Re: [Pkg-shadow-devel] Help wanted: test new shadow source package (login, passwd, uidmap, etc.)

[Christian PERRIER]

Quoting Serge Hallyn (serge.hal...@ubuntu.com):
> Quoting Christian PERRIER (bubu...@debian.org):
> > Quoting Christian PERRIER (bubu...@debian.org):
> > > Hello fellow developers,
> > > 
> > > I would like to request your help in testing the new version of the
> > > shadow package (that provides login, passwd and such other important
> > > or base packages).
> > 
> > I haven't got much feedbackwhich is indeed what I was more or less
> > expecting. ;-)
> > 
> > So, well, let's jump into the mud (I love to do that when
> > running.not sure I love to do that in my FLOSS activities) and
> > I'll soon upload shadow to unstable Be prepared.
> 
> Hi,
> 
> so first glitch I found is that /etc/subuid was not created for me.
> login.postinst only creates that on new installs.  In Ubuntu it
> does so anytime it does not exist - I assume you made that change
> on purpose?  usermod -v refuses to run if the file does not exist,
> so users will need to be told to create those files themselves.

What makes you think this?

In login.postinst, we have:

# Create subuid/subgid if missing
if [ ! -e /etc/subuid ]; then
touch /etc/subuid
chown root:root /etc/subuid
chmod 644 /etc/subuid
fi


(strangely indented, admitedlybut unless I'm missing something
obvious, it is unconditionnally run)

That code probably somes unchanged from the patches that have been
proposed, indeed.

And, well, on my system, /etc/subuid and /etc/subgid were indeed
created when I manually installed the new login package.



signature.asc
Description: Digital signature

Bug#746632: ITP: django-simple-captcha -- Django Simple Captcha Django application

[Brian May]

Package: wnpp
Severity: wishlist
Owner: Brian May 

* Package name: django-simple-captcha
  Version : 0.4.2
  Upstream Author : Marco Bonetti
* URL : https://github.com/mbi/django-simple-captcha
* License : [1]
  Programming Lang: Python
  Description : Django Simple Captcha Django application

Django Simple Captcha is an extremely simple, yet highly customizable
Django application to add captcha images to any Django form.

This is used by a Django application I maintain.

The source package is django-simple-captcha, the binary will probably
have to be renamed to python-captcha to make it Debian python policy
compliant.

With this in mind, I have a package available at:
https://code.vpac.org/debian/pool/main/d/django-simple-captcha/


Later: Just accidentally noticed that the name (python-captcha) has
already been taken in Debian, by a packaging that looks rather different
(for Python, not Django), so I may not actually be able to do this.

However, already entered most of this report now, so I am going submit
it like it or not :-).


[1] License:

Copyright (c) 2008 - 2014 Marco Bonetti

Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:

The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20140502062434.28049.80572.report...@aquitard.in.vpac.org

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

[Manoj Srivastava]

On Thu, May 01 2014, Paul Smith wrote:
> On Wed, 2014-04-30 at 10:55 -0700, Manoj Srivastava wrote:
>> Opened bug in Savannah BTS:
>>  https://savannah.gnu.org/bugs/?42249

> I pushed a fix for this.  See if it helps.

I have built a new version into experimental with that patch. Of
 the ~60 packages previously broken with make 4.0, I have now
 successfully built 6 (or roughly 10%) with a newly patched make.

With the other patches back ported from the savannah git repo, I
 think we have now addressed the issues uncovered by the archive
 rebuild. I am currently uoploading to experimental, and will hold it
 there for 24 hours, and upload it to unstable in 24 hours.

Many thanks to Paul for the quick turn around on this bug.

manoj
-- 
QOTD: "This is a one line proof... if we start sufficiently far to the
left."
Manoj Srivastava    
4096R/C5779A1C E37E 5EC5 2A01 DA25 AD20  05B6 CF48 9438 C577 9A1C


signature.asc
Description: PGP signature

Re: future of python-pipeline package

[Brian May]

On 16 May 2012 18:57, Dmitry Nezhevenko  wrote:

> Holger suggests to ask here and thinks that it's better to remove orphaned
> pipeline package. Any ideas or suggestions?
>

I just noticed this thread from 2012 in debian-devel / #620067, because I
am in exactly the same situation.

There has been a grave bug opened in fact:
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674042

Nobody has given any reason why we can't resolve this situation in unstable
by removing python-pipeline. It is orphaned[1]. This will remove the
conflicting package and we can close the bug.

Somebody said in this thread "However, I object to another package taking
over the module name." - but the other package is already in Debian - he
already missed his chance to object, and he failed to give any reasons why.
I think it is wrong that one person can prevent constructive work to
resolve release critical bugs like this.

Alternatively, django-pipeline could be modified to conflict with
python-pipeline. This would allow closing the grave bug report, but seems
wrong.

Notes:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=620067
-- 
Brian May 

Re: Help wanted: test new shadow source package (login, passwd, uidmap, etc.)

[Steve Langasek]

On Fri, May 02, 2014 at 04:38:15AM +, Serge Hallyn wrote:
> Quoting Christian PERRIER (bubu...@debian.org):
> > Quoting Christian PERRIER (bubu...@debian.org):
> > > Hello fellow developers,
> > > 
> > > I would like to request your help in testing the new version of the
> > > shadow package (that provides login, passwd and such other important
> > > or base packages).

> > I haven't got much feedbackwhich is indeed what I was more or less
> > expecting. ;-)

> > So, well, let's jump into the mud (I love to do that when
> > running.not sure I love to do that in my FLOSS activities) and
> > I'll soon upload shadow to unstable Be prepared.

> so first glitch I found is that /etc/subuid was not created for me.
> login.postinst only creates that on new installs.  In Ubuntu it
> does so anytime it does not exist - I assume you made that change
> on purpose?  usermod -v refuses to run if the file does not exist,
> so users will need to be told to create those files themselves.

The right answer is probably to create the file on new installs and on
upgrades from versions earlier than the first version introducing this.

-- 
Steve Langasek   Give me a lever long enough and a Free OS
Debian Developer   to set it on, and I can move the world.
Ubuntu Developerhttp://www.debian.org/
slanga...@ubuntu.com vor...@debian.org


signature.asc
Description: Digital signature

Re: goals for hardening Debian: ideas and help wanted

[Tzafrir Cohen]

On Tue, Apr 29, 2014 at 11:24:19AM +0100, Kevin Chadwick wrote:
> previously on this list people contributed:
> 
> > > - easy create and run programs from chroot and alternate users  
> > 
> > Could you detail what you mean by this? It sounds like you want either
> > virtual machines or something like docker.io:
> > 
> > https://packages.debian.org/sid/docker.io
> 
> > > >
> > > > hint: chroot $CHROOT_PATH su - $USER -c "$command_with_args"  
> 
> > > > > Security and chroots aren't things I would associate, you need better.
> 
> A wide misconception. Chroots are easily implemented and add security
> almost for free 

Not completely for free. You now have an extra mini-system to maintain.

(often /dev/log is all that is needed) and so can be
> used by default without any potential problems, 

> they also never bring
> new risks

unless you forget to unpdate them.

It's also worth mentioning systemd-nspawn:
http://www.freedesktop.org/software/systemd/man/systemd-nspawn.html

-- 
Tzafrir Cohen | tzaf...@jabber.org | VIM is
http://tzafrir.org.il || a Mutt's
tzaf...@cohens.org.il ||  best
tzaf...@debian.org|| friend


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140502044104.gi2...@lemon.cohens.org.il

Re: Help wanted: test new shadow source package (login, passwd, uidmap, etc.)

[Serge Hallyn]

Quoting Christian PERRIER (bubu...@debian.org):
> Quoting Christian PERRIER (bubu...@debian.org):
> > Hello fellow developers,
> > 
> > I would like to request your help in testing the new version of the
> > shadow package (that provides login, passwd and such other important
> > or base packages).
> 
> I haven't got much feedbackwhich is indeed what I was more or less
> expecting. ;-)
> 
> So, well, let's jump into the mud (I love to do that when
> running.not sure I love to do that in my FLOSS activities) and
> I'll soon upload shadow to unstable Be prepared.

Hi,

so first glitch I found is that /etc/subuid was not created for me.
login.postinst only creates that on new installs.  In Ubuntu it
does so anytime it does not exist - I assume you made that change
on purpose?  usermod -v refuses to run if the file does not exist,
so users will need to be told to create those files themselves.

>From there I was able to start an unprivileged lxc container, so
the basics seemed to be correct.

Thanks!

-serge


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140502043815.GA1500@ubuntumail

Work-needing packages report for May 2, 2014

[wnpp]

The following is a listing of packages for which help has been requested
through the WNPP (Work-Needing and Prospective Packages) system in the
last week.

Total number of orphaned packages: 577 (new: 9)
Total number of packages offered up for adoption: 137 (new: 0)
Total number of packages requested help for: 59 (new: 1)

Please refer to http://www.debian.org/devel/wnpp/ for more information.



The following packages have been orphaned:

   connectagram (#746459), orphaned yesterday
 Description: word unscrambling game
 Installations reported by Popcon: 94

   foomatic-filters (#746381), orphaned 2 days ago
 Description: OpenPrinting printer support - filters
 Reverse Depends: foomatic-db-engine hpijs-ppds lsb-printing
   printer-driver-foo2zjs printer-driver-m2300w printer-driver-pxljr
 Installations reported by Popcon: 72467

   libopenobex (#745791), orphaned 6 days ago
 Description: OBEX protocol library
 Reverse Depends: ircp-tray libmulticobex1 libobexftp-perl
   libobexftp-ruby libobexftp0 libobexftp0-dev libopenobex1-dev
   libsyncevolution0 libsyncml-dev libsyncml-utils (9 more omitted)
 Installations reported by Popcon: 82618

   obexfs (#745789), orphaned 6 days ago
 Description: mount filesystem of ObexFTP capable devices
 Installations reported by Popcon: 793

   obexftp (#745788), orphaned 6 days ago
 Description: file transfer utility for devices that use the OBEX
   protocol
 Reverse Depends: libbfb0-dev libmulticobex1 libmulticobex1-dev
   libobexftp-perl libobexftp-ruby libobexftp0 libobexftp0-dev obexfs
   obexftp python-obexftp
 Installations reported by Popcon: 1206

   openpref (#746460), orphaned yesterday
 Description: card game against two virtual players
 Installations reported by Popcon: 57

   png2html (#746047), orphaned 4 days ago
 Description: transforms a PNG image to a web page
 Installations reported by Popcon: 90

   tanglet (#746458), orphaned yesterday
 Description: single player word finding game based on Boggle
 Installations reported by Popcon: 72

   ussp-push (#745790), orphaned 6 days ago
 Description: Client for OBEX PUSH
 Installations reported by Popcon: 174

568 older packages have been omitted from this listing, see
http://www.debian.org/devel/wnpp/orphaned for a complete list.



No new packages have been given up for adoption, but a total of 137 packages
are awaiting adoption.  See http://www.debian.org/devel/wnpp/rfa_bypackage
for a complete list.



For the following packages help is requested:

[NEW] csv2latex (#746158), requested 4 days ago
 Description: a CSV to LaTeX file converter
 Installations reported by Popcon: 165

   apt-xapian-index (#567955), requested 1550 days ago
 Description: maintenance tools for a Xapian index of Debian packages
 Reverse Depends: ept-cache fuss-launcher goplay packagesearch
 Installations reported by Popcon: 79923

   athcool (#278442), requested 3474 days ago
 Description: Enable powersaving mode for Athlon/Duron processors
 Installations reported by Popcon: 52

   balsa (#642906), requested 949 days ago
 Description: An e-mail client for GNOME
 Reverse Depends: balsa-dbg
 Installations reported by Popcon: 819

   cardstories (#624100), requested 1102 days ago
 Description: Find out a card using a sentence made up by another
   player
 Installations reported by Popcon: 13

   chromium-browser (#583826), requested 1432 days ago
 Description: Chromium browser
 Reverse Depends: chromedriver chromium chromium-dbg chromium-l10n
   mozplugger
 Installations reported by Popcon: 25572

   cups (#532097), requested 1790 days ago
 Description: Common UNIX Printing System
 Reverse Depends: bluez-cups chromium cups cups-backend-bjnp
   cups-browsed cups-bsd cups-client cups-core-drivers cups-daemon
   cups-dbg (62 more omitted)
 Installations reported by Popcon: 140077

   debtags (#567954), requested 1550 days ago
 Description: Enables support for package tags
 Reverse Depends: goplay packagesearch
 Installations reported by Popcon: 2457

   fbcat (#565156), requested 1569 days ago
 Description: framebuffer grabber
 Installations reported by Popcon: 157

   freeipmi (#628062), requested 1071 days ago
 Description: GNU implementation of the IPMI protocol
 Reverse Depends: freeipmi freeipmi-bmc-watchdog freeipmi-ipmidetect
   freeipmi-tools libfreeipmi-dev libfreeipmi12 libipmiconsole-dev
   libipmiconsole2 libipmidetect-dev libipmidetect0 (3 more omitted)
 Installations reported by Popcon: 4890

   gnat-4.8 (#539562), requested 2212 days ago
 Description: help needed to execute tes

Re: Call for help from KDE Team

[Paul Wise]

On Fri, May 2, 2014 at 2:19 AM, Maximiliano Curia wrote:

> For quite a while now the KDE team has been severely understaffed. We maintain
> a lot of packages, with many different kinds of bugs, but we don't have enough
> people to do all the work that needs to be done. We have tools that help us
> automate the update to new upstream releases, but that's just the tip of the
> iceberg of our work and so we are writing to invite more people to get
> involved in the team and help us get KDE software in Debian into better shape.

Have you invited the Kubuntu team to join you? I'll send a mail to the
other derivatives I can find that use KDE.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/caktje6grdacm8b1rvqvtxoxe1mcedhfze37sd4__sh6rpic...@mail.gmail.com

mass bug report filing, update of the Ruby-Version attribute is needed for jessie

[Matthias Klose]

Currently more than 300 packages have a Ruby-Version attribute which lists
either ruby1.8 or ruby1.9, but neither ruby2.0 or ruby2.1.  When using these
packages as gems, then the gem is not found.  The recent ruby gems
infrastructure now uses 'all' as this Ruby-Version attribute for architecture
independent packages, so after an one time update these packages should be
usable as gems for future ruby versions as well.  Most of these packages only
build architecture independent packages, so source full uploads are needed.

Not sure if all of these packages are used as gems, but at least for these the
bug severity should be serious, maybe less for the others.

$ cat /var/lib/apt/lists/*Packages | grep-dctrl -n -sSource:Package
-FRuby-Versions -r 'ruby1.[89]' | sort -u | wc -l
366

I don't plan to file these issues myself. dd-list attached.

  Matthias


akira yamada 
   ruby-tmail (U)

Alexander Wirt 
   ruby-archive-tar-minitar

Anish A 
   ruby-twitter (U)

Antonio Terceiro 
   cucumber (U)
   feed2imap (U)
   ohai (U)
   rails-3.2 (U)
   rails-4.0 (U)
   rake (U)
   ruby-actionmailer-3.2 (U)
   ruby-actionpack-3.2 (U)
   ruby-activemodel-3.2 (U)
   ruby-activerecord-3.2 (U)
   ruby-activeresource-3.2 (U)
   ruby-activesupport-3.2 (U)
   ruby-builder (U)
   ruby-cmdparse (U)
   ruby-flexmock (U)
   ruby-httpclient (U)
   ruby-i18n (U)
   ruby-memcache-client (U)
   ruby-multi-json (U)
   ruby-pkg-config (U)
   ruby-progressbar (U)
   ruby-rails-3.2 (U)
   ruby-railties-3.2 (U)
   ruby-slop (U)
   ruby-soap4r (U)
   ruby-sprockets (U)
   ruby-uglifier (U)

Antonio Terceiro 
   ruby-bdb (U)
   ruby-hmac (U)
   ruby-shoulda (U)
   ruby-shoulda-matchers (U)

Antono Vasiljev 
   ruby-gir-ffi (U)
   shelr

Arnaud Cornet 
   ruby-cmdparse (U)

Arnaud Cornet 
   ruby-rubytorrent (U)

Athena Capital Research 
   ruby-flexmock (U)

Axel Beckert 
   tpp

Axel Wagner 
   ruby-parslet (U)
   ruby-toml (U)

Ben Armstrong 
   ruby-parseconfig (U)
   ruby-rack-flash3 (U)
   ruby-simple-navigation (U)
   ruby-sinatra-simple-navigation (U)
   ruby-versionomy (U)

Bryan McLellan 
   chef-expander (U)
   chef-server-api (U)
   chef-server-webui (U)
   chef-solr (U)
   ruby-bunny (U)
   ruby-extlib
   ruby-stomp (U)
   stompserver (U)

Carl Worth 
   ruby-mail (U)
   ruby-treetop (U)

Christian Hofstaedtler 
   ruby-mechanize (U)

Christian Hofstaedtler 
   gist (U)
   ruby-docile (U)
   ruby-rack1.4 (U)

Christian M. Amsüss 
   ruby-paint (U)

Christopher Baines 
   ruby-dbf (U)

Clint Byrum 
   ruby-echoe (U)
   ruby-hoe (U)
   ruby-rubyforge (U)

Cédric Boutillier 
   cucumber (U)
   ruby-addressable (U)
   ruby-afm (U)
   ruby-ascii85 (U)
   ruby-bio (U)
   ruby-bson (U)
   ruby-cmdparse (U)
   ruby-coercible (U)
   ruby-colored (U)
   ruby-descendants-tracker (U)
   ruby-diff-lcs (U)
   ruby-distribution (U)
   ruby-fakeweb (U)
   ruby-file-tail (U)
   ruby-fssm (U)
   ruby-gnuplot (U)
   ruby-gon (U)
   ruby-hashery (U)
   ruby-heckle (U)
   ruby-highline (U)
   ruby-httparty (U)
   ruby-innate (U)
   ruby-integration (U)
   ruby-jbuilder (U)
   ruby-liquid (U)
   ruby-mime-types (U)
   ruby-minimization (U)
   ruby-mkrf (U)
   ruby-net-sftp (U)
   ruby-openid (U)
   ruby-parser (U)
   ruby-pdf-inspector (U)
   ruby-pdf-reader (U)
   ruby-peach (U)
   ruby-plist (U)
   ruby-rabl (U)
   ruby-rabl-rails (U)
   ruby-ramaze (U)
   ruby-rb-inotify (U)
   ruby-riot (U)
   ruby-rspec (U)
   ruby-rspec-core (U)
   ruby-rspec-expectations (U)
   ruby-rspec-mocks (U)
   ruby-safe-yaml (U)
   ruby-sexp-processor (U)
   ruby-six (U)
   ruby-spoon (U)
   ruby-test-spec (U)
   ruby-test-unit (U)
   ruby-text-table (U)
   ruby-treetop (U)

Cédric Boutillier 
   ruby-blankslate (U)
   ruby-contest (U)
   ruby-instantiator (U)
   ruby-metaclass (U)
   ruby-ogginfo (U)
   ruby-progressbar (U)
   ruby-rc4 (U)
   ruby-rubytorrent (U)
   ruby-text (U)
   ruby-ttfunk (U)
   ruby-validatable (U)

Daigo Moriwaki 
   ruby-hmac

Damien Raude-Morvan 
   ruby-amazon-ec2

Daniel Martí 
   ruby-stamp (U)

David Suárez 
   roodi (U)
   ruby-ipaddress (U)

Debian GIS Project 
   ruby-narray-miss

Debian Libvirt Maintainers 
   ruby-libvirt

Debian Ruby Extras Maintainers 

   camping
   chef-expander
   chef-server-api
   chef-server-webui
   chef-solr
   chef-zero
   ctioga2 (U)
   cucumber
   dnsruby (U)
   feed2imap
   foodcritic
   foremancli
   gist
   imagetooth
   jekyll
   kwalify (U)
   larch
   ohai
   pry
   rails-3.2
   rails-4.0
   rainbows
   rake
   rake-compiler
   rbot (U)
   roodi
   ruby-actionmailer-3.2
   ruby-actionpack-3.2
   ruby-activeldap (U)
   ruby-activemodel-3.2
   ruby-activerecord-3.2
   ruby-activerecord-deprecated-finders
   ruby-activeresource-3.2
   ruby-activesupport-3.2
   ruby-addressable
   ruby-afm
   ruby-aggregate
   ruby-albino
   ruby-amazon-ec2 (U)
   ruby-amq-client
   ruby-amq-protocol
   ruby-amqp
   ruby-appraisal
   ruby-arel
   ruby-ascii85
   ruby-asset-sync
   ruby-axiom-types
   ruby-backports
   ru

Bug#746601: fixed!

[Hugo Peraza Rodríguez]

While I was reporting the bug, the bug reporting program told me it needed
the python-vte package, which I installed, then I updated/upgraded (though
no upgrades were done) and restarted (once more) the system. It started
normally, could it be just because of python-vte (and its associated
libraries)?

Thanks!

Re: goals for hardening Debian: ideas and help wanted

[Kevin Chadwick]

On Wed, 30 Apr 2014 18:33:56 +0200
Aaron Zauner wrote:

> > It adds a lot of complexity for privacy benefit. Integrity is often
> > muddled into security too. As far as I am concerned they can actually
> > counter each other and are seperate entities.   
> No they are not. Integrity should be part of your understanding of
> security. Basics of information security suggest confidentiality,
> integrity and availability. [0]
> 

Suggested Basics, yes and good to remember they may influence each
other but I don't like mixing them up once that is understood
personally. The desired level of "Information security" *may* have next
to nothing to do with integrity and conversely availability can often
be everything in a specific situation. It makes much more practical
sense to keep integrity and availability as their own seperate
entities. All too often the word secure is confused and abused or
marketed. All too often I have witnessed it being said that X is more
secure when actually it may be more exploitable but increases
availability or integrity.

Debian developers not being able to upload security fixes is part of
the mix but then I would guess you could more easily bring down the TOR
network too than a private VPN and filtering would be much more
difficult so I would say TOR is not *optimum* for security or
availability and obscurity is no real security though perhaps very 
occasionally the best possible ;-).

> > Obscuring from targetted attack is highly questionable to me when a
> > secure VPN from a lightly used machine (no web browsing) can offer real
> > security. You may just be giving a way in otherwise.  
> First I don't understand your first sentence. Second how does a VPN
> provide more "security" than say Tor?

Tor is more complex, less proven, had more past exploits and crucially I
believe? generally more reliant on external infrastructure. It's
primary aim is privacy and not a simply secure protocol. I include SSH
when I say VPN too but host security is paramount in any case.

Devs avoiding html mail clients on machines with keys or access etc..
might be another idea. Was there a resolution on binary uploads?


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/483967.32253...@smtp150.mail.ir2.yahoo.com

Re: Call for help from KDE Team

[Ritesh Raj Sarraf]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On 05/01/2014 11:49 PM, Maximiliano Curia wrote:
> Hi all!
> 
> For quite a while now the KDE team has been severely understaffed.
> We maintain a lot of packages, with many different kinds of bugs,
> but we don't have enough people to do all the work that needs to be
> done. We have tools that help us automate the update to new
> upstream releases, but that's just the tip of the iceberg of our
> work and so we are writing to invite more people to get involved in
> the team and help us get KDE software in Debian into better shape.
> 

Thank you for all the work you have been doing. In fact, the rate at
which newer KDE releases are in the archive, was never this fast.

I've been trying to do my part, in maintaining small packages in the
KDE Extras Team.

For KDE Core, the commitments are high. Even after the source split,
the dependencies that the KDE Components have amongst each other,
makes me nervous to pick one up.

Perhaps I will start with monitoring the bug report and adding my
input as and when necessary.


Ritesh

- -- 
Given the large number of mailing lists I follow, I request you to CC me
in replies for quicker response
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQIcBAEBCgAGBQJTYqAFAAoJEKY6WKPy4XVpQvMP/jViTMqPEJWRocsee5QrJxCN
kP42pCju0qQcxAJLYh6XCxIFLTLahxt4FSmc1S9ftQcxRQeh7Jgoi7n+O594mHbA
o6us/SoP8OfyJAu2tPe34hATH1QOf3aYK4VUU81f/mSGNa7hMKeNVWmlm6owP8Y1
SKdav+R5wVYRBMsI16lgDvKlDFwXIJ8hjAjLQmOz0oVTaQwymEXEnsbWvYmvbLtN
li8rrjzYCBXTggNO7hVzzLj73Lg5kfZCFHshNrAjuQrE1Q0uTd1n94Fh4H63cm+a
R5SPeXejDjXE9GY5wjVs0bN64V8t33+c7A4ebgnNmfCepyHAb/z4J5/aSS4ImLoT
1nVIsdT0a6RsfUHVLgHsDSS9Pv2HpYqwkamnNOT3kn1UELwd5Br7qPu+T1cmlBbx
+PA81kDw9B0nuBneO7ORx3mIYlqpcgV9hMBQ0l8EqhiXs266tjxVf0a181pKzblk
CSdK3UJkXuRxDkKJD+7W7bVG5d+HxDZJcP2iq5toiEwd7NhJbzQbJ9kgohWP9B9d
9y04vKtrDevhO/1xABHxfowtgzY+n72D9fwwxoKM+UTPIsB8v6Gyv4MBi5MLCDM6
LWqTYjMpmgEgfKjCBAsIemHOMn9yhGqpfqSi6jEsJv4eG/4K0SHghAkitDxm7Cuo
dKq9k0+o+pOzneTxakQt
=Z1Mm
-END PGP SIGNATURE-


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5362a00d.6040...@debian.org

Call for help from KDE Team

[Maximiliano Curia]

Hi all!

For quite a while now the KDE team has been severely understaffed. We maintain
a lot of packages, with many different kinds of bugs, but we don't have enough
people to do all the work that needs to be done. We have tools that help us
automate the update to new upstream releases, but that's just the tip of the
iceberg of our work and so we are writing to invite more people to get
involved in the team and help us get KDE software in Debian into better shape.

Some of the tasks that we need help with are:

 + Bug triaging: there are many many bugs in the BTS. We need people that go
   through them, understand the problem and how to reproduce it, confirm
   that they are still present in the latest versions. In particular, there
   are bugs affecting the version in wheezy, and we need people to go through
   those as well.

 + Bug forwarding: we are so understaffed that we have been asking users to
   forward the bugs upstream themselves. Some users do this, but some don't.
   It would help us a lot to have people in the team in charge of this.

 + Patch forwarding: we have quite a bunch of patches applied in the Debian
   packages that should be applied upstream. Some need to be generalized
   instead of being Debian-specific. This work would save us time in the
   future, so it's very important to get it done.

 + Upgrade-testing: in the past, the upgrade from one Debian stable to the
   other has been quite traumatic for KDE software users. We need people to
   try upgrading from wheezy to jessie and report any bugs that they might
   encounter so that we can fix them ahead of the release.

 + Creating patches: many of the bugs that we have require writing patches,
   some are easy and some are harder, but any help here would be really
   appreciated.

 + Packaging other KDE apps: we have packages for the core components of KDE
   software, but there are many other useful components that still need to
   get packaged.

 + Updating our welcoming wiki page [1], adding these tasks and any future
   tasks, and unifying the todo lists [2].

If you are interested in helping with any of these, please join our irc
channel #debian-qt-kde in irc.oftc.net, or our mailing list [3]. We are happy
to help you get started.

[1]: https://wiki.debian.org/PkgKde
[2]: https://wiki.debian.org/KDETodo
 https://wiki.debian.org/KdeDebTasks
 http://pkg-kde.alioth.debian.org/todo.html
 gobby://gobby.debian.org/Teams/KDE/TODO
[3]: https://lists.debian.org/debian-qt-kde/

-- 
Regards,
Maximiliano Curia
On behalf of the KDE team


signature.asc
Description: Digital signature

Bug#746583: ITP: nss-wrapper -- NSS wrapper library

[Jakub Wilk]

Package: wnpp
Severity: wishlist
Owner: Jakub Wilk 

* Package name: nss-wrapper
  Version : 1.0.2
  Upstream Author : Andreas Schneider
* URL : http://cwrap.org/nss_wrapper.html
* License : BSD 3 clauses
  Programming Lang: C
  Description : NSS wrapper library

There are projects which provide daemons needing to be able to create, 
modify and delete unix users. Or just switch user ids to interact with 
the system e.g.  a user space file server. To be able to test that you 
need the privilege to modify the passwd and groups file. With 
nss_wrapper it is possible to define your own passwd and groups file 
which will be used by software to act correctly while under test.


If you have a client and server under test they normally use functions 
to resolve network names to addresses (dns) or vice versa. The 
nss_wrappers allow you to create a hosts file to setup name resolution 
for the addresses you use with socket_wrapper.


--
Jakub Wilk


--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140501163427.ga9...@jwilk.net

Bug#746582: ITP: PGObject::Util::DBMethod - object mappings for the PGObject Framework

[RJ Clay]

Package: wnpp
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org,debian-p...@lists.debian.org

Package name : libpgobect-util-dbmethod-perl
Version : 1.00.001
Upstream Author : Chris Travers 
URL or Web page : https://metacpan.org/release/PGObject-Util-DBMethod
License : BSD (2 clause)
Description : PGObject::Util::DBMethod - object mappings for the 
PGObject Framework


This package provides syntactic sugar which allows for declarative 
mapping of stored procedures to supported PGObject paradigms.  It is 
designed to work  initially with PGObject::Simple, but will almost 
certainly be supported with PGObject::CompositeType when that is released.



--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/53626c27.2010...@rocasa.us

Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)

[Paul Smith]

On Wed, 2014-04-30 at 10:55 -0700, Manoj Srivastava wrote:
> On Wed, Apr 30 2014, Paul Smith wrote:
> 
> > On Wed, 2014-04-30 at 18:19 +0200, Guillem Jover wrote:
> >> build-stamp:
> >> echo $@
> >> 
> >> build-arch: build-stamp
> >
> >> $ make --version | head -n1
> >> GNU Make 4.0
> >> $ make -f detect.mk -qn build-arch; echo $?
> >> 2
> >
> > This is definitely a bug in GNU make 4.0 in handling -q (note the -n is
> > not relevant: you can leave it out and get the same behavior).  The docs
> > are clear on what the exit codes should be, and with -q make should exit
> > with 1 if something needs to be updated and no error was detected.
> 
> Opened bug in Savannah BTS:
>  https://savannah.gnu.org/bugs/?42249

I pushed a fix for this.  See if it helps.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/1398952707.2353.88.camel@homebase

Bug#746554: ITP: fteproxy -- programmable proxy for censorship circumvention

[Rolf Leggewie]

Package: wnpp
Severity: wishlist
Owner: Rolf Leggewie 

* Package name: fteproxy
  Version : 0.2.13
  Upstream Author : Kevin P. Dyer 
* URL : https://fteproxy.org
* License : GPL 3+
  Programming Lang: (C++, Python)
  Description : programmable proxy for censorship circumvention

fteproxy provides transport-layer protection to resist keyword filtering, 
censorship and discrimantory routing policies. Its job is to relay 
datastreams, such as web browsing traffic, by encoding the stream into messages 
that satisfy a user-specified regular expression and are thus
considered "safe" by the censors.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20140501105109.24436.66823.report...@www.google-analytics.com

Re: New Cinnamon Maintainer, looking for help

[Jonathan Dowland]

Hi Marga,

On Tue, Apr 29, 2014 at 08:13:38PM +0200, Margarita Manterola wrote:
> There's also nothing stopping you from going to the web interface and
> checking.

Actually, there was. I lacked the time and tools to do so when I posted my
emails, which is why I asked rather than checking.

I would love to see cinnamon actively maintained in Debian and I'm glad there's
interested in doing so. I just wanted to make sure that those involved were
aware of the process for taking over a package, so there wasn't unnecessary
hostility or other problems. So far, nobody replying to my messages has
indicated that they are aware of the procedure, and intend to follow it.

> You will see that before the commits made by Maxy and me there are
> also the commits made by the previous maintainer.  So, yes, it's a
> clone.

Great!

> The original mail said "new packages" because most of them are
> actually new.

I see. Thank you for clarifying.

> Sure.  We have now both been added as admins of the pkg-cinnamon repo
> and will consider moving the git repos there.  Since we want MORE
> people to contribute instead of less, we wanted to get the
> administrative procedures out of the way, and that's why we originally
> chose collab-maint instead of waiting for pkg-cinnamon to be made
> available.

I'm personally a big fan of collab-maint and would suggest that when the MIA
situation is resolved, if you wanted to keep it in collab-maint I don't see
why you should move it again, personally.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140501103049.ga5...@bryant.redmars.org

Bug#746496: marked as done (general: Package upgrade scripts partly fail when /tmp is noexec)

[Debian Bug Tracking System]

Your message dated Thu, 1 May 2014 10:32:40 +0200
with message-id <201405011032.47606.hol...@layer-acht.org>
and subject line Re: Bug#746496: general: Package upgrade scripts partly fail 
when /tmp is noexec
has caused the Debian Bug report #746496,
regarding general: Package upgrade scripts partly fail when /tmp is noexec
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
746496: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746496
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: general
Severity: normal

Dear Maintainer,

When /tmp is configured as noexec (for example /tmp in RAM), some scripts
fail on package update.
For example, updating kernel package try to execute scripts in /tmp and in
/etc/kernel/xxx
The first fail (in /tmp), while the other is successful (under /etc/kernel).

This doesn't fail the upgrade globally, just these scripts (for which
execution is prevented by the system) fail.

This doesn't seem to long-term affect the system, but it's not easy for a user
to understand which are the consequences of the scripts failure.

Maybe no package install or upgrade should try to exec scripts under /tmp.

Thanks for considering this suggestion.

-- System Information:
Debian Release: 7.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/4 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Hi,

On Donnerstag, 1. Mai 2014, Henrique de Moraes Holschuh wrote:
> On Wed, 30 Apr 2014, Pierre wrote:
> > When /tmp is configured as noexec (for example /tmp in RAM), some scripts
> > fail on package update.
> 
> Don't Do It.
> 
> It will break the system in surprising ways.
> 
> It may look like it is working, but we don't properly support it, as it is
> almost never tested.  Neither by us, nor by anybody else (so third-party
> software is very likely to also choke on noexec /tmp and/or noexec
> $TMPDIR).

I agree, thus closing. (As unsupported + unrecommned: surely you can do it, 
but if you do it, you're on your own.)


cheers,
Holger



signature.asc
Description: This is a digitally signed message part.
--- End Message ---