Re: Bug#860368: installer: create network bridges by default?
On 18/04/17 10:29, Ritesh Raj Sarraf wrote: > On Sun, 2017-04-16 at 08:51 +0200, Evgeni Golov wrote: >>> The solution is for people to configure a bridge or Open >>> vSwitch (OVS) in /etc/network/interfaces. (Notice OVS can be >>> configured[4] in the interfaces file). Maybe it would be >>> useful to offer one or both of these options at install time, >>> or even configure a standard (non-OVS) bridge by default in >>> case the user decides to try KVM in future? >> >> IMHO the above implements option 1? >> >>> Are there other use cases apart from KVM that would benefit >>> from this? >> >> I also use LXC on the same bridge, just for the fact that it is >> already set up and provides DHCP, DNS and NAT. > > I used to have a similar setup but eventually migrated to a systemd > based setup with systemd-networkd. With s-networkd, I have an > independent bridge, which serves KVM/Libvirt, User Mode Linux and > systemd-nspawn. > Could you give an example of how that is configured and what you need in /etc/network/interfaces? At some point I will also document how I've done this with the Open vSwitch packages on both server and desktop virtualization. > VBox, running in bridged mode, used to have a network bug. I am not > sure if that still applies. > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775266 > > That bug applies to a situation where VBox guests are in bridged mode to a bridge in the host I've been bridging them directly to eth0, without any bridge in the host and haven't observed any problems like that one. When XCP was in Debian, Open vSwitch was a mandatory part of the platform but it didn't configure it in /etc/network/interfaces. This was slightly confusing if you had already configured interfaces, although README.Debian explains[1] that you need to clobber the interfaces file because XCP will automatically set up bridges and put IP addresses on them during boot. The key difference between the XCP approach and the KVM/libvirt approach is that XCP would do everything for you, even with an empty interfaces file, but with KVM/libvirt you do need to configure the bridges and put IP addresses on them (using the normal interfaces file) and declare them to libvirt with "virsh net-define" before using them the first time. Another thing that comes to mind is network-manager: - for those who think a pre-configured bridge would make life difficult, far worse has been said about network-manager but it is still installed by default - does network-manager have a way to help people setup a bridge suitable for KVM/libvirt when doing virtualization on a desktop level? Regards, Daniel 1. https://sources.debian.net/src/xen-api/1.3.2-15/debian/README.Debian/#L143
Bug#860714: general: disk became full after running a perl program
Luis Duarte dijo [Wed, Apr 19, 2017 at 09:40:10AM +0100]: > Package: general > Severity: normal > > My windows manager is Xfce. Using Thunar - when I opened a directory > containing > perl programs, somethimes I click two times on a perl program to start it. No > Xterm appears - what I think that happen is that my disk become full. I happen > a lot of times in Wheezy, but in Jessie it happened one times. I don't know if > this happens (the disk became full) as I described, if it is a bug of Xfce, or > if it is a bug of Jessie. In Jessie I freed some space on disk, and I restat > my > computer, and everything runs as normal (with space freed). I Wheezy I had a > lot of problems. Hi, What kind of Perl programs are they? Are they made by yourself, or shipped by Debian? Please give us some more insight on what is causing this bug. Only this way we can be sure what component of Debian is at hand - Or if it's something we can help you with in your programming.
Re: Bug#860771: ITP: node-diffie-hellman -- pure js diffie-hellman
On 04/19/2017 11:36 PM, Bastien ROUCARIES wrote: > Package: wnpp > Severity: wishlist > Owner: ro...@debian.org > X-Debbugs-CC: debian-devel@lists.debian.org > > * Package name: node-diffie-hellman > Version : 5.0.2 > Upstream Author : Calvin Metcalf > * URL : https://github.com/crypto-browserify/diffie-hellman > * License : Expat > Programming Lang: JavaScript > Description : pure js diffie-hellman key exchange > > Diffie–Hellman key exchange (D–H) is a specific method of securely > exchanging cryptographic keys over a public channel. The > Diffie–Hellman key exchange method allows two parties that have no > prior knowledge of each other to jointly establish a shared secret key > over an insecure channel. This key can then be used to encrypt > subsequent communications using a symmetric key cipher. > . > Node.js is an event-based server-side JavaScript engine. Is this timing safe? From the github page it uses a pure-JS BigNum implementation (bn.js) for the complicated stuff, but the README of that code doesn't mention timing at all. And from perusing the source code of bn.js, it doesn't appear to be the case that their implementation of exponentiation in a prime field is geared towards constant-time execution (when the sizes are the same). If you look at e.g. OpenSSL's source code (bn_exp.c), there's a specific function (bn_mod_exp_mont_consttime) in there that takes great care of making sure that the operation runs in constant time - down to how the memory layout is organized. I wouldn't know how you'd even do that in an interpreted language such as JavaScript, but even if that's possible, I'd suspect that a lot of brain power would need to go into designing that [1], while bn.js's implementation of the Red.pow function seems rather straight-forward. (Which is fine, bn.js appears to have the goal to be a generic bignum library, and not targeted at crypto.) What I'm saying is: while not having tested that, I believe that this implementation of DH is going to be susceptible to timing attacks. (And if it isn't, the author should really provide some rationale why not, with some test results. The README is rather sparse, though.) Which would be fine if you just wanted to use this library to generate the DH prime itself (that is not timing critical), or just use it in an academic context (to let people play around with DH), but I'd not want to use this for real-world applications of the actual key exchange protocol. Regards, Christian [1] Especially if this is to be run in browsers, with different JITs etc. Designing algorithms in pure JS for these environments that are timing-safe looks rather daunting to me.
Bug#860776: ITP: r-cran-cellranger -- GNU R package to map spreadsheet cell ranges to rows and columns
Package: wnpp Owner: Dirk Eddelbuettel Severity: wishlist * Package name: r-cran-cellranger Version : 1.1.0 Upstream Author : Jennifer Bryan * URL or Web page : https://cloud.r-project.org/web/packages/cellranger/index.html * License : MIT Description : GNU R package to map spreadsheet cell ranges to rows and columns Just like yesterday's ITP r-cran-rematch (which is used by this package), r-cran-cellranger is now a build-dependency of the existing package r-cran-readxl. Thanks for accepting r-cran-rematch within a day. Much appreciated. Once this one is in I can update r-cran-readxl. Dirk -- http://dirk.eddelbuettel.com | @eddelbuettel | e...@debian.org
Bug#860771: ITP: node-diffie-hellman -- pure js diffie-hellman
Package: wnpp Severity: wishlist Owner: ro...@debian.org X-Debbugs-CC: debian-devel@lists.debian.org * Package name: node-diffie-hellman Version : 5.0.2 Upstream Author : Calvin Metcalf * URL : https://github.com/crypto-browserify/diffie-hellman * License : Expat Programming Lang: JavaScript Description : pure js diffie-hellman key exchange Diffie–Hellman key exchange (D–H) is a specific method of securely exchanging cryptographic keys over a public channel. The Diffie–Hellman key exchange method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric key cipher. . Node.js is an event-based server-side JavaScript engine.
Bug#860768: ITP: python-ordered-set -- ordered set implementation for Python
Package: wnpp Severity: wishlist Owner: Ghislain Antony Vaillant * Package name: python-ordered-set Version : 2.0.2 Upstream Author : Luminoso Technologies, Inc. * URL : https://github.com/LuminosoInsight/ordered-set/ * License : Expat Programming Lang: Python Description : ordered set implementation for Python This package is a dependency for sphinxcontrib-bibtex. It will be co-maintained by the DPMT.
Re: Bug#857508: ITP: gnome-games-app -- Game browser and launcher for GNOME
On Sun, Apr 16, 2017 at 2:56 AM, Evgeni Golov wrote: > On Sat, Mar 11, 2017 at 09:51:03PM -0500, Jeremy Bicha wrote: >> we created the metapackage for upgrades and convenience. > Why not retire the gnome-games metapackage if it was only for upgrades? Sorry, I was unclear in my original email, but you missed the second part: it's a convenient way to install most or all of the "simple" GNOME games, some of which were never even in the original gnome-games binary package. > As far as I can see it, the real package is in wheezy, and since jessie > we have the transitional one. Same will apply for stretch. And for buster > you can safely drop it and re-introduce the real app under that name? Several packages depend on the gnome-games metapackage and it's not practical to change all of them this late in the stretch Freeze. The best that could be done would be to make it a transitional package for stretch. Remove it for buster and then re-use the name in buster+1. But I don't think it's worth it. You can do like I did and complain to the developer for re-using the name if you want. And then move on, if the arguments don't work. (It's still not packaged in many distros and I wouldn't mind renaming it in Debian.) Thanks, Jeremy Bicha
Bug#860746: ITP: easel -- a library of C functions for biological sequence analysis
Package: wnpp Severity: wishlist Owner: Debian Med team * Package name: easel Version : 0.43 Upstream Author : Sean R. Eddy * URL : https://github.com/EddyRivasLab/easel * License : BSD-3-clause Programming Lang: C Description : a library of C functions for biological sequence analysis Easel is an ANSI C code library for computational analysis of biological sequences using probabilistic models. Easel is used by HMMER, the profile hidden Markov model software that underlies the Pfam protein families database, and by Infernal, the profile stochastic context-free grammar software that underlies the Rfam RNA family database. Easel aims to make similar applications more robust and easier to develop, by providing a set of reusable, documented, and well-tested functions. Several existing packages contain code copies and it is high time this and the example apps were seperately packaged. This will be team maintained by Debian Med
Bug#860714: general: disk became full after running a perl program
Package: general Severity: normal My windows manager is Xfce. Using Thunar - when I opened a directory containing perl programs, somethimes I click two times on a perl program to start it. No Xterm appears - what I think that happen is that my disk become full. I happen a lot of times in Wheezy, but in Jessie it happened one times. I don't know if this happens (the disk became full) as I described, if it is a bug of Xfce, or if it is a bug of Jessie. In Jessie I freed some space on disk, and I restat my computer, and everything runs as normal (with space freed). I Wheezy I had a lot of problems. -- System Information: Debian Release: 8.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=pt_PT.utf8, LC_CTYPE=pt_PT.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
Bug#860613: ITP: node-hash-test-vectors -- test vectors for hashes
Package: wnpp Severity: wishlist Owner: ro...@debian.org X-Debbugs-CC: debian-devel@lists.debian.org * Package name: node-hash-test-vectors Version : 1.3.2 Upstream Author : Dominic Tarr (http://dominictarr.com) * URL : https://github.com/crypto-browserify/hash-test-vectors * License : Expat Programming Lang: JavaScript Description : test vectors for hashes This module implements an abstract base class to inherit from, for creating node crypto streams. . This module follows the same API as Node.js crypto streams API. . Node.js is an event-based server-side JavaScript engine.
