the
upload for this myself too if you are want me to (I don't mind either
way).
Thanks,
Michael
> Bas.
>
>
> diff -Nabur unattended-upgrades-0.25.1debian1.eerst/debian/changelog
> unattended-upgrades-0.25.1debian1/debian/changelog
> --- unattended-upgrades-0.25.1debian1.eerst/debian/changelog 2007-06-07
> 13:38:05.0 +0200
> +++ unattended-upgrades-0.25.1debian1/debian/changelog2008-06-14
> 15:02:35.0 +0200
> @@ -1,3 +1,11 @@
> +unattended-upgrades (0.25.1debian1-0.1) unstable; urgency=low
> +
> + * Non-Maintainter Update (BSP)
> + * Add dependency on apt (>=0.7)
> +(closes: #475611)
> +
> + -- Bas Zoetekouw <[EMAIL PROTECTED]> Sat, 14 Jun 2008 14:55:51 +0200
> +
> unattended-upgrades (0.25.1debian1) unstable; urgency=low
>
>* documentation updated
> diff -Nabur unattended-upgrades-0.25.1debian1.eerst/debian/control
> unattended-upgrades-0.25.1debian1/debian/control
> --- unattended-upgrades-0.25.1debian1.eerst/debian/control2007-04-24
> 23:33:34.0 +0200
> +++ unattended-upgrades-0.25.1debian1/debian/control 2008-06-14
> 14:55:49.0 +0200
> @@ -8,7 +8,7 @@
>
> Package: unattended-upgrades
> Architecture: all
> -Depends: python, ${shlibs:Depends}, python-apt (>= 0.6.19), apt-utils
> +Depends: python, ${shlibs:Depends}, python-apt (>= 0.6.19), apt-utils, apt
> (>=0.7)
> Description: Install security upgrades automatically
> This package will download and install security upgrades automatically
> and unattended. It will take care to only install packages from the
>
> --
> +--+
> | Bas Zoetekouw | Sweet day, so cool, so calm, so bright, |
> || The bridall of the earth and skie: |
> | [EMAIL PROTECTED] | The dew shall weep thy fall tonight;|
> +|For thou must die. |
> +-+
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#464559: fixed in 0.7.11
Hi, this bug is fixed in version 0.7.11 of apt (rev. 1585..1586 in the debian-sid branch). If this is a problem for etch->lenny upgrades, this change needs to be either backported to etch or a workaround needs to be applied. There is some information in http://launchpad.net/bugs/217435 what can be done to work around the problem. Cheers, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#484535: piespy crashes with a gtk error
Do you use gij or the original sun-java? Make sure you are using sun-java5-jre or sun-java6-jre (see Bug #481988), and NOT gij Greets, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400874: I hope this is the right fix...
On Thu, Nov 30, 2006 at 10:56:52AM +0100, Andreas Henriksson wrote: > On Thu, Nov 30, 2006 at 08:49:26AM +0100, Jens Seidel wrote: > > If the buffer needs to be longer by one than Bins you probably also need > > +if (Bins.length() >= sizeof(Buffer)) > > Good catch, thanks! > > Updated patch attached. Thanks for your patch. Unfortunately this patch is not enough because BigBuf is deleted in the function but TokSplitString() does not make a copy of the buffer it is passed but just modifies it. So we return already deleted memory. I send a proposed patch that hopefully fixes this issue. I'm currently at the lsb-meeting so I'm a bit limited in my resources right now. But testing feedback would be great :) Cheers, Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#400874: [patch] proposed fix
Hi,
sorry for being coming in so late. Here is a patch that should fix the
problem by making the buffer grow dynamically. Please give it testing.
Just to double the buffersize does only buy us time, the code that
deals with BigBuf is broken in serveral ways.
Cheers,
Michael
diff -Nru /tmp/PbNjE929IO/apt-0.6.46.3/apt-pkg/deb/debsrcrecords.cc
/tmp/g7pQUgTOK3/apt-0.6.46.4/apt-pkg/deb/debsrcrecords.cc
--- /tmp/PbNjE929IO/apt-0.6.46.3/apt-pkg/deb/debsrcrecords.cc 2006-03-02
13:44:28.0 +
+++ /tmp/g7pQUgTOK3/apt-0.6.46.4/apt-pkg/deb/debsrcrecords.cc 2006-12-04
09:00:01.0 +
@@ -18,6 +18,8 @@
#include
#include
#include
+
+using std::max;
/*}}}*/
// SrcRecordParser::Binaries - Return the binaries field /*{{{*/
@@ -34,31 +36,20 @@
if (Bins.empty() == true || Bins.length() >= 102400)
return 0;
- // Workaround for #236688. Only allocate a new buffer if the field
- // is large, to avoid a performance penalty
- char *BigBuf = NULL;
- char *Buf;
- if (Bins.length() > sizeof(Buffer))
- {
- BigBuf = new char[Bins.length()];
- Buf = BigBuf;
- }
- else
+ if (Bins.length() >= BufSize)
{
- Buf = Buffer;
+ delete [] Buffer;
+ // allocate new size based on buffer (but never smaller than 4000)
+ BufSize = max((unsigned long)4000,
+ max((unsigned long)Bins.length()+1,2*BufSize));
+ Buffer = new char[BufSize];
}
- strcpy(Buf,Bins.c_str());
- if (TokSplitString(',',Buf,StaticBinList,
+ strcpy(Buffer,Bins.c_str());
+ if (TokSplitString(',',Buffer,StaticBinList,
sizeof(StaticBinList)/sizeof(StaticBinList[0])) == false)
- {
- if (BigBuf != NULL)
- delete BigBuf;
return 0;
- }
- if (BigBuf != NULL)
- delete BigBuf;
return (const char **)StaticBinList;
}
/*}}}*/
diff -Nru /tmp/PbNjE929IO/apt-0.6.46.3/apt-pkg/deb/debsrcrecords.h
/tmp/g7pQUgTOK3/apt-0.6.46.4/apt-pkg/deb/debsrcrecords.h
--- /tmp/PbNjE929IO/apt-0.6.46.3/apt-pkg/deb/debsrcrecords.h2006-03-02
13:44:28.0 +
+++ /tmp/g7pQUgTOK3/apt-0.6.46.4/apt-pkg/deb/debsrcrecords.h2006-12-04
08:54:43.0 +
@@ -24,9 +24,10 @@
FileFd Fd;
pkgTagFile Tags;
pkgTagSection Sect;
- char Buffer[1];
char *StaticBinList[400];
unsigned long iOffset;
+ char *Buffer;
+ unsigned long BufSize;
public:
@@ -49,10 +50,9 @@
};
virtual bool Files(vector &F);
- debSrcRecordParser(string File,pkgIndexFile const *Index) :
- Parser(Index),
- Fd(File,FileFd::ReadOnly),
- Tags(&Fd,102400) {};
+ debSrcRecordParser(string File,pkgIndexFile const *Index)
+ : Parser(Index), Fd(File,FileFd::ReadOnly), Tags(&Fd,102400),
+Buffer(0), BufSize(0) {}
};
#endif
Bug#388708: 388708: might want to hurry this along
On Sat, Oct 07, 2006 at 08:27:51AM +0200, Christian Perrier wrote: > Quoting Ross Boylan ([EMAIL PROTECTED]): > > http://bjorn.haxx.se/debian/testing.pl?package=apt says > > trying to update apt from 0.6.46 to 0.6.46.1 (candidate is 2 days old) > > * apt is only 2 days old. It must be 10 days old to go in. > > * apt is in freeze; contact debian-release if update is needed > > > > The second point suggests the fix will not go into testing without some > > help; the first point suggests it would take 10 days if handled > > automatically. > > > > It might be good to get this into testing sooner rather than later, > > since it fixes an RC bug. > > Yes. The upload should probably have been high urgency. But maybe > Michael had some reasons for using low. After all, we are in freeze > but we still have time to make stuff migrate to testing. The problem with automatic migration to etch is that we don't fully know the effects of Bug#390189 yet. The root of the problem is http://gcc.gnu.org/bugzilla/show_bug.cgi?id=29289 The g++ version in etch is not affected by this g++ problem, the version in sid is. This means that its probably not a good idea to just let apt migrate to testing. We may have to build it with the testing g++ and upload it to t-p-u :/ But lets hope that gcc upstream has some more information about it. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#388708: apt: Upgrading to this version makes status file unparseable
On Sun, Oct 01, 2006 at 06:31:36PM +0200, Jeroen van Wolffelaar wrote: > On Sun, Oct 01, 2006 at 12:04:48AM +0200, Michael Vogt wrote: > > --- apt-pkg/tagfile.h 2006-09-30 20:50:41 + > > +++ apt-pkg/tagfile.h 2006-09-30 21:35:25 + > > @@ -77,6 +77,7 @@ > > unsigned long Size; > > > > bool Fill(); > > + bool Resize(); > > This would (unnecessarily) change the ABI of libapt, requiring a shlibs > versioned bump. Fill() neither should've been part of the ABI (it makes > no sense to use it externally), but it is at the moment. > > This symbol should instead be placed in a "private:" section of the class > (without any explicit definition, symbols are public). For c++ the default access (if nothing else is specified) is "private:". According to http://developer.kde.org/documentation/other/binarycompatibility.html it is ok to add new non-virtual functions and won't break the ABI. > Otherwise, the patch logic is as far as I can see, correct. Thanks for reviewing it! Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#388708: apt: Upgrading to this version makes status file unparseable
[..]
On Fri, Sep 22, 2006 at 12:49:22AM -0500, Manoj Srivastava wrote:
> #_> aptitude -u
> ... upgrade ...
> #_> aptitude -vvv upgrade
> Reading package lists... Error!
> E: Unable to parse package file /var/lib/dpkg/status (1)
> E: The package lists or status file could not be parsed or opened.
> Reading package lists... Error!
> E: Unable to parse package file /var/lib/dpkg/status (1)
> E: The package lists or status file could not be parsed or opened.
[..]
I was able to reproduce this now (thanks for your help Manoj!). It
turned out that the buffer in the tagfile code was too small
(again!). The attached patch should fix the issue by allowing the
tagfile buffer to grow dynamically. Testing is very welcome.
Cheers,
Michael
--
Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo
=== modified file 'apt-pkg/tagfile.cc'
--- apt-pkg/tagfile.cc 2006-09-15 16:24:47 +
+++ apt-pkg/tagfile.cc 2006-09-30 21:34:13 +
@@ -59,19 +59,52 @@
delete [] Buffer;
}
/*}}}*/
+// TagFile::Resize - Resize the internal buffer
/*{{{*/
+// -
+/* Resize the internal buffer (double it in size). Fail if a maximum size
+ * size is reached.
+ */
+bool pkgTagFile::Resize()
+{
+ char *tmp;
+ unsigned long EndSize = End - Start;
+
+ // fail is the buffer grows too big
+ if(Size > 1024*1024+1)
+ return false;
+
+ // get new buffer and use it
+ tmp = new char[2*Size];
+ memcpy(tmp, Buffer, Size);
+ Size = Size*2;
+ delete [] Buffer;
+ Buffer = tmp;
+
+ // update the start/end pointers to the new buffer
+ Start = Buffer;
+ End = Start + EndSize;
+ return true;
+}
+
// TagFile::Step - Advance to the next section /*{{{*/
// -
-/* If the Section Scanner fails we refill the buffer and try again. */
+/* If the Section Scanner fails we refill the buffer and try again.
+ * If that fails too, double the buffer size and try again until a
+ * maximum buffer is reached.
+ */
bool pkgTagFile::Step(pkgTagSection &Tag)
{
- if (Tag.Scan(Start,End - Start) == false)
+ while (Tag.Scan(Start,End - Start) == false)
{
if (Fill() == false)
return false;
- if (Tag.Scan(Start,End - Start) == false)
+ if(Tag.Scan(Start,End - Start))
+break;
+
+ if (Resize() == false)
return _error->Error(_("Unable to parse package file %s (1)"),
- Fd.Name().c_str());
+Fd.Name().c_str());
}
Start += Tag.size();
iOffset += Tag.size();
=== modified file 'apt-pkg/tagfile.h'
--- apt-pkg/tagfile.h 2006-09-30 20:50:41 +
+++ apt-pkg/tagfile.h 2006-09-30 21:35:25 +
@@ -77,6 +77,7 @@
unsigned long Size;
bool Fill();
+ bool Resize();
public:
Bug#388708: apt: Upgrading to this version makes status file unparseable
On Fri, Sep 22, 2006 at 12:49:22AM -0500, Manoj Srivastava wrote:
> Package: apt
> Version: 0.6.46
> Severity: grave
Thanks for your bugreport.
> #_> aptitude -u
> ... upgrade ...
> #_> aptitude -vvv upgrade
> Reading package lists... Error!
> E: Unable to parse package file /var/lib/dpkg/status (1)
> E: The package lists or status file could not be parsed or opened.
> Reading package lists... Error!
> E: Unable to parse package file /var/lib/dpkg/status (1)
> E: The package lists or status file could not be parsed or opened.
> [1]22606 exit 255 aptitude -vvv upgrade
>
> Tested this on two machines. Downgrading to 0.6.45 fixes the
> bug. Look below for a sequence of action:
[..]
I can't reproduce this bug here. Could you please put a gziped copy of
your /var/lib/dpkg/status file somewhere to download? Or send it to me
directly?
I would also be interessted if this code here works and if it dies, at
what package:
---8<--
#!/usr/bin/env python
import apt_pkg
tagfile = apt_pkg.ParseTagFile(open("/var/lib/dpkg/status","r"));
while tagfile.Step():
print tagfile.Section.get("Package");
---8<--
Thanks,
Michael
--
Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#388023: Re-runing the desktop-files scanner would fix the problem
Just my 0.02¢ I think this packages (as it is now) is not suitable for debian anyway and should be removed or re-done with the data of the debian archive (instead of the data of the ubuntu archive). The same utility that is used to extract icons/desktop files in ubuntu could be used for the debian archive. In the gnome-app-install archive there is a util/getMenuData.py script or this. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#378183: apt: All SHA256 hashes generated/used by APT are wrong
On Fri, Jul 14, 2006 at 04:01:46AM +0200, Jakob Bohm wrote: > Package: apt > Version: 0.6.44.2 > Severity: critical > Tags: security patch > Justification: breaks the whole system Thanks for your bugreport and your patch. I applied the patch and I added a test in tests/hashes.cc for the sha256 code. > The SHA256 checksums recently added to Packages files are wrong > due to a porting error when the sha256 implementation code was > imported from the Linux kernel sources to the apt source tree. > Specifically, the broken sha256 code checksums only 19 out of > every 64 bytes of input and otherwise computes a result which is > neither sha256(input) nor sha256(mangled input). > > According to the changelog, the broken code was added to > non-experimental apt in version 0.6.44 uploaded 8 May 2006 . > > This has the following severe consequences: > > - The broken hash values obviously do not provide anything > resembling the security needed by secure apt, a problem > compounded by the broken status of the other two hash > algorithms used (MD5 and SHA1). Thus the security tag. The current version of apt is not yet fully converted to use sha256. Currently we generate them in apt-ftparchive but they are not yet checked when the files are downloaded (only sha1/md5 is right now). There is a branch to fully do sha256 at http://people.ubuntu.com/~mvo/bzr/apt/sha256/ but it is not finished and there are several issues that needs to be resolved first. > - When the code is fixed to produce and check correct SHA256 > hashes, the fact that these values are different from the > broken values means that a correct apt will reject all Packages > files produced by a broken apt and a broken apt will reject all > Packages files produced by a correct apt. This means that > when such a new apt implementation is placed in the debian > archive, the whole system becomes impossible to install or > upgrade: [..] See above, this is not a issue right now. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#376777: apt-utils: apt-ftparchive fails to generate Contents files
On Fri, Jul 07, 2006 at 07:59:45PM +1000, Anthony Towns wrote: > On Wed, Jul 05, 2006 at 11:31:51PM +1000, Anthony Towns wrote: > > package apt-utils > > tag 376777 - help > > tag 376777 + patch > > thanks > > > > I'm pretty sure this bug is simply due to misuse of auto_ptr in writer.cc > > Okay, I've no idea if this is right or not now; but it's not the real bug; and > if it were, there's more to it than just that one assignment. > > The real bug is in tagfile.cc, in particular the patch "fixing" Bug#350025 > -- using MMap doesn't work if your Fd is a pipe, which it is if you point > apt-ftparchive at a suite that doesn't have an uncompressed Packages file, > and ask it to generate Contents. > > Fix is reverting the patch, at least for the case where your input file > size is empty. I put a branch that should fix the issue up at http://people.ubuntu.com/~mvo/bzr/apt/tagfile-mmap-fix/ I send a patch to James asking for testing and will upload it to experimental (along with some other fixes there). Once I got positive feedback on the patch I will merge it into the sid version of apt and upload. The new version will use MMap if possible in tagfile and if not fall back to the old implementation. Thanks, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#355404: scite: 355404: still happens :(
On Sun, May 14, 2006 at 10:11:46PM +0800, Paul Wise wrote: > reopen 355404 > found 355404 1.68-1 > thanks Thanks for your bugreport. > I've started to notice that this bug is still present, perhaps a pango > or X update caused it. I get crashes trying to open the file menu and > the same crash I described before with the Find dialog. Do you have a backtrace of the crash? It seems to work for me (latest sid). > Also, should scintilla be split out into a library package, since > qscintilla probably also embeds a copy of the Scintilla source code? Maybe, scintilla is not really designed as a library though. It may be quite a bit of work. > BTW, would you like a co-maintainer for scite? I'm not a DD yet, but > perhaps you could sponsor any uploads until FD/DAM approve my > application. Certainly! I'm happy about any help, if you send me patches/debdiffs I'll be happy to sponsor stuff for you. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#346002: apt: GPG error when updating
On Mon, Jan 09, 2006 at 01:13:57PM -0800, Mark Hedges wrote: > > On Sun, Jan 08, 2006 at 09:28:24AM +0100, Harald Dunkel wrote: > > > Michael Vogt wrote: > > > > You can run apt-get with "--allow-unauthenticated" or > > > > APT::Get::AllowUnauthenticated=true in apt.conf > > > > > > Thanx for the hint, but this option just changed the error > > > message. Now I get: > > > > > > W: There are no public key available for the following key IDs: > > > 010908312D230C5F > > > W: You may want to run apt-get update to correct these problems > > > > The warning is justified IMHO because the user should be told that > > there is are signatures on the Release file for that no public key is > > available. The Debian Release should should still be authenticated now > > (because it found a valid signature from a trusted key and only a > > missing signature) and you should get no authenticated packages > > warnings anymore. > > > > Maybe I should reword the warning to make it more clear what it > > means? > > I still got this error as of this morning on `apt-get update`: > > W: GPG error: http://ftp.us.debian.org testing Release: The following > signatures couldn't be verified because the public key is not available: > NO_PUBKEY 010908312D230C5F This is excepted as only apt version 0.6.43.1 contains support to verify against multiple signatures on a Relase file. > [EMAIL PROTECTED]:~$ sudo apt-key update > ERROR: Can't find the archive-keyring > Is the debian-keyring package installed? > [EMAIL PROTECTED]:~$ sudo apt-get install debian-keyring > Reading package lists... Done > Building dependency tree... Done > debian-keyring is already the newest version. > 0 upgraded, 0 newly installed, 0 to remove and 64 not upgraded. > > I tried installing just the upgrade of apt and apt-utils without > verification but it didn't help. Same error. Is the relevant > key in some other package? The relevant key is in the debian-archive-keyring package that is not yet in the archive. > I finally got sick of waiting and answered 'Y' to dist-upgrade's question: > > WARNING: The following packages cannot be authenticated! > ... > Install these packages without verification [y/N]? y > > After that, I *still* get the same error for `apt-get update`: > > W: There are no public key available for the following key IDs: > 010908312D230C5F This is the warning that was discussed above (that probably needs some rewording, suggestions are welcome). It tells you that there is a missing key (that in itself is not fatal because of the good signature on the release file with the 2005 key). So now your packages should be authenticated again. > Will there be some way to go back and verify package integrity > after this gets fixed? Reinstall these packages? The easiest is to just add the new key with apt-key add by hand. You can also install the new apt and/or the debian-archive-keyring package (when it enters the archive). Then apt-get clean, apt-get update, apt-get install --reinstall apt. This will make sure that apt is ok, then proceed with the installing. Far from ideal, sorry for the bumpy road. But the next key rollover should be much smoother. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#345891: needs update for new archive key
On Fri, Jan 06, 2006 at 02:59:21AM +0100, Adeodato Simó wrote: > * Michael Vogt [Thu, 05 Jan 2006 23:27:40 +0100]: > > but we need a better system for upgrades (see below). > > Thanks for proposing this. > > > I think the same. My proposal is to create a new debain-server-keyring > > Can I suggest that it's called debian-archive-keyring (or -keys) > instead? "debian-server" sounds like "a debian server", while > "debian-archive" sounds more (at least to me) like "the Debian > Archive". Thanks everyone for their opinion. I uploaded a new debian-archive-keyring package a couple of minutes ago that will work with apt-key update (and calls it automatically after it was installed). It will also build a udeb (as suggested by Joey Hess, thanks to Colin Watson). About maintainership of this package, I'm happy to maintain it for now, but I'm equally happy to give it away to the ftp-massters. This package solves the problem for scheduled key rollovers (where we sign with both new and old key for a certain time), but it uses the old key to verify the package. This means that it's not suitable against a key compromise of the archive key. How to deal with this scenario needs to be discussed further. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#346002: apt: GPG error when updating
On Sun, Jan 08, 2006 at 09:28:24AM +0100, Harald Dunkel wrote: > Michael Vogt wrote: > > You can run apt-get with "--allow-unauthenticated" or > > APT::Get::AllowUnauthenticated=true in apt.conf > > Thanx for the hint, but this option just changed the error > message. Now I get: > > W: There are no public key available for the following key IDs: > 010908312D230C5F > W: You may want to run apt-get update to correct these problems The warning is justified IMHO because the user should be told that there is are signatures on the Release file for that no public key is available. The Debian Release should should still be authenticated now (because it found a valid signature from a trusted key and only a missing signature) and you should get no authenticated packages warnings anymore. Maybe I should reword the warning to make it more clear what it means? Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#346002: apt: GPG error when updating
On Thu, Jan 05, 2006 at 12:02:53PM +0100, Harald Dunkel wrote: [..] > Is there any way to switch this signature checking off? You can run apt-get with "--allow-unauthenticated" or APT::Get::AllowUnauthenticated=true in apt.conf Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#345823: apt: Key error at year turnover resembles security problem, and may represent one
On Wed, Jan 04, 2006 at 01:26:26PM +0100, Jeroen van Wolffelaar wrote: > On Wed, Jan 04, 2006 at 02:41:30AM -0800, Joshua Rodman wrote: > > On Wed, Jan 04, 2006 at 03:01:35AM +0100, Jeroen van Wolffelaar wrote: > > > Fwiw, the Release.gpg file contains two signatures now, both one with the > > > 2005 key and the 2006 key, to have a short transition period. The archive > > > still validates with the 2005 key, which isn't expired yet, and I think > > > APT > > > should not spread too worrysome errors at users while the archive can > > > still > > > be verified. > > > > Not to contradict you, since my understanding of these issues is > > strongly limited, but apt seems to think that it cannot validate the > > archive? > > I know, I said "should", because I believe apt should deal with the > multiple signatures correctly, instead of the current behaviour of (it > seems) only looking at the last one and/or requiring all signatures to > verify. > > Apt needs to be satisfied with just at least one of the multiple > signatures verifying, so that there can be turnover periods, and for > example third party repositories can have multiple signatures too, for > certain circumstances. Sorry for the late reply. I'm working on fixing the gpgv method to properly support multiple signatures right now and will (hopefully) do a upload really soon. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#345891: needs update for new archive key
On Tue, Jan 03, 2006 at 11:07:37PM -0500, Joey Hess wrote: > Package: apt > Version: 0.6.43 > Severity: serious > Tags: d-i Thanks for your bugreport and sorry for my late reply. > apt needs to be updated for this year's archive key which is apparently > the one at http://ftp-master.debian.org/ziyi_key_2006.asc The new key is added to my baz repository and it will be part of the next (very soon) upload. > I'm tagging this bug d-i because not having the key up-to-date in apt > breaks new installations since apt doesn't work, and will begin breaking > d-i even worse once the old archive key expires. The updated default key in apt means that new installs will be fine, but we need a better system for upgrades (see below). > FWIW, I think that the archive key should be split out into a new > package that can be updated more easily than apt, but for now a quick > fix is called for. I think the same. My proposal is to create a new debain-server-keyring [1] package that conatins: /usr/share/keyrings/debian-archive-keyring.gpg /usr/share/keyrings/debian-archive-removed-keys.gpg and calls "apt-key update" in it's postinst. apt-key update will add new keys from "debian-archive-keyring.gpg" via "apt-key add" and remove keys in debian-archive-removed-keys.gpg via "apt-key del". This way installing/updating the package will ensure that new keys are added as required and obsolete keys can be removed. Because the keys are part of a package and the package is covered with the trust-chain there is no trust-chain violation. If people are happy with my proposal I'll prepare and upload such a package. Cheers, Michael [1] I think we should create a new package and not use debian-keyring because debian-keyring is pretty big. -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#332835: Ping! for xdb/ C++ transition
On Thu, Dec 08, 2005 at 04:08:43PM -0500, Nathanael Nerode wrote: > Do you need help? Is there some problem with the build? I uploaded on 2.12.2005 and the package is in NEW and waits for processing (because the package name changed). Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#332835: Do you need help on xdb?
On Thu, Dec 01, 2005 at 10:02:04PM -0500, Nathanael Nerode wrote: > Both 332835 and 299380 are patched. This is really slightly urgent, as there > is a package which is waiting to undergo the C++ transition which is waiting > for xdb (oleo). > > Do you need an NMU? Thanks for the reminder and for the kind offer to NMU. I'm working on it and will upload a update today. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#340448: apt: Missing definition of uint32_t
On Wed, Nov 23, 2005 at 03:30:00PM +0100, Cedric Duval wrote: > Package: apt > Version: 0.6.42.3 > Severity: serious > Justification: no longer builds from source > > > Backporting apt from a sarge system, the build fails with: > > Compiling contrib/md5.cc to ../build/obj/apt-pkg/md5.opic > In file included from contrib/md5.cc:42: > ../build/include/apt-pkg/md5.h:61: error: parse error before `[' token > > because uint32_t is not defined. > > #include'ing either stdint.h or inttypes.h fixes it. Thanks, fixed in my repository, will be part of the next upload. Cheers, Michael > -- System Information: > Debian Release: 3.1 > Architecture: powerpc (ppc) > Kernel: Linux 2.6.13 > Locale: LANG=fr_FR.utf-8, LC_CTYPE=fr_FR.utf-8 (charmap=UTF-8) > > Versions of packages apt depends on: > ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries > an > ii libgcc1 1:3.4.3-13 GCC support library > ii libstdc++5 1:3.3.5-13 The GNU Standard C++ Library v3 > > -- no debconf information > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#335628: synaptic 0.57.5.1 crashes with segmentation fault on start
On Mon, Oct 24, 2005 at 09:29:26PM -0700, Chuck Williams wrote: > Package: synaptic > Version: 0.57.5.1 > Severity: grave Thanks for your bugreport. > I'm tracking Etch. My last regular upgrade obtained version 0.57.5.1 of > synaptic. I can no longer run the package at all as it segfaults on > startup. This occurs whether run from gnome, from a terminal window as > root, or via gksu. Based on one of the other bug reports here is the > output of gksu id: [..] > [EMAIL PROTECTED]:~$ sudo gdb synaptic > GNU gdb 6.3-debian [..] > (gdb) run [..] > Starting program: /usr/sbin/synaptic > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread -1221142848 (LWP 5620)] > 0xb74265ef in memcpy () from /lib/tls/libc.so.6 > (gdb) quit Please run the "backtrace" command at this point (instead of "quit"). But I strongly suspect that you have "scim" installed? If so, please try remvoing it and see if that fixes the problem. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#332865: Synaptic still segfaults under version 0.57.5.1
On Mon, Oct 24, 2005 at 09:22:34PM -0400, [EMAIL PROTECTED] wrote: > Synaptic is still segfaulting for me despite an upgrade to 0.57.5.1. It seemed > to work fine before 0.57.5. I am running the testing distribution. Please remove the "scim" package and try again. The backtrace indicates that it crashes somewhere in it. Cheers, Michael > debian:/home/esyu# uname -a > Linux debian 2.6.12-1-686 #1 Tue Sep 27 12:52:50 JST 2005 i686 GNU/Linux > > debian:~# dpkg --list synaptic > > ii synaptic 0.57.5.1 Graphical package manager > > Under gdb: > > (gdb) run > ** extraneous lines omitted ** > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread -1221167424 (LWP 11271)] > 0xb74205ef in memcpy () from /lib/tls/libc.so.6 > > (gdb) bt > #0 0xb74205ef in memcpy () from /lib/tls/libc.so.6 > #1 0xb707c90f in std::string::_S_copy_chars () from /usr/lib/libstdc++.so.5 > #2 0xb708076d in > std::string::_M_replace_safe<__gnu_cxx::__normal_iterator > > > () from /usr/lib/libstdc++.so.5 > #3 0xb7080695 in std::string::_M_replace () >from /usr/lib/libstdc++.so.5 > #4 0xb707eafb in std::string::replace () from /usr/lib/libstdc++.so.5 > #5 0xb70ec28c in scim::scim_get_frontend_module_list () >from /usr/lib/libscim-1.0.so.0 > #6 0xb70ec606 in scim::scim_get_frontend_module_list () >from /usr/lib/libscim-1.0.so.0 > #7 0xb70ed264 in scim::scim_get_frontend_module_list () >from /usr/lib/libscim-1.0.so.0 > #8 0xb70edbb1 in scim::scim_global_config_read () >from /usr/lib/libscim-1.0.so.0 > #9 0xb716306c in gtk_im_context_scim_shutdown () >from /usr/lib/gtk-2.0/2.4.0/immodules/im-scim.so > #10 0xb715fadc in gtk_im_context_scim_shutdown () >from /usr/lib/gtk-2.0/2.4.0/immodules/im-scim.so > #11 0xb7957880 in g_type_class_ref () from /usr/lib/libgobject-2.0.so.0 > #12 0xb793e515 in g_object_newv () from /usr/lib/libgobject-2.0.so.0 > #13 0xb793e94e in g_object_new_valist () from /usr/lib/libgobject-2.0.so.0 > #14 0xb793eac7 in g_object_new () from /usr/lib/libgobject-2.0.so.0 > #15 0xb715f97b in gtk_im_context_scim_new () >from /usr/lib/gtk-2.0/2.4.0/immodules/im-scim.so > #16 0xb716a52c in im_module_create () >from /usr/lib/gtk-2.0/2.4.0/immodules/im-scim.so > #17 0xb7c9d1dc in _gtk_im_module_create () from /usr/lib/libgtk-x11-2.0.so.0 > #18 0xb7c9d969 in gtk_im_multicontext_new () from /usr/lib/libgtk-x11-2.0.so.0 > #19 0xb7c9db6f in gtk_im_multicontext_new () from /usr/lib/libgtk-x11-2.0.so.0 > #20 0xb7c9bace in gtk_im_context_set_cursor_location () >from /usr/lib/libgtk-x11-2.0.so.0 > #21 0xb7d43bec in gtk_text_view_get_default_attributes () >from /usr/lib/libgtk-x11-2.0.so.0 > #22 0xb7d44b84 in gtk_text_view_get_default_attributes () >from /usr/lib/libgtk-x11-2.0.so.0 > #23 0xb7cb9f60 in _gtk_marshal_VOID__OBJECT_OBJECT () >from /usr/lib/libgtk-x11-2.0.so.0 > #24 0xb7937fd8 in g_cclosure_new_swap () from /usr/lib/libgobject-2.0.so.0 > #25 0xb793867b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 > #26 0xb7947ea2 in g_signal_stop_emission () from /usr/lib/libgobject-2.0.so.0 > #27 0xb7949077 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 > #28 0xb794942e in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 > #29 0xb7d958ca in gtk_widget_set_scroll_adjustments () >from /usr/lib/libgtk-x11-2.0.so.0 > #30 0xb7cf3b73 in gtk_scrolled_window_g from /usr/lib/libgtk-x11-2.0.so.0 > #31 0xb79450b0 in g_cclosure_marshal_VOID__OBJECT () >from /usr/lib/libgobject-2.0.so.0 > #32 0xb7937fd8 in g_cclosure_new_swap () from /usr/lib/libgobject-2.0.so.0 > #33 0xb793867b in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0 > #34 0xb7947546 in g_signal_stop_emission () from /usr/lib/libgobject-2.0.so.0 > #35 0xb7949077 in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0 > #36 0xb794942e in g_signal_emit () from /usr/lib/libgobject-2.0.so.0 > #37 0xb7c3543c in gtk_container_add () from /usr/lib/libgtk-x11-2.0.so.0 > #38 0xb7e6d54e in glade_standard_build_children () >from /usr/lib/libglade-2.0.so.0 > #39 0xb7e6de26 in glade_xml_set_common_params () >from /usr/lib/libglade-2.0.so.0 > #40 0xb7e6d67f in glade_xml_build_widget () from /usr/lib/libglade-2.0.so.0 > #41 0xb7e6d504 in glade_standard_build_children () >from /usr/lib/libglade-2.0.so.0 > #42 0xb7e6de26 in glade_xml_set_common_params () >from /usr/lib/libglade-2.0.so.0 > #43 0xb7e6d67f in glade_xml_build_widget () from /usr/lib/libglade-2.0.so.0 > #44 0xb7e731bc in glade_interface_dump () from /usr/lib/libglade-2.0.so.0 > #45 0xb7e6de26 in glade_xml_set_common_params () >from /usr/lib/libglade-2.0.so.0 > #46 0xb7e6d67f in glade_xml_build_widget () from /usr/lib/libglade-2.0.so.0 > et_shadow_type () > #47 0xb7e740d3 in glade_interface_dump () from /usr/lib/libglade-2.0.so.0 > #48 0xb7e6de26 in glade_xml_set_common_params () >from /usr/lib/libglade-2.0.so.0 > #49 0xb7e6d67f in glade_xml_build_widget () from /usr/lib/libglade
Bug#334656: refuses to install from Debian cds
On Wed, Oct 19, 2005 at 12:53:38AM -0400, Joey Hess wrote: > Package: apt > Version: 0.6.41 > Severity: grave > Tags: d-i Thanks for your bugreport. [..] > As I understand it, there is basically no way we can build official > Debian CDs that are signed with our archive signing key. There is also > currently no way to turn off the signature checking that doesn't disable > it for all apt sources, which wouldn't be an acceptible tradeoff. > > The simplest fix would be to special case apt to not require CD sources > to be authenticated. This seems ok to me, since the user has already > *booted* the CD, at least when using it as install media. I have a branch with a "APT::Authentication::Trust-CDROM" option. Turing it on would result in trusting any cdrom source. Is that sufficient for your needs? Cheeers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#294437: rc bug!
On Wed, Oct 12, 2005 at 11:04:28PM +1000, Rob Weir wrote: > Hey Michael, Hi Rob, > these bugs have been sitting around with patches for a while now; will > you have time to do a vdk2 upload soon? Would you like someone to NMU > it for you? Thanks for the kind offer. I found some time today and uploaded fixed packages (now that my day is a bit less stressful again :) thanks, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#321690: synaptic: Segmentation fault (powerpc ibook G4)
On Sun, Aug 07, 2005 at 12:07:37AM +0200, Bin Zhang wrote: > Package: synaptic > Version: 0.57.4 > Severity: grave > Justification: renders package unusable > > After upgrade to 0.57.4 (powerpc), synaptic doesn't start. > I get a "Segmentation fault". Could this be a scim problem in debian? I seem to be unable to install scims gtk2 input module on my debian unstable box. Cheers, Michael > Best regards, > Bin > > > -- System Information: > Debian Release: testing/unstable > APT prefers unstable > APT policy: (500, 'unstable') > Architecture: powerpc (ppc) > Shell: /bin/sh linked to /bin/bash > Kernel: Linux 2.6.13-rc5.20050804 > Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) > > Versions of packages synaptic depends on: > ii apt [libapt-pkg-libc6.3-6 0.6.40.1 Advanced front-end for dpkg > ii libatk1.0-0 1.10.1-2 The ATK accessibility toolkit > ii libc6 2.3.5-3GNU C Library: Shared libraries > an > ii libfontconfig12.3.2-1generic font configuration > library > ii libfreetype6 2.1.10-1 FreeType 2 font engine, shared > lib > ii libgcc1 1:4.0.1-3 GCC support library > ii libglade2-0 1:2.5.1-2 library to load .glade files at > ru > ii libglib2.0-0 2.6.6-1The GLib library of C routines > ii libgtk2.0-0 2.6.9-1The GTK+ graphical user > interface > ii libncurses5 5.4-9 Shared libraries for terminal > hand > ii libpango1.0-0 1.8.2-1Layout and rendering of > internatio > ii libstdc++64.0.1-3The GNU Standard C++ Library v3 > ii libvte4 1:0.11.13-4Terminal emulator widget for > GTK+ > ii libx11-6 6.8.2.dfsg.1-4 X Window System protocol client > li > ii libxft2 2.1.7-1FreeType-based font drawing > librar > ii libxml2 2.6.20-1 GNOME XML library > ii libxrender1 1:0.9.0-2 X Rendering Extension client > libra > ii scrollkeeper 0.3.14-10 A free electronic cataloging > syste > ii xlibs 6.8.2.dfsg.1-4 X Window System client libraries > m > ii zlib1g1:1.2.3-3 compression library - runtime > > Versions of packages synaptic recommends: > ii deborphan 1.7.16 Find orphaned libraries > ii gksu 1.3.1-2graphical frontend to su > pn libgnome2-perl (no description available) > > -- no debconf information > -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#317885: aptitude seems to do sticky selections on dist-upgrade
Hi, I just tried to reproduce the problem and it was enough to set the state of exim4 to 1 in /var/lib/aptitude/pkgstates. A "aptitude dist-upgrade" will then remove my installed postfix and upgrade to exim4. This is also set in the pkgstates file of Geert. Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#312618: install fails
Hi, wouldn't a Pre-Depends on emacsen-common solve the problem? Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#323733: FTBFS
Hi, it looks like this FTBFS is caued by building it with "-Os". This seems to exclude the __buildin_* intrinsics that are used for memcmp (#define memcmp __buildin_memcmp). Cheers, Michael -- Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
