Bug#775795: Patch to use /usr/sbin/service in Debian service provider
Hi, This one time, at band camp, Stig Sandbeck Mathisen said: > > Hello, > > Thanks for the patch. It looks like it has the correct solution, using > the Debian abstraction layer over the alternative init systems. > > However, I've found a problem with it using the "puppet resource" > command. Could you see if you find what causes it? > > With puppet 3.7.22-1: > > , > | root@dagon:~# puppet resource service apache2 > | service { 'apache2': > | ensure => 'stopped', > | enable => 'true', > | } > ` > > With your patch: > > , > | root@dagon:~# puppet resource service apache2 > | Error: Could not run: undefined local variable or method `service' for > # > ` Try this (lightly tested) one instead. The problem is in the definition and use of the service command in the first patch. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - From 2eae3a2a71de50889535f0e917ac6f4ecaeb8975 Mon Sep 17 00:00:00 2001 From: Gaudenz Steinlin Date: Sat, 31 Jan 2015 16:09:08 +0100 Subject: [PATCH] Use /usr/sbin/service in Debian service provider Closes: #775795 --- .../0004-debian-service-provider-use-service.patch | 56 ++ debian/patches/series | 1 + 2 files changed, 57 insertions(+) create mode 100644 debian/patches/0004-debian-service-provider-use-service.patch diff --git a/debian/patches/0004-debian-service-provider-use-service.patch b/debian/patches/0004-debian-service-provider-use-service.patch new file mode 100644 index 000..29a4277 --- /dev/null +++ b/debian/patches/0004-debian-service-provider-use-service.patch @@ -0,0 +1,56 @@ +From: Gaudenz Steinlin +Subject: Use /usr/sbin/service for service management on Debian + +In Debian jessie systemd will be the default init system. But the old system V +and other alternative init systems are still supported. /usr/sbin/service +provides an abstraction layer which is able to start, stop and restart +services independent of the init system used. + +Bug: https://tickets.puppetlabs.com/browse/PUP-2023 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775795 +--- +Index: puppet/lib/puppet/provider/service/debian.rb +=== +--- puppet.orig/lib/puppet/provider/service/debian.rb 2015-01-31 17:30:09.0 +0100 puppet/lib/puppet/provider/service/debian.rb 2015-01-31 23:05:10.477108925 +0100 +@@ -16,6 +16,11 @@ + # is resolved. +- commands :invoke_rc => "/usr/sbin/invoke-rc.d" ++ commands :invoke_rc => "/usr/sbin/invoke-rc.d", :service => "service" + + defaultfor :operatingsystem => :debian + + # Remove the symlinks +@@ -61,4 +66,28 @@ + update_rc "-f", @resource[:name], "remove" + update_rc @resource[:name], "defaults" + end ++ ++ # The start, stop, restart and status command use service ++ # this makes sure that these commands work with whatever init ++ # system is installed ++ def startcmd ++service @resource[:name], "start" ++ end ++ ++ # The stop command is just the init script with 'stop'. ++ def stopcmd ++service @resource[:name], "stop" ++ end ++ ++ def restartcmd ++(@resource[:hasrestart] == :true) && service @resource[:name], "restart" ++ end ++ ++ # If it was specified that the init script has a 'status' command, then ++ # we just return that; otherwise, we return false, which causes it to ++ # fallback to other mechanisms. ++ def statuscmd ++(@resource[:hasstatus] == :true) && service @resource[:name], "status" ++ end ++ + end diff --git a/debian/patches/series b/debian/patches/series index 471a23b..6543a01 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,3 +1,4 @@ 0001-Do-not-require-rubygems.patch 0002-Set-passenger-puppet-master-document-root.patch 0003-fix-puppet-master-logcheck-rule.patch +0004-debian-service-provider-use-service.patch -- 2.1.4
Bug#679746: [Adduser-devel] Bug#679746: default --system home directory leads to piuparts RC bugs
Hi, This one time, at band camp, Marc Haber said: > On Sun, Jul 01, 2012 at 03:43:42PM +0100, Stephen Gran wrote: > > This one time, at band camp, Marc Haber said: > > > Thus, packages using adduser --system and relying on adduser doing the > > > right thing will get a piuparts-based RC bug in no time. Adduser > > > should change its default behavior to something that QA will accept. > > > > And what directory would that be, then? > > Since policy does not give any hints about that, adduser --system > should probably insist on --home being given. I think I'd like to summarize, if I may: Policy says packages can't rely on the layout of /home/ Some packages invoke adduser --system without the switch --home In this case, adduser creates a user with $HOME under /home/ There is so far no evidence that these packages rely on the presence of that directory You think this is a release-critical bug in adduser You have filed this as we freeze Congratulations. Now, I don't agree that this is a bug in adduser - I think this is a bug in packages invoking adduser. I think the right way to do this is a mass bug filing on those packages. Your suggestion of a 'fix' makes lots of packages insta-buggy, which is effectively the same as a mass bug-filing. So, unless you can give me compelling arguments that this is actually adduser's problem to solve, I'd like you to talk about your prospective mass bug-filing on -devel. Cheers, -- --------- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#679746: default --system home directory leads to piuparts RC bugs
This one time, at band camp, Marc Haber said: > Thus, packages using adduser --system and relying on adduser doing the > right thing will get a piuparts-based RC bug in no time. Adduser > should change its default behavior to something that QA will accept. And what directory would that be, then? I think this is a strange interpretation of policy, that it's the tool that is buggy and not the invocation. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#678247: [Pkg-clamav-devel] Bug#678247: Fix debdiff
This one time, at band camp, Scott Kitterman said: > I did test it. It defaults to 8080 if you don't specify. Perfect :) Just my memory being bad, then. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#678247: [Pkg-clamav-devel] Bug#678247: Fix debdiff
This one time, at band camp, Scott Kitterman said: > Attached. Hi, Have you tested that that is a valid config file? I have some vague memory of freshclam not being happy with a proxyhost but not a proxyport. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#660448: Using winbind in nsswitch.conf broken due to missing libs
This one time, at band camp, Kevin Shanahan said: > Using winbind in /etc/nsswitch.conf is completely broken since > 3.5.11~dfsg-4 due to missing libraries: > >/lib/libnss_winbind.so.2 >/lib/libnss_wins.so.2 > > It seems they were there up to 3.5.11~dfsg-2 and then just > disappeared. > > This is on amd64 - I haven't checked any other arch. They seem to have migrated to libpam-winbind. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#618728: patch for issues
tag 645016 + patch tag 631580 + patch tag 618728 + patch thanks Hi, The attached patch should sort out these two issues. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u samhain-2.6.2/debian/samhain.logrotate.d samhain-2.6.2/debian/samhain.logrotate.d --- samhain-2.6.2/debian/samhain.logrotate.d +++ samhain-2.6.2/debian/samhain.logrotate.d @@ -8,7 +8,7 @@ create 640 root adm sharedscripts postrotate - if [ -f /var/run/samhain.pid ]; then \ + if [ -f /var/run/samhain/samhain.pid ]; then \ /etc/init.d/samhain reload > /dev/null; fi endscript } diff -u samhain-2.6.2/debian/samhain.init samhain-2.6.2/debian/samhain.init --- samhain-2.6.2/debian/samhain.init +++ samhain-2.6.2/debian/samhain.init @@ -36,6 +36,7 @@ if test -f /var/samhain/.samhain_lock; then rm -f /var/samhain/.samhain_lock fi + mkdir -p /var/run/samhain start-stop-daemon --start --quiet --exec $DAEMON log_end_msg $? # diff -u samhain-2.6.2/debian/rules samhain-2.6.2/debian/rules --- samhain-2.6.2/debian/rules +++ samhain-2.6.2/debian/rules @@ -11,6 +11,18 @@ # This is the debhelper compatability version to use. # export DH_COMPAT=5 +ifeq (linux,$(DEB_HOST_ARCH_OS)) +ifeq (ia64,$(DEB_HOST_ARCH)) +DNMALLOC = --disable-dnmalloc +else ifeq (s390,$(DEB_HOST_ARCH)) +DNMALLOC = --disable-dnmalloc +else +DNMALLOC = --enable-dnmalloc +endif +else +DNMALLOC = --disable-dnmalloc +endif + build: build-stamp build-stamp: dh_testdir @@ -19,8 +31,9 @@ --with-config-file=/etc/samhain/samhainrc \ --with-state-dir=/var/state/samhain \ --with-prelude \ + $(DNMALLOC) \ --enable-network=no \ - --with-pid-file=/var/run/samhain.pid \ + --with-pid-file=/var/run/samhain/samhain.pid \ --with-log-file=/var/log/samhain/samhain.log $(MAKE) diff -u samhain-2.6.2/debian/changelog samhain-2.6.2/debian/changelog --- samhain-2.6.2/debian/changelog +++ samhain-2.6.2/debian/changelog @@ -1,3 +1,12 @@ +samhain (2.6.2-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Disable dnmalloc where we know it doesn't work (closes: #618728) + * Switch back to /var/run/samhain, as /var/run is now a symlink to /run, and +samhain won't run if it's piddir is a symlink. (closes: #645016, #631580) + + -- Stephen Gran Wed, 12 Oct 2011 07:27:14 + + samhain (2.6.2-2) unstable; urgency=low * Change configuration so that the pidfile used is /var/run/samhain.pid signature.asc Description: Digital signature
Bug#610937: [Pkg-clamav-devel] Bug#610937: clamav: clam segfault
This one time, at band camp, Salvatore Tomaselli said: > [ 40.848975] clamd[3091]: segfault at 1 ip b74e7df7 sp bfb79928 error 4 in > libc-2.7.so[b7472000+155000] This is unfortunately not enough to go on to figure out what's going wrong. I'd like to see you update to the version in volatile, so that you are running a more recent version of clamav, and if you still are experiencing this issue, I'd like to help you get us more information. Are you able to do both of those things? Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#583110: Fails to restore raid speed on error
This one time, at band camp, Goswin von Brederlow said: > In my case I have a SATA Port Multiplier, last one I ever buy :), and > it seems that takes a while to work after a boot. Sometimes its disks > just aren't there fast enough during boot and for example the fsck run > fails. I'm guessing the hdparm script fails too and then the raid > speed remains at 0. Instead of guessing, would it be possible for you to debug this? Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#577499: [Pkg-clamav-devel] Bug#577499: Bug#577499: Me too
This one time, at band camp, Gordon Haverland said: > After the 4 dpkg-reconfigure runs, things seem to be working. > That was the end result mentioned above. That nothing in > /etc/clamav changed after the fresh re-install (after purging) was > interesting. What it looks like happened was: Due to a bug in our maintainer scripts, debconf put a bad value in the config file. This made clamd a bit wobbly and made freshclam unable to talk to it. You updated the config file manually. From here on, configuration did not change. The dpkg-reconfigure runs were to ensure that we didn't further screw up your configuration files - we passed that test, at least, by not writing more garbage into them. The reason it's all working now is that you have (by way of running dpkg-reconfigure in the right order) restarted both clamd and freshclam now that the correct config file is in place. You should be ok now, and thanks for helping us debug this. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#577499: [Pkg-clamav-devel] Bug#577499: clamav-daemon will not start, even when purged and reinstalled
This one time, at band camp, Dr A. J. Trickett said: > Okay, I purged my database of sane security filters and other stuff, and it > reloaded okay. I then added back just a fresh set of sane security filters > and > it also restarted. I don't know if it was an old/broken filter set that was > the problem or it was just on the knife edge for memory but it is working at > the moment. Great, I'm glad it's working for you. Hopefully it will stay working, but if not, you at least know where to start looking for next time. > Regarding the bug, I don't know what to say, other than perhaps the package > documentation should say you need plenty of RAM and and it may not be > appropriate for people using a VM with only limited RAM. Would it be ok with you if we just made the error message slightly more helpful? I'd imagine something like: "daemonize() failed: No more memory" would be more helpful than just the current "daemonize() failed". I'm a little leery of putting it in the package description because the memory usage of clamav is fairly fluid across versions and also heavily dependant on things like extra signatures, as you've seen. I don't want to let something like that bitrot and scare people off if upstream comes up with a more memory efficient way of signature loading, for example. > Thanks for taking the time to respond and help me fix my problem, I only wish > every package maintainer was as helpful. I wish every bug was this easy and every bug reporter answered as promptly as you :) Cheers, -- --------- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#577499: [Pkg-clamav-devel] Bug#577499: clamav-daemon will not start, even when purged and reinstalled
This one time, at band camp, Adam John Trickett said: > It use to work okay, but since the recent upgrade it has stopped working, > and I can't make it start normally. I've done a purge of all the clamav bits > and reinstalled and it still refuses to start. > > Config is from virgin install. > > --- data dir --- > total 78960 > -rw-r--r-- 1 clamav clamav 3875328 May 7 16:43 daily.cld > -rw-r--r-- 1 clamav clamav 22906487 May 7 14:42 main.cvd > -rw--- 1 clamav clamav 208 May 7 17:43 mirrors.dat Try getting rid of all but these files, and disable the 3rd party signature script for now. It looks like you just don't have enough RAM to run clamav with all the signatures you have. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#580020: [Pkg-clamav-devel] Bug#580020: clamav-base: always edits /etc/aliases (does not respect admin changes)
tags 580020 +pending thanks This one time, at band camp, Tollef Fog Heen said: > This one time, at band camp, Stephen Gran said: > ]] Stephen Gran > > | How do other packages do this for system users? I suppose just do it on > | fresh install and never again? > > That's probably the easiest way to do it. (Or rather, do it on initial > installs and upgrades from version from before when the add alias call > was added.) http://git.debian.org/?p=pkg-clamav/clamav.git;a=commit;h=818f757885dae101763376d5777e26a53c8203d0 Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#580020: [Pkg-clamav-devel] Bug#580020: clamav-base: always edits /etc/aliases (does not respect admin changes)
This one time, at band camp, Tollef Fog Heen said: > ]] Stephen Gran > > | How do other packages do this for system users? I suppose just do it on > | fresh install and never again? > > That's probably the easiest way to do it. (Or rather, do it on initial > installs and upgrades from version from before when the add alias call > was added.) The latter case is lost in the mists of time - somewhere in the 0.7x series, I think. So I'll just go for fresh installs :) Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#580020: [Pkg-clamav-devel] Bug#580020: clamav-base: always edits /etc/aliases (does not respect admin changes)
This one time, at band camp, Tollef Fog Heen said: > From clamav-base.postinst: > > if [ -f /etc/aliases ] || [ -L /etc/aliases ]; then > if ! grep -qi "^clamav" /etc/aliases; then > echo "clamav: root" >> /etc/aliases > newal=`which newaliases || true` > if [ -n "$newal" ] && [ -x "$newal" ]; then > $newal || true > fi > fi > fi > > This means there is no way for me to not have the clamav alias in > /etc/aliases, for instance if I want to have it defined somewhere else. How do other packages do this for system users? I suppose just do it on fresh install and never again? I suppose I had never thought of removal of clamav from /etc/aliases as user configuration, but I see your point. Easy enough to fix. Cheers, -- --------- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#577499: [Pkg-clamav-devel] Bug#577499: Me too
This one time, at band camp, Gordon Haverland said: > with the dfsg-2 update that came out, I seen LocalSocketGroup 20 > thing with my computer. I set it to 125 (which is the group > clamav is on this computer). Clamav started, but I started > getting messages from freshclam (cron jobs) about some missing > argument. Trying to fix things, I then got a message about > freshclam not being able to contact clamd via > /var/run/clamav/clamd.ctl. > > So, this morning, I purged all of clamav and reinstalled it. This > message about clamd.ctl persists. Can you set LocalSocketGroup to clamav in the config file, run dpkg-reconfigure and see what it is in the file afterwards? Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#576787: grep: file conflict
Package: grep Version: 2.5.4-4 Severity: serious Hi, (Reading database ... 99754 files and directories currently installed.) Preparing to replace grep 2.5.4-4 (using .../archives/grep_2.6.3-1_s390.deb) ... Unpacking replacement grep ... dpkg: error processing /var/cache/apt/archives/grep_2.6.3-1_s390.deb (--unpack): trying to overwrite '/usr/share/info/dir.gz', which is also in package cpio 0:2.11-1 dpkg-deb: subprocess paste killed by signal (Broken pipe) Processing triggers for install-info ... Errors were encountered while processing: /var/cache/apt/archives/grep_2.6.3-1_s390.deb E: Sub-process /usr/bin/dpkg returned an error code (1) cpio has already fixed it's version of this bug, so now it's grep's turn. Cheers, -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-trunk-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages grep depends on: ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib grep recommends no packages. Versions of packages grep suggests: ii libpcre3 7.8-3 Perl 5 Compatible Regular Expressi -- no debconf information -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#526760: root-tail: Don't display anything at all since X.org update
This one time, at band camp, Francesco Poli said: > On Sat, 30 Jan 2010 12:57:03 +0000 Stephen Gran wrote: > > > This one time, at band camp, Francesco Poli said: > [...] > > > Stephen, what do you think? Should this bug be downgraded to > > > important? Could you please help Andreas in solving his problem? > > > > I think that a package that non-deterministically doesn't work > > probably doesn't belong in a stable release. > > Wait, who said that the bug shows up non-deterministically? The fact that "this user sees this behavior and that user doesn't" it sort of the definition? This isn't the first report I've had, although it is the only BTS report. I've also managed to reproduce it once in enlightenment, and then failed to reproduce it the next time I tried. > This situation does not look like the definition of a severity 'grave' > bug: the bug does not seem to make the package unusable or mostly so. > I would say the severity of this bug is more like 'important' or even > 'normal'. I am under the impression that there is probably some serious misbehavior in the package. It works for some people perfectly fine, but may accidentally go wrong and kill your kittens. I think we have different definitions of what should go in a stable release. If this was more important than a leaf package of relatively niche interest, I would of course invest more time and effort in figuring out what was going wrong. Since it is just an edge package with a relatively low popcon score, it seems to me my effort is better spent elsewhere, and my feeling is that, in the meantime, software that only sometimes works doesn't belong in a stable release. If you want to look after it, you can of course make different decisions about where your time is best spent and what you want to support through a release cycle (and what quality of software is useful to release in Debian in general). > > I unfortunately don't have enough knowledge about the X api to make > > any good guesses as to what the problem might be. > > I think there are tags for this kind of situation (e.g.: "help"). I believe you're allowed to tag the bug report that way if you want .. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#526760: root-tail: Don't display anything at all since X.org update
This one time, at band camp, Francesco Poli said: > On Sun, 03 May 2009 13:05:09 +0200 Andreas Tscharner wrote: > > I start root-tail in WindowMaker autostart > > (~/GNUstep/Library/WindowMaker/autostart) > > with the following command: > > > > root-tail -g 700x200+950+850 -fn fixed /var/log/messages,green > > ~/.xsession-errors, blue & > > > > This does not display anything at all after the X.org update. > > Hi Andreas! > I am another root-tail user. > > I am currently running root-tail/1.2-3 on a Debian testing box, and I > am *not* experiencing the bug you reported. ... > Stephen, what do you think? > Should this bug be downgraded to important? > Could you please help Andreas in solving his problem? I think that a package that non-deterministically doesn't work probably doesn't belong in a stable release. I unfortunately don't have enough knowledge about the X api to make any good guesses as to what the problem might be. The fds that are being read from appear to me to be the usual communication with the X server, not reads from the logfiles (note that the logfiles have been stat()'ed but not yet opened). if root-tail is unable to communicate to the X server, I have no idea why. If Andreas has any additional information, that would be great - it might be something simple like a rebuild fixes it, or it might be something like a subtle bit of the X api has changed with X.org and root-tail won't be fixed until someone who understands X better than I do comes along, or I manage to find the time to finally dig into it enough to debug this. Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#551929: [Adduser-devel] Bug#551929: Bug#551929: deluser: creates backup of user's files when not requested
This one time, at band camp, Frans Pop said: > However, *if* the config file is read before parsing options, there is > another solution: make --backup-to imply --backup, but *only* if passed on > the command line. Excellent idea. This is what I've juct committed as r821. I'll have a look to make sure there's no other low hanging fruit out there to close before upload, and get an upload out soon. In the meantime, if you want to double check my commit, some testing would be helpful, as always. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#551929: [Adduser-devel] Bug#551929: deluser: creates backup of user's files when not requested
This one time, at band camp, Frans Pop said: > I ran into this too. Raising severity as IMO this bug makes the current > version of adduser unsuitable to be released with Squeeze. > > deluser should not be creating a backup tarball when not asked to do so. Hi there, > BACKUP_TO = "." This is the problem. In response to #535857, a fix was committed to make --backup-to imply --backup. I'm not (yet) sure how to reconcile "deluser should not be creating a backup tarball when not asked to do so" with option a in #535857, "--backup-to should .. imply --backup". Both of these requests are completely reasonable, but conflict, so I think probably what I'll do is go for option b, and have deluser fail if --backup-to is set but --backup isn't. Given that we ship a default of '.', that should at least be the pronciple of least surprise. Thoughts? Objections? If not, I'll commit something tomorrow. Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#534470: Using mdadm 2.6.7.2 to assemble a raid array created with mdadm 1.9.0 will corrupt it making mdadm 1.9.0 to crash when trying to reassemble
severity 534470 important thanks This one time, at band camp, RUSSOTTO François-Xavier 200103 said: > After booting a Debian 5.0.1 - Lenny install cdrom in rescue mode > (debian-501-ia64-netinst.iso) on an Itanium 2 server with Debian 3.1 - > Sarge (ia64) installed on a software raid 5 root partition, opening a > console in the root partition mounted from the raid array > (auto-assembled) corrupts the raid array, leading to a kernel panic at > server reboot, and preventing from manual reassembly using mdadm 1.9.0 > (Sarge). I suspect that the problem here is that the user is expecting a recovery tool released nearly 5 years after the OS he has installed to work without issues. I'd suggest that if etch supports the new superblock checksum format, this bug can be closed, as we no longer actually support sarge (in a distribution sense - Martin, if you want to make it easier for sarge users, that's of course entirely fine). I've downgraded the severity for now, as a bug that only affects sarge users does not affect the releasability of this software in squeeze. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#555327: apt: apt-get segvs
Package: apt Version: 0.6.46.4-0.1+etch1 Severity: grave r...@paer:/# gdb /usr/bin/apt-get GNU gdb (GDB) 7.0-debian Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "hppa-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/bin/apt-get...(no debugging symbols found)...done. (gdb) set args update (gdb) run Starting program: /usr/bin/apt-get update Program received signal SIGSEGV, Segmentation fault. 0x405d38cc in std::locale::operator=(std::locale const&) () from /usr/lib/libstdc++.so.6 (gdb) bt full #0 0x405d38cc in std::locale::operator=(std::locale const&) () from /usr/lib/libstdc++.so.6 No symbol table info available. #1 0x405d1c10 in std::ios_base::_M_init() () from /usr/lib/libstdc++.so.6 No symbol table info available. #2 0x405ea858 in std::basic_ios >::init(std::basic_streambuf >*) () from /usr/lib/libstdc++.so.6 No symbol table info available. #3 0x406b93d0 in ReadConfigFile(Configuration&, std::string const&, bool, unsigned int) () from /usr/lib/libapt-pkg-libc6.9-6.so.4.8 No symbol table info available. #4 0x406b8ecc in ReadConfigDir(Configuration&, std::string const&, bool, unsigned int) () from /usr/lib/libapt-pkg-libc6.9-6.so.4.8 No symbol table info available. #5 0x406f8d04 in pkgInitConfig(Configuration&) () from /usr/lib/libapt-pkg-libc6.9-6.so.4.8 No symbol table info available. #6 0x0001d928 in main () No symbol table info available. (gdb) quit apt-config dump and so on also segv, so the output is not attached here. Please let me know if I can be of help. Cheers, -- --------- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#553333: [Pkg-clamav-devel] Bug#553333: clamav-milter: inet milter socket configuration changes the owner of /root to clamav
Hi there, I understand how: > @@ -279,5 +279,5 @@ fi > > make_dir "$DataBaseDirectory" > -if [ "${SOCKET_PATH#inet}" = "${SOCKET_PATH}" ]; then > +if [ "${SOCKET_TYPE}" = "local" ]; then >make_dir $(dirname "$SOCKET_PATH") >chown $User $(dirname "$SOCKET_PATH") could be a problem (maybe - if the variable $SOCKET_PATH includes the string 'inet' but somehow the variable $SOCKET_PATH remains unset), but I don't see how: > @@ -172,5 +172,5 @@ make_dir() >[ -n "$User" ] || User=clamav >mkdir -p -m 0755 "$DIR" > - chown "$User:$User" "$DIR" > + chown "$User" "$DIR" > } Cause any problems or indeed makes any difference? Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#545932: freeradius: does not properly clean aborted build
This one time, at band camp, brian m. carlson said: > It's not the "ignore errors" marker; it's the "don't print the command" > marker. You probably want "@-" at the beginning of the command instead. Gah, of course it is. Fair enough - easy enough to fix. I'll go have a word with upstream. Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#545932: freeradius: does not properly clean aborted build
This one time, at band camp, brian m. carlson said: > Obviously, the rm line should check first to see whether sites-enabled > exists, and if not, do nothing. It's not the rm line, it's the rmdir line, and I don't see how it can fail: raddb/Makefile: clean: rm -f sites-enabled/inner-tunnel sites-enabled/default @rmdir sites-enabled The -f will make rm succeed even if the file doesn't exist: sg...@samosa:~$ ls sg...@samosa:~$ rm -f test/a test/b sg...@samosa:~$ echo $? 0 sg...@samosa:~$ And the rmdir has an 'ignore errors' marker. Can you maybe do some debugging to figure out what is really going wrong? Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#545930: freeradius: FTBFS on amd64/sid
tags 545930 +unreproducible thanks This one time, at band camp, brian m. carlson said: > Whilst trying to build freeradius: > > make[5]: Entering directory `/home/bmc/tmp/freeradius-2.0.4+dfsg/src/lib' > /usr/bin/libtool --mode=compile /usr/bin/gcc -g -O2 -O2 -D_LIBRADIUS > -I/home/bmc/tmp/freeradius-2.0.4+dfsg/src -c dict.c > libtool: compile: unable to infer tagged configuration > libtool: compile: specify a tag with `--tag' Not here: /usr/bin/libtool --mode=compile gcc -g -O2 -O2 -D_LIBRADIUS -I/home/steve/source/git/freeradius/src -c dict.c libtool: compile: gcc -g -O2 -O2 -D_LIBRADIUS -I/home/steve/source/git/freeradius/src -c dict.c -fPIC -DPIC -o .libs/dict.o libtool: compile: gcc -g -O2 -O2 -D_LIBRADIUS -I/home/steve/source/git/freeradius/src -c dict.c -o dict.o >/dev/null 2>&1 etc. What version of libtool are you using? I have 2.2.6a-4, and it builds with that and with lenny's 1.5.26-4. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#543309: [Pkg-clamav-devel] Bug#543309: local socket clamav-milter.ctl unsafe - milter set to error state
severity 543309 normal thanks This one time, at band camp, Mark Rushing said: > Package: clamav-milter Version: 0.95.2+dfsg-1~volatile1 Severity: > grave Justification: renders package unusable Let's not be silly. The package is usable by everyone who doesn't use the included m4, including postfix users and sendmail users who don't use the included convenience macro. > clamav-milter installs an m4 macro in /etc/mail/m4/clamav-milter.m4 > > The installation documentation says to include this macro in your > sendmail.mc file. > > INPUT_MAIL_FILTER(`clamav', > `S=local:/var/run/clamav/clamav-milter.ctl, F=, T=S:4m;R:4m')dnl > > That line points to a non-existent socket. The actual socket name is, > instead, 'milter.ctl'. Thanks for the report - fixed in our git repo. -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#535609: aumix-{gtk,common}: file conflict
Package: aumix-common Version: 2.8-24 Severity: serious Unpacking aumix-common (from .../aumix-common_2.8-24_all.deb) ... dpkg: error processing /var/cache/apt/archives/aumix-common_2.8-24_all.deb (--unpack): trying to overwrite `/etc/init.d/aumix', which is also in package aumix-gtk It looks like it needs a replaces. Versions are slightly screwy as I'm repairing the upgrade now. Cheers, -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages aumix-gtk depends on: pn aumix-common (no description available) ii libatk1.0-0 1.26.0-1 The ATK accessibility toolkit ii libc6 2.9-18 GNU C Library: Shared libraries pn libcairo2 (no description available) ii libfontconfig12.6.0-4generic font configuration library ii libfreetype6 2.3.9-5FreeType 2 font engine, shared lib pn libglib2.0-0 (no description available) ii libgpm2 1.20.4-3.2 General Purpose Mouse - shared lib pn libgtk2.0-0(no description available) ii libncurses5 5.7+20090530-1 shared libraries for terminal hand pn libpango1.0-0 (no description available) aumix-gtk recommends no packages. aumix-gtk suggests no packages. -- no debconf information -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#522991: freeradius_2.0.4+dfsg-6+b1(mips/unstable): FTBFS on mips
This one time, at band camp, peter green said: > I've done some flyby inspection of this bug and come to the following > conclusions. > > * The freeradius build has a check for links with anything in a libssl* > package BUT this check only detects direct links. Yes, I am (after a conversation with an ftp-master) taking the stance that multi-level transitive links both can't be reliably checked for, and are also not that big an issue. For many libraries in Debian, we ship a version linked to openssl and a version linked to gnutls - if a local admin installs the openssl one of these 3 removes away, there's not much we as packagers can do, so I'm not that worried about it. On the other hand, if we declare a direct relationship between 2 pieces of software that have conflicting licenses, we do have a clear problem. That's why the check is there - I admit it's a bit of a gross hack, but in this case, I'm glad it's there, as it's saved us from accidentally distributing something that's clearly a GPL violation in the current arrangement. > * Freeradius normally ends up with an indirect link to libcrypto (from > the libssl* package) via libsnmp. On the failing mips build a buggy > libtool version was used which I suspect (I can't confirm this due to > being unable to get a copy of the version of libtool in question) meant > it ended with a direct link to libcrypto causing the build to abort. That was my first rough impression. Glad to have a second pair of eyes on it, though. > * My understaning is (and I may be wrong) the debian interpretation of > the GPL is that any link with openssl whether direct or indirect is > unacceptable unless a specific exception is granted by the authors of > all GPL code in or linked to by the binary. This is the stance the project has so far taken, yes. There is work underway in the freeradius project to add that excemption, and then this can go away for at least this codebase. > P.S. the debian/copyright file could do with a bit of clarification, it > states the code is released under GPL v2 and then pastes a license block > that says v2 or later. Agreed. Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#525483: libclamav5: clamd segfault libclamav.so.5.0.4
This one time, at band camp, James Robertson said: > Not sure if unofficial-clamav-sigs.sh has anything to do with it? > This is the only occurance of unofficial-clamav-sigs.sh being close to > the time of the segfault. I generally experience this about once a > day. That is a known issue indeed. Try running without the unofficial sigs for a few days and see if the sgfaults recur. If not, then it is the same problem identified and fixed upstream. Look for new packages in volatile soon - they've been uploaded, we're just waiting on builds now. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#524745: [Pkg-octave-devel] Bug#524745: Postinst seems to run forever on mipsel
This one time, at band camp, Rafael Laboissiere said: > lsof -p 31649 COMMAND PID USER FD TYPE DEVICE SIZENODE NAME octave-3. 31649 root cwdDIR3,3 4096 7192581 /home/buildd/build/chroot-unstable octave-3. 31649 root rtdDIR3,3 4096 7192581 /home/buildd/build/chroot-unstable octave-3. 31649 root txtREG3,3 4652 7211845 /home/buildd/build/chroot-unstable/usr/bin/octave-3.0.5 octave-3. 31649 root memREG3,3 149176 7209586 /home/buildd/build/chroot-unstable/lib/ld-2.9.so octave-3. 31649 root memREG3,3 12760392 7555468 /home/buildd/build/chroot-unstable/usr/lib/octave-3.0.5/liboctinterp.so.3.0.5 octave-3. 31649 root memREG3,3 10805684 7555467 /home/buildd/build/chroot-unstable/usr/lib/octave-3.0.5/liboctave.so.3.0.5 octave-3. 31649 root memREG3,3 429936 7555466 /home/buildd/build/chroot-unstable/usr/lib/octave-3.0.5/libcruft.so.3.0.5 octave-3. 31649 root memREG3,3 831196 7211792 /home/buildd/build/chroot-unstable/usr/lib/libumfpack.so.3.2.0 octave-3. 31649 root memREG3,336728 7211782 /home/buildd/build/chroot-unstable/usr/lib/libamd.so.3.2.0 octave-3. 31649 root memREG3,339964 7211784 /home/buildd/build/chroot-unstable/usr/lib/libcamd.so.3.2.0 octave-3. 31649 root memREG3,327812 7211337 /home/buildd/build/chroot-unstable/usr/lib/libcolamd.so.3.2.0 octave-3. 31649 root memREG3,3 1061832 7211791 /home/buildd/build/chroot-unstable/usr/lib/libcholmod.so.3.2.0 octave-3. 31649 root memREG3,346884 7211786 /home/buildd/build/chroot-unstable/usr/lib/libccolamd.so.3.2.0 octave-3. 31649 root memREG3,3 221492 7211790 /home/buildd/build/chroot-unstable/usr/lib/libcxsparse.so.3.2.0 octave-3. 31649 root memREG3,3 8033160 7211541 /home/buildd/build/chroot-unstable/usr/lib/liblapack.so.3gf.0 octave-3. 31649 root memREG3,3 527232 7211330 /home/buildd/build/chroot-unstable/usr/lib/libblas.so.3gf.0 octave-3. 31649 root memREG3,3 1066408 7211345 /home/buildd/build/chroot-unstable/usr/lib/libfftw3.so.3.1.2 octave-3. 31649 root memREG3,3 250296 7210890 /home/buildd/build/chroot-unstable/lib/libreadline.so.5.2 octave-3. 31649 root memREG3,3 241512 7209174 /home/buildd/build/chroot-unstable/lib/libncurses.so.5.7 octave-3. 31649 root memREG3,314724 7209595 /home/buildd/build/chroot-unstable/lib/libdl-2.9.so octave-3. 31649 root memREG3,3 1415620 7211433 /home/buildd/build/chroot-unstable/usr/lib/libhdf5-1.6.6.so.0.0.0 octave-3. 31649 root memREG3,389416 1736737 /home/buildd/build/chroot-unstable/usr/lib/libz.so.1.2.3.3 octave-3. 31649 root memREG3,3 665872 7211293 /home/buildd/build/chroot-unstable/usr/lib/libgfortran.so.3.0.0 octave-3. 31649 root memREG3,3 553844 7209604 /home/buildd/build/chroot-unstable/lib/libm-2.9.so octave-3. 31649 root memREG3,3 1090436 1736714 /home/buildd/build/chroot-unstable/usr/lib/libstdc++.so.6.0.10 octave-3. 31649 root memREG3,3 218328 7209761 /home/buildd/build/chroot-unstable/lib/libgcc_s.so.1 octave-3. 31649 root memREG3,3 1568808 7209591 /home/buildd/build/chroot-unstable/lib/libc-2.9.so octave-3. 31649 root memREG3,3 130055 7209787 /home/buildd/build/chroot-unstable/lib/libpthread-2.9.so octave-3. 31649 root memREG3,336452 7209767 /home/buildd/build/chroot-unstable/lib/libnss_compat-2.9.so octave-3. 31649 root memREG3,398092 7209652 /home/buildd/build/chroot-unstable/lib/libnsl-2.9.so octave-3. 31649 root memREG3,349184 7209775 /home/buildd/build/chroot-unstable/lib/libnss_nis-2.9.so octave-3. 31649 root memREG3,353572 7209771 /home/buildd/build/chroot-unstable/lib/libnss_files-2.9.so octave-3. 31649 root0u CHR 136,24 /dev/pts/2 octave-3. 31649 root1u CHR 136,24 /dev/pts/2 octave-3. 31649 root2u CHR 136,24 /dev/pts/2 Not much new information there, I'm afraid. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#524745: Postinst seems to run forever on mipsel
This one time, at band camp, Rafael Laboissiere said: > * Martin Zobel-Helas [2009-04-23 13:17]: > > > On Thu Apr 23, 2009 at 12:07:58 +0200, Rafael Laboissiere wrote: > > > > > I am simply lost here and have no idea on how I can debug this random > > > bug. > > > > As soon as i have that bug again on the buildd, i will inform you, so > > wen can debug together. > > Thanks. We currently have another process wedged on mayer.debian.org: ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 ioctl(0, TIOCNXCL Process 31649 detached sg...@mayer:~$ sudo ls -l /proc/31649/fd total 0 lrwx-- 1 root root 64 2009-04-26 17:41 0 -> /dev/pts/2 lrwx-- 1 root root 64 2009-04-26 17:41 1 -> /dev/pts/2 lrwx-- 1 root root 64 2009-04-26 17:41 2 -> /dev/pts/2 I assume this will be some problem with debconf and file descriptors? Let me or zobel know when I can kill this, as it's using lots of cpu for no good reason. Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#525483: [Pkg-clamav-devel] Bug#525483: clamav in lenny segfaults after freshclam update
On Fri, Apr 24, 2009 at 07:21:04PM -0400, Brett Dikeman said: > On Fri, Apr 24, 2009 at 6:12 PM, Stephen Gran wrote: > > > It would have been great if you had used reportbug to send this report, > > as it would have saved several roundtrips asking for information. Can > > you reportbug -M clamav, and then just send the information the scripts > > place in the bug report to this report? Copy and paste into a mail from > > gmail will be fine, I just care about the information. > > What "several roundtrips"? It's not the end of the world, just a time waster. We're now 3 or 4 mails into the report, and I haven't seen the one thing that probably matters most: ls -l /var/lib/clamav This is done automatically by the report script, which was why I asked you to send the whole output. Also, can you please keep the bug report in the cc? Cheers, -- ---------- | Stephen Gran | It was a JOKE!! Get it?? I was| | st...@lobefin.net | receiving messages from DAVID | | http://www.lobefin.net/~steve | LETTERMAN!! YOW!! | -- signature.asc Description: Digital signature
Bug#525483: [Pkg-clamav-devel] Bug#525483: clamav in lenny segfaults after freshclam update
This one time, at band camp, Brett Dikeman said: > Package: clamav-daemon > Version: 0.94.dfsg.2-1lenny2 > Severity: grave > > Marked as grave severity because this bug causes the host in question > to stop delivering most email, and it is extremely reproducible (more > than once per day, in some cases.) It would have been great if you had used reportbug to send this report, as it would have saved several roundtrips asking for information. Can you reportbug -M clamav, and then just send the information the scripts place in the bug report to this report? Copy and paste into a mail from gmail will be fine, I just care about the information. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#524745: [Pkg-octave-devel] Bug#524745: Postinst seems to run forever on mipsel
This one time, at band camp, Rafael Laboissiere said: > * Martin Zobel-Helas [2009-04-21 21:17]: > > > here some more infos: > > > > 21029 ?S 0:00 \_ sh -c /usr/bin/sudo /usr/bin/apt-get > > --purge -o > > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status > > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o DPkg::R > > 21030 ?S 0:03 \_ /usr/bin/apt-get --purge -o > > Dir::State::status=/home/buildd/build/chroot-unstable/var/lib/dpkg/status > > -o DPkg::Options::=--root=/home/buildd/build/chroot-unstable -o > > DPkg::Run-Directory=/ho > > 22519 pts/0Ss+0:00 \_ /usr/bin/dpkg > > --root=/home/buildd/build/chroot-unstable --force-confold --status-fd 14 > > --configure libmagic1 file gettext-base libkeyutils1 libkrb5support0 > > libk5crypto3 libkrb5-3 libgss > > 23967 pts/0S+ 0:00 \_ /bin/sh -e > > /var/lib/dpkg/info/octave3.0.postinst configure > > 23976 pts/0R+ 1987:42 \_ octave-3.0.5 --silent > > --no-history --no-init-file --eval pkg ('rebuild'); > > > > strace -p 23976 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > ioctl(0, TIOCNXCL, {0x1000 /* B??? */ -opost -isig -icanon echo ...}) = 0 > > [...] runs infitive > > Thanks for the info. Is the hanging due to some file Octave is trying to > open/read/close? Could you please run lsof on the octave-3.0.5 process > and post the results? In the case above, it would be: > > lsof -p 23976 The process has been killed, so we no longer have that information for you. -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#519684: tracker: Linked with OpenSSL, seems to be a GPL violation
This one time, at band camp, Adrian Bunk said: > On Sat, Mar 14, 2009 at 12:40:19PM +0100, Michael Biebl wrote: > > > > Tracker itself does not link against libssl. Problems seems to be, that it > > uses > > libraptor, which itself uses libcurl3, that then pulls libssl. > > > > I don't see, how I can do something about that within the tracker package. > > FWIW, > > the tracker debian package has no dependency on libssl. > > > > Could you clarify, where you see the license violation. > > OpenSSL has a not GPL compatible licence, and tracker is a GPLed program > that is (through intermediate libraries) linked with OpenSSL. Another way to ask the question is: Since the package linking to libssl is out of the control of the tracker maintainer, in what way is this helpful? Shouldn't the report go against that library? Cheers, -- ----- | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#516825: dvdbackup - FTBFS: error: 'dvd_stat_t' undeclared
This one time, at band camp, Adeodato Simó said: > * Stephen Gran [Mon, 02 Mar 2009 22:26:51 +]: > > > This one time, at band camp, Adeodato Simó said: > > > * Benjamin Drung [Mon, 02 Mar 2009 01:40:26 +0100]: > > > > > libdvdread 4.1.3-4 is now in Debian unstable. dvdbackup 0.2-2 builds now > > > > without changes. Could someone trigger a binNMU? > > > > Done, thanks for the heads-up. Could you close the bug once it's built > > > everywhere? TIA. > > > It's built everywhere but alpha and sparc now, but it looks like I didn't > > realize that the dep-wait should have been more specific. It needs to > > be built against 4.1.3-4 or higher (or < 4). This sounds to me like > > the right things might be a sourceful upload? > > Hm, a sourceful upload of what? I'm afraid I'm not getting it. If a > library has a bug which makes other packages FTBFS, then these packages > wait to get rebuilt once a fixed library is available. > > No? I'm not sure, which is why I was asking. I can see two arguments - one that we should just move on from the broken version(s) of the library, and another that the packaging should be made robust enough that it doesn't try to accidentally build against a known broken version of the library (i.e., fixing Build-Depends to be more strictly versioned). Both arguments make sense to me, but I'll leave it up to RMs to decide which is better for the archive. Cheers, -- - | ,''`.Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#516825: dvdbackup - FTBFS: error: 'dvd_stat_t' undeclared
This one time, at band camp, Adeodato Simó said: > * Benjamin Drung [Mon, 02 Mar 2009 01:40:26 +0100]: > > > libdvdread 4.1.3-4 is now in Debian unstable. dvdbackup 0.2-2 builds now > > without changes. Could someone trigger a binNMU? > > Done, thanks for the heads-up. Could you close the bug once it's built > everywhere? TIA. It's built everywhere but alpha and sparc now, but it looks like I didn't realize that the dep-wait should have been more specific. It needs to be built against 4.1.3-4 or higher (or < 4). This sounds to me like the right things might be a sourceful upload? Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#512776: status with upstream
tags 512776 +upstream tags 512776 +forwarded clamav-de...@lists.clamav.net thanks http://lurker.clamav.net/thread/20090127.134314.108bdbc6.en.html Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#391203: net-snmp: diff to make upgrades and stops/starts slightly more robust
tags 453123 +patch tags 391203 +patch thanks Hi there, The attached patch should fix the issues with hangs in postinst, and while I was there, I made restart have the same behavior as stop + start, which seemed like the right thing to do - it's slightly orthogonal, so feel free to drop that part of the patch if it's not interesting. Cheers, -- - | ,''`. Stephen Gran | | : :' :sg...@debian.org | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u net-snmp-5.4.1~dfsg/debian/snmpd.init net-snmp-5.4.1~dfsg/debian/snmpd.init --- net-snmp-5.4.1~dfsg/debian/snmpd.init +++ net-snmp-5.4.1~dfsg/debian/snmpd.init @@ -66,13 +66,15 @@ # Allow the daemons time to exit completely. sleep 2 if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf ]; then - start-stop-daemon --quiet --start --exec /usr/sbin/snmpd -- $SNMPDOPTS + start-stop-daemon --quiet --start --oknodo --exec /usr/sbin/snmpd \ +-- $SNMPDOPTS echo -n " snmpd" fi if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf ]; then # Allow snmpd time to start up. sleep 1 - start-stop-daemon --quiet --start --exec /usr/sbin/snmptrapd -- $TRAPDOPTS + start-stop-daemon --quiet --start --oknodo --exec /usr/sbin/snmptrapd \ +-- $TRAPDOPTS echo -n " snmptrapd" fi echo "." diff -u net-snmp-5.4.1~dfsg/debian/changelog net-snmp-5.4.1~dfsg/debian/changelog --- net-snmp-5.4.1~dfsg/debian/changelog +++ net-snmp-5.4.1~dfsg/debian/changelog @@ -1,3 +1,11 @@ +net-snmp (5.4.1~dfsg-12.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix hang in postinst by removing noop debconf usafe (closes: #453123, +#391203) + + -- Stephen Gran Sat, 03 Jan 2009 14:20:24 + + net-snmp (5.4.1~dfsg-12) unstable; urgency=high * Urgency high because of RC bug fix. diff -u net-snmp-5.4.1~dfsg/debian/snmpd.postinst net-snmp-5.4.1~dfsg/debian/snmpd.postinst --- net-snmp-5.4.1~dfsg/debian/snmpd.postinst +++ net-snmp-5.4.1~dfsg/debian/snmpd.postinst @@ -7,9 +7,6 @@ chown -R snmp /var/lib/snmp fi -. /usr/share/debconf/confmodule -db_version 2.0 - #DEBHELPER# exit 0
Bug#507836: dpkg: Dpkg -reconfigure xserver -xorg is broken
reassign 507836 xserver-xorg severity 507836 important thanks This one time, at band camp, Saist said: > Package: dpkg Your report has to do with the xserver-xorg package, not the dpkg package. The xserver-xorg package is also clearly not unusable, despite your anger. Reassigning and adjusting the bug severity. I am not involved in either dpkg or xserver-xorg maintenance - save any rants you may have for someone else, please. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#506042: AGPL freeness bugs until #495721 is resolved
This one time, at band camp, MJ Ray said: > I don't feel that's a comparable problem. It would be reasonable to > track modBSD-license advocates requesting removal of the advertising > clauses with wishlist bugs, wouldn't it? No. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#505796: Patch
This one time, at band camp, Michael Meskes said: > Here's the patch I plan to upload tomorrow unless someone objects. The only minor quibble I can find to say is that the user.group syntax is deprecated in favor of the user:group syntax. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496389: 4 more files to be fixed
This one time, at band camp, Pavol Rusnak said: > According to bugreport 5 files should be fixed and only one is fixed. > I'm attaching patch that fixes another 4 in similar fashion. Ah, fair enough. Somehow I missed them in the initial review, possibly because none f them were mentioned :/ Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#498936: php-clamavlib: should this package be removed?
reassign 498936 ftp.debian.org severity 498936 normal retitile 498936 RM: php-clamavlib -- RoM: dead upstream thanks This one time, at band camp, Jonas Genannt said: > Hello, > > > There have been no maintainer uploads for about a year. The last 3 > > uploads were NMUs, and we're at the stage where fixing the FTBFS > > currently open will just be another NMU. I hate to see an > > unmaintained package release with lenny, especially one that links to > > a library we know will have security issues during the life of lenny. > > this package should removed from debian. Upstream is dead. The homepage > about phpclamavlib (http://phpclamavlib.org) is also dead. Ok, copying -release on this. I'll take care of reassigning to ftp-master for removal from unstable. Thanks for the follow-up. RMs, I think it's probably a good idea to remove it from lenny. Cheers all, -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#499120: Fwd: freeradius has indirectly linked against openssl for years
severity 499120 important thanks This one time, at band camp, Michael Casadevall said: > > During the debugging of a FTBFS in freeradius on Ubuntu, I've > determined that both on Debian and Ubuntu that freeradius has been > indirectly linking to openssl via libsnmp. Looking at libsnmp's > changelog its been linking to openssl since 2005 if not earlier. > > While freeradius does have sanity checks to determine if it is being > linked against openssl, since libsnmp didn't declare -lcrypto in its > pkgconfig file, neither the lintian openssl check, nor the one in > freeradius were triggered. It is my impression that anything that is > linked to openssl, even if indirectly is still subject to its licensing > terms due the GPL requirement that all modules its linked to, either > directly or indirectly must meet be license-compatible with the GPL. > > Since libsnmp is linked openssl, and freeradius includes snmp, > its subject to this licensing term, and thus has a license violation > in Debian. As an addition note, net-snmp's copyright file is missing > said clause as well, so a seperate bug has been filed against it. > > I've looked into the possibility of using gnutls with net-snmp, but as > far as I can tell, there is no support for it, so it would require > porting to remove its openssl dependency, or the net-snmp package would > have to be split into ssl and non-ssl versions, and then freeradius > linked against the non-ssl version. I see this has gone without an answer for an unfortunate amount of time, and for that I'm sorry. I have never been convinced by the arguments about indirect linking, myself, but I'm not sure that this bug report is the right forum to rehash all the arguments we probably both know very well. For what it's worth, I've spoken with ftp-master in the past and gotten an explicit go ahead for this sort of thing (specifically, to build the postgres module for freeradius, which has a similar problem). I am going to downgrade the bug for now, but not close it, until I speak with ftp-master again. Cheers, -- --------- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#499105: [Adduser-devel] Bug#499105: Confirmation
This one time, at band camp, Joerg Hoh said: > On Tue, Sep 16, 2008 at 03:01:35PM +0100, [EMAIL PROTECTED] wrote: > > I can confirm that this still happens in lenny's latest version of adduser: > > adduser/testing uptodate 3.110 > > I used the follwing commands and I wasn't able to verify it (adduser > 3.110). Can you elaborate on how you tested the described behaviour? > > [EMAIL PROTECTED] adduser $ sudo adduser root games > [EMAIL PROTECTED] adduser $ sudo addgroup --force-badname foo > [EMAIL PROTECTED] adduser $ sudo adduser joerg foo I thought the sequence that matters would be: sudo addgroup foo sudo adduser root foo sudo adduser joerg foo id root But maybe I misread it. I think, without having the time to look carefully at it this minute, that this will be another 0/NULL conflation in the code that checks whether a uid is non-zero instead of checking whether it exists. Since we don't use that code in the new version, I think it's fine, and we should tag this appropriately and close it, but I'd like confirmation before doing so. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#498936: php-clamavlib: should this package be removed?
Package: php-clamavlib Severity: serious There have been no maintainer uploads for about a year. The last 3 uploads were NMUs, and we're at the stage where fixing the FTBFS currently open will just be another NMU. I hate to see an unmaintained package release with lenny, especially one that links to a library we know will have security issues during the life of lenny. Cheers, -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#496906: mutt is downloading all messages three times while using IMAP
severity 496906 important thanks This one time, at band camp, Michelle Konzack said: > Package: mutt > Version: 1.5.13-1.1etch1 > Severity: grave Don't be silly. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Patrick Winnertz said: > Thanks Stephen, > > > tmpfile=$(mktemp /tmp/iozone.XX) > I know that this way it is possible. But as the user should find the log > afterwards I would prefer to use /tmp/iozone.log or something else, nothing > random. > But as I wrote in my previous email I don't have a idea how to fix this > without > using mktemp. You can echo what file to look at. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496371: [Pkg-lustre-maintainers] Bug#496371: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Patrick Winnertz said: > I guess the part which is critical is this one: tmpfile=$(mktemp /tmp/iozone.XX) > ---snip-- > while date; do > LOOP=`expr $LOOP + 1` > echo "Test #$LOOP" > iozone $VERIFY $ODIR -r $REC -i 0 -i 1 -f $FILE -s $SIZE 2>&1 || exit $? > [ -f endiozone -o $LOOP -ge $COUNT ] && rm -f endiozone && exit 0 > snap done | tee $tmpfile -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496362: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Thijs Kinkhorst said: > > Last, would a patch like the attached one would do? I'm all but good in > > Perl, so I might need help on that one. > > That would work indeed if you change the included module (and verify that > that > indeed also works, of course). http://git.debian.org/?p=collab-maint/freeradius.git;a=commitdiff;h=e741df7ca28c2d139d30573ca5e7e80b9cdc59c3 is the fix for a very similar bug in freeradius. It should at least get you started on the way to fixing your bug. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496375: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Julien Valroff said: > What can I do to prevent this? Dmitry suggested using mktemp, but > this would only *reduce* the probability of exploiting this race > condition. No, it pretty much eliminates it. mktemp is clever enough to give you a unique filename that doesn't currently exist and create the file before returning. Once mktemp has made the file, assuming correct permissions on /tmp, an attacker can't replace it with a symlink, so this is as safe as tempfile usage gets. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496418: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Dirk Eddelbuettel said: > > On 25 August 2008 at 01:43, Stephen Gran wrote: > | This one time, at band camp, Dirk Eddelbuettel said: > | > > | > This is the same as the one I just answered for r-base-core-ra as > | > r-base-core-ra is an extension/specialisation of r-base-core. > | > > | > So again: > | > > | > # test functionality of the compiler > | > javac_works='not present' > | > if test -n "$JAVAC"; then > | > javac_works='not functional' > | > rm -rf /tmp/A.java /tmp/A.class > | > echo "public class A { }" > /tmp/A.java > | > if test -e /tmp/A.java; then > | > if "${JAVAC}" /tmp/A.java >/dev/null; then > | > if test -e /tmp/A.class; then > | > javac_works=yes > | > fi > | > fi > | > fi > | > rm -rf /tmp/A.java /tmp/A.class > | > fi > | > > | > > | > rm just before file creation should prevent any symlink attack vectors, > no? > | > | No. > > Allright, so what is a better way? Use of tempfile(1) or mktemp(1) ? Yes, something like that would be better - the current approach leaves a small but exploitable race condition. I have no opinion on whether the race condition matters in practice, of course, but my gut says that the extra effort to use safe coding practices is so small that it's probably worth it. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496418: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Dirk Eddelbuettel said: > > This is the same as the one I just answered for r-base-core-ra as > r-base-core-ra is an extension/specialisation of r-base-core. > > So again: > > # test functionality of the compiler > javac_works='not present' > if test -n "$JAVAC"; then > javac_works='not functional' > rm -rf /tmp/A.java /tmp/A.class > echo "public class A { }" > /tmp/A.java > if test -e /tmp/A.java; then > if "${JAVAC}" /tmp/A.java >/dev/null; then > if test -e /tmp/A.class; then > javac_works=yes > fi > fi > fi > rm -rf /tmp/A.java /tmp/A.class > fi > > > rm just before file creation should prevent any symlink attack vectors, no? No. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#496389: The possibility of attack with the help of symlinks in some Debian packages
This one time, at band camp, Dmitry E. Oboukhov said: > Hi, maintainer! > > This message about the error concerns a few packages at once. I've > tested all the packages (for Lenny) on my Debian mirror. All scripts > of packages (marked as executable) were tested. So, what is the error that is grave that I'm supposed to correct? -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#493437: libbot-basicbot-perl: FTBFS: Test failure
This one time, at band camp, Daniel Schepler said: > That test looks like a bad idea, anyway -- build processes shouldn't be > connecting to random servers and transmitting data from the local machine. Absolutely correct - I shouldn't upload new packages when I'm tired. Thanks for the heads up. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#422085: closed by Bastian Venthur <[EMAIL PROTECTED]> (Re: Bug#422085: bugscripts are executed, but content not put in email)
This one time, at band camp, Bastian Venthur said: > And please keep in mind that this only happens when the output of a > script is *very* large -- to large for the shell to handle -- like the > one from xserver-xorg, for the most other packages, everything should > work fine automatically and attaching a file is not needed. What does 'too large for the shell to handle' mean? Believe me, I've worked with the shell for quite a while now, and I have never seen a 'file too large' type error message since the bad old days when some filesystems didn't have LFS support. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#491559: munin-node: missing dependency on gawk
This one time, at band camp, Holger Levsen said: > Hi Stephen, > > On Sunday 20 July 2008 14:45, Stephen Gran wrote: > > Setting up munin-node (1.2.6-3) ... > > Initializing plugins..awk: not an option: --posix > > Hm. Do you also have munin-plugins-extra installed or just munin-node? un munin-plugins-extra (no description available) Apparently not. Grepping around, it appears to be the ip_ plugin. > > Please depend on gawk if you use it's features. > > will do :-/ Thanks! -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#491559: munin-node: missing dependency on gawk
Package: munin-node Version: 1.2.6-1 Severity: serious Setting up munin (1.2.6-3) ... Adding system user `munin' (UID 110) ... Adding new group `munin' (GID 110) ... Adding new user `munin' (UID 110) with group `munin' ... Not creating home directory `/var/lib/munin'. Setting up munin-node (1.2.6-3) ... Initializing plugins..awk: not an option: --posix Please depend on gawk if you use it's features. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25-2-686 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages munin-node depends on: ii adduser 3.108 add and remove users and groups ii libnet-server-perl0.97-1 An extensible, general perl server ii lsb-base 3.2-12 Linux Standard Base 3.2 init scrip ii perl 5.10.0-10 Larry Wall's Practical Extraction ii procps1:3.2.7-8 /proc file system utilities Versions of packages munin-node recommends: ii libnet-snmp-perl 5.2.0-1Script SNMP connections -- no debconf information -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490925: CVE-2008-2713: DoS
This one time, at band camp, Nico Golde said: > Hi Stephen, > * Stephen Gran <[EMAIL PROTECTED]> [2008-07-16 16:39]: > > Just a note for the bug report - I'm a little busy right now with job > > hunting and interviewing and so forth. If someone wants to NMU either a > > fixed version or the new upstream, that's fine with me. > > a debdiff for an NMU is attached and archived on: > > http://people.debian.org/~nion/nmu-diff/clamav-0.93.1.dfsg-1_0.93.1.dfsg-1.1.patch Looks great, thanks. > Note that I noticed that there is an infrastructure for > dpatch but you removed dpatch a few uploads ago and I didn't > want to reintroduce it for the security upload and thus I > patched the source code directly. I'm keeping the tree in git these says, so having a patch system on top of an RCS system seemed redundant, somehow. I'll push this into my tree, thanks. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490925: CVE-2008-2713: DoS
Just a note for the bug report - I'm a little busy right now with job hunting and interviewing and so forth. If someone wants to NMU either a fixed version or the new upstream, that's fine with me. Thanks, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490925: CVE-2008-2713: DoS
This one time, at band camp, Steffen Joeris said: > On Tue, 15 Jul 2008 10:21:51 pm Stephen Gran wrote: > > This one time, at band camp, Steffen Joeris said: > Neither the stable-security upload, nor the testing-security upload address > the new report. Also, I cannot see that the unstable version fixes it. > I haven't checked volatile. > Please check the email and upstream commit I pointed to in the first email > and > bare in mind that the original upstream fix was incomplete. Ah, I see now - there was one issue with exactly the same wording that is fixed, but this is a related issue not yet fixed, and so had wording that applied badly, confusing me. I read the description and the 'before 0.93.1' and said, "oh, I know this one - I uploaded fixed versions already". Sorry for any confusion. Will look at it tonight. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490925: CVE-2008-2713: DoS
close 490925 0.90.1dfsg-3etch12 close 490925 0.93.1.dfsg-volatile1 close 490925 0.93.1.dfsg-1 thanks This one time, at band camp, Steffen Joeris said: > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for clamav. > > CVE-2008-2713[0]: > | libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to > | cause a denial of service via a crafted Petite file that triggers an > | out-of-bounds read. > > If you fix the vulnerability please also make sure to include the > CVE id in your changelog entry. > > The DTSA released for this issue seems to have been incomplete. Please > see this mail[1] and the additional upstream commit[2]. This has been uploaded for a while. Thanks for the report. I don't know where the security upload has gone, the upload file says: 2008-06-16 23:22 clamav_0.90.1dfsg-3etch12_i386.upload So it's been uploaded for quite a while, but I don't see it on the mirrors. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490883: openssh-server: logs some keys to /var/log/auth.log which is world readabl
tags 490883 -security severity 490883 normal thanks This one time, at band camp, Witold Baryluk said: > (orginal key removed) > > Jul 13 15:55:34 tytus sshd[24909]: error: key_read: uudecode > B3NzaC1 > XXXRvB4h==\n failed > Jul 13 15:55:36 tytus sshd[24909]: Accepted password for johnybravo from > 10.0.1.1 port > 49186 ssh2 > > Ok, key have error, but it is probably one letter, or some whitespaces. > Ok, it is public key, but sshd shouldn't log it anyway. -rw-r- 1 root adm 34858 2008-07-15 00:17 /var/log/auth.log If your auth.log is world readable, something is wrong on your system. auth.log is designed exactly for information like this, and is designed to be relatively secret on purpose. Given that, I'm not convinced this is actually a bug at all, but I'll leave that decision to the maintainers - I'm just going to lower the severity. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#490531: master.debian.org rbl check is misconfigured.
This one time, at band camp, Stephen Gran said: > I'd appreciate it if you could let me know who you were mailing. Never mind - I got it from LDAP. This appears to only affect one user, so I'll just get it fixed manually. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#490531: master.debian.org rbl check is misconfigured.
This one time, at band camp, Rob Andrews said: > E-mail to master.debian.org is being rejected because it's performing > RBL checks on the wrong RBL server. > > zen.spamhaus.net is DEPRECATED and lookups should be made on > zen.spamhaus.org. See http://www.spamhaus.org/zen/ for the address. > > The result when sending mail to debian.org email addresses is: > > [EMAIL PROTECTED] > SMTP error from remote mail server after RCPT TO:<[EMAIL PROTECTED]>: > host master.debian.org [70.103.162.29]: 550-host xx.xx.xx.xx is listed in > zen.spamhaus.net; see SPAM FILTER IS WRONGLY > 550 CONFIGURED Debian's mail config does not do RBL lookups by default - they are only turned on manually by DDs when they ask for them specifically. Since you have elided the localpart, I can't talk to the affected person to tell them what's going on. I'd appreciate it if you could let me know who you were mailing. Thanks, -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#486441: fails to start on fresh install, aborts postinst
This one time, at band camp, martin f krafft said: > also sprach Alberto Gonzalez Iniesta <[EMAIL PROTECTED]> [2008.06.16.1241 > +0200]: > > The init.d script was modified to use LSB functions in the last upload. > > But that shouldn't break it. Could you run the script with '-x'. > > Note that I told openvpn to restart itself on upgrades. > > case "$1" in > start) > log_daemon_msg "Starting $DESC." > > # autostart VPNs > if test -z "$2" ; then > # check if automatic startup is disabled by AUTOSTART=none > if test "x$AUTOSTART" = "xnone" -o -z "$AUTOSTART" ; then > log_failure_msg " Autostart disabled." > exit 0 > fi > if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then > # all VPNs shall be started automatically > for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do > NAME=${CONFIG%%.conf} > start_vpn > done > fi > fi > log_end_msg $STATUS > + ls *.conf > + log_end_msg > + [ -z ] > + return 1 > invoke-rc.d: initscript openvpn, action "start" failed. It looks like you need to initialize $STATUS to 0 in that code path (or use the return from start_vpn, or whatever) -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#484670: clamav: clamscan fails to detect malware when using external archivers due to the filetype detection code
severity 484670 normal thanks This one time, at band camp, Torsten Jerzembeck said: > Severity: grave > Justification: renders package unusable Really, calm down. > When using external archivers to process files, clamscan fails to > detect malware in many cases. This is due to the fact that the filetype > detection code (clamscan/manager.c lines 708 ff.) matches the filename > against a hardcoded list of extensions (e.g. ".zip", ".rar", ".arj" > etc.). The external archiver is only called if the filename matches the > extension. > > This obviously breaks the detection in cases where the filename doesn't > contain the required extension. Most cases of self-extracting archives > use ".exe" as a extension and thus aren't recognized at all. This > creates a huge gap ("wide open barndoor" would be the precise term, I > think), as very many cases of Windows malware come in the form of > self-extracting archives. Also, this breaks in cases where suspicious > files are scanned in a quarantine, using the MD5 sum as a filename. What gives you the impression that .exe files aren't scanned? > Libclamav already contains code to recognize the file format > independently of a filetype extension (libclamav/scanners.c, lines 1554 > ff., function cli_scanraw). This could/should be used to detect the > filetype when deciding whether to call an external archiver to process a > file. If clamscan doesn't use an external unpacker, it falls back to the internal one, which is by and large good enough (for everything but rar, as you note). > This bug has also been opened in the upstream bugzilla > (<https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1051>). However, > Debian is affected more than other distributions due to the fact that > clamscan on Debian relies on an external unrar in order to scan RAR > archives (because of the licensing issues). This bug means that > self-extracting RAR archives ARE NOT SCANNED correctly on Debian > systems. Many forms of (especially Windows) malware spread as > self-extracting RAR archives and ARE NOT DETECTED by Debian clamav > installations. THERE IS NO NEED TO SHOUT. The issue about rar files is true. Whether it's a bug in the package or not is debatable, as it's certainly done on purpose by me with every upload, and not some accident or bad code path. I'll see if upstream is interested in calling their native filetype routines and add that to the list for choosing an external unpacker. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#482380: /usr/sbin/dpkg-statoverride: --add needs four arguments
This one time, at band camp, Michael Prokop said: > Package: freeradius > Version: 2.0.4+dfsg-2 > Severity: grave > Justification: renders package unusable > > > [...] > Setting up freeradius-common (2.0.4+dfsg-2) ... > Adding user freerad to group shadow > Setting up freeradius (2.0.4+dfsg-2) ... > /usr/sbin/dpkg-statoverride: --add needs four arguments Oh damn. Upload coming up. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#482085: freeradius leaves /var/log/freeradius world readable with world readable files in it
This one time, at band camp, Harhalakis Stefanos said: > By default freeradius leaves /var/log/freeradius with permissions 755. > Enabling sqltrace will result in a world-readable sqltrace in this, > possibly containing cleartext passwords. Agg! Sorry, my brain is clearly not engaged. I read the initial report as being about freshclam, not freeradius, and I couldn't figure out what you were talking about. That was really less than helpful of me, and I'm sorry. Right, I'll take a look at it. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#482085: freeradius leaves /var/log/freeradius world readable with world readable files in it
severity 482085 normal tags 482085 -security thanks This one time, at band camp, Harhalakis Stefanos said: > Justification: user security hole That's perhaps an exageration. > By default freeradius leaves /var/log/freeradius with permissions 755. > Enabling sqltrace will result in a world-readable sqltrace in this, > possibly containing cleartext passwords. Enabling sqltrace? What is sqltrace? It's certainly not part of the clamav suite. It also doesn't appear to be a package in Debian. Under normal use, none of the logfiles contain anything sensitive. Maybe you can explain how, under your particular setup, the logs came to contain something sensitive and why this configuration should be a supported configuration? Thanks, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#481406: freeradius: file conflict with freeradius-common
This one time, at band camp, brian m. carlson said: > Preparing to replace freeradius 2.0.3-1 (using > .../freeradius_2.0.4-2_amd64.deb) ... > Unpacking replacement freeradius ... > dpkg: error processing /var/cache/apt/archives/freeradius_2.0.4-2_amd64.deb > (--unpack): > trying to overwrite `/usr/share/man/man1/radtest.1.gz', which is also in > package freeradius-common > > Trying the installation again doesn't help, as it sometimes does when > this happens. Also, packages.d.o shows these as overlapping. Huh. I wonder how my testing missed this. Well, thanks for catching it - will upload a fix shortly. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#480682: freeradius-{common,utils} should conflict with other radius-server packages
This one time, at band camp, Ralf Treinen said: > > freeradius-utils and freeradius-tools have common files with other > freeradius servers: radiusd-livingston, xtradius, yardradius. Thanks for the report. Fixed locally, upload will come soon. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#479891: Bug#479885: php-clamavlib: FTBFS: clamav.c:164: error: 'struct cl_limits' has no member named 'maxratio'
This one time, at band camp, Lucas Nussbaum said: > Package: php-clamavlib > > /build/user/php-clamavlib-0.13/clamav.c:164: error: 'struct cl_limits' has no > member named 'maxratio' This one time, at band camp, Lucas Nussbaum said: > Package: havp > > clamlibscanner.cpp:198: error: 'struct cl_limits' has no member named > 'maxratio' This one time, at band camp, Lucas Nussbaum said: > Package: gurlchecker > > ucclam.c:37: error: 'struct cl_limits' has no member named 'maxratio' This one time, at band camp, Lucas Nussbaum said: > Package: avscan > > avscanop.c:534: error: 'struct cl_limits' has no member named 'maxratio' These are all as expected. libclamav recently changed soname. Thanks for picking them up, Lucas. I tried to warn all of you ahead of time, but I didn't hear anything back. If you need help porting your application to work with the new API, let me know and I'll see what I can do. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#478581: pycallgraph: fails to catch normal exception
Package: python-pycallgraph Version: 0.4.0-1 Severity: grave (after fixing the dos line endings): [EMAIL PROTECTED]:~$ python /usr/bin/pycallgraph-dot /usr/bin/pycallgraph-dot foo.dot Traceback (most recent call last): File "/usr/bin/pycallgraph-dot", line 111, in ? execfile(args[0]) File "/usr/bin/pycallgraph-dot", line 109, in ? time_filter_func=time_filter_func, File "/var/lib/python-support/python2.4/pycallgraph.py", line 177, in start_trace reset_trace() File "/var/lib/python-support/python2.4/pycallgraph.py", line 110, in reset_trace call_stack_timer = [] File "/var/lib/python-support/python2.4/pycallgraph.py", line 279, in tracer t = call_stack_timer.pop(-1) IndexError: pop from empty list You can fix this by examining the set before calling pop, or catching the IndexError exception, or several other ways. I'm not sure off hand which would be most appropriate for this program. 2 bugs on this program like this make it fairly clear it was never really tested (I know bad bugs happen, but these prevent the program from even starting as packaged). Should this package be in Debian with these sorts of issues? -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages python-pycallgraph depends on: ii graphviz 2.18-1 rich set of graph drawing tools ii python2.4.4-6An interactive high-level object-o ii python-support0.7.7 automated rebuilding support for P python-pycallgraph recommends no packages. -- no debconf information -- --------- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#476694: clamav: CVE-2008-1833 integer overflow leading to heap overflow via crafted wwpack compressed pe binary
This one time, at band camp, Nico Golde said: > Happens, stable should be unfixed as well cause I used the > stable diff to check for changes. Stable is fixed - the code is quite different but had a conceptually similar failure to check bounds. Look at 41.pe.c.wwpack.overflow.dpatch in the source for how it was fixed for stable/security. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#476694: clamav: CVE-2008-1833 integer overflow leading to heap overflow via crafted wwpack compressed pe binary
This one time, at band camp, Nico Golde said: > Hi Moritz, > * Moritz Muehlenhoff <[EMAIL PROTECTED]> [2008-04-18 16:09]: > > > > Already fixed in etch and unstable (it's the issue referenced as not > > yet having a CVE ID in the DSA). > > Are you sure? Looking at the source code from the unstable > version I still see the affected lines of code: > > if((DCONF & PE_CONF_WWPACK) && nsections > 1 && >exe_sections[nsections-1].raw>0x2b1 && >vep == exe_sections[nsections - 1].rva && >exe_sections[nsections - 1].rva + exe_sections[nsections - 1].rsz == > max && >memcmp(epbuff, "\x53\x55\x8b\xe8\x33\xdb\xeb", 7) == 0 && >memcmp(epbuff+0x68, > "\xe8\x00\x00\x00\x00\x58\x2d\x6d\x00\x00\x00\x50\x60\x33\xc9\x50\x58\x50\x50", > 19) == 0) { > uint32_t headsize=exe_sections[nsections - 1].raw; > char *dest, *wwp; > > for(i = 0 ; i < (unsigned int)nsections-1; i++) > if (exe_sections[i].raw > dsize = max-min+headsize-exe_sections[nsections - 1].rsz; > > CLI_UNPSIZELIMITS("WWPack", dsize); > > if((dest = (char *) cli_calloc(dsize, sizeof(char))) == NULL) { > > How was this fixed? Arg - you may be right - I see the upack vulnerability fixed in unstable, but it looks like I may not have gotten the wwpack vulnerability in the patch. Sorry - this week has been really bad for me (I have guests staying and I'm really busy at work, so my concentration is a bit shot). It looks like I may also have missed it for volatile. Damn. This appears to be the patch in question: http://git.debian.org/?p=users/sgran/clamav-devel.git;a=commitdiff;h=65f47ca3711e1bc99970c5eabc0a0598dcd46f26#patch43 I'll apply the patch here, but I'm unlikely to be able to upload to unstable before Monday night - I'm off for a disconnected weekend in 2 hours, and I'm still at work. Feel free to NMU, if you like. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#476694: clamav: CVE-2008-1833 integer overflow leading to heap overflow via crafted wwpack compressed pe binary
close 476694 0.92.1~dfsg2-1 close 476694 0.92.1~dfsg-1volatile2 close 476694 0.90.1dfsg-3etch11 thanks This one time, at band camp, Nico Golde said: > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for clamav. > > > CVE-2008-1833[0]: > | Heap-based buffer overflow in libclamav in ClamAV 0.92.1 allows remote > | attackers to execute arbitrary code via a crafted WWPack compressed PE > | binary. > > If you fix the vulnerability please also make sure to include the > CVE id in your changelog entry. Fix already uploaded. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#475057: libid3-3.8.3-dev: binaries missing!
close 475057 3.8.3-7.2 This one time, at band camp, Peter De Wachter said: > Package: libid3-3.8.3-dev > Version: 3.8.3-7.1 > Severity: serious > > The binaries normally shipped in libid3-3.8.3-dev (id3info, id3tag, > etc) have gone missing. Looks like something went wrong with the > debhelper conversion? This is fixed in .2. Sorry about the inconvenience. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#474987: id3lib3.8.3: diff for NMU version 3.8.3-7.2
tags 474987 + patch thanks Hi, Attached is the diff for my id3lib3.8.3 3.8.3-7.2 NMU. This fixes me dropping some files from the package - sorry about that. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u id3lib3.8.3-3.8.3/debian/changelog id3lib3.8.3-3.8.3/debian/changelog --- id3lib3.8.3-3.8.3/debian/changelog +++ id3lib3.8.3-3.8.3/debian/changelog @@ -1,3 +1,10 @@ +id3lib3.8.3 (3.8.3-7.2) unstable; urgency=low + + * Non-maintainer upload. + * Fix some accidental dropping of files (closes: #474987) + + -- Stephen Gran <[EMAIL PROTECTED]> Tue, 08 Apr 2008 13:06:05 +0100 + id3lib3.8.3 (3.8.3-7.1) unstable; urgency=low * Non-maintainer upload. diff -u id3lib3.8.3-3.8.3/debian/rules id3lib3.8.3-3.8.3/debian/rules --- id3lib3.8.3-3.8.3/debian/rules +++ id3lib3.8.3-3.8.3/debian/rules @@ -69,14 +69,7 @@ # dh_testversion dh_testdir dh_testroot -# -# build libid3${major} package by moving files from libid3-dev -# - dh_movefiles -plibid3-3.8.3c2a \ - usr/lib/libid3-3.8.so.3 \ - usr/lib/libid3-3.8.so.3.0.0 - -# dh_installdebconf + dh_install --sourcedir=debian/tmp dh_installdocs dh_installexamples dh_installmenu @@ -84,7 +77,7 @@ # dh_installpam # dh_installinit dh_installcron - dh_installmanpages -plibid3-3.8.3-dev + dh_installman rm -rf debian/tmp/usr/share/man/man3 dh_installinfo # dh_undocumented reverted: --- id3lib3.8.3-3.8.3/debian/libid3-3.8.3c2.postinst +++ id3lib3.8.3-3.8.3.orig/debian/libid3-3.8.3c2.postinst @@ -1,7 +0,0 @@ -#!/bin/sh - -# Lintian can suck my #DEBHELPER# #... - -if [ "$1" = "configure" ]; then - ldconfig -fi only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/debian/libid3-3.8.3-dev.install +++ id3lib3.8.3-3.8.3/debian/libid3-3.8.3-dev.install @@ -0,0 +1,21 @@ +usr/include/id3/field.h +usr/include/id3/id3lib_frame.h +usr/include/id3/globals.h +usr/include/id3/misc_support.h +usr/include/id3/reader.h +usr/include/id3/readers.h +usr/include/id3/sized_types.h +usr/include/id3/tag.h +usr/include/id3/writer.h +usr/include/id3/writers.h +usr/include/id3/utils.h +usr/include/id3/id3lib_streams.h +usr/include/id3/id3lib_strings.h +usr/include/id3.h +usr/lib/libid3.so +usr/lib/libid3.a +usr/lib/libid3.la +usr/bin/id3info +usr/bin/id3convert +usr/bin/id3tag +usr/bin/id3cp only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/debian/libid3-3.8.3-dev.manpages +++ id3lib3.8.3-3.8.3/debian/libid3-3.8.3-dev.manpages @@ -0,0 +1,4 @@ +doc/man/id3cp.1 +doc/man/id3tag.1 +doc/man/id3convert.1 +doc/man/id3info.1 only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/debian/libid3-3.8.3c2a.install +++ id3lib3.8.3-3.8.3/debian/libid3-3.8.3c2a.install @@ -0,0 +1,2 @@ +usr/lib/libid3-3.8.so.3 +usr/lib/libid3-3.8.so.3.0.0 signature.asc Description: Digital signature
Bug#443561: gmime2.2: diff for NMU version 2.2.18-1.1
tags 443561 + patch thanks Hi, Attached is the diff for my gmime2.2 2.2.18-1.1 NMU. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - reverted: --- gmime2.2-2.2.18/debian/libgmime-2.0-2.install +++ gmime2.2-2.2.18.orig/debian/libgmime-2.0-2.install @@ -1 +0,0 @@ -usr/lib/libgmime-2.0.so.* diff -u gmime2.2-2.2.18/debian/changelog gmime2.2-2.2.18/debian/changelog --- gmime2.2-2.2.18/debian/changelog +++ gmime2.2-2.2.18/debian/changelog @@ -1,3 +1,11 @@ +gmime2.2 (2.2.18-1.1) unstable; urgency=low + + * Non-maintainer upload. + * Rename libgmime-2.0-2 to libgmime-2.0-2a to reflect ABI change +(closes: #443561) + + -- Stephen Gran <[EMAIL PROTECTED]> Sun, 06 Apr 2008 13:17:03 +0100 + gmime2.2 (2.2.18-1) unstable; urgency=low * New upstream release. diff -u gmime2.2-2.2.18/debian/control gmime2.2-2.2.18/debian/control --- gmime2.2-2.2.18/debian/control +++ gmime2.2-2.2.18/debian/control @@ -11,7 +11,7 @@ Package: libgmime-2.0-2-dev Architecture: any Section: libdevel -Depends: libgmime-2.0-2 (= ${binary:Version}), libc6-dev, libglib2.0-dev +Depends: libgmime-2.0-2a (= ${binary:Version}), libc6-dev, libglib2.0-dev Conflicts: libgmime-dev, libgmime1-dev, libgmime2-dev, libgmime2.1-dev Replaces: libgmime2-dev, libgmime2.1-dev Provides: libgmime2-dev, libgmime2.1-dev @@ -29,12 +29,12 @@ GMime is a set of utilities for parsing and creating messages using the Multipurpose Internet Mail Extension (MIME). -Package: libgmime-2.0-2 +Package: libgmime-2.0-2a Architecture: any Depends: ${shlibs:Depends} -Conflicts: libgmime2, libgmime2.1 -Replaces: libgmime2, libgmime2.1 -Provides: libgmime2, libgmime2.1 +Conflicts: libgmime2, libgmime2.1, libgmime-2.0-2 +Replaces: libgmime2, libgmime2.1, libgmime-2.0-2 +Provides: libgmime2, libgmime2.1, libgmime-2.0-2 Description: MIME library GMime is a set of utilities for parsing and creating messages using the Multipurpose Internet Mail Extension (MIME). only in patch2: unchanged: --- gmime2.2-2.2.18.orig/debian/libgmime-2.0-2a.install +++ gmime2.2-2.2.18/debian/libgmime-2.0-2a.install @@ -0,0 +1 @@ +usr/lib/libgmime-2.0.so.* signature.asc Description: Digital signature
Bug#471224: unreproducable
tags 471224 +unreproducible thanks Well, I've tried to reproduce this, and can't. What is getting set to 'p' in your environment, Waldi? -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#417437: mypasswordsafe: diff for NMU version 0.0.20050615-2.1
tags 417437 + patch thanks Hi, Attached is the diff for my mypasswordsafe 0.0.20050615-2.1 NMU. There's still some cleanup in the doc-base part of things, but I leave that to you for now. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u mypasswordsafe-0.0.20050615/src/safeserializer.cpp mypasswordsafe-0.0.20050615/src/safeserializer.cpp --- mypasswordsafe-0.0.20050615/src/safeserializer.cpp +++ mypasswordsafe-0.0.20050615/src/safeserializer.cpp @@ -22,6 +22,7 @@ #include "plaintextlizer.hpp" #include "serializers.hpp" #include "xmlserializer.hpp" +#include using namespace std; diff -u mypasswordsafe-0.0.20050615/Makefile mypasswordsafe-0.0.20050615/Makefile --- mypasswordsafe-0.0.20050615/Makefile +++ mypasswordsafe-0.0.20050615/Makefile @@ -54,10 +54,11 @@ config: src/config.h clean: MyPasswordSafe.mak - ${MAKE} -f $< clean + ${MAKE} -f $< distclean ${MAKE} -C uuid-1.0.0 clean rm $< - rm -r doc/api + rm -rf doc/api + rm -f locale/*.qm install: install -d $(PREFIX)/bin $(PREFIX)/share/MyPasswordSafe/locale \ diff -u mypasswordsafe-0.0.20050615/debian/rules mypasswordsafe-0.0.20050615/debian/rules --- mypasswordsafe-0.0.20050615/debian/rules +++ mypasswordsafe-0.0.20050615/debian/rules @@ -42,11 +42,14 @@ clean: dh_testdir dh_testroot - rm -f build-stamp configure-stamp # Add here commands to clean up after the build process. - -$(MAKE) clean - +ifeq (Makefile,$(wildcard Makefile)) + $(MAKE) clean +endif + + rm -f build-stamp configure-stamp uuid-1.0.0/config.status + rm -f uuid-1.0.0/config.log uuid-1.0.0/uuid-config uuid-1.0.0/Makefile uuid-1.0.0/libtool # The files below are automatically created by qmake in the clean rule # Remove them, otherwise the build breaks with rootcmd = sudo rm -rf .ui .moc .obj diff -u mypasswordsafe-0.0.20050615/debian/changelog mypasswordsafe-0.0.20050615/debian/changelog --- mypasswordsafe-0.0.20050615/debian/changelog +++ mypasswordsafe-0.0.20050615/debian/changelog @@ -1,3 +1,15 @@ +mypasswordsafe (0.0.20050615-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix FTBFS with gcc-4.3 (closes: #417437) + * Some lintian induced cleanup: +- Stop ignoring errors in clean target +- Remove a few more files in clean +- Move Homepage to control field + * Update Standards-Version (no changes) + + -- Stephen Gran <[EMAIL PROTECTED]> Sat, 05 Apr 2008 20:14:33 +0100 + mypasswordsafe (0.0.20050615-2) unstable; urgency=low * New maintainer. (Closes: 378540). diff -u mypasswordsafe-0.0.20050615/debian/control mypasswordsafe-0.0.20050615/debian/control --- mypasswordsafe-0.0.20050615/debian/control +++ mypasswordsafe-0.0.20050615/debian/control @@ -3,7 +3,8 @@ Priority: optional Maintainer: Felipe Augusto van de Wiel (faw) <[EMAIL PROTECTED]> Build-Depends: debhelper (>= 4.0.0), libboost-dev, libqt3-mt-dev, qt3-dev-tools -Standards-Version: 3.6.2 +Standards-Version: 3.7.3 +Homepage: http://www.semanticgap.com/myps/ Package: mypasswordsafe Architecture: any @@ -26,2 +26,0 @@ - . - Homepage: http://www.semanticgap.com/myps/ only in patch2: unchanged: --- mypasswordsafe-0.0.20050615.orig/src/crypto/bfproxy.cpp +++ mypasswordsafe-0.0.20050615/src/crypto/bfproxy.cpp @@ -17,6 +17,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #include "bfproxy.hpp" +#include BFProxy::BFProxy(const unsigned char *key, int len) { only in patch2: unchanged: --- mypasswordsafe-0.0.20050615.orig/src/encryptedstring.cpp +++ mypasswordsafe-0.0.20050615/src/encryptedstring.cpp @@ -22,6 +22,8 @@ #include "crypto/sha1.h" #include "securedstring.hpp" #include "encryptedstring.hpp" +#include +#include using namespace std; only in patch2: unchanged: --- mypasswordsafe-0.0.20050615.orig/src/pwsafe/Util.h +++ mypasswordsafe-0.0.20050615/src/pwsafe/Util.h @@ -11,6 +11,7 @@ #include using std::string; +#include #include "PW_sha1.h" #include "PwsPlatform.h" #include "myutil.hpp" only in patch2: unchanged: --- mypasswordsafe-0.0.20050615.orig/src/pwsafe/Util.cpp +++ mypasswordsafe-0.0.20050615/src/pwsafe/Util.cpp @@ -6,6 +6,8 @@ //#include "PwsPlatform.h" #include +#include +#include #include using std::cout; using std::endl; only in patch2: unchanged: --- mypasswordsafe-0.0.20050615.orig/src/safe.hpp +++ mypasswordsafe-0.0.20050615/src/safe.hpp @@ -128,7 +128,7 @@ SafeEntry(SafeGroup *parent); SafeEntry(SafeGroup *parent, const Q
Bug#417062: id3lib3.8.3: diff for NMU version 3.8.3-7.1
tags 417062 + patch thanks Hi, Attached is the diff for my id3lib3.8.3 3.8.3-7.1 NMU. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u id3lib3.8.3-3.8.3/doc/man/id3convert.1 id3lib3.8.3-3.8.3/doc/man/id3convert.1 --- id3lib3.8.3-3.8.3/doc/man/id3convert.1 +++ id3lib3.8.3-3.8.3/doc/man/id3convert.1 @@ -6,11 +6,9 @@ .RB [ .I OPTION .RB ] -... .RB [ .I FILE .RB ] -... .br .SH DESCRIPTION .B Id3convert diff -u id3lib3.8.3-3.8.3/doc/man/id3info.1 id3lib3.8.3-3.8.3/doc/man/id3info.1 --- id3lib3.8.3-3.8.3/doc/man/id3info.1 +++ id3lib3.8.3-3.8.3/doc/man/id3info.1 @@ -6,11 +6,9 @@ .RB [ .I OPTION .RB ] -... .RB [ .I FILE .RB ] -... .br .SH DESCRIPTION .B Id3info reverted: --- id3lib3.8.3-3.8.3/src/tag_file.loT +++ id3lib3.8.3-3.8.3.orig/src/tag_file.loT @@ -1,7 +0,0 @@ -# tag_file.lo - a libtool object file -# Generated by ltmain.sh - GNU libtool 1.5.6 (1.1220.2.95 2004/04/11 05:50:42) Debian: 215 $ -# -# Please DO NOT delete this file! -# It is necessary for linking the library. - -# Name of the PIC object. diff -u id3lib3.8.3-3.8.3/debian/changelog id3lib3.8.3-3.8.3/debian/changelog --- id3lib3.8.3-3.8.3/debian/changelog +++ id3lib3.8.3-3.8.3/debian/changelog @@ -1,3 +1,16 @@ +id3lib3.8.3 (3.8.3-7.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix FTBFS with gcc-4.3 (closes: #417062) + * Lintian warnigns repaired: +- Update DH_COMPAT from, er, 1 +- Don't ignore make clean failures +- Add link to LGPL-2 in common-licenses +- Add © to debian/copyright +- remove some broken non-roff form manpages + + -- Stephen Gran <[EMAIL PROTECTED]> Sat, 05 Apr 2008 15:55:14 +0100 + id3lib3.8.3 (3.8.3-7) unstable; urgency=high * SECURITY: Change #ifdef logic to select mkstemp() code instead of diff -u id3lib3.8.3-3.8.3/debian/copyright id3lib3.8.3-3.8.3/debian/copyright --- id3lib3.8.3-3.8.3/debian/copyright +++ id3lib3.8.3-3.8.3/debian/copyright @@ -13,16 +13,3 @@ -Copyright 1999, 2000 Scott Thomas Haug - -This library is free software; you can redistribute it and/or modify it -under the terms of the GNU Library General Public License as published by -the Free Software Foundation; either version 2 of the License, or (at your -option) any later version. - -This library is distributed in the hope that it will be useful, but WITHOUT -ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -FITNESS FOR A PARTICULAR PURPOSE. See the GNU Library General Public -License for more details. - -You should have received a copy of the GNU Library General Public License -along with this library; if not, write to the Free Software Foundation, -Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +© 1999, 2000 Scott Thomas Haug +On Debian systems, this file can be found at /usr/share/common-licenses/LGPL-2 reverted: --- id3lib3.8.3-3.8.3/debian/dirs +++ id3lib3.8.3-3.8.3.orig/debian/dirs @@ -1,2 +0,0 @@ -usr/lib -usr/include diff -u id3lib3.8.3-3.8.3/debian/control id3lib3.8.3-3.8.3/debian/control --- id3lib3.8.3-3.8.3/debian/control +++ id3lib3.8.3-3.8.3/debian/control @@ -8,7 +8,7 @@ Package: libid3-3.8.3-dev Section: libdevel Architecture: any -Depends: libid3-3.8.3c2a (= ${Source-Version}), zlib1g-dev +Depends: libid3-3.8.3c2a (= ${binary:Version}), zlib1g-dev Replaces: libid3-dev Provides: libid3-dev Conflicts: libid3-dev diff -u id3lib3.8.3-3.8.3/debian/rules id3lib3.8.3-3.8.3/debian/rules --- id3lib3.8.3-3.8.3/debian/rules +++ id3lib3.8.3-3.8.3/debian/rules @@ -6,7 +6,7 @@ #export DH_VERBOSE=1 # This is the debhelper compatability version to use. -export DH_COMPAT=1 +#export DH_COMPAT=1 # shared library versions, option 1 version=3.8.3 @@ -38,7 +38,9 @@ rm -f build-stamp # Add here commands to clean up after the build process. - -$(MAKE) distclean +ifeq (Makefile,$(wildcard Makefile)) + $(MAKE) distclean +endif rm -f popt/intl/libintl.h rm -f configure dh_clean only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/configure.in +++ id3lib3.8.3-3.8.3/configure.in @@ -227,7 +227,6 @@ ) AC_CHECK_HEADERS( \ string\ - iomanip.h \ ,,AC_MSG_ERROR([Missing a vital header file for id3lib]) ) only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/include/id3/writers.h +++ id3lib3.8.3-3.8.3/include/id3/writers.h @@ -30,7 +30,7 @@ #include "id3/writer.h" #include "id3/id3lib_streams.h" -//#include +#include class ID3_CPP_EXPORT ID3_OStreamWriter : public ID3_Writer { only in patch2: unchanged: --- id3lib3.8.3-3.8.3.orig/include/id3
Bug#413432: libloki: diff for NMU version 0.1.5-3.1
tags 413432 + patch thanks Hi, Attached is the diff for my libloki 0.1.5-3.1 NMU. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -u libloki-0.1.5/debian/rules libloki-0.1.5/debian/rules --- libloki-0.1.5/debian/rules +++ libloki-0.1.5/debian/rules @@ -26,9 +26,9 @@ dh_testroot rm -f build-stamp - - -$(MAKE) distclean - +ifeq (Makefile,$(wildcard Makefile)) + $(MAKE) distclean +endif dh_clean install: build diff -u libloki-0.1.5/debian/changelog libloki-0.1.5/debian/changelog --- libloki-0.1.5/debian/changelog +++ libloki-0.1.5/debian/changelog @@ -1,3 +1,17 @@ +libloki (0.1.5-3.1) unstable; urgency=low + + * Non-maintainer upload. + * Fix FTBFS with gcc-4.3 (closes: #413432) + * Update Standards-Version (no changes) + * Make lintian happy: +- Change from Source-Version to binary:Version in debian/control +- Don't ignore errors on clean +- Add copyright symbol to debian/copyright +- Move Homepage: from description to control field +- Register doc-base files with right section + + -- Stephen Gran <[EMAIL PROTECTED]> Sat, 05 Apr 2008 14:57:24 +0100 + libloki (0.1.5-3) unstable; urgency=low * debian/rules: Always build with OS=Linux to fix FTBFS on kFreeBSD, Hurd diff -u libloki-0.1.5/debian/libloki-doc.doc-base libloki-0.1.5/debian/libloki-doc.doc-base --- libloki-0.1.5/debian/libloki-doc.doc-base +++ libloki-0.1.5/debian/libloki-doc.doc-base @@ -4,7 +4,7 @@ Abstract: This documentation is automatically generated from the libloki source code by doxygen, and describes the classes of the Loki C++ library in detail. -Section: Apps/Programming +Section: Programming Format: HTML Index: /usr/share/doc/libloki-doc/html/index.html diff -u libloki-0.1.5/debian/control libloki-0.1.5/debian/control --- libloki-0.1.5/debian/control +++ libloki-0.1.5/debian/control @@ -3,7 +3,8 @@ Priority: optional Maintainer: Lukas Fittl <[EMAIL PROTECTED]> Build-Depends: debhelper (>= 5.0.0) -Standards-Version: 3.7.2 +Standards-Version: 3.7.3 +Homepage: http://loki-lib.sourceforge.net/ Package: libloki0.1.5 Section: libs @@ -17,13 +18,12 @@ . The code accompanies the (non-free) book, _Modern C++ Design_ (Alexandrescu, 2001), which goes into depth on the design of the library. - . - Homepage: http://loki-lib.sourceforge.net/ Package: libloki0.1.5-dbg Section: libs +Priority: extra Architecture: any -Depends: libloki0.1.5 (= ${Source-Version}) +Depends: libloki0.1.5 (= ${binary:Version}) Description: a C++ library of generic design patterns (debug information) Loki is a ("the"?) C++ library of generic programming techniques, containing flexible implementations of common design patterns and idioms. It is an @@ -32,13 +32,11 @@ . This package contains debugging symbols useful for tracing bugs in the libloki package. - . - Homepage: http://loki-lib.sourceforge.net/ Package: libloki-dev Section: libdevel Architecture: any -Depends: libloki0.1.5 (= ${Source-Version}) +Depends: libloki0.1.5 (= ${binary:Version}) Suggests: libloki-doc Description: a C++ library of generic design patterns (development files) Loki is a ("the"?) C++ library of generic programming techniques, containing @@ -51,8 +49,6 @@ . This package contains the header files and static libraries needed to build programs that use loki. - . - Homepage: http://loki-lib.sourceforge.net/ Package: libloki-doc Section: doc @@ -67,2 +62,0 @@ - . - Homepage: http://loki-lib.sourceforge.net/ diff -u libloki-0.1.5/debian/copyright libloki-0.1.5/debian/copyright --- libloki-0.1.5/debian/copyright +++ libloki-0.1.5/debian/copyright @@ -10,7 +10,7 @@ Copyright: -Copyright (c) Andrei Alexandrescu +Copyright (©) 2000-2005 Andrei Alexandrescu - 2000 - ScopeGuard - 2001 @@ -20,19 +20,19 @@ - 2005 - SafeFormat -Copyright (c) Petru Marginean +Copyright (©) 2000 Petru Marginean - 2000 - ScopeGuard -Copyright (c) Curtis Krauskopf +Copyright (©) 2004 Curtis Krauskopf - 2004 - Singleton -Copyright (c) Joshua Lehrer +Copyright (©) 2005 Joshua Lehrer - 2005 - ScopeGuard -Copyright (c) Peter Kümmel +Copyright (©) 2005-2006 Peter Kümmel - 2005 - OrderedStatic - Factory @@ -46,7 +46,7 @@ - RefToValue - Register -Copyright (c) Richard Sposato +Copyright (©) 2005 Richard Sposato - 2006 - StrongPtr - SmartPtr only in patch2: unchanged: --- libloki-0.1.5.orig/include/loki/SafeF
Bug#443561: Suggested plan
How about this plan: Rename libgmime-2.0-2 to libgmime-2.0-2a. BinNMU the following packages: tracker pinot pan mail-notification libgmime2.2-cil libgmime-2.0-2-dev dbmail-pgsql dbmail-mysql dbmail balsa I'm happy to do an NMU doing the rename if you like. Not being an RM, I can't start the binNMU campaign myself, but I'm happy to prod the RMs about it. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#402010: downgrading
severity 402010 important tags 402010 -security thanks 01:58 < sgran> anyone have a problem with downgrading #402010? 01:59 < sgran> I agree it's not perfect, but it's exactly the same as dozens or hundreds of other web apps that need to store credentials of one form or another 02:01 < zobel> sgran: not me. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#402010: this is exactly like every other web app credential store
There are a few that do it better, but in the main, this is exactly the way that every other web application in Debian stores it's credentials. Is there some reason this bug is RC and the others either don't have bugs filed or are not RC? -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#473131: dbconfig-common: diff for NMU version 1.8.37-0.1
Um, that last umask was crack. This is actually correct. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -Nru dbconfig-common-1.8.37/debian/changelog dbconfig-common-1.8.37/debian/changelog --- dbconfig-common-1.8.37/debian/changelog 2008-03-06 23:14:00.0 + +++ dbconfig-common-1.8.37/debian/changelog 2008-04-05 00:54:14.0 +0100 @@ -1,3 +1,10 @@ +dbconfig-common (1.8.37-0.1) unstable; urgency=low + + * Non-maintainer upload. + * Set umask before dump creation (closes: #473131) + + -- Stephen Gran <[EMAIL PROTECTED]> Sat, 05 Apr 2008 00:53:49 +0100 + dbconfig-common (1.8.37) unstable; urgency=low * Fix from Niko Tyni for dpkg-reconfigure failures due to missing database diff -Nru /tmp/YW8XFhTsEy/dbconfig-common-1.8.37/internal/mysql /tmp/TYDsodzu2S/dbconfig-common-1.8.37/internal/mysql --- dbconfig-common-1.8.37/internal/mysql 2007-06-18 21:28:59.0 +0100 +++ dbconfig-common-1.8.37/internal/mysql 2008-04-05 01:01:29.0 +0100 @@ -323,8 +323,11 @@ _dbc_mysql_check_connect || return 1 dumpfile=$1 dumperr=0 +old_mask=`umask` +umask 0066 mycnf=`_dbc_generate_mycnf` dbc_error=`mysqldump --defaults-file="$mycnf" $dbc_dbname 2>&1 >$dumpfile` || dumperr=1 +umask $old_mask rm -f $mycnf return $dumperr } diff -Nru /tmp/YW8XFhTsEy/dbconfig-common-1.8.37/internal/pgsql /tmp/TYDsodzu2S/dbconfig-common-1.8.37/internal/pgsql --- dbconfig-common-1.8.37/internal/pgsql 2007-06-18 21:29:32.0 +0100 +++ dbconfig-common-1.8.37/internal/pgsql 2008-04-05 01:01:36.0 +0100 @@ -178,9 +178,12 @@ retval=0 _dbc_psql_cmd_setup if [ "$dbc_ssl" ]; then PGSSLMODE="require"; fi +old_umask=`umask` +umask 0066 extra=`_dbc_psql_cmd_args` _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname\" 2>&1" dbc_error=`su -s /bin/sh $localuser -c "env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname" 2>&1` || retval=$? +umask $old_mask _dbc_psql_cmd_cleanup return $retval } diff -Nru /tmp/YW8XFhTsEy/dbconfig-common-1.8.37/internal/sqlite /tmp/TYDsodzu2S/dbconfig-common-1.8.37/internal/sqlite --- dbconfig-common-1.8.37/internal/sqlite 2007-06-18 21:31:02.0 +0100 +++ dbconfig-common-1.8.37/internal/sqlite 2008-04-05 01:01:47.0 +0100 @@ -184,7 +184,10 @@ dbc_sqlite_dump(){ local dumpfile dumpfile=$1 +old_umask=`umask` +umask 0066 _dbc_sanity_check dbname $dbc_dbtype || return 1 dbc_sqlite_exec_command ".dump" > "$dumpfile" +umask $old_mask return $? }
Bug#473131: dbconfig-common: diff for NMU version 1.8.37-0.1
tags 473131 + patch thanks Hey Sean, Tentative fix for this attached. I'll wait a day or so to hear from you before I upload. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - diff -Nru dbconfig-common-1.8.37/debian/changelog dbconfig-common-1.8.37/debian/changelog --- dbconfig-common-1.8.37/debian/changelog 2008-03-06 23:14:00.0 + +++ dbconfig-common-1.8.37/debian/changelog 2008-04-05 00:54:14.0 +0100 @@ -1,3 +1,10 @@ +dbconfig-common (1.8.37-0.1) unstable; urgency=low + + * Non-maintainer upload. + * Set umask before dump creation (closes: #473131) + + -- Stephen Gran <[EMAIL PROTECTED]> Sat, 05 Apr 2008 00:53:49 +0100 + dbconfig-common (1.8.37) unstable; urgency=low * Fix from Niko Tyni for dpkg-reconfigure failures due to missing database diff -Nru /tmp/bFXeiBxlgf/dbconfig-common-1.8.37/internal/mysql /tmp/uw9FUK2N4j/dbconfig-common-1.8.37/internal/mysql --- dbconfig-common-1.8.37/internal/mysql 2007-06-18 21:28:59.0 +0100 +++ dbconfig-common-1.8.37/internal/mysql 2008-04-05 00:50:46.0 +0100 @@ -323,8 +323,11 @@ _dbc_mysql_check_connect || return 1 dumpfile=$1 dumperr=0 + old_mask=`umask` + umask 0002 mycnf=`_dbc_generate_mycnf` dbc_error=`mysqldump --defaults-file="$mycnf" $dbc_dbname 2>&1 >$dumpfile` || dumperr=1 + umask $old_mask rm -f $mycnf return $dumperr } diff -Nru /tmp/bFXeiBxlgf/dbconfig-common-1.8.37/internal/pgsql /tmp/uw9FUK2N4j/dbconfig-common-1.8.37/internal/pgsql --- dbconfig-common-1.8.37/internal/pgsql 2007-06-18 21:29:32.0 +0100 +++ dbconfig-common-1.8.37/internal/pgsql 2008-04-05 00:51:39.0 +0100 @@ -178,9 +178,12 @@ retval=0 _dbc_psql_cmd_setup if [ "$dbc_ssl" ]; then PGSSLMODE="require"; fi + old_umask=`umask` + umask 0002 extra=`_dbc_psql_cmd_args` _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname\" 2>&1" dbc_error=`su -s /bin/sh $localuser -c "env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname" 2>&1` || retval=$? + umask $old_mask _dbc_psql_cmd_cleanup return $retval } diff -Nru /tmp/bFXeiBxlgf/dbconfig-common-1.8.37/internal/sqlite /tmp/uw9FUK2N4j/dbconfig-common-1.8.37/internal/sqlite --- dbconfig-common-1.8.37/internal/sqlite 2007-06-18 21:31:02.0 +0100 +++ dbconfig-common-1.8.37/internal/sqlite 2008-04-05 00:52:14.0 +0100 @@ -184,7 +184,10 @@ dbc_sqlite_dump(){ local dumpfile dumpfile=$1 + old_umask=`umask` + umask 0002 _dbc_sanity_check dbname $dbc_dbtype || return 1 dbc_sqlite_exec_command ".dump" > "$dumpfile" + umask $old_mask return $? }
Bug#474096: clamav uses 9gb of storage at /var/lib/clamav
This one time, at band camp, Omry Yadan said: > Somehow, clamav managed to grab 9GB from my main partition. > this can easily fill up the file system and render the entire system > unusable. > I don't see any justification for clamav to be using so much storage. > > > du -s /var/lib/clamav/* | sort -n > outputs something like: > 21332 /var/lib/clamav/clamav-fec1b308f8d9fb2e408c73423f0e4b7d > 21332 /var/lib/clamav/clamav-ff04c27ac6653086ec39d985a2cfa2a6 > 21332 /var/lib/clamav/clamav-ff2beaaffbdd0be7d735337b562bbe8c > 21332 /var/lib/clamav/clamav-ffe4c61a277f868f8bb7784df5a3d348 > 21332 /var/lib/clamav/main.inc > > /var/lib/clamav# ls -l | wc -l > 658 > > so, with about 650 dirs that uses 20mb each, no wonder this is what > happens. Just a note for the bug logs - we've spoken on IRC, and it sounds like it may have been a permissions issue. Some testing is going on now to see if it is repeatable, or if it was a one time problem caused by those wrog permissions. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#470073: NMU Diff
This one time, at band camp, Scott Kitterman said: > Tags: patch > > Diff for NMU attached. /me wipes egg off of face .. Looks good. Uploading as we speak. Thanks. -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#465749: nagios-plugins: check_mailq broken in sarge by security updateÂ
Package: nagios-plugins Version: 1.4-6sarge1+b1 Severity: grave For some reason, this upgrade replaced the usual exec of /usr/bin/mailq with /usr/sbin/mailq. Since that binary doesn't exist on any of my systems, this unsurprisingly fails. Thanks, -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-4-686-smp Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages nagios-plugins depends on: ii dnsutils 1:9.2.4-1sarge3 Clients provided with BIND ii fping2.4b2-to-ipv6-10sends ICMP ECHO_REQUEST packets to ii host 2331-9 utility for querying DNS servers ii iputils-ping 3:20020927-2Tools to test the reachability of ii libc62.3.2.ds1-22sarge6 GNU C Library: Shared libraries an ii libldap2 2.1.30-8OpenLDAP libraries ii libmysqlclient12 4.0.24-10sarge3 mysql database client library ii libnet-snmp-perl 5.0.1-1 Script SNMP connections ii libpq3 7.4.7-6sarge6 PostgreSQL C client library ii libssl0.9.7 0.9.7e-3sarge5 SSL shared libraries ii ntp 1:4.2.0a+stable-2sarge1 Network Time Protocol: network uti ii ntp-simple 1:4.2.0a+stable-2sarge1 Network Time Protocol: daemon for ii ntpdate 1:4.2.0a+stable-2sarge1 The ntpdate client for setting sys ii procps 1:3.2.1-2 The /proc file system utilities ii qstat2.8-1 Command-line tool for querying qua ii radiusclient10.3.2-8 /bin/login replacement which uses ii smbclient3.0.14a-3sarge11a LanManager-like simple client fo ii snmp 5.1.2-6.2 NET SNMP (Simple Network Managemen -- no debconf information -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.linuxforce.net | - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#463353: madwifi-source: cannot build with 2.6.24-1-686
This one time, at band camp, Kel Modderman said: > Am pretty well informed about ath5k movements with regards to mainline > inclusion (am involved with madwifi.org team that handles development > of the non-free madwifi and free ath5k module) but not with debian's > movements. Thanks for the heads up. Cool, wasn't trying to teach you to suck eggs :) Thanks for looking after madwifi and now ath5k - you've kept several of my laptops connected over the years. Cheers, -- - | ,''`. Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#463353: madwifi-source: cannot build with 2.6.24-1-686
This one time, at band camp, Kel Modderman said: > Thank you for this very useful information. > > Even when this obstacle is passed, the current madwifi version will fail to > build. I've been working on getting the madwifi.org team to work towards a > release in the coming week that would not fail to compile against 2.6.24. > > Am also thinking of packaging the SVN trunk variant of madwifi, possibly for > experimental, or possibly for unstable (instead of the upcoming "stable" > upstream release). I'd be interested in hearing the opinion of any developer > who is interested in uploading a new madwifi package to the archive in the > next few days. Just to let you know, 2.6.24 (in Debian - 2.6.25 for vanilla kernel) is shipping the ath5k module, which is AIUI replacing madwifi. I don't know if that affects your plans, but I wanted to be sure you were aware of it. Cheers, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#462502: bacula: FTBFS: *** No rule to make target `../cats/libsql.a', needed by `dbcheck'. Stop.
This one time, at band camp, Matthias Albert said: > Hi Lucas, > > do you have the postgresql-server-dev-X packet installed? > > As you can see in "bacula-2.2.6/src/cats/postgresql.c" on line 49 "49 > #include "postgres_ext.h" /* needed for NAMEDATALEN */" > > you need the file "postgres_ext.h" > > which is provided in this package > > ---snip--- > sudo dpkg -L postgresql-server-dev-8.2 | grep -i ext.h > /usr/include/postgresql/8.2/server/postgres_ext.h > ---snap--- That means it's a missing build dependency, not a problem in Lucas's build environment. -- ----- | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#462445: sudo segfaults with second execution
Please keep the bug log in the discussion. Also please bear in mind that I am not the maintainer - I'm just trying to get enough information in the bug log that the maintainer can perhaps find what's going on. This one time, at band camp, Kamil Jońca said: > On Thu, Jan 24, 2008 at 10:27:22PM +0000, Stephen Gran wrote: > > This one time, at band camp, Kamil Jonca said: > > > Package: sudo > > > Version: 1.6.9p11-1 > > > > > > Below an example: > > > [EMAIL PROTECTED]:~%sudo -k > > > [EMAIL PROTECTED]:~%sudo echo test > > > [sudo] password for kjonca: > > > Last login: Thu Jan 24 22:53:51 2008 from alfa.kjonca on pts/20 > > > test See where you get a lastlog entry here? > > [EMAIL PROTECTED]:~$ sudo -k > > [EMAIL PROTECTED]:~$ sudo echo test > > [sudo] password for steve: > > test See that I don't? > > [EMAIL PROTECTED]:~$ sudo echo test > > test > > > > Not here. Can you provide any additional debugging output? Try a > > different shell besides zsh? > > Other shell means no differrence. > But I make setuid strace and straced sudo. And I have found that sudo > uses pam_lastlog.so, and I remember that I have problem with pam_lastlog > and xdm, so I remove pam_lastlog. > After removing pam_lastlog.so sudo stops segfault. > I don't know if it is bug in pam_lastlog or I missed something? I suggest something might be wrong with your usage of pam_lastlog, but I don't really know. Thanks for the follow up, -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#462445: sudo segfaults with second execution
This one time, at band camp, Kamil Jonca said: > Package: sudo > Version: 1.6.9p11-1 > > Below an example: > [EMAIL PROTECTED]:~%sudo -k > [EMAIL PROTECTED]:~%sudo echo test > [sudo] password for kjonca: > Last login: Thu Jan 24 22:53:51 2008 from alfa.kjonca on pts/20 > test > [EMAIL PROTECTED]:~%sudo echo test > zsh: segmentation fault sudo echo test > [EMAIL PROTECTED]:~%sudo -k > [EMAIL PROTECTED]:~%sudo echo test > [sudo] password for kjonca: > Last login: Thu Jan 24 23:01:36 2008 from alfa.kjonca on pts/20 > test > [EMAIL PROTECTED]:~% ii sudo 1.6.9p11-1Provide limited super user privileges to specific users [EMAIL PROTECTED]:~$ sudo -k [EMAIL PROTECTED]:~$ sudo echo test [sudo] password for steve: test [EMAIL PROTECTED]:~$ sudo echo test test Not here. Can you provide any additional debugging output? Try a different shell besides zsh? -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature