Re: TMPDIR behaviour in maintainer scripts [was: Re: Bug#1023778: mysql-server-8.0: fails to restart on upgrade with libpam-tmpdir]
On 11/12/22 14:09, Daniel Black wrote: So what Fedora does is a prep script called at StartPre on their systemd service. https://src.fedoraproject.org/rpms/mariadb/blob/rawhide/f/mariadb-prepare-db-dir.sh Which even recently was seen as bloated (https://lists.launchpad.net/maria-discuss/msg06376.html). What could be done is a oneshot (https://www.redhat.com/sysadmin/systemd-oneshot-service) service before MariaDB/MySQL that does the installation. Either installation or startup triggered. At least on TMPDIR side, the systemd side PrivateTmp is default (https://www.freedesktop.org/software/systemd/man/systemd.exec.html#PrivateTmp=) for at least the oneshot service. The option for loading files into MariaDB was the only reason this wasn't set in the default MariaDB systemd file. During today's FreedomBox meet, we have discussed that systemd'd PrivateTmp= is a better solution than libpam-tmpdir for FreedomBox at least as systemd makes a cleaner mount isolation between processes instead of managing directories and permissions. For this reason, we believe that we can stop using libpam-tmpdir if most of the daemons on the system use PrivateTmp=yes. For a while now, FreedomBox has been forcefully adding systemd security features to daemons that don't enable them. Without upstream blessing, we can only do this for smaller applications than something like MariaDB/MySQL due the testing effort needed. How User= systemd directives work with lbpam-tmpdir I'm not sure, however without a setuid there shouldn't be an invalid TMPDIR env variable there. libpam-tmpdir does not seem to effect systemd's process execution. See the following session on system with libpam-tmpdir installed: $ sudo --user mysql /usr/bin/bash -c 'echo TMPDIR=$TMPDIR' TMPDIR=/tmp/user/119 $ sudo systemd-run --pipe --uid=mysql /usr/bin/bash -c 'echo TMPDIR=$TMPDIR' Running as unit: run-u30.service TMPDIR= $ sudo systemd-run --pipe --property=PrivateTmp=yes --uid=mysql /usr/bin/bash -c 'echo TMPDIR=$TMPDIR' Running as unit: run-u31.service TMPDIR= -- Sunil OpenPGP_0x36C361440C9BC971.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Re: Next attempt to add Blends to Debian installer
On 1/10/22 11:24, Andreas Tille wrote: Hi Phil, Am Mon, Jan 10, 2022 at 08:02:50PM +0100 schrieb Philip Hands: Fixing that last bit is next on my TODO list. Once done, that should allow us to try things out rather more easily, and thus have a chance to demonstrate that they are ready for a wider audience. I'll follow up here once I've got all the bits in place. I also expect to have time to work on getting Blends into d-i after that. That's really great news. Thanks a lot Great news indeed. I am available to help out with testing or any further work needed. Give out a shout when changes are ready to be tested. -- Sunil OpenPGP_0x36C361440C9BC971.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature
Bug#987965: ITP: libjitsi-utils-java -- Set of basic Java utilities used in Jitsi projects
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libjitsi-utils-java Version : 1.0 Upstream Author : 8x8 Inc., Atlassian Pty Ltd * URL : https://github.com/jitsi/jitsi-utils * License : Apache-2.0 Programming Lang: Java Description : Set of basic Java utilities used in Jitsi projects Jitsi Videobridge is an XMPP server component that allows for multiuser video communication. Unlike the expensive dedicated hardware videobridges, Jitsi Videobridge does not mix the video channels into a composite video stream, but only relays the received video channels to all call participants. Therefore, while it does need to run on a server with good network bandwidth, CPU horsepower is not that critical for performance. This library is a necessary component of the Jitsi Videobridge. This is part of a larger effort to package Jitsi Videobridge in Debian. I intend to maintain the package as part of the Debian Java team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAmCPEBoRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfLmNQ//eQFXd32Howg3bisxb47NsMYLMy6X7Fm+ EgrbJ19MRIV58qOPGfJhqPbkUOnC0n9ttLE9p3wboKJtaWMtAbDemyFyY2XTtHzs xeRAuWSgWWB4MXzqD84aP0UUAQ3h7JOBGqUuSFB/l45uZ5Qjqf/sJvE195yhygmr QktAQ+ZCHsP20DpNHVt0VkzxtpwBSa90UIEz6j28h1jJRaWHlRJhJ1GsNGCONDug yYIjMKU5evIyyX6Py58WhIvBKUnpdzxwwV7kxKFx83JIOoSbFI/3405OyylEN2DN rf+t6Eld+yoEOghF/PNTgwzmwBpins2WFC7w0ZX2Uq3HvI+hxq1t8HJaJeDmOrow +sSayNTPvzCyCcEDyvBB26YTo+nAvwMm1ZxW8/fSTkYUXreqpGYErz9uUM9UzoYH CT2QpnWWWAvgcxozxgYUAvVn1Tkw2xgdAc3anbM9ETWudZWNMjVEbtda09Q3J68u hzEE09qpN8+uQKjEZlT+luI5m5+JkqlCqyg7/VSJk8zqEb53rUN0+8eLze9fY42c /5ShxYHp4/hNiM1vRPnIxAS5KJsm+bK/Wbu0VBd0SLh04BhD6A5zzG4LT6DL2wyS HteVEhlB8Yma94jeghbTssCChCXMvSJJHnpW2zGKU1o06Bi/9zNBzBXpQGIITDVI 3IC2ETkt5LY= =I9Cf -END PGP SIGNATURE-
Bug#987898: ITP: libjxmpp-java -- Base library for XMPP based instant messaging and presence
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libjxmpp-java Version : 1.0.1 Upstream Author : Florian Schmaus * URL : https://github.com/igniterealtime/jxmpp * License : Apache-2.0 Programming Lang: Java Description : Base library for XMPP based instant messaging and presence JXMPP is an Open Source Java base library for XMPP. It provides often used functionality needed to build an XMPP stack jxmpp-core: Provides core functionality most software that interacts with XMPP requires: XmppDateTime, XmppStringUtils, XmppStringPrepUtil. jxmpp-jid: Provides API that abstracts XMPP JIDs with Java classes, performing string preparation and validation. jxmpp-stringprep-libidn: Perform XMPP's StringPrep with the help of libidn. jxmpp-util-cache: Provides a lightweight and efficient Cache without external dependencies used by various JXMPP Components. jxmpp-strings-testframework: A framework to test "XMPP Strings". This is part of a larger effort to package Jitsi Videobridge in Debian. I intend to maintain the package as part of the Debian Java team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAmCNoMYRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfIK2Q/9GuTF8Z0Doo50tV1s5iB1mdlasR3NQJVZ PtEF3acvuGo2IIZFgYhH2eHnzUq8IyqS0nwW1fB2fqyuc+fZ1IkytyopxeOokGTh oC8jBlRcISH9zBrDOK6Po881IKP5fPRxiky3tc2svs9EPy2j3mX9MNUpmT74gZpj GVhkCeICwHbHqjmJtskpDt5U4/Z3IKmbsACXVMNH/E9uMvA5vXzVLERCZ4rv4J+I RG3kVymokxYtjpxkN1cPXnuz++Q8yy4pI/nmWUzfOfiJOJfLPlV2tlgW0hmNydNP 3s/t4N5ozKg0WRb+Z4eH8gMa6xhXiKNrBF/QnJswkz9SuMFGsWpfBLYTBaQEytID NZvbMYlnJxTlvyw9RFvr6805l40BBt801TTpBSD7M0BrQPOPgmBtrsdlaM524zY6 40PLEV4BBYRC7XSftddhV4+UNnn7rcvgUmVVj8JD9pkvqI0KhJT3WXCbLQiYG38G oqQ6edaaDPriFZ/3QjUdgjQSkjMVkhqNIkgQw6kBlhyEvVlHw4TvTuYs/EzPg1wK Ngne7reIaNtRHM2xo6hFxgB9wavS5giyJDk5y/VMcrOtOfov/Ub/A0od1bllhcHg FztKxQtmz5SzaPvniQUlOaxEldBYzF1mHLcyHOai175YDkIWKU05rsHjXUZQcSik xMurXfCwvVg= =4NVb -END PGP SIGNATURE-
Bug#987846: ITP: libcallstats-java -- Library to integrate with callstats.io
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libcallstats-java Version : 5.2.0 Upstream Author : Karthik Budigere , Marcin Nagy * URL : https://github.com/callstats-io/callstats.java * License : Expat Programming Lang: Java Description : Library to integrate with callstats.io callstats.io is a web service for storing and analying WebRTC call quality statistics. This library helps Java programs such as jitsi-videobridge and kurento to publish statistics to the online service. This is part of a larger effort to package Jitsi Videobridge in Debian. Jitsi Videobridge has submission of statistics to callstats.io server disable by default. However, this library appears to be a hard dependency. I intend to maintain the package as part of the Debian Java team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAmCMYGERHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfKqKQ//RguZnNA89pa4rEV+hQtky0Mf6NEGOTZA XlVgF/1FrnvMlf79riwq6gHJDuC02KYUb1SJZVK14hW4SMN8zlQizWLyxF8XRzSS Si0WSdqTCaLbcod6zfeNv902ojkYaJL5WEeuxmRp7LdbqeCUv6zVUJA2hMk4TGBV jxLct+1Vg62qs37BX+/1114evKDNDGmnTCY9FLhk/9YZsW163G5W79pG1NHrUsZg qtHJKe3jSCFfaj4fiJoU+VhH5FFxKhQ/l3GuatIx/hGTlpI9pPWpnA1cvtbCnu9s xIu6DljAwhP5bGjx0mSCqJ1q3Fe1NOq3dgrFb4urCZi8cOQb6Ko4SRqGZQYzCZm8 K/ZvG90mp2eJmAFFn9ex8vTaJ6AaPKiOGpropV8rdUpK5byQ3TK7i1upF9nlcvjN eiHKDW1LwqbKeEW82vzoQwGqPAqFRo4erYqN0sezlsNAIJ5n4ky2au3UovGLEQg/ VNP7y+X6Tac2JWUDCJFTI1S5IfQ1biKeL5L+jzbn1eMqQqG+fJb1MPM8a2KwX1eP oHVkrFzDohWPGQ2lZ99DHVBW4CfPr4N/Yt1/uZWUopMwur4GgdrxkHSCGmixXe3c OsdaoyyXTn70auY77I4lSupcYqZ7giGdPde9Mjd6PAnOWxkFNJwh5ETQL0ovltWB 3DFINor9ZNI= =gTm4 -END PGP SIGNATURE-
Bug#987806: ITP: libminidns-java -- Minimal DNS client library for Android and Java SE
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libminidns-java Version : 1.0.0 Upstream Author : Florian Schmaus and others * URL : https://github.com/minidns/minidns * License : LGPL-2.1+ or Apache-2.0 or WTFPL Programming Lang: Java Description : Minimal DNS client library for Android and Java SE MiniDNS can parse resource records (A, , NS, SRV, etc.) and is easy to use and extend. MiniDNS aims to be secure, modular, light weight and as simple as possible. It also provides support for DNSSEC and DANE, and is thus useful if you want to bring DNSSEC close to your application. It comes with a pluggable cache mechanism, a pre-configured cache and an easy to use high-level API (minidns-hla) for those who just want to perform a reliable lookup of a domain name. This is part of a larger effort to package Jitsi Videobridge in Debian. Jitsi Videobridge depends on Smack which in turn depends on three DNS libraries. Of these three DNS libraries only minidns supports DNSSEC. I intend to maintain the package as part of the Debian Java team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAmCLXzQRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfICgg/+NYlxg4mD82085Du01tla/GkGI1OaxM/Z L2lVNSObnDZJwx8Ts3YPrSqDd2lCmbJfKZhn3Ap4RwqwetTlKg+zKT8Xsqlqx6ue SiP0iygXm4a1NWtZtZu4beSQ7cG6uVh+DUNhwZ0CDWG7onIOAueNmRUgcZsaTTOD p6REyVuezQozEHMEiJKAyxEbT49Y5yOSmATJmCl4e9toLiK/ktHAc8XXXuZg69Vy NELAlFbFS07EyW74LbyEjDABt9OA43LZW9Sf0komOqbJ7QM0opO4g6rFlLzpZiM9 jIK9JDJk6kOr1jaYNLV58CJQ/+YQARYacNTn0iD14G5yMdsK3i2nrqE80W6ofRG/ uHSDFzLpHJA2q8ci4TZkpZzuNbUjirJcJw0vAqGJeZv/NHmOAfBbJfFgWYNFFC4B xk16ZOQsXipvgtVy+XfKeB/qSgyqhRPhMoePhvbw7d68LlO2ClG1OTgqRrkVUCAX pMPomMcJNwvgbv+WcQmdY1tkk+tMYm9geH4BfMYO0ACxw2oJCfHeYuTibf3BSYmj HPYdXFM39EOx3dOUGzr8o68v62pbJLtTLY8AYl0xXvju+W+9UJjgzIEFVUCVAd+F hLy+0mxbpKQwT1Rm6/XXWZA6wj+lTN1c9voF5UyzCnLI2RKJEXfNwFl1oR1jfHaF HOn3VEPPK6U= =AfUX -END PGP SIGNATURE-
Bug#987804: ITP: libjose4j-java -- Implementation of JSON Web Token (JWT) and the JOSE specification suite
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: libjose4j-java Version : 0.7.7 Upstream Author : Brian Campbell * URL : https://bitbucket.org/b_c/jose4j/ * License : Apache-2.0 Programming Lang: Java Description : Implementation of JSON Web Token (JWT) and the JOSE specification suite The jose.4.j library is a robust and easy to use open source implementation of JSON Web Token (JWT) and the JOSE specification suite (JWS, JWE, and JWK). It is written in Java and relies solely on the JCA APIs for cryptography. Please see https://bitbucket.org/b_c/jose4j/wiki/Home for more info, examples, etc. This is part of a larger effort to package Jitsi Videobridge in Debian. I intend to maintain the package as part of the Debian Java team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAmCLVLMRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfIbiBAAhgstlO65vB7OX956uZ8JtySEV0KmPt4k fW3BggkgkuSyIWyGm8f4LGRsx+bIW0uy5VJODuFcUGv56EU9SrXkCEVB/vT1og9d a9te6RCrVKMUWpgQp4ubnlqUyHUUVXPMmGzOAF0fISU0gniOTPrEuzELMcypN6i/ 635SpaGHUg+L/RgdJC39OfmDo8JAUVQTA4SE7wQKMK5/FiIO3EEFtcXlAECxyNjS fsD879Dx+80mIVSzEMvMeJFt9XLSdLBRNP6BTkOfXBxDHDjbUm2/ri1Tt/SNGNZ1 aI4w2sS9Tw14O3YdGbFRKaGQlxyP+sFJGXBVv/xdsSpbAlbYIB9GqMqnbkL6b81l 15nM2Hy9hr6fk5CwC3uxOj0KittGFucruBdUXpv59py2sa8V5hnWWk1fMDueYbcf imeJZVL5UQDRdpQO5ktTaD/wk2XGVCYoLI3ksZ618AmHgXR6aTcp6RJ/rZL2cBYQ F2/dmRHKaxvAWMfR9+b2HSKLYIFmzZEWTP4x9/Fe+SyF0PwpSQ9QL/plmuzY9RhT iBfjBfJNOeQnQb9O/Ekj4ztCJwe2Gl5lkPoVaWHVyKRuCyBDh6yM7Acdc/1rmzz8 dAvxxZgn6A2u6G7gLUtOt23ATL4z4Oh8vSdsuhGGzWAmKvAvCikTAZJU2QvjXSR6 LnGbwmnjanI= =HQXm -END PGP SIGNATURE-
Bug#977859: ITP: debian-fbx -- Debian FreedomBox Pure Blend Metapackages
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: debian-fbx Version : 1 Upstream Author : FreedomBox packaging team * URL : https://salsa.debian.org/blends-team/fbx/ * License : GPL-3+ Programming Lang: Debian blends framework Description : Debian FreedomBox Pure Blend Metapackages FreedomBox is designed to be your own inexpensive server at home. It runs free software and offers an increasing number of services ranging from a calendar or jabber server to a wiki or VPN. A web interface allows you to easily install and configure your apps. This package provides FreedomBox tasks in tasksel. The package repository will be at: https://salsa.debian.org/blends-team/fbx/ This package will be maintained by: FreedomBox Packaging Team Debian Pure Blends Team It will be discussed at: freedombox-pkg-t...@lists.alioth.debian.org debian-ble...@lists.debian.org -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAl/hTBoRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfImhBAAtHbeKUaOib0/cidLVAiwrAGgCTF09fO7 RmqjSQ+lGP08IdMzhlgb3iP0pvtr41eYU2c5h7ZzwbYf110PBeoqbrM6OTB+uyXH G3lyijiRN9jaxdbkG9Ak754F+VoWXqRgziT4VIQeBOOypTKvOqPP3IqbPUJrASx8 e88RZfe46f9MZkKm/MZI5gn4Li1kvgqOYBEBTl6fO7yXOkxWhEAAWx6/g74dY+MK q4KBAwLOcrznYQqhtHAfP2Ndv1zWKlCr89rkgdnBNsY9FBp2lgec3PlaZwDrGvxX HIDT9OxgJMykFjDRT+a4he1Lqzn4ZhHXyrZVC3807YxbUA6lFVbLODIbRoZeAmBZ 7aLdHbxc8Yz3X69xT7U4q2nc6pv/ts6RosZQq0b1nuyNXme72vPOrsUI091Jy3kG IzJ8piEtPhg77gZcg7gAmwJ7OlTloIky0SC1ckEqv27U9FTsICjOMNuOKPtzJ0yW muNMEilgBRkHjs5Uk6PDy+7KNgvIMxLfymLiHdZy7OtEZrKq20YWfjyj10Fly2G5 8DUb1irDJMLmT4jDrAVSeM7Ycn9ZA3yLkSz/c8ziNKqI5PyLQ26F+u51XiqyLsLV iO5yUJhpuamFabUEN8km1YS3IY9BMiAyo2pYdXwlTHHJi5mVMenS+KSKkI2a9G0Z Ekx6PzxveU4= =zAr+ -END PGP SIGNATURE-
Re: Next attempt to add Blends to Debian installer
On 06/10/20 9:08 am, Andreas Tille wrote: > Hi Steve, > > On Mon, Mar 23, 2020 at 07:16:11PM +, Steve McIntyre wrote: >>> Not yet, I'm afraid. A little too swamped so far, but you're near the >>> top of my TODO list. I'm hoping to get some time for development on >>> this in the next couple of months. >> >> (Overdue!) update: I've been hacking on this for a while, and I hope >> to have a prototype for testing up shortly. It works fine on my local >> system, but in a test d-i build it fails totally so I've clearly >> missed something! Debugging that now... > > I wonder whether I might have missed some information whether there > is something I could test meanwhile. > > Kind regards and thanks for all your work for the installer Hi Steve and Andreas, I believe getting all the blends (including FreedomBox) listed in the Debian installer would bring a lot of exposure to blends. I have quite some spare time for assisting on this task. If there is an old patch out there, I can help with cleanup, refresh, testing, writing additional tests, etc. If not, I can help with a fresh patch based on what was agreed on. Let me know. Thanks, -- Sunil Mohan Adapa FreedomBox Team signature.asc Description: OpenPGP digital signature
Re: default firewall utility changes for Debian 11 bullseye
On 16/07/19 2:07 am, Arturo Borrero Gonzalez wrote: [...] > 2) introduce firewalld as the default firewalling wrapper in Debian, at least > in > desktop related tasksel tasks. > firewalld is a reasonable choice. We setup and manage firewalld automatically in FreedomBox. - firewalld has simple ways for adding exceptions to ports and services. Many service definitions explain to the user what the ports in the service are useful for. Packages can bring in their own service definitions. - firewalld works alright in many scenarios for servers with multiple network interfaces because of zones. - Network Manager has a 'Zone' property that directly corresponds to firewalld zone. When Network Manager brings up an interface, it is assigned to the configured firewalld zone. - firewalld has a DBus interface that allows querying the current status of the firewall simpler than parsing command line output. - firewalld is a live daemon that adds and removes rules as we interact with it via command line or DBus interface and does not need 'restarting' like some firewall wrappers. Restarting would flush all firewalls and add them back again. At least for some of the firewall scripts, this operation is not atomic. - It supports dealing with custom rules using 'direct' rules. -- Sunil
Re: default firewall utility changes for Debian 11 bullseye
On 31/07/19 7:46 am, Wookey wrote:
[...]
>
> What is the modern equivalent of 'ipmasq'? I still miss this tool on a
> regular basis and loved what it did. I have not found a replacement
> and forever end up looking up runes on the net and doing it by hand
> with iptables. ('it' being setting up my machine to listen on
> one interface (e.g. to a dev board) and forward everything to/from the
> real internet (wifi or ethernet). ipmasq did agreat job of hiding the
> previous transition from ipchains to iptables. I've never heard of
> nftables which is apparently the new thing. Nor firewalld - perhaps it
> would do what I want?
>
> For those too young to know, ipmasq basically does(did - removed in
> 2009!) what the script on this page does for you:
> https://debian-administration.org/article/23/Setting_up_a_simple_Debian_gateway
I believe this is done in firewalld by assigning the outgoing network
interface to 'external' zone and other network interfaces to 'internal'
zone.
Alternatively, setting 'masquerade=yes' property on the zone that is
assigned outgoing network interfaces should achieve the same result.
--
Sunil
signature.asc
Description: OpenPGP digital signature
Bug#892909: ITP: django-ranged-response -- Django file response to stream to browsers properly
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 * Package name: django-ranged-response Version : 0.2.0 Upstream Author : Spindle * URL : https://pypi.python.org/pypi/django-ranged-response * License : Expat Programming Lang: Python Description : Django file response to stream to browsers properly Provides RangedFileResponse that is a modified FileResponse that returns Content-Range headers with the response, so browsers that request the file, can stream the response properly. This is a dependency for the new version of django-captcha, which adds support for Django 2.0. I plan to maintain it as part of FreedomBox packaging team or Debian Python Modules Team. -BEGIN PGP SIGNATURE- iQJFBAEBCgAvFiEE5xPDY9ZyWnWupXSBQ+oc/wqnxfIFAlqpDccRHHN1bmlsQG1l ZGhhcy5vcmcACgkQQ+oc/wqnxfL6yBAAq2KtmE76zu4ljsBh9qEJ5hegpLy2hRRD kE8fl5oOipqUH0izXyaAeoN2o8OWwJw1YyXUc2fIG4OVsf6dWF7tFShCBTOFlMVR 9Ge0IqmlLgmDA628COSVZgIW3k/3Qq3HhGAA9Zrm7pycKTzvtAeWtVthto7isMyv Rm/wNy+9mCKzCyb9KnHCJ8kjNret5jOvcpjztvZdK2DnFyWAleWnujg/KX0UaZEy trNUI2A4THZ+Vt+RpPFnqQK1P8bhBJfUPpuJPFkeLdvc6rDk1p86y1UWxOmmoKb6 cqpmdZiTKThwzP1xO5hFpoP02wvzSXhW6KlszNrGO80Ix68lQiNqbmG+rvMjVKAf Bv8/CGFbx4pRNEPWO4d5mwEJSJyubuUM+nLNgJkF1i+BUjlFSWKleMogdQXcJZDt XRyrtAy8f3Vu+QLropzKZY/JYUhQUwGsGRWXyaaowv3q7rSrqreTJCP+eRKS3N13 xvasSjI4l6B9cXRqoTOxErt3o6eV6pfC/1p64/18jBxzezgPeIZseme29ZcLIRMK usDS+kqD+gPb+WL4/mtR5dzOXbEHOddKgYkKYhLUuszv8UncalH0LuETTySZkGgi 8NVO3EdgEFnl0x2Gn75dKxzWdisT1OropyqTzr8ZNb8LSdFAuo2lKAWkGS7GTkDt Otla80Iawqs= =aqCn -END PGP SIGNATURE-
Bug#778602: ITP: django-stronghold -- Django app to make all views default login_required
Package: wnpp Severity: wishlist Owner: Sunil Mohan Adapa * Package name: django-stronghold Version : 0.2.7 Upstream Author : Mike Grouchy * URL : https://github.com/mgrouchy/django-stronghold * License : Expat Programming Lang: Python Description : Django app to make all views default login_required Stronghold is a very small and easy to use Django app that makes all your Django project default to require login for all of your views. Motivation: FreedomBox's administration web interface uses Django. A couple of time we found ourselves with code missing the @login_required decorator. If such mistake ever goes public it is a serious security error allow people to modify their system without login. We decided make login_required the default rather the opposite. At first we wrote a small custom solution but after seeing a need to improve it and find this Django app we decided to use it. There is currently a merge request pending needs this package. Similar packages: As far as I have looked, there is no upstream or Debian package providing similar functionality. Maintenance plan: I plan to maintain it as part of the collab-maint team. This package will also be cared for as part of the FreedomBox effort as it will be used there. I contacted the upstream author with a patch to provide Python 3 and Django 1.7 support. I got an immediate merge of patch, new release and an offer to help in case the Debian packaging effort requires any. There is small (expected for a small project like this) but recent activity on the upstream project indicating its good health. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150217103904.28837.99776.reportbug@localhost.localdomain
