Re: ITW/P: freecati

[Craig Sanders]

On Fri, Oct 01, 1999 at 11:22:11PM -0500, Chris Lawrence wrote:

> For the unfamiliar, CATI programs are used to to conduct surveys over
> the telephone (although they can also be used in other contexts).
> Think of an "installation wizard" with a modem dialer and database
> backend, and you've got the idea.  The concept here is basically to
> make it possible to turn mothballed 486es (or eMachines ;-) into
> interviewing stations running Linux for the cost of a network card, a
> good USR modem and a noise-cancelling headset (i.e. well under $200).

IMO, this is morally akin to writing free software specifically to make
spamming cheaper and easier.

if you must write such obnoxious and evil software then please make
sure that it maintains a list of phone numbers NOT to call, so that
those who are sick and tired of market research jerks calling them just
as they get home from work or sit down to dinner can say "PUT ME ON
YOUR DO-NOT-CALL LIST IMMEDIATELY!". write the software so that it is
trivially easy for the telemarketer to add numbers to that list.

craig

--
craig sanders

Re: slink -> potato

[Herbert Xu]

Anthony Towns  wrote:
>
> Hmmm. I can't actually find any mention of this in policy. In fact,
> discussion of what should be done when in prerm and postrm seems pretty
> bare, period.

OK, so it's not actually in the policy.

> What sequence of events is actually going to cause problems? I'd have
> thought dpkg would generally manage to keep dependencies pretty reliable
> while upgrading.

The idea is that when you upgrade the package like telnetd, there may be
new shlib dependencies, etc. which means that you should stop spawning
new daemons until it is configured.  Of course, this may not happen for
every release, but the prerm file comes from the old version, so it can't
tell whether this is necessary, but it is the only one that knows exactly
how to stop the daemon from spawning, so it just has to stop it every time.

This applies to standalone daemons as well in the case when the have
configuration files which may change in an incompatible way.

One thing that dpkg doesn't do (AFAIK) is to deconfigure a package when
something it depends on is deconfigured, upgraded or removed.  If this were
the case, then the above would work even better.

> Did anything come of the `locally-essential' thing that apt was going
> to support at one point? So that you could say "telnetd is Essential
> to this machine --- I do remote maintenance", and have Apt configure
> telnetd (and any dependents) ASAP. That would solve the original problem
> pretty well, it seems to me.

Anyway, back to the original problem, the best solution IMHO is just to
run telnet/ssh and screen so that none of this really affects you.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: SSH never free

[Craig Sanders]

On Sat, Oct 02, 1999 at 10:06:24AM +1000, Herbert Xu wrote:

> They use libssl, which begs the question why isn't libssl in
> non-US/non-free?

i thought that only copyright/license and *not* patent issues determined
whether we considered something to be free or non-free.

e.g. libssl is completely free software in the free world, but
encumbered by a patent problem in the world's favourite police state.

craig

PS: the RSA patent expires in 2001 (or is it 2002?), anyway.

--
craig sanders

ITP: Re: Must hand off XEmacs21 project!

[James LewisMoss]

> On 29 Sep 1999 14:51:02 -0700, [EMAIL PROTECTED] (Karl M. Hegbloom) said:

 Karl>  I will not, due to circumstances beyond my control, be
 Karl>  returning to work for perhaps as long as six months.  I must
 Karl>  hand off the XEmacs 21 project.

 Karl>  On master.debian.org in ~karlheg/src/ is a tar file with
 Karl>  TODAY's fresh CVS repository archived in it.  That should be
 Karl>  installed on cvs.debian.org in a controlled repository... just
 Karl>  untar it; I'm sure someone will know how to deal with it.  In
 Karl>  ~karlheg/src/xemacs21 is a sample checkout from it.  NOTE:
 Karl>  there are branches in there.  Please look over my branch
 Karl>  scheme.

 Karl>  br_ for a branch prefix.  br_unstable_potato is the current
 Karl>  head of development.

 Karl>  There is a source branch for upstream tracking.

 Karl>  Make sure this is managed by someone very familiar with CVS.
 Karl>  I hope it's a paid position.  This is a large and time
 Karl>  consuming project.  I am not willing to take it back unless
 Karl>  someone will pay me for the time.

 Karl>  Form a team.  Perhaps Corel has a few dollars to spend for
 Karl>  this?

 Karl>  I will be away from email starting now and until further
 Karl>  notice.

I'll take it back.  I've already got packages made (look at
http://va.debian.org/~dres/xemacs21.  They don't use your setup, but
they work.  And you could have offered it back knowing I had already
made packages rather than posting a general mail to -devel.

So, to all on devel consider this a ITP on xemacs21 and I would
appreciate anyone who has a chance to test the packages.  Apt line
that should work: "deb http://va.debian.org/~dres xemacs21/".

Thanks
Dres

-- 
@James LewisMoss <[EMAIL PROTECTED]> |  Blessed Be!
@http://www.ioa.com/~dres   |  Linux is kewl!
@"Argue for your limitations and sure enough, they're yours." Bach

Re: Is this a bug in grep, or is it me...

[Craig Sanders]

On Fri, Oct 01, 1999 at 04:19:51PM +, Dale Scheetz wrote:
> This leaves me with the unresolved problem of distinguishing between the
> two package names.
> 
> I just read through the grep manpage (again) looking for something that
> will enforce an exact match, when I realised that I can simply skip this
> step and do the selection in awk (which I was using before to peel off the
> section name from the grep output), so the right command is:

it seems to me that the word you are looking for (i.e. the package name)
will always be the first word on a line, so:

grep "^PACKAGENAME " override.potato

will do the job, and is probably significantly faster than an awk
script.

craig

--
craig sanders

Re: SSH never free

[James Troup]

Herbert Xu <[EMAIL PROTECTED]> writes:

> They use libssl, which begs the question why isn't libssl in non-US/non-free?

Uh, because I keep forgetting.  I've been meaning to do that since Guy
split non-US up...  I guess I'll go file a bug against ftp.debian.org.

-- 
James

Re: Packages should not Conflict on the basis of duplicate functionality

[Craig Sanders]

On Sat, Oct 02, 1999 at 04:36:04PM +0200, Piotr Roszatycki wrote:

> I've install postgresql on my home computer. I need this daemon only
> sometimes. I don't want to start it every time I reboot system.

you need to do something non-standard, so you should do a little bit of
work to accommodate your own needs.

if i needed to do the above then i would edit /etc/init.d/postgresql and
(in the case statement) change "start)" to "go)". this way, it would
not get started at boot time, but i could easily start it by running
"/etc/init.d/postgresql go".


pros:

simple. takes <20 seconds with vi. minimal change, so follows principle
of least surprise. easy to remember. init.d scripts are conffiles so it
won't be automatically replaced at the next upgrade.

cons:

you have to re-do the change if you ever upgrade and answer "Y" to
dpkg's question about replacing /etc/init.d/postgresql.

craig

--
craig sanders

Re: Little FAQ for users and maintainers

[Joseph Carter]

On Fri, Oct 01, 1999 at 09:18:41AM -0400, Fabien Ninoles wrote:
> Conflicts: foo (<< new-version)

And don't forget Replaces: foo (<< new-version), that's what it's there
for---files moving from one package to another!

-- 
Joseph Carter <[EMAIL PROTECTED]> Debian GNU/Linux developer
GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC  44F9 8FF7 D7A3 DCF9 DAB3
PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77  8E E2 29 96 C9 44 5F BE
--
* joeyh cvs commits his home directory. Aa
 eeek
 joeyh: That is simply evil.  Period.



pgpRl4cI5PbNL.pgp
Description: PGP signature

daemon configuration

[Colin Walters]

On Sat, Oct 02, 1999 at 10:49:58AM -0700, David Bristel wrote:
> 
> > Did you consider his point, though? Why would you install a service
> > if you don't want it to run?
> Simple answer here, if you install a group of packages during the install, you
> may not realize what packages you have installed.  For those who do custom
> installs as the only way, you probably have never experienced what "Scientific
> Workstation" may end up installing.  If you are in a hurry, you may choose 
> that
> option, then not spend the time picking through all the packages to remove the
> ones you want.  A possible solution would be a "daemon" flag to go on a 
> package,
> and after the install, the installed daemons are listed.  This is just an 
> idea,
> but that's another subject.

This is basically what Red Hat does upon installation; it prompts you for which
services to enable out of a list of installed daemons.  Perhaps upon 
installation
or a dist-upgrade, apt could list everything that had a "daemon" flag and prompt
you to start it.  That way we would avoid asking every time.

-- 
Colin Walters <[EMAIL PROTECTED]>
http://web.verbum.org/levanti
PGP Fingerprint: A580 5AA1 0887 2032 7EFB  19F4 9776 6282 C207 843A

Re: Packages should not Conflict on the basis of duplicate functionality

[Alexander N. Benner]

Hi

Ship's Log, Lt. Piotr Roszatycki, Stardate 021099.1636:
> On Fri, 1 Oct 1999, Craig Sanders wrote:
> > DON'T INSTALL THE DAEMON IF YOU DON'T WANT TO RUN IT.
> > 
> > WHY IS THE BLEEDING OBVIOUS SO FAR BEYOND YOUR COMPREHENSION?

this is as wrong as it is loud 

> I've install postgresql on my home computer. I need this
> daemon only sometimes. I don't want to start it every time
> I reboot system.
> 
> debconf could be helpful.

I like to discover new things, I like to learn. How shall I learn about
networking, databases, etc. without installing the software?

Unlike other ppl I have to pay for my phoneline, this argument should be known
on this list by now, and therfore try not to install too much at home.
About 4 times a YYear I carry my 'puter to my office and install there (as
much as I can)

Greetings
-- 
Alexander N. Benner -*- [EMAIL PROTECTED] -*- Ephesians 6:12 , John 1:5 

She relaxed just a little, [..] "I'm hardly presentable..." [..] Hardly
presentable! Wasn't it strange, the way humans looked at themselves with eyes
of flesh [..] But to the angels, she appeared as God Himself saw her, just as
any other redeemed saint of the living God: pure, shining, clean, dressed in
garments as white as snow.  PIERCING THE DARKNESS by Frank E. Peretti

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[David Bristel]

On Sat, 2 Oct 1999, Craig Sanders wrote:

> Date: Sat, 2 Oct 1999 20:06:10 +1000
> From: Craig Sanders <[EMAIL PROTECTED]>
> To: The Doctor What <[EMAIL PROTECTED]>
> Cc: debian-devel@lists.debian.org
> Subject: Re: How not to be a nice person (Was: Re: Packages should not 
> Conflict on the basis of duplicate functionality)
> Resent-Date: 2 Oct 1999 10:06:43 -
> Resent-From: debian-devel@lists.debian.org
> Resent-cc: recipient list not shown: ;
> 
> On Fri, Oct 01, 1999 at 11:52:59PM -0500, The Doctor What wrote:
> > You on the other hand show no thought for anyone else.
> 
> i show no regard for those who demonstrate they are fools. i show
> contempt for those who demonstrate that they are annoying fools. guess
> which category you fall into.

This is where you are at fault, Craig.  If you feel someone is a fool, or an
annoying fool, then you should either make your point, and show CLEARLY that
your point is the right one.  You should do so without insults, and without any
comments that would lead to an argument rather than debate on an issue.
Further, you harm Debian by going off topic to make your opinion of a PERSON on
the list, rather than keeping it off the list.  If you feel the need to insult
someone, then PLEASE, do it in private e-mails so it doesn't get out of hand.


David Bristel

ITP: iodbc and myodbc

[Christian Hammers]

Hello Maintainers

As requested by an user I will intent to package myodbc (Public Domain), 
an API for MySQL (which is needed by Perl ODBC), and the libiodbc (GPL) which 
is used by myodbc.

I found no related ODBC packages already in Debian so I assume they're
not there.
I'm the MySQL maintainer anyways so packaging the myodbc should be in
time for every new MySQL release.

bye,

  -christian-

-- 
Linux - the choice of the GNU generation.  Join the Debian Project 
 http://www.debian.org 
Christian Hammers * Oberer Heidweg 35 * D-52477 Alsdorf * Tel: 02404-25624
50 3C 52 26 3E 52 E7 20  D2 A1 F5 16 C4 C9 D4 D3  1024/925BCB55 1997/11/01

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[David Bristel]

On Sat, 2 Oct 1999, Hamish Moffatt wrote:

> Date: Sat, 2 Oct 1999 15:10:23 +1000
> From: Hamish Moffatt <[EMAIL PROTECTED]>
> To: debian-devel@lists.debian.org
> Subject: Re: How not to be a nice person (Was: Re: Packages should not 
> Conflict on the basis of duplicate functionality)
> Resent-Date: 2 Oct 1999 05:10:33 -
> Resent-From: debian-devel@lists.debian.org
> Resent-cc: recipient list not shown: ;
> 
> On Fri, Oct 01, 1999 at 09:06:59PM -0500, The Doctor What wrote:
> > On Fri, Oct 01, 1999 at 08:47:20PM +1000, Craig Sanders wrote:
> > In short, a summary (admittedly from my point of view) follows:
> > In a discussion on whether network daemons should do one of the following:
> > a) Simply start up, grabbing any ports it needs (most do this)
> > b) Not start up (a few do this)
> > c) Ask about what ports to grab and whether to start up (some do this)
> > 
> > This letter is to make it public that I think Craig has gone too far.  He
> > has hurt my feelings and has been very insulting to everyone in
> > debian-devel.  And this is not the way to get things done.
> 
> Did you consider his point, though? Why would you install a service
> if you don't want it to run?
Simple answer here, if you install a group of packages during the install, you
may not realize what packages you have installed.  For those who do custom
installs as the only way, you probably have never experienced what "Scientific
Workstation" may end up installing.  If you are in a hurry, you may choose that
option, then not spend the time picking through all the packages to remove the
ones you want.  A possible solution would be a "daemon" flag to go on a package,
and after the install, the installed daemons are listed.  This is just an idea,
but that's another subject.

David Bristel

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[David Bristel]

On Sat, 2 Oct 1999, Hamish Moffatt wrote:

> Date: Sat, 2 Oct 1999 15:05:22 +1000
> From: Hamish Moffatt <[EMAIL PROTECTED]>
> To: debian-devel@lists.debian.org
> Subject: Re: How not to be a nice person (Was: Re: Packages should not 
> Conflict on the basis of duplicate functionality)
> Resent-Date: 2 Oct 1999 05:05:34 -
> Resent-From: debian-devel@lists.debian.org
> Resent-cc: recipient list not shown: ;
> 
> On Sat, Oct 02, 1999 at 12:46:46PM +1000, Craig Sanders wrote:
> > "Excuse me.  I work for TurboLinux."
> > 
> > the implication here is that you know what you are talking about because
> > you work for a "real" (i.e. commercial) linux distribution. 
> 
> When in fact the opposite is true? :-)

Please don't add fuel to the fire.  While almost all those on -devel(including
myself) feel that Debian is the best distribution out there, it's not good to
start putting down other distributions.  I myself have a severe dislike of
Redhat, but I'd not go to the point of saying it's not a "real" distribution.
Anyone who works in the computer industry in any area knows that it is a
difficult task to create even the most basic product and support it. This is
why being a developer holds such high regard by those technically knowledgeable.

There have been a number of arguments that have shown up on this list, and this
is only the most recent.  The only way to stop these arguments from getting out
of control is to keep them off the list, and in personal e-mail if you feel you
need to insult them, or defend yourself against them.  If they can't respond
rationally, or if the argument gets out of hand, go to someone about your
problem who MIGHT be able to help settle the argument.

I hope this helps in some way, as I do not wish to see Debian get ripped apart
because of personal differences between people.  Debian has continued to grow,
and gain support through the hard work of MANY people, not just one or two, or
even a handful.  So, let's keep the good of the distribution in mind, work
through any differences we may have, and continue on.


David Bristel


 
> 
> Hamish
> -- 
> Hamish Moffatt VK3SB (ex-VK3TYD). 
> CCs of replies from mailing lists are welcome.
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> 

Re: dhcpcd procedure

[Steve Greenland]

On 01-Oct-99, 11:28 (CDT), Dpk <[EMAIL PROTECTED]> wrote: 
> What would be the best way to check for this?  A simple 'ps |grep
> dhcpcd' ? Would doing so make my package dependent on procps?  or is
> there a convenient way to check the installed version of dhcpcd
> someway?

As others have said, check the arguments to your postinst. Here's
an example excerpt:

if [ "$1" = "configure" -a -n "$2" ] && dpkg --compare-versions "$2" lt 
"3.0pl1-43" ; then

echo "This is an upgrade from an old version -- restart daemon"
fi

Of course, you'd replace "3.0pl1-43" with the version number of the
*first* version that *doesn't* need to perform the special action.

Steve

-- 
Steve Greenland <[EMAIL PROTECTED]>
(Please do not CC me on mail sent to this list; I subscribe to and read
every list I post to.)

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Marek Habersack]

* Anthony Towns said:
> On Fri, Oct 01, 1999 at 11:53:19PM -0500, The Doctor What wrote:
> > The idea was not to say that "since I work for *a company* I'm an
> > authority".  My point was that I work in the "real world" and have a
> > counter example. 
> 
> And of course, everyone else on the list doesn't work in the "real world",
> and just plays in their own little pointless sandpit. Feh.
> 
> That *is* offensive.
Come on! Better stop it now. You know damned well this is not the case.
Everyone has their experiences in the real work and world - and everyone has
the right to support their speech using the examples and poits from his own
life. EVERYONE. And if you take it personal, then I'm sorry. I don't feel
offended by what TDW said.

marek


pgpZayTm40LwI.pgp
Description: PGP signature

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Marek Habersack]

* Craig Sanders said:

> > and
> > 
> > >  now what is so fucking difficult to understand about that?
> > 
> > the word "deliberate" isn't the first that occurs to me.
> 
> if you can't comprehend that someone might deliberately choose those
> words, then that is your problem not mine. such paucity of imagination
> is truly sad.
No - your attitude is sad. Perhaps you are not educated enough to state your
position in a civilized way using strong but NOT insulting words. It's even
more said when we realize that you use the Shakespeare's language which has
more than enough words and expressions to express anything without using
bold language. And before you say that - I use these and worse words myself,
but one has to know when and where to use them. This is not one of these
places.

marek


pgprXnNirx9I8.pgp
Description: PGP signature

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Marek Habersack]

* Craig Sanders said:
> On Fri, Oct 01, 1999 at 09:06:39PM -0500, The Doctor What wrote:
> > I took care in my message above to remove anything offensive towards
> > Craig.  Unfortunately Craig didn't do the same.
> 
> garbage.  you went out of your way to be offensive.  to quote the opening
> line of your message:
> 
>   "Excuse me.  I work for TurboLinux."
> 
> the implication here is that you know what you are talking about because
> you work for a "real" (i.e. commercial) linux distribution. 
No, you get it plain wrong. I guess it's just a way of thinking, but how I
understand what The Doctor What said about TurboLinux is that he just states
that he knows the chores of a Unix administrator. Point. Don't attribute to
anyone what he didn't say.

> that way here, it's not who you work for that's important, it's what
> you've done.
Exactly what he said. He's DONE work for TurboLinux. He did it well. He has
every right to be proud of it and to draw it in discussion like this.
  
marek


pgp5G54mQ8CFD.pgp
Description: PGP signature

Re: Debian recommended software (moving off-topic)

[Josip Rodin]

On Sat, Oct 02, 1999 at 04:59:35PM +0200, Martin Bialasinski wrote:
> Whatever, I won't restart this thread again. I wouldn't touch wuftp
> with a 10ft pole. I switched to proftpd, when there was a hole in many
> ftpds (creating a very deep directory hierarchy), the fix for proftpd
> was available after 1-2 days, but for wuftp, it took 2 weeks. Is there
> an upstream maintainer for wuftpd?

Half a year ago, a new development group for wu-ftpd has been formed.
They are releasing new versions and making quite a lot of changes/fixes
really fast these days.

-- 
enJoy -*/\*- don't even try to pronounce my first name

Re: Debian recommended software

[Laurel Fan]

Excerpts from debian: 2-Oct-99 Debian recommended software by Edward
[EMAIL PROTECTED] 
> I understand it would be almost impossible for Debian to
> provided a list of software we all recommend, because we 
> are all individuals and would disagree,
> but here is my list:

While this has nothing in particular to do with Debian, there's a
fledgeling linux software review site at
http://www.linuxchix.org/docs/reviews/index.html
which would welcome everyone's opinions.

Re: Packages should not Conflict on the basis of duplicate functionality

[Martin Bialasinski]

* "Piotr" == Piotr Roszatycki <[EMAIL PROTECTED]> wrote:

Piotr> I've install postgresql on my home computer. I need this daemon
Piotr> only sometimes. I don't want to start it every time I reboot
Piotr> system.

Configure this in a runlevel. Debian doesn't predefine the use of
runlevels. If you start in RL 3, and make postgresql start in RL 4,
then this setup won't be reverted by a package update or such.

And you can either switch to RL 4, or start postgresql with its init.d 
script.

Piotr> debconf could be helpful.

Not in this case I think.

Ciao,
Martin

Re: Debian recommended software (moving off-topic)

[Martin Bialasinski]

* "Edward" == Edward Betts <[EMAIL PROTECTED]> wrote:

Edward> Martin Bialasinski <[EMAIL PROTECTED]> wrote:

Edward> MDA: procmail
Edward> This is standard priority, but exim is not configured to use it, people 
have
Edward> to mess with .forward files.
>> 
>> exim has its own filter facility, that is easier to understand and use 
>> by new users.

Edward> Can users alter the exim config? I suppose we are thinking off
Edward> single user machines where sysadmin == user.

I don't quite understand.

To use the exim filter functions, one uses a .forward like

# Exim filter <<== necessary for to recognise the format

if $header_x-mailing-list matches 
then 
  save $home/Mail/debian/$1 
endif

if personal alias [EMAIL PROTECTED] alias [EMAIL PROTECTED] 
then
  unseen deliver [EMAIL PROTECTED]
  save $home/Mail/personal
endif

Exim could also be configured to use .procmail, if the user has a
.procmailrc, rpocmail is available and there is no .forward.

Edward> Sorry, that was not far of me at all was it. I think proftp
Edward> had some security bugs, that have been fixed, but there is a
Edward> thought based on the way it was designed that there are
Edward> probably more.

Whatever, I won't restart this thread again. I wouldn't touch wuftp
with a 10ft pole. I switched to proftpd, when there was a hole in many
ftpds (creating a very deep directory hierarchy), the fix for proftpd
was available after 1-2 days, but for wuftp, it took 2 weeks. Is there
an upstream maintainer for wuftpd?

Ciao,
Martin

Re: Packages should not Conflict on the basis of duplicate functionality

[Piotr Roszatycki]

On Fri, 1 Oct 1999, Craig Sanders wrote:
> DON'T INSTALL THE DAEMON IF YOU DON'T WANT TO RUN IT.
> 
> WHY IS THE BLEEDING OBVIOUS SO FAR BEYOND YOUR COMPREHENSION?

i.e:

I've install postgresql on my home computer. I need this
daemon only sometimes. I don't want to start it every time
I reboot system.

debconf could be helpful.

-- 

Piotr "Dexter" Roszatycki
mailto:[EMAIL PROTECTED]

Re: Debian recommended software (moving off-topic)

[Edward Betts]

Martin Bialasinski <[EMAIL PROTECTED]> wrote:
> 
> * "Edward" == Edward Betts <[EMAIL PROTECTED]> wrote:
> 
> Edward> MDA: procmail
> Edward> This is standard priority, but exim is not configured to use it, 
> people have
> Edward> to mess with .forward files.
> 
> exim has its own filter facility, that is easier to understand and use 
> by new users.

Can users alter the exim config? I suppose we are thinking off single user
machines where sysadmin == user.

> Edward> ftp server: proftp/wuftp
> Edward> what is the difference? proftp has security holes,
> 
> had not has. Or are you aware of any open ones?

Sorry, that was not far of me at all was it. I think proftp had some security
bugs, that have been fixed, but there is a thought based on the way it was
designed that there are probably more.

-- 
I consume, therefore I am

ITP: mcl

[Marcel Harkema]

  Hi,

  I plan to package 'mcl'.

  mcl is a MUD client running under Unix. Under Linux console, it uses
  direct Virtual Console access for high speed, but it can also run in an
  xterm or on a VT100/ANSI compatible terminal at a reduced speed.  Embedded
  Perl and Python provide a high degree of tweakability.

  Upstream source: http://www.andreasen.org/mcl/
  License: GPL

  Cheers,

 Marcel

  Please send a Cc to me when replying to me on this mailinglist.


pgpW3q7VCAn6I.pgp
Description: PGP signature

Re: Debian recommended software

[Martin Bialasinski]

* "Edward" == Edward Betts <[EMAIL PROTECTED]> wrote:

Edward> MDA: procmail
Edward> This is standard priority, but exim is not configured to use it, people 
have
Edward> to mess with .forward files.

exim has its own filter facility, that is easier to understand and use 
by new users.

Edward> list server: smartlist
Edward> Needs modifications to exim.conf found on the www.exim.org homepage to
Edward> function well.

I use smartlist myself, but I heard others (like mailman) are
better. The Exim list uses mailman IIRC.

Edward> ftp server: proftp/wuftp
Edward> what is the difference? proftp has security holes,

had not has. Or are you aware of any open ones?

Edward> web server: apache

It is the most used one. One could argue if this is the best one for
beginners.

Edward> Do the task-* packages go some way to solving this problem?

At least partly. I made the explicit request not to include all
editors available, but only one, when an editor should be part of the
task. Therefore, the maintainer of the task package makes a choice for
the user selecting the package.

Ciao,
Martin

Re: slink -> potato

[Anthony Towns]

On Sat, Oct 02, 1999 at 10:35:10PM +1000, Herbert Xu wrote:
> No, during the upgrade, inetd should not try to start new copies of telnetd
> because it may not be there or it may not be executable (e.g., shlibs that
> it depends on may be missing).  Thus it must be disabled as is done with all
> daemons per the policy.  However, this does not stop any existing telnet
> connections so it should not be a problem.

> AFAIK ssh does exactly the same thing in its prerm.

So it does. (/etc/init.d/ssh stop, unconditionally)

Hmmm. I can't actually find any mention of this in policy. In fact,
discussion of what should be done when in prerm and postrm seems pretty
bare, period.

Is this proper behaviour? It seems like it'd avoid errors, but it does
introduce `unnecessary' downtime. Should I do /etc/init.d/inetd stop
in netbase's prerm?

(On my system, there are about half a dozen (incl. xdm, apache, netbase,
pcmcia) that try to keep the service running during the upgrade, about
a dozen that just stop it)

What sequence of events is actually going to cause problems? I'd have
thought dpkg would generally manage to keep dependencies pretty reliable
while upgrading.

Did anything come of the `locally-essential' thing that apt was going
to support at one point? So that you could say "telnetd is Essential
to this machine --- I do remote maintenance", and have Apt configure
telnetd (and any dependents) ASAP. That would solve the original problem
pretty well, it seems to me.

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
results in slower code, and it results in more bugs.''
-- Linus Torvalds


pgpNkUspnlLID.pgp
Description: PGP signature

Re: slink -> potato

[Herbert Xu]

On Sat, Oct 02, 1999 at 10:26:52PM +1000, Anthony Towns wrote:
> 
> Ah. Your problem is probably telnetd's prerm:
> 
> ] if command -v update-inetd >/dev/null 2>&1; then
> ]update-inetd --disable telnet
> ] fi
> 
> It might be better to bracket this with an `if [ "$1" != "upgrade" ]', or
> similar. Herbert, does that sound right?

No, during the upgrade, inetd should not try to start new copies of telnetd
because it may not be there or it may not be executable (e.g., shlibs that
it depends on may be missing).  Thus it must be disabled as is done with all
daemons per the policy.  However, this does not stop any existing telnet
connections so it should not be a problem.

If anyone has seen an existing connection die, please report that as a bug.

> ssh strikes me as much better thing to use for remote updates, though :)

AFAIK ssh does exactly the same thing in its prerm.
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Debian recommended software

[Edward Betts]

Martin Mitchell <[EMAIL PROTECTED]> wrote:
> "J.H.M. Dassen \(Ray\)" <[EMAIL PROTECTED]> writes:
> > I switched to lftp myself at the time of the previous ncftp license issue,
> > and haven't looked back. Is there anything in ncftp that lftp doesn't have?
> > If there isn't, I'd say just drop it.
> 
> I did likewise, and haven't looked back either.

I am in exactly the same position, I think lftp is a great ftp client. 

I think that one of the problems with Debian is the extreme numbers of
packages, how do people know which to pick? We have the standard priority,
which is where we put `standard' software in, but what does this mean to the
user? If the bog standard ftp is in standard, does that mean that we recommend
that people run normally ftp. If they want a better ftp client they have got
to go through the net section, trying all of them until they get to a good
one.

It is the same for other things like list server. I used berolist to start
with, and it is terrible. Then I tried smartlist, and it was great. The
problem is there are so many to look at.

I understand it would be almost impossible for Debian to provided a list of
software we all recommend, because we are all individuals and would disagree,
but here is my list:

Shell: bash
This is the default, and the only other shell that I would think of using is
zsh, some people run tcsh.

MTA: exim
Again this is the default, I was running when smail was the default (had to
hunt it out as described above)

MUA: mutt
This is not the default, the only two mail clients with standard priority are
mailx and elm++, do we recommend people run them?

MDA: procmail
This is standard priority, but exim is not configured to use it, people have
to mess with .forward files.

list server: smartlist
Needs modifications to exim.conf found on the www.exim.org homepage to
function well.

pop3 fetcher: fetchmail
I think this is the only pop3 mail fetcher in debian, there used to be loads
more, where did they go?

news-client: slrn
I use trn but I would recommend slrn to others.

vi: vim
I am not arguring this should be the recommended editor, just the recommended
version of vi. I do not think that any package should be the recommended
editor, I use vim as my default editor, but I would not recommend it for
newbies, I think we need an editor like the DOS Edit or MS-Windows Notepad,
and we do not have it, fte, comes close, but does not work over telnet.

ftp server: proftp/wuftp
what is the difference? proftp has security holes, but supports non-ip based
virtual hosting? wuftp doesn't? ftpd actually has a recommendation that people
run proftp or wuftp

web server: apache
web-robot: wget
ftp client: lftp
irc-client: epic4

Another problem is that all of these are console based tools. What happens
when people move to X windows, the toolset changes completely.

Do the task-* packages go some way to solving this problem?
-- 
I consume, therefore I am


pgpyLRQFNEJR7.pgp
Description: PGP signature

Re: slink -> potato

[Anthony Towns]

> On Fri, Oct 01, 1999 at 11:43:17AM -0700, John Lapeyre wrote:
> >Something I have noticed several times. If you are doing a remote
> > upgrade (probably a crazy idea), the telnet daemon (maybe inetd or
> > something) becomes unavailble for quite some time.

netbase restarts inetd in it's postinst, so there shouldn't be any
significant amount of time that inetd's not running. The portmapper is
a different matter, but it shouldn't affect telnet.

Ah. Your problem is probably telnetd's prerm:

] if command -v update-inetd >/dev/null 2>&1; then
]update-inetd --disable telnet
] fi

It might be better to bracket this with an `if [ "$1" != "upgrade" ]', or
similar. Herbert, does that sound right?

ssh strikes me as much better thing to use for remote updates, though :)

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
results in slower code, and it results in more bugs.''
-- Linus Torvalds


pgpliCSlXFXxl.pgp
Description: PGP signature

Re: NcFTP is free again?

[Martin Mitchell]

"J.H.M. Dassen \(Ray\)" <[EMAIL PROTECTED]> writes:

> On Fri, Oct 01, 1999 at 01:41:18 -0500, Chris Lawrence wrote:
> > So we can't do squat with NcFTP 3 until Mike includes a license.
> 
> I switched to lftp myself at the time of the previous ncftp license issue,
> and haven't looked back. Is there anything in ncftp that lftp doesn't have?
> If there isn't, I'd say just drop it.

I did likewise, and haven't looked back either.

Martin. (former ncftp maintainer)

Re: dhcpcd procedure

[Josip Rodin]

On Fri, Oct 01, 1999 at 12:28:36PM -0400, Dpk wrote:
> I recently adopted dhcpcd... previous versions of dhcpcd would restart
> during upgrades, which obviously is bad for those doing it remotely.
> Since my recent upload does not restart dhcpcd, I need to start it for
> those upgrading from previous versions that did stop the daemon.  
> 
> What would be the best way to check for this?  A simple 'ps |grep
> dhcpcd' ? Would doing so make my package dependent on procps?

Maybe you could use the "pidof" utility, which comes with sysvinit
(which is "Essential: yes" package)?

> is there a convenient way to check the installed version of dhcpcd
> someway?

>From the packaging manual:

 3.   1.   If the package is being upgraded, call:
 upgrade 

 When we configure a package (this happens with `dpkg --install', or
 with `--configure'), we first update the conffiles and then call:
   configure 

So, you could put something like this in the preinst:

if [ "$1" = "upgrade" -a "$2" ]; then
  
fi

Or this in postinst:

if [ "$1" = "configure" -a "$2" ]; then
  
fi

And yes, this question would be more appropriate for debian-mentors
list.

-- 
enJoy -*/\*- don't even try to pronounce my first name

Re: slink -> potato

[Josip Rodin]

On Fri, Oct 01, 1999 at 11:43:17AM -0700, John Lapeyre wrote:
>Something I have noticed several times. If you are doing a remote
> upgrade (probably a crazy idea), the telnet daemon (maybe inetd or
> something) becomes unavailble for quite some time. Maybe it is between the
> time that netbase is unpacked and when it is configured.  There are
> usually problems with a broken package or two so that apt-get upgrade does
> not work on the first try. If I lose my telnet connection, I can't telnet
> again to fix things.

The Release Notes for slink explicitely said you should install telnetd
package if doing a hamm->slink upgrade over telnet link (no, I don't think
it is a crazy idea, it is in fact marvelous feature :)... maybe you have
experienced the same problem?

I'd appreciate someone would investigate this, because the potato Release
Notes[1] must include such anti-showstopper information.

[1] ... which I'll be co-authoring, FWIW...

-- 
enJoy -*/\*- don't even try to pronounce my first name

Re: SSH never free

[Edward Betts]

Joel Klecker <[EMAIL PROTECTED]> wrote:
> If we step into the "patents make something non-free" trap, then we 
> probably have a lot of things in main that should be moved to 
> non-free because they technically infringe on someone's stupid patent.

Living in the UK, where there are currently no software patenets, I tend to
agree with you. But there is some inconsistancy, for example all the gif that
is in non-free because of patents.

-- 
I consume, therefore I am


pgp7VRzSf3p51.pgp
Description: PGP signature

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Craig Sanders]

On Fri, Oct 01, 1999 at 11:52:59PM -0500, The Doctor What wrote:
> You on the other hand show no thought for anyone else.

i show no regard for those who demonstrate they are fools. i show
contempt for those who demonstrate that they are annoying fools. guess
which category you fall into.

in short, say something merely stupid and i will ignore you. say
something stupid and irritating and i will rub your nose in it.

> And finally, just to make sure we're all clear on the matter
> "no regards, craig"

i had some doubts as to whether you might get the picture. in your case,
i thought spelling it out was necessary.


> or at least see that stabbing at people isn't productive.

if it makes fools quit their yapping then it can be highly productive.


this "discussion" is a waste of time.


craig


--
craig sanders

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Craig Sanders]

On Fri, Oct 01, 1999 at 11:38:47PM -0400, Steve Willer wrote:
> When someone writes things like:
> 
> >  well, bully for you.  i guess that must make you so proud.
> 
> and
> 
> >  now what is so fucking difficult to understand about that?
> 
> the word "deliberate" isn't the first that occurs to me.

if you can't comprehend that someone might deliberately choose those
words, then that is your problem not mine. such paucity of imagination
is truly sad.


craig

--
craig sanders

ALSA libraries change names (again)

[David Huggins-Daines]

This is a (belated, unfortunately) heads-up to anyone who has a package that
depends on the ALSA libraries.

As of the 0.4.1 release, I've switched from the odd naming scheme formerly
used by the ALSA libraries (i.e. 'alsalib0.3.0', 'alsalib0.3.2', etc)
because (a) new versions can't coexist with old ones (the ALSA maintainers
keep [EMAIL PROTECTED] changing the kernel API) and (b) the soname doesn't 
contain the
extra version numbers (though it could be argued that it should since the
libraries are all mutually incompatible - such are the pains of software in
development).

Thus, if your package depended on alsalib0.3.2, it should now depend on
libasound0.  With luck the ALSA people will make some effort to stabilize
their APIs Real Soon Now...  In any case, that package name should stick
around for a while, I hope.

(BTW, if there is anyone out there who is active in the ALSA development
effort and would like to take these packages, please contact me - I don't
mind maintaining them since I use them, but I'm not very knowledgeable on
the ALSA internals or the development process)

-- 
  David Huggins-Daines - [EMAIL PROTECTED]
   Linux system administration, C and Perl programming
  Information Retrieval, Database, and Web development

Re: SSH never free

[Herbert Xu]

Joel Klecker <[EMAIL PROTECTED]> wrote:
> At 10:06 +1000 1999-10-02, Herbert Xu wrote:
>>They use libssl, which begs the question why isn't libssl in non-US/non-free?

> Uh, because it isn't non-free?

Here's a quote from the policy:

 `Non-free' contains packages which are not compliant with the DFSG or
 which are encumbered by patents or other legal issues that make their
 distribution problematic.

> If we step into the "patents make something non-free" trap, then we 
> probably have a lot of things in main that should be moved to 
> non-free because they technically infringe on someone's stupid patent.

Please list them so that we can move them over there *now*.

> Perhaps you are confused, ssh became non-free despite patents in 
> 1.2.13, it is *NOT* the patents that make ssh non-free.

The patent makes it non-free, so does the new license.

> Another thing, technically our ssh package is illegal to use in the 
> US because it does not use RSAREF.

Ain't I lukcy then that I don't live in the US :)
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Steve Willer]

On Sat, 2 Oct 1999, Anthony Towns wrote:

> And of course, everyone else on the list doesn't work in the "real world",
> and just plays in their own little pointless sandpit. Feh.
> 
> That *is* offensive.

Well, you know what? In many cases, it's true. I have seen many people in
the past few months presenting some kind of strong opinion on "real-world"
issues and then later mention offhand that they just use Linux on their
home computer. The same kind of thing happened in the discussion about
static binaries and the lack of an ability to recover from various forms
of error (oh, and by the way, you can't run lilo on the hard drive while
booting from the rescue floppy right now, because lilo is dynamically
linked). 

Most of the truly experienced people, with real-life 24-7 pager support
experience, don't seem to pay attention to this list. This is probably to
be expected.

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[The Doctor What]

On Sat, Oct 02, 1999 at 03:53:43PM +1000, Anthony Towns wrote:
> On Fri, Oct 01, 1999 at 11:53:19PM -0500, The Doctor What wrote:
> > The idea was not to say that "since I work for *a company* I'm an
> > authority".  My point was that I work in the "real world" and have a
> > counter example. 
> 
> And of course, everyone else on the list doesn't work in the "real world",
> and just plays in their own little pointless sandpit. Feh.
> 
> That *is* offensive.
> 
> (And if we all do live in the "real world" then there's nothing special
> about the fact that you do too, so you wouldn't bother pointing it out,
> right? So since it was necessary to point it out, the rest of us must
> be cloistered academics, or insulated children or something, yes?)
> 
> ``I work for TurboLinux, and this is the way we do it...'' is all very
> well.
> 
> ``I work for TurboLinux. This is the way you should do it.'' is less so.

I was saying that I have "real world" (counter) examples.  Namely mine.  He
suggested that Michael Stone wasn't in the real world.  Michael Stone was
offering the same opinion of Craig Sanders.

Craig obviously has real world experience, as per his web site
http://siva.taz.net.au/~cas/

And running a home machine (Like azure http://azure.humbug.org.au/~aj) is
real too.

The fact I work at TurboLinux gives me *zero* right to say "it should be
so".  The fact I use Debian and like Linux does give me the right to say,
"*I* think it should be done this way".

I did not say anyone else is or is not in the real world.  For the most
part, I let people decide that for themselves.

> In any case, I fail to see how pressing `_' in dselect before any
> unnecessary daemons are installed could possibly be less secure than
> saying "No, I don't want services activated by default" and then
> installing them anyway. This isn't about increasing security per se,
> it's about either increasing choice (so you can install daemons even
> if you don't want to run them for whatever reason), or about giving you
> more knowledge about what's going on (so that when you install linuxconf
> you find out that it comes with a remote configuration thingo).

Both are secure.  Asking a user at install time gives the following
advantages (in order of importance to me):
* Ability to run concurrent 'same service' servers (more choice!)
* Ability to *not* run a server on install (more choice)
* A clear indication that this package uses the net
* Security by default.  A user can ignore it, but it isn't 'reasonable' to
  go any further and force this down their throat.

So in that respect, we are on the same page.  I agree.  I just think that
all packages should ask.  If one wants a global switch that says:
"Run all daemons at install: (y/n/Ask)"  Fine!  I'd love it!  I'd be very
happy.

Ciao!

-- 
Any member introducing a dog into the Society's premises shall be liable to a 
fine of one pound.  Any animal leading a blind person shall be deemed to be a 
cat.
-- Rule 46, Oxford Union Society, London

The Doctor What: Un-Humble   http://docwhat.gerf.org/
[EMAIL PROTECTED](finger [EMAIL PROTECTED] for PGP key)
KF6VNC

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Anthony Towns]

On Fri, Oct 01, 1999 at 11:53:19PM -0500, The Doctor What wrote:
> The idea was not to say that "since I work for *a company* I'm an
> authority".  My point was that I work in the "real world" and have a
> counter example. 

And of course, everyone else on the list doesn't work in the "real world",
and just plays in their own little pointless sandpit. Feh.

That *is* offensive.

(And if we all do live in the "real world" then there's nothing special
about the fact that you do too, so you wouldn't bother pointing it out,
right? So since it was necessary to point it out, the rest of us must
be cloistered academics, or insulated children or something, yes?)

``I work for TurboLinux, and this is the way we do it...'' is all very
well.

``I work for TurboLinux. This is the way you should do it.'' is less so.

In any case, I fail to see how pressing `_' in dselect before any
unnecessary daemons are installed could possibly be less secure than
saying "No, I don't want services activated by default" and then
installing them anyway. This isn't about increasing security per se,
it's about either increasing choice (so you can install daemons even
if you don't want to run them for whatever reason), or about giving you
more knowledge about what's going on (so that when you install linuxconf
you find out that it comes with a remote configuration thingo).

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
results in slower code, and it results in more bugs.''
-- Linus Torvalds


pgpJhFUJJiYSd.pgp
Description: PGP signature

Re: Packages should not Conflict on the basis of duplicate functionality

[Clint Adams]

> No, this is silly.  When you install a package, it is for use.  If you 
> don't intend to use it, why install it?

Perhaps you can explain where this idea comes from.

Of course, if I want to evaluate a daemon, I can --unpack the package
into /usr/local/testfun and manually enable it, evaluate it, and then
rm -r it.  Sure, that's possible.  And I can also compile it myself
from dsc and munge the install scripts.  Or I can build it from
pristine source and stick it in /usr/local.  So clearly nothing is
preventing me from reaching my desired ends even if it prevents the
preferable means.

But I install packages I don't intend to use.  On certain systems
I'll install tcsh or csh.  I have no intention of using them
(this is aside from any package that might require a csh provider),
but there is the potential for a user to want tcsh there sometime
in the future, and if he is not clueful to get it on his own,
he'll be okay because it's there.  Having a shell package
going and changing users' shells on install would be horrific,
though I doubt anyone would dispute that.

There are daemons that can be run legitimately by a user on high
ports.  Let's say you have a system where you let people run
web servers in user space.  Luckily, roxen and apache don't
conflict with one another, so you can easily have both available
for users to use, and edit the configs so that neither of them
run on port 80 or any other system port.  The daemons are being used;
they're just not being used in the "standard configuration."
On the downside, one cannot reasonably assume that if one installs
both packages that roxen will grab port 80 on bootup.

If you have packages conflict, then yes, you can be pretty certain
that the pop server you've installed is the one that will be grabbing
port 110 on all IPs, because any other pop server has been removed.

So if the consensus is that "debconf should handle it," why don't
we stop the flaming and whining and figure out the logistics of
the matter?

Re: Little FAQ for users and maintainers

[Jason Gunthorpe]

On Fri, 1 Oct 1999, Fabien Ninoles wrote:

> Many time, apt-get break on conflicting files. It happens me often
> on unstable but also when upgrading from slink to potato. Here some
> recommendations to help users resolved the conflicts and also to
> help maintainers do the Right Things (TM) the first time.

I assume you mean file conflicts. I generally recommend adding this to
/etc/apt/apt.conf 

dpkg::options {"--force-overwrite";};

And use an 0.3 version of APT. Of course you should file bugs when you see
the warning ;>

Jason

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Hamish Moffatt]

On Fri, Oct 01, 1999 at 09:06:59PM -0500, The Doctor What wrote:
> On Fri, Oct 01, 1999 at 08:47:20PM +1000, Craig Sanders wrote:
> In short, a summary (admittedly from my point of view) follows:
> In a discussion on whether network daemons should do one of the following:
> a) Simply start up, grabbing any ports it needs (most do this)
> b) Not start up (a few do this)
> c) Ask about what ports to grab and whether to start up (some do this)
> 
> This letter is to make it public that I think Craig has gone too far.  He
> has hurt my feelings and has been very insulting to everyone in
> debian-devel.  And this is not the way to get things done.

Did you consider his point, though? Why would you install a service
if you don't want it to run?

> However, Craig's arguments have become increasingly hostile and insulting,
> building up to the message mentioned above.  Being mean and insulting are
> not ways to get your point across. 

It seems to me that he was just frustrated because you weren't
evening reading what he had to say.



Hamish
-- 
Hamish Moffatt VK3SB (ex-VK3TYD). 
CCs of replies from mailing lists are welcome.

Little FAQ for users and maintainers

[Fabien Ninoles]

Many time, apt-get break on conflicting files. It happens me often
on unstable but also when upgrading from slink to potato. Here some
recommendations to help users resolved the conflicts and also to
help maintainers do the Right Things (TM) the first time.

Should we consider building a debian-mentors FAQ for things like this?

-

For users:

When a conflict occurs, try to run apt-get -f install several time
until all conflict are removed or no more packages can be install
without conflicting somewhere else. Sometime it takes more than one
turn to apt-get to correct those packages.

Also, take in note the conflicting packages and report them to the BTS
under the package one you was trying to install or upgrade. This will
help to improve the overall quality of Debian.


For maintainers:

Moving files from one package to another.

Supposed that you move a file from Package foo to Package bar. If Package
foo still existed, Package bar should included a Conflicts reading this
way:

Conflicts: foo (<< new-version)

where new-version is the version of the Package foo who has the
conflicting file removed.

If foo is removed, you should change it to
Conflicts: foo
or
Conflicts: foo (<= old-version)
where old-version is the latest version of foo. This last one don't
handle local package in the form of foo old-version.1 (that's the
recommended way to do local NMU) and that's why it should be avoid
when possible.

-- 

Fabien NinolesChevalier servant de la Dame Catherine des Rosiers
aka Corbeau aka le Veneur Gris   Debian GNU/Linux maintainer
E-mail:[EMAIL PROTECTED]
WebPage:http://www.tzone.org/~fabien
RSA PGP KEY [E3723845]: 1C C1 4F A6 EE E5 4D 99  4F 80 2D 2D 1F 85 C1 70

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Hamish Moffatt]

On Sat, Oct 02, 1999 at 12:46:46PM +1000, Craig Sanders wrote:
>   "Excuse me.  I work for TurboLinux."
> 
> the implication here is that you know what you are talking about because
> you work for a "real" (i.e. commercial) linux distribution. 

When in fact the opposite is true? :-)


Hamish
-- 
Hamish Moffatt VK3SB (ex-VK3TYD). 
CCs of replies from mailing lists are welcome.

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[The Doctor What]

On Sat, Oct 02, 1999 at 12:46:46PM +1000, Craig Sanders wrote:
> On Fri, Oct 01, 1999 at 09:06:39PM -0500, The Doctor What wrote:
> > I took care in my message above to remove anything offensive towards
> > Craig.  Unfortunately Craig didn't do the same.
> 
> garbage.  you went out of your way to be offensive.  to quote the opening
> line of your message:
> 
>   "Excuse me.  I work for TurboLinux."
> 
> the implication here is that you know what you are talking about because
> you work for a "real" (i.e. commercial) linux distribution. 
> 
> anyone should be able to guess that that particular attitude is not
> going to go down well in debian-devel. it's akin to saying that
> proprietary software is better because the programmers get paid to write
> it (and, by logical extension, that free software authors are just
> amateur bumblers).
> 
> i find posturing based on your employer to be particularly annoying -
> it's a blatant attempt to cash in on borrowed status. it doesn't work
> that way here, it's not who you work for that's important, it's what
> you've done.

The idea was not to say that "since I work for *a company* I'm an
authority".  My point was that I work in the "real world" and have a
counter example.  Perhaps that should have been phrased:
"As I work in the 'real world', at TurboLinux in fact, I consider my self
as at least a counter-example.  We make it an EXPLICIT"

Full Quote:

On Thu, Sep 30, 1999 at 08:05:32AM +1000, Craig Sanders wrote:
> On Wed, Sep 29, 1999 at 06:38:55AM -0400, Michael Stone wrote:
> 
> > The fantasy is over--WELCOME TO REAL LIFE! It turns out that some
> > people install Linux without preexisting knowledge of how to securely
> > administer a Unix machine.
> 
> sorry, it's you who needs to wake up to the real world.

Excuse me.  I work for TurboLinux.  We make it an EXPLICIT policy to
disable all daemons, for Workstation and Server products.  We also provide
a tool to manage these (turboservices and turbonetcfg).

I used to work for Tandem Computers, Tandem Computers had a similar policy
too.

While Mr. Stone is being a little extreme, this is the real world.
This is a security issue.  More than that it is a matter of choice.


Please note that I don't say anywhere in the letter that you do not live in
the real world. I also don't say that you can't understand the obvious or
imploy any other methods to insult your intellegence.  In fact, I try
hard not to put you down at all, though I must have failed.

You on the other hand show no thought for anyone else.

Quotes (out of context, but I think they speak for them selves):
"i don't give a damn who you work for."
"well, bully for you.  i guess that must make you so proud."
"now what is so fucking difficult to understand about that?"
"you must be some kind of genius to figure that out all by yourself."
"i guess you aren't such a genius after all."
"WHY IS THE BLEEDING OBVIOUS SO FAR BEYOND YOUR COMPREHENSION?"
"it is especially tedious when some pompous cretin just spews out
trivialities based on some misunderstanding of the thread which is
explicable only by you not having read it."

And finally, just to make sure we're all clear on the matter
"no regards, craig"

Note that those are verbatum and all are full sentences.  I did not clip
short any sentences.

> > It is my hope that Craig Sanders reads this and thinks about what he
> > has done and why.
> 
> very little of what i write is done without review and consideration of
> the effect of my words. i am a very deliberate writer. i presume that
> others are just as deliberate. if they're not, then they need to learn
> more caution and control over the language they use.

I'll take that at face value, and ignore yet another jib at me.

My last sentence was not to say that you write without review or
consideration of your words.  I wanted you to know I was hurt.  I thought
that if you were even slightly . . . empethetic, sympathetic, "human" . . .
that you'd reconsider, or at least see that stabbing at people isn't
productive.

But no, I see that isn't so.  I'm sorry.  I generally like people, work
hard to help even people who piss me off.  I try to understand people.  I
work to try to see why conflicts arise.  I try to reach a consenses.

But that's where we differ, isn't it?

Bye,
Christian Holtje

-- 
"If only you'd listened to me, I could have saved you from all that yukkiness."
--Kryten (Red Dwarf)

The Doctor What: A Holtje Production http://docwhat.gerf.org/
[EMAIL PROTECTED](finger [EMAIL PROTECTED] for PGP key)
KF6VNC

Re: ITP: actx

[Branden Robinson]

On Fri, Oct 01, 1999 at 07:16:37PM +0900, Kenshi Muto wrote:
>  Package: actx
>  Version: 0.98pre8-2

You do realize that dpkg treats "0.98" as less than "0.98pre8", don't you?

>  Section: x11

This should probably go in "games" or maybe "graphics" depending on what a
"window sitter" is.

>  Description: A Window Sitter Program on X
>   ActX is a window sitter program to make your life with X rich and
> fruitful. It supports a helpful pop-up menu to modify configuration of
> animation and more. Originally inspired with XAyanami, another window
> sitter.

The second, third, and fourth lines of the extended description should be
indented one space.

Also, the description doesn't actually tell me much.

What is a "window sitter"?  A baby sitter for windows?  I do not understand.

"to make your life with X rich and fruitful" either sounds like a joke or
very bad advertising.  If it is the latter it has no place in the package
description, which needs to be informative.

Instead of that second sentence, I would say "Animation and other
configuration is done with a pop-up menu."

"Originally inspired with" should probably be "Originally inspired by".

But the most important thing is to tell the user what a "window sitter" is.
I think I'm up on my jargon, but I don't know what you're talking about
here.

-- 
G. Branden Robinson  |   If you wish to strive for peace of soul,
Debian GNU/Linux |   then believe; if you wish to be a
[EMAIL PROTECTED]   |   devotee of truth, then inquire.
cartoon.ecn.purdue.edu/~branden/ |   -- Friedrich Nietzsche


pgpi0eaMfd9G0.pgp
Description: PGP signature

ITW/P: freecati

[Chris Lawrence]

I intend to write and package a free computer assisted telephone
interviewing (CATI) application for Linux; there appears to be no free
CATI software in the universe, and what CATI software there is is
extremely overpriced (per-seat licensing), runs on certain operating
systems that aren't free produced by Microsoft, and has really crappy
support.  [The disgusting part is that writing a CATI application
appears extremely trivial... you can do 90% of what you need with
dialog or whiptail.]

I intend to base it around the newt 0.50 (new upstream version not yet
in Debian) slang-based windowing toolkit and the Python scripting
language.  I suspect I'll use Python's database interface as well
(which supports multiple database backends).  I plan on including
support for "smart modem dialling" (the modem handles busy signals and
no answers for the interviewer) and "voice" modems with builtin
speakerphone capabilities (for use with off-the-shelf headsets).

For the unfamiliar, CATI programs are used to to conduct surveys over
the telephone (although they can also be used in other contexts).
Think of an "installation wizard" with a modem dialer and database
backend, and you've got the idea.  The concept here is basically to
make it possible to turn mothballed 486es (or eMachines ;-) into
interviewing stations running Linux for the cost of a network card, a
good USR modem and a noise-cancelling headset (i.e. well under $200).

The software will be GPLed.


Chris
-- 
=
|  Chris Lawrence   |  Get your Debian 2.1 CD-ROMs  |
| <[EMAIL PROTECTED]>  |   http://www.lordsutch.com/   |
|   |   |
|   Political Scientist Wanna-be|Your site belongs here.|
| University of Mississippi |[Commercialize your sig today!]|
=

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Steve Willer]

On Sat, 2 Oct 1999, Craig Sanders wrote:

>   "Excuse me.  I work for TurboLinux."
> 
> the implication here is that you know what you are talking about because
> you work for a "real" (i.e. commercial) linux distribution. 

Either that, or you're attributing an attitude to him that doesn't exist. 
That would mean you're wrong, and furthermore that you're being a rude
jerk. 

Boy, wouldn't that be embarrassing. You must feel awful.

> very little of what i write is done without review and consideration of
> the effect of my words. i am a very deliberate writer. i presume that
> others are just as deliberate. if they're not, then they need to learn
> more caution and control over the language they use.

When someone writes things like:

>  well, bully for you.  i guess that must make you so proud.

and

>  now what is so fucking difficult to understand about that?

the word "deliberate" isn't the first that occurs to me.

Re: How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[Craig Sanders]

On Fri, Oct 01, 1999 at 09:06:39PM -0500, The Doctor What wrote:
> I took care in my message above to remove anything offensive towards
> Craig.  Unfortunately Craig didn't do the same.

garbage.  you went out of your way to be offensive.  to quote the opening
line of your message:

"Excuse me.  I work for TurboLinux."

the implication here is that you know what you are talking about because
you work for a "real" (i.e. commercial) linux distribution. 

anyone should be able to guess that that particular attitude is not
going to go down well in debian-devel. it's akin to saying that
proprietary software is better because the programmers get paid to write
it (and, by logical extension, that free software authors are just
amateur bumblers).

i find posturing based on your employer to be particularly annoying -
it's a blatant attempt to cash in on borrowed status. it doesn't work
that way here, it's not who you work for that's important, it's what
you've done.


> It is my hope that Craig Sanders reads this and thinks about what he
> has done and why.

very little of what i write is done without review and consideration of
the effect of my words. i am a very deliberate writer. i presume that
others are just as deliberate. if they're not, then they need to learn
more caution and control over the language they use.

craig

--
craig sanders

Re: bash package removing /bin/sh on upgrade

[Anthony Towns]

On Fri, Oct 01, 1999 at 03:00:51PM +0200, Torsten Landschoff wrote:
> On Fri, Oct 01, 1999 at 08:36:01AM -0400, Ivan E. Moore II wrote:
> > yea...I just did an update today and something decided to remove /bin/sh
> > during the upgrade...and didn't put it back before it was needed...
> > so if something hoses for you just recreate it by linking it to like
> > bash...
> If somebody could come up with a better method of handling this it would be
> most welcome.

Just having /bin/sh included in the .deb is Good Enough -- diversions work
as designed.

There's a different preinst in one of the bug reports, ummm, #34717 I think,
that does the diversion stuff itself, too.

Cheers,
aj

-- 
Anthony Towns <[EMAIL PROTECTED]> 
I don't speak for anyone save myself. PGP encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
results in slower code, and it results in more bugs.''
-- Linus Torvalds


pgpIdKmLGJuKo.pgp
Description: PGP signature

Re: Packages should not Conflict on the basis of duplicate functionality

[Craig Sanders]

On Fri, Oct 01, 1999 at 10:20:41AM -0400, Clint Adams wrote:
> > it isn't useful to run the vtund server until it is configured. there
> > is no "standard" configuration which is suitable for shipping as a
> > default - it MUST be customised for each site, each tunnel must be setup
> > individually.
> 
> When did "useful" enter this discussion?

usefulness or utility has always been in this discussion.  you should pay
more attention.

> pipsecd starts the daemon automatically even though no tunnel has
> been set up, and even if userlink-modules hasn't been installed.
> 
> And even though it is of absolutely no use to you, the daemon
> starts running when you install the package.  And if there's some
> sort of exploitable back door in the code, you're vulnerable.
> But fine, you think security is a non-issue.

if pipsecd turns out to have a security hole then that MUST be fixed
regardless of whether it is started at install-time or not. fixing
the bug is the solution to the problem. merely not starting it is no
solution at all, that's just hiding your head in the sand.

> You seem to recognize at least one situation where it is
> counterproductive for Debian to make an assumption about the
> user's configuration.  Why can you not recognize others?

i have little interest left in this tedious thread, so i'll say this
once and once only. i really hope you can manage to understand it:

vtund was my package to create as i saw fit.  I personally saw no need
to have the vtund running when it wasn't yet configured, so I personally
chose not to have it start until the user configured it.  The maintainer
of pipsecd, according to your report, made a different choice. that is
their right.

this is not a matter for policy, this is not a matter where a tiny
minority of whiners can have artificial hysterics about fantasy security
issues and other FUD. my package, my decision. if you feel that the way
i manage my package is a problem, then file a bug report - i'll evaluate
that bug report and take whatever action (if any) i feel is appropriate.

ditto for the pipsecd package, Samuel can make up his own mind about how
to look after his package.  

by the same token, packages containing other daemons belong to their
respective maintainers. if there is any conflict between differing
packages, then it is up to the relevant maintainers to sort out a
solution - e.g. the emacs and xemacs conflict...until the people
responsible for those packages put their heads together and figured it
out, it was not possible to have both installed at the same time. now,
it is no problem at all.

what this means is that if there is a great desire to have several pop
packages installed at once, then it is up to the maintainers of the pop
packages (and other interested parties) to come up with a way that can
be achieved without hassle, and without imposing stupid and onerous
burdens on the maintainers of unrelated packages.

craig

--
craig sanders

Re: Packages should not Conflict on the basis of duplicate functionality

[The Doctor What]

On Fri, Oct 01, 1999 at 08:38:00PM +0200, Josip Rodin wrote:
> I'd like to propose something else: until the packages provide proper
> debconf (or whatever) support which would configure the port and other
> settings for the daemon, let's keep the Provides:+Conflicts: scheme we
> have been using so far.

I would like to second the idea that debconf handle this when it is ready.

Personally, I'd like to see packages ask this question now, but the idea
seems to have gotten very hostile responses.

Ciao!

-- 
Man is the best computer we can put aboard a spacecraft ... and the only one 
that can be mass produced with unskilled labor.
 -- Wernher von Braun

The Doctor What: A Holtje Production http://docwhat.gerf.org/
[EMAIL PROTECTED](finger [EMAIL PROTECTED] for PGP key)
KF6VNC

How not to be a nice person (Was: Re: Packages should not Conflict on the basis of duplicate functionality)

[The Doctor What]

Just to make sure we are all clear here:
I have cc'ed the listmaster and I am angry and insulted.  On the flip
side, I am trying very hard to be calm and collected and (most importantly
in my mind) fair.  The subject is deliberatly melodramatic.

On Fri, Oct 01, 1999 at 08:47:20PM +1000, Craig Sanders wrote:
[wrote lots of mean, insulting offensive things]

For those tuning in late, here is the archive url for my letter to
debian-devel, and Craig Sanders` response:

http://www.debian.org/Lists-Archives/debian-devel-9910/msg9.html
http://www.debian.org/Lists-Archives/debian-devel-9910/msg00018.html

In short, a summary (admittedly from my point of view) follows:
In a discussion on whether network daemons should do one of the following:
a) Simply start up, grabbing any ports it needs (most do this)
b) Not start up (a few do this)
c) Ask about what ports to grab and whether to start up (some do this)

This letter is to make it public that I think Craig has gone too far.  He
has hurt my feelings and has been very insulting to everyone in
debian-devel.  And this is not the way to get things done.

Craig's opinion is direct:
Things should stay the same.  If someone installs a package, they are
expecting it to run.  Everything else is a special case requiring extra
work on the part of the user.

However, Craig's arguments have become increasingly hostile and insulting,
building up to the message mentioned above.  Being mean and insulting are
not ways to get your point across. 

I took care in my message above to remove anything offensive towards
Craig.  Unfortunately Craig didn't do the same.

Perhaps Craig didn't mean it that way.  Perhaps he did feel persicuited or
attacked.  Not everyone's message was super polite.  Including mine.  But
even so, I think he went beyond limit.

I decided that I should check out some of his messages.  Many are usefull,
but woe to anyone who doesn't understand him or even worse doesn't
understand him *and* disagrees him!
Two Examples:
http://www.debian.org/Lists-Archives/debian-devel-9908/msg00044.html
http://www.debian.org/Lists-Archives/debian-devel-9907/msg00857.html

Fustratingly, he does bring usefull information to this mailing list and
have points that should be heard.  Just not with the meanness and rudeness
exhibited above.

It is my hope that Craig Sanders reads this and thinks about what he has
done and why.

Till then I am
Christian Holtje (aka [EMAIL PROTECTED])

-- 
Nobody said computers were going to be polite.

The Doctor What: A Holtje Production http://docwhat.gerf.org/
[EMAIL PROTECTED](finger [EMAIL PROTECTED] for PGP key)
KF6VNC

Re: what happened to x11amp

[Dan Nguyen]

Hi Kenneth,

Where have you been?  X11amp is now xmms.  The package has been
changed accordingly.

On Fri, Oct 01, 1999 at 06:57:08PM -0700, Kenneth Scharf wrote:
> I went to look for the sources to X11 amp on
> ftp.debian.org and they are missing.  I remember
> downloading the source packages a few months ago, but
> now a package search on debian.org shows them missing.
>  What happened?
> 
> 


-- 
   Dan Nguyen  | It is with true love as it is with ghosts;
[EMAIL PROTECTED]   | everyone talks of it, but few have seen it.
 [EMAIL PROTECTED]|   -Maxime De La Rochefoucauld
25 2F 99 19 6C C9 19 D6  1B 9F F1 E0 E9 10 4C 16

what happened to x11amp

[Kenneth Scharf]

I went to look for the sources to X11 amp on
ftp.debian.org and they are missing.  I remember
downloading the source packages a few months ago, but
now a package search on debian.org shows them missing.
 What happened?


=
Amateur Radio, when all else fails!

http://www.qsl.net/wa2mze

Debian Gnu Linux, Live Free or .


__
Do You Yahoo!?
Bid and sell for free at http://auctions.yahoo.com

Re: BTS: How are the bug reports organized?

[Jason Gunthorpe]

On Sat, 2 Oct 1999, Thomas Schoepf wrote:

> I don't understand how this should reduce/limit the number of files in a
> single directory.

Well, it's an application of probability theory.. The last couple digits
are more evenly distributed over the range of active (and inactive) bugs
so you get a more even distribution.

Consider if we have bugs 0->199 and you take the first digit. You end up
with 10 bugs in each bucket except bucket '1' which has 110. Put that on a
broader scale and account for expired bugs and you see the trouble.

Jason

Re: SSH never free

[Joel Klecker]

At 10:06 +1000 1999-10-02, Herbert Xu wrote:
They use libssl, which begs the question why isn't libssl in non-US/non-free?
Uh, because it isn't non-free?
If we step into the "patents make something non-free" trap, then we 
probably have a lot of things in main that should be moved to 
non-free because they technically infringe on someone's stupid patent.

Perhaps you are confused, ssh became non-free despite patents in 
1.2.13, it is *NOT* the patents that make ssh non-free.

Another thing, technically our ssh package is illegal to use in the 
US because it does not use RSAREF.
--
Joel Klecker (aka Espy)Debian GNU/Linux Developer
mailto:[EMAIL PROTECTED]> mailto:[EMAIL PROTECTED]>
http://web.espy.org/>   http://www.debian.org/>

Re: ITP: actx

[Kenshi Muto]

Thanks your comment.

Fri, 1 Oct 1999 23:38:53 +0200, Re: ITP: actx wrote about Thomas Schoepf 
<[EMAIL PROTECTED]> (<[EMAIL PROTECTED]>):
schoepf> On Fri, Oct 01, 1999 at 07:16:37PM +0900, Kenshi Muto wrote:
schoepf> >  Package: actx
schoepf> >  Version: 0.98pre8-2
schoepf> >  Section: x11
schoepf> 
schoepf> Who else thinks that this might better be set to 'games' ?

OK, I'll change section to 'games'.
-- 
Kenshi Muto
[EMAIL PROTECTED]

Re: SSH never free

[Herbert Xu]

Jason Gunthorpe <[EMAIL PROTECTED]> wrote:

> On 1 Oct 1999, James Troup wrote:

>> [ RSA is no longer included. ]

> Wait wait, doesn't this mean that ssh RSA authentication is gone as well??
> Did they replace it with DSS/DH or what? IMHO ssh would cease to be very
> usefull as a security tool without a public key mechism, not to mention
> that existin ssh clients would not be able to securely connect to obsd-ssh
> servers :<

They use libssl, which begs the question why isn't libssl in non-US/non-free?
-- 
Debian GNU/Linux 2.1 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt