Re: Sentry for Debian services?
Hi Bastian (2019.12.25_23:08:40_+) > I don't think we already have a Sentry instance for Debian services > running? Are there other services in need for a Sentry instance? If it were available, I'd probably use it for the DebConf websites. There are bugs, and I don't see them all in the logs. Some personal data there, (conference registration), of course. So maybe people would prefer we didn't send this off to 3rd party services... > I looked at the install documentation[1] and it tells me that I don't > want to run Sentry myself. Any takers? I've run it in the past, when it was just a Django app, with a couple of service dependencies. That was easy. These days it looks like more of a beast :( > Another option may be using the hosted solution, which they give away > gratis to open source projects, which we might be.[2] Had good experience with their hosted solution. SR -- Stefano Rivera http://tumbleweed.org.za/ +1 415 683 3272
requirements and regulations concerning upgrade checks/statistics callback on program start
Hi everyone (please Cc) are there any requirements or restriction what a program packaged in Debian is allowed to do when starting up? Calibre is normally doing the following checks: - check for updates of itself - check for updates of plugins - send UID, OS, program version, and the icon theme selected in the program to the statistic site [1] Which of the above actions are acceptable for Debian/main? [1] https://calibre-ebook.com/dynamic/calibre-usage Best Norbert -- PREINING Norbert http://www.preining.info Accelia Inc. + IFMGA ProGuide + TU Wien + JAIST + TeX Live + Debian Dev GPG: 0x860CDC13 fp: F7D8 A928 26E3 16A1 9FA0 ACF0 6CAC A448 860C DC13
Sentry for Debian services?
Hi Salsa is a pretty complex beast. As such it got errors. And especially user visible errors. To manage and correlate information about such errors it supports Sentry, which is the de-facto standard to do that work. Sure, the same information can be read from the log, but this is not really usable. I don't think we already have a Sentry instance for Debian services running? Are there other services in need for a Sentry instance? I looked at the install documentation[1] and it tells me that I don't want to run Sentry myself. Any takers? Another option may be using the hosted solution, which they give away gratis to open source projects, which we might be.[2] [1]: https://docs.sentry.io/server/installation/ [2]: https://sentry.io/for/open-source/ -- If there are self-made purgatories, then we all have to live in them. -- Spock, "This Side of Paradise", stardate 3417.7
Bug#947372: ITP: librm -- FritzBox router manager library
control: retitle 899989 ITA: roger-router -- Home router management tool - GUI control: owner 899989 ben...@debian.org control: block 899989 by -1 Package: wnpp Owner: Hilko Bengen Severity: wishlist * Package name: librm Version : 2.1.1 Upstream Author : Jan-Michael Brummer * URL or Web page : https://gitlab.com/tabos/librm * License : LGPL-2.1+ Description : FritzBox router manager library librm is a dependency for newer versions of roger-router[1] which I intend to adopt. [1] https://tracker.debian.org/pkg/roger-router
Re: MBF: make fdisk non-essential
On Tue, Dec 24, 2019 at 01:03:05AM +0100, Helmut Grohne wrote: > I want make fdisk removable from an essential base system. The details > are listed in #947134. Since fdisk currently is pseudo-essential, > packages do not need to declare a dependency on it. When fdisk becomes > non-essential, such dependencies become required. A lot of packages that > use fdisk have since added the relevant dependency (see `apt rdepends > fdisk`). To fix the remaining packages, I intend to perform a mass bug > filing. > > I intend to use the following text as a mail template. cool & thanks for your work on this! -- cheers, Holger, co-maintainer of an affected package --- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C signature.asc Description: PGP signature
Re: default firewall utility changes for Debian 11 bullseye
Hi Wookey,
Am Mittwoch, 31. Juli 2019 schrieb Wookey:
> On 2019-07-16 11:57 +0200, Raphael Hertzog wrote:
> >
> > What would/should Debian recommend to configure the firewall on the server
> > case ?
> >
> > I was recommending creating firewall rules with fwbuilder up to now (see
> > https://debian-handbook.info/browse/stable/sect.firewall-packet-filtering.html)
> >
> > The other desktop firewall that I know is "ufw"
>
> What is the modern equivalent of 'ipmasq'? I still miss this tool on a
> regular basis and loved what it did. I have not found a replacement
> and forever end up looking up runes on the net and doing it by hand
> with iptables. ('it' being setting up my machine to listen on
> one interface (e.g. to a dev board) and forward everything to/from the
> real internet (wifi or ethernet). ipmasq did agreat job of hiding the
> previous transition from ipchains to iptables. I've never heard of
> nftables which is apparently the new thing. Nor firewalld - perhaps it
> would do what I want?
>
> For those too young to know, ipmasq basically does(did - removed in
> 2009!) what the script on this page does for you:
> https://debian-administration.org/article/23/Setting_up_a_simple_Debian_gateway
I use uif for the use case of yours.
Mike
--
Gesendet von meinem Fairphone2 (powered by Sailfish OS).
Re: default firewall utility changes for Debian 11 bullseye
Hi, Am Mittwoch, 31. Juli 2019 schrieb Scott Kitterman: > > > On July 30, 2019 11:52:30 AM UTC, Arturo Borrero Gonzalez > wrote: > >Ok, after a couple of weeks, lets try to summarize: > > > >On 7/16/19 11:07 AM, Arturo Borrero Gonzalez wrote: > >> > >> This email contains 2 changes/proposals for Debian 11 bullseye: > >> > >> 1) switch priority values for iptables/nftables, i.e, make nftables > >Priority: > >> important and iptables Priority: optional > >> > > > >Nobody seems to disagree with this point. So I will be doing this soon. > > > >> 2) introduce firewalld as the default firewalling wrapper in Debian, > >at least in > >> desktop related tasksel tasks. > >> > > > >There are some mixed feelings about this. However I couldn't find any > >strong > >opinion against either. > > > >What I would do regarding this is (just a suggestion): > >* raise priority of firewalld > >* document in-wiki what defaults are, and how to move away from them > >* include some documentation bits in other firewalling wrappers on how > >to deal > >with this default, i.e what needs to be changed in the system for ufw > >to work > >without interferences (disable firewalld?) > > > >I don't maintain/control firewalld/ufw so I can't do these changes > >myself and > >will leave to Cyril/Michael/Jaime handle the situation for new bullseye > >install > >as they see fit. > > Please don't install one by default. I suspect it will cause more trouble > for end users than it's worth. Making sure our default install is severely > limited in what ports it listens to is likely more broadly useful and less > risky. > Also chiming in on the no-firewall-by-default tune... Mike -- Gesendet von meinem Fairphone2 (powered by Sailfish OS).
Re: MBF: make fdisk non-essential
Thomas Goirand writes: > Do you already have a list of affected package? A list of affected packages was attached to the mail. Ansgar
Re: MBF: make fdisk non-essential
On 12/24/19 1:03 AM, Helmut Grohne wrote: > Hi, > > I want make fdisk removable from an essential base system. The details > are listed in #947134. Since fdisk currently is pseudo-essential, > packages do not need to declare a dependency on it. When fdisk becomes > non-essential, such dependencies become required. A lot of packages that > use fdisk have since added the relevant dependency (see `apt rdepends > fdisk`). To fix the remaining packages, I intend to perform a mass bug > filing. > > I intend to use the following text as a mail template. > [...] Thanks for this useful work. Everything which can make the minimal base install smaller is a good thing. Do you already have a list of affected package? Cheers, Thomas Goirand (zigo)
