Re: goals for hardening Debian: ideas and help wanted
On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise p...@debian.org wrote: On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: - security patches should be clearly marked as such in every *.patch file That sounds like a good idea, could you add it to the wiki page? I added this: Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references. - easy create and run programs from chroot and alternate users Could you detail what you mean by this? It sounds like you want either virtual machines or something like docker.io: https://packages.debian.org/sid/docker.io Cencerely, I never heard about Docker before, I didn't mean about VMs and I meant about chrooting. I was thinking about some kind of wizard: - create a chroot if doesn't already exist - create a launcher for your DE - create a shell script to run a program from terminal or a simple WM hint: chroot $CHROOT_PATH su - $USER -c $command_with_args - apt-get should automaticaly check checksums That happens now, if you find an instance where it does not, please file a severity serious bug report on apt with enough detail for the maintainers to debug and fix it. https://www.debian.org/Bugs/Reporting I didn't know it, does apt-get/aptitude/synaptic do complete checks? 1. verify Release file signature 2. verify checksums of repo files 3. verify checksums of individual .deb files I remmember some time ago I edited a file with hexedit (after apt-get downloaded it) and tried to install it with apt-get and it didn't complain. -- http://markorandjelovic.hopto.org One should not be afraid of humans. Well, I am not afraid of humans, but of what is inhuman in them. Ivo Andric, Signs near the travel-road -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/2014042910.73003...@eunet.rs
Re: New Cinnamon Maintainer, looking for help
¡Hola Jonathan! El 2014-04-28 a las 16:13 +0100, Jonathan Dowland escribió: The current package is maintained in git already at http://anonscm.debian.org/gitweb/?p=pkg-cinnamon/cinnamon.git. I haven't checked but in an ideal world your repository would be a clone of this, to make eventual harmonisation easier. Sadly the current pkg-cinnamon project in alioth has no active admins, so I can't push in those repositories, so the current packaging efforts are in: git://git.debian.org/git/collab-maint/cinnamon/cinnamon.git and git://git.debian.org/git/collab-maint/cinnamon/{upstream-name}.git I'll ask the alioth maintainers about taking over the pkg-cinnamon project, but I think I'll keep the collab-maint git repositories, so even if I get attacked by ninjas it's easier for a fellow contributor to keep it up to date. Happy hacking, -- The first 90% of the code accounts for the first 90% of the development time. The remaining 10% of the code accounts for the other 90% of the development time. -- Tom Cargill Saludos /\/\ /\ `/ signature.asc Description: Digital signature
Re: goals for hardening Debian: ideas and help wanted
On Tue, Apr 29, 2014 at 4:22 PM, Marko Randjelovic wrote: Cencerely, I never heard about Docker before, I didn't mean about VMs and I meant about chrooting. I was thinking about some kind of wizard: - create a chroot if doesn't already exist - create a launcher for your DE - create a shell script to run a program from terminal or a simple WM hint: chroot $CHROOT_PATH su - $USER -c $command_with_args Security and chroots aren't things I would associate, you need better. I didn't know it, does apt-get/aptitude/synaptic do complete checks? 1. verify Release file signature 2. verify checksums of repo files 3. verify checksums of individual .deb files I expect so. I remmember some time ago I edited a file with hexedit (after apt-get downloaded it) and tried to install it with apt-get and it didn't complain. That sounds like possibly a bug but if you have an attacker able to modify files in /var/cache/apt/archives/ you have bigger problems I expect. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caktje6ff_cezlqr5otpafw6bnwcskrt_sr81kke18cphndh...@mail.gmail.com
Re: goals for hardening Debian: ideas and help wanted
* Jacob Appelbaum ja...@appelbaum.net, 2014-04-29, 00:20: On 4/25/14, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote: Tor provides privacy and more likely lowers security so which threat against contributors or contributor actions is the Tor policy aimed to protect? I'm confused, what? How does Tor lower security and at the same time, it provides privacy? Regarding lowered security, I guess Kevin might be referring to this: http://www.cs.kau.se/philwint/spoiled_onions/ The attackers don't have to know who they attack. Some men just want to watch the world burn. : So I don't see contradiction between privacy and lowered security. If you do, please enlighten us. :) -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429095807.ga1...@jwilk.net
Re: goals for hardening Debian: ideas and help wanted
previously on this list people contributed: - easy create and run programs from chroot and alternate users Could you detail what you mean by this? It sounds like you want either virtual machines or something like docker.io: https://packages.debian.org/sid/docker.io hint: chroot $CHROOT_PATH su - $USER -c $command_with_args Security and chroots aren't things I would associate, you need better. A wide misconception. Chroots are easily implemented and add security almost for free (often /dev/log is all that is needed) and so can be used by default without any potential problems, they also never bring new risks and always make life difficult for an attacker to raise priviledges or get what they are actually after when done correctly. Even at a simple level it should be obvious that they can just nullify the payload so the attacker simply goes elsewhere. Does debian chroot unbound and nginx under their own unbound and nginx users by default? MACs are hardly ever used by default due to management problems and when they are they either may even lead to exploitable programs that cannot do what they expect to be able to or may not offer the protection expected and why not use the chroot under a MAC anyway. If the kernel can be attacked from the chroot then likely the MAC can and due to increased complexity, arguments just as easily arise against both. For most daemons where the filesystem access amounts to little then a MAC is unlikely to prevent any more attacks that chroot wouldn't and where a program needs a lot of access you are fighting a losing battle and you should rethink your attack surface. Time would be better spent on privsep or getting your web content to run without www-data writes via DACs than tuning a complicated MAC to allow it to some degree or writing a cgi program to keep things out of the chroot. What I am saying is MACs are fine when done right and you have the spare time but should not trump better design or excuse lack of priviledge seperation or the often underused and mis-understood power of DACs not being used to their upmost in the first place. Virtual machines add complexity, waste resources and cannot be on by default for each package which is very important. Also many new attacks like timing attacks between virtual machines arrive. Auditing and bug reporting is also greatly complicated compared to bare metal. I am interested in finding out more about qubes though if I find the time for the desktop, mainly in terms of how deep they may have gone for sandboxing say a browser. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd ___ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) ___ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/686939.12569...@smtp141.mail.ir2.yahoo.com
Re: goals for hardening Debian: ideas and help wanted
On Tue, 29 Apr 2014 00:20:05 + Jacob Appelbaum wrote: Tor provides privacy and more likely lowers security so which threat against contributors or contributor actions is the Tor policy aimed to protect? I'm confused, what? How does Tor lower security and at the same time, it provides privacy? Just like antivirus scanners bring greater exploitability especially if you are not vulnerable to detectable viruses then so does Tor. It adds a lot of complexity for privacy benefit. Integrity is often muddled into security too. As far as I am concerned they can actually counter each other and are seperate entities. Security is an application specific process to be understood in light of a particular threat model. So Tor for certain things yes but not for everything. Obscuring from targetted attack is highly questionable to me when a secure VPN from a lightly used machine (no web browsing) can offer real security. You may just be giving a way in otherwise. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/400899.24381...@smtp140.mail.ir2.yahoo.com
Re: New Cinnamon Maintainer, looking for help
On Tue, Apr 29, 2014 at 10:46:25AM +0200, Maximiliano Curia wrote: ¡Hola Jonathan! El 2014-04-28 a las 16:13 +0100, Jonathan Dowland escribió: The current package is maintained in git already at http://anonscm.debian.org/gitweb/?p=pkg-cinnamon/cinnamon.git. I haven't checked but in an ideal world your repository would be a clone of this, to make eventual harmonisation easier. Sadly the current pkg-cinnamon project in alioth has no active admins, so I can't push in those repositories, so the current packaging efforts are in: Hi, yes, I realise you can't push to that repo, so you have another. That's not my point. There's nothing stopping your other repo from being a clone of the original, so there's a relationship between your efforts and the current package in Debian. Then, when the developer MIA / package maintainer situation is resolved, these can all be reconciled. I'll ask the alioth maintainers about taking over the pkg-cinnamon project, but I think I'll keep the collab-maint git repositories, so even if I get attacked by ninjas it's easier for a fellow contributor to keep it up to date. Did you refresh your understanding of the MIA process? Taking over the repo, or the package, is not the way to go about solving this problem! -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429130723.ga27...@bryant.redmars.org
Re: goals for hardening Debian: ideas and help wanted
Marko Randjelovic markoran at eunet.rs writes: On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise pabs at debian.org wrote: On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: - security patches should be clearly marked as such in every *.patch file That sounds like a good idea, could you add it to the wiki page? I added this: Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references. Veto because the security impact of bugs is disputable, and probably 100% of all patches: http://www.insanitybit.com/2012/06/02/linus-torvalds-all-bugs-are-created- equal-9/ bye, //mirabilos -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/loom.20140429t172650-...@post.gmane.org
Re: goals for hardening Debian: ideas and help wanted
Kevin Chadwick ma1l1ists at yahoo.co.uk writes: Security and chroots aren't things I would associate, you need better. A wide misconception. Chroots are easily implemented and add security almost for free (often /dev/log is all that is needed) and so can be used by default without any potential problems, they also never bring new risks and always make life difficult for an attacker to raise priviledges or get what they are actually after when done correctly. Even at a simple level it should be obvious that they can just nullify the payload so the attacker simply goes elsewhere. Does Bwahahahahahahahahahahahahahahahahahaha! (To casual observers: the entire paragraph is very wrong.) Yes, chroots help isolating things, but, just like systrace(4), they are far from being inescapable. bye, //mirabilos -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/loom.20140429t173408-...@post.gmane.org
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
On Mon, Apr 28, 2014 at 11:01:58PM -0700, Manoj Srivastava wrote: Kari Pahula k...@debian.org gecode That one failed due to missing Build-Depends-Indep and the build attempted to call debian/rules build-indep. I don't think that make 4.0 had anything to do with that failure. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429160944.gb15...@sammakko3.piperka.net
Re: goals for hardening Debian: ideas and help wanted
previously on this list Thorsten Glaser contributed: Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references. Veto because the security impact of bugs is disputable, and probably 100% of all patches: http://www.insanitybit.com/2012/06/02/linus-torvalds-all-bugs-are-created- equal-9/ ? Doesn't that page argue against your 'veto'? I can understand Linus not wanting to have to decide if there is any security relevence in each change or be accused of missing some when he of course would especially when he has said he can't keep up with the many commits and so must want to accelerate and not decelerate the process. I used to look through the commits when I could in order to decide whether to update the kernel more often than every other release and whilst some were obvious or even mentioned security I wondered what level of collaboration went on between distros to work out which had security implications or whether seperate processes helped spot more or not and just created more work. In any case once publicly known and sooner the better it is surely better to inform at every opportunity. p.s. Security is never black and white and I hate the same people, funny that, like reading your stars. There is lots of mis-information and lies about OpenBSD out there. I notice the page doesn't disclose any of his supposed findings or say very much at all. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd ___ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) ___ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/406410.91532...@smtp109.mail.ir2.yahoo.com
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
Manoj Srivastava sriva...@ieee.org writes: Russ Allbery r...@debian.org krb5 (U) Missing build dependency on Python, unrelated to make. I'll file a bug to make sure this gets fixed. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/877g68gkeu@windlord.stanford.edu
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
On Mon, Apr 28, 2014 at 23:01:58 -0700, Manoj Srivastava wrote: Debian X Strike Force debia...@lists.debian.org xserver-xorg-video-vmware I've split the rule in http://anonscm.debian.org/gitweb/?p=pkg-xorg/driver/xserver-xorg-video-vmware.git;a=commitdiff;h=f9208ee13d7ecb6efac784514897c824c65e9365 Hopefully that'll make it happier. Thanks for the report. Cheers, Julien signature.asc Description: Digital signature
Re: goals for hardening Debian: ideas and help wanted
On Tue, 29 Apr 2014 11:52:14 + Patrick Schleizer adrela...@riseup.net wrote: Marko Randjelovic: I was thinking about some kind of wizard: - create a chroot if doesn't already exist - create a launcher for your DE - create a shell script to run a program from terminal or a simple WM hint: chroot $CHROOT_PATH su - $USER -c $command_with_args chroot is not a security feature? As far I understand, chroots in Debian/Fedora aren't jails. Source: https://securityblog.redhat.com/2013/03/27/is-chroot-a-security-feature/ it is not really a security feature, it is closer to what we would call a hardening feature. Well, we have the word hardening in the subject, I'm not sure what OP meant, probably he ment more security then hardening, but grsecurity which is mentioned in wiki[1] contains features to prevent breaking out of chroot, so combined with grsecurity chroot might be called a security feature? [1] https://wiki.debian.org/Hardening/Goals -- http://markorandjelovic.hopto.org One should not be afraid of humans. Well, I am not afraid of humans, but of what is inhuman in them. Ivo Andric, Signs near the travel-road -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429184222.3296b...@eunet.rs
Re: goals for hardening Debian: ideas and help wanted
previously on this list Thorsten Glaser contributed: A wide misconception. Chroots are easily implemented and add security almost for free (often /dev/log is all that is needed) and so can be used by default without any potential problems, they also never bring new risks and always make life difficult for an attacker to raise priviledges or get what they are actually after when done correctly. Even at a simple level it should be obvious that they can just nullify the payload so the attacker simply goes elsewhere. Does Bwahahahahahahahahahahahahahahahahahaha! (To casual observers: the entire paragraph is very wrong.) Yes, chroots help isolating things, but, just like systrace(4), they are far from being inescapable. I also said the following and nothing is inescapable atleast in any general conversation, so who is being black and white now! Chroot provides a noticeable improvement in security at a very low cost in time to implement and almost 0 maintenance. Systrace has security merit too despite it's shortcomings at isolating ROOT in CERTAIN SITUATIONS and is used by sshd now by default. If the kernel can be attacked from the chroot then likely the MAC can and due to increased complexity, arguments just as easily arise against both. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd ___ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) ___ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/80183.89090...@smtp103.mail.ir2.yahoo.com
Re: goals for hardening Debian: ideas and help wanted
Marko Randjelovic marko...@eunet.rs writes: I added this: Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references. I don't agree with this statement. I think there are far more important things to document in Policy that haven't yet been documented there than creating new rules about patch naming. Note that, currently, Debian Policy doesn't require that you use separated patches *at all*, nor should it given that there is not project consensus for requiring that source package representation. I'm fine with putting such a guideline somewhere advisory, such as the Developer's Reference, but I don't think Policy is the document you're looking for. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/8738gwgk4q@windlord.stanford.edu
Re: goals for hardening Debian: ideas and help wanted
* Thorsten Glaser t...@debian.org, 2014-04-29, 15:35: A wide misconception. Chroots are easily implemented and add security almost for free (often /dev/log is all that is needed) and so can be used by default without any potential problems, they also never bring new risks and always make life difficult for an attacker to raise priviledges or get what they are actually after when done correctly. Even at a simple level it should be obvious that they can just nullify the payload so the attacker simply goes elsewhere. Does Bwahahahahahahahahahahahahahahahahahaha! Do you also laugh at people who enable hardening complier flags? Security is not black and white. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429170215.gb4...@jwilk.net
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: Felipe Sateler fsate...@debian.org csound (U) pulseaudio (U) On both I'm getting this: dpkg-buildpackage: warning: debian/rules must be updated to support the 'build-arch' and 'build-indep' targets (at least 'build-arch' seems to be missing) Looks like the new make is not doing the expected thing when called as make -f debian/rules -qn build-arch (And by expected is return 2 when not found, any other return code otherwise). csound fails because Build-Depends-Indep is not installed, pulseaudio fails because we use the same make -qn trick in our rules file (although it will be gone in the next upload). -- Saludos, Felipe Sateler -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/ljoiqk$v4a$1...@ger.gmane.org
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
On Mon, Apr 28, 2014 at 11:01:58PM -0700, Manoj Srivastava wrote: David Suárez kindly did an archive rebuild with the new version of make in experimental, and the results of the build are at: http://aws-logs.debian.net/ftbfs-logs/results-make4/ The summary: 73 packages have failed, though not all seem obviously related to make. Out of the 73, I can see 10 failed due to a known backward incompatibility in make; I am building a new version that reverts that change, though we should still fix the makefiles. Add kernel-package to the list of failures. It doesn't FTBFS itself, but trying to compile a kernel using it fails with: debian/ruleset/misc/version_vars.mk:161: *** Error. The Kernel Release version make[2]: Leaving directory '/home/kilobyte/linux'.make[2]: Leaving directory '/home/kilobyte/linux'.make[2]: Leaving directory '/home/kilobyte/linux'make[2]: Leaving directory '/home/kilobyte/linux'make[2]: Leaving directory '/home/kilobyte/linux' VERSION=[make[2]: Leaving directory '/home/kilobyte/linux'], PATCHLEVEL=[make[2]: Leaving directory '/home/kilobyte/linux'], SUBLEVEL=[make[2]: Leaving directory '/home/kilobyte/linux'], EXTRAVERSION=[make[2]: Leaving directory '/home/kilobyte/linux'], iatv=[], LOCALVERSION=[make[2]: Leaving directory '/home/kilobyte/linux'], UTS_RELEASE_VERSION=[3.14.2-x32], KERNELRELEASE=[]. is not all lowercase. Since the version ends up in the package name of the kernel image package, this is a Debian policy violation, and the packaging system shall refuse to package the image. . Stop. make[2]: Leaving directory '/home/kilobyte/linux' debian/ruleset/targets/image.mk:347: recipe for target 'debian/stamp/binary/pre-linux-image-3.14.2-x32' failed make[1]: *** [debian/stamp/binary/pre-linux-image-3.14.2-x32] Error 2 make[1]: Leaving directory '/home/kilobyte/linux' debian/ruleset/local.mk:105: recipe for target 'linux-image' failed make: *** [linux-image] Error 2 It does work with old make. Fortunately, we got rather few packaged build systems that don't get tested as a part of an archive rebuild, so there's hope there's much more failures. -- A tit a day keeps the vet away. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429161334.ga14...@angband.pl
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
* Manoj Srivastava sriva...@ieee.org, 2014-04-28, 23:01: Moritz Muehlenhoff j...@debian.org fbi A bashism (echo -e) in mk/Autoconf.mk slightly corrupts the first line of Make.config: -e LIB := lib Apparently the new make doesn't like it. Beware of #584233 when fixing this bug. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429180713.ga1...@jwilk.net
Re: New Cinnamon Maintainer, looking for help
Hi, I've been working with Maxy in creating these packages and I can answer your questions. On Tue, Apr 29, 2014 at 3:07 PM, Jonathan Dowland j...@debian.org wrote: Hi, yes, I realise you can't push to that repo, so you have another. That's not my point. There's nothing stopping your other repo from being a clone of the original, so there's a relationship between your efforts and the current package in Debian. There's also nothing stopping you from going to the web interface and checking. If you go to: http://anonscm.debian.org/gitweb/?p=collab-maint/cinnamon/cinnamon.git;a=shortlog You will see that before the commits made by Maxy and me there are also the commits made by the previous maintainer. So, yes, it's a clone. The original mail said new packages because most of them are actually new. Since cinnamon 1.7, the cinnamon desktop environment has added many more packages that were not included in that release, and so it was impossible to clone from them. The packages uploaded by the previous maintainer were cinnamon, muffin and nemo. The packages currently prepared by us are: cinnamon-desktop, cinnamon-menus, cinnamon-session, cinnamon-themes, cjs, cinnamon-screensaver, cinnamon-settings-daemon, muffin, nemo, cinnamon, cinnamon-control-center, cinnamon-bluetooth Then, when the developer MIA / package maintainer situation is resolved, these can all be reconciled. Sure. We have now both been added as admins of the pkg-cinnamon repo and will consider moving the git repos there. Since we want MORE people to contribute instead of less, we wanted to get the administrative procedures out of the way, and that's why we originally chose collab-maint instead of waiting for pkg-cinnamon to be made available. -- Besos, Marga -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/cap+fksojxfse7q_y45z+neguzejfrhzmrv4dvnbkrf6w6ha...@mail.gmail.com
Re: goals for hardening Debian: ideas and help wanted
On Tue, April 29, 2014 18:45, Russ Allbery wrote: Marko Randjelovic marko...@eunet.rs writes: I added this: Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references. I don't agree with this statement. I think there are far more important things to document in Policy that haven't yet been documented there than creating new rules about patch naming. Note that, currently, Debian Policy doesn't require that you use separated patches *at all*, nor should it given that there is not project consensus for requiring that source package representation. I'm quite unclear even on what problem it tries to solve. Debian already extensively tracks which vulnerabilities affect which package versions, and I don't see what sorting patches into 'security' and 'other' would add to this. Thijs -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/21d2a0ee1c0575779cf73790ee5d5d2b.squir...@aphrodite.kinkhorst.nl
Re: goals for hardening Debian: ideas and help wanted
previously on this list Marko Randjelovic contributed: Well, we have the word hardening in the subject, I'm not sure what OP meant, probably he ment more security then hardening, but grsecurity which is mentioned in wiki[1] contains features to prevent breaking out of chroot, so combined with grsecurity chroot might be called a security feature? Fair enough but almost all of those escape mitigations combat an attacker with ROOT priviledges and you shouldn't have been running the daemon as root in the first place and what is not in the chroot makes raising priviledges to root much more difficult. Chroot *IS* a security feature as extensively used by dovecot including priv sep and coded into sshd and unbound and apache and nginx. People *HAVE* watched attackers get frustrated and leave. The first thing an attacker usually tries with an exploit is to load /bin/sh then they may try to get data into the filesystem but find the filesystem is noexec and likely not writable by the process owner. Then all of a sudden especially with ASLR and a nonexec stack things have gotten much more difficult and the chances of causing noticeable crashes increases. At this point if they haven't left already, two things are likely to happen, if it is non targeted as the kernel.org attack was they leave and find one of the many other systems to attack. If it is a buy and shoot attack it has failed to execute the buyers shell code or program and your just one more system that isn't on their botlist. Otherwise they have a more difficult task of exploring the process space and attacking the kernel or hoping the chroot is not owned by root or the cd was not invoked. Chroot also helps to prevent MAC bypass on systems where grsec prvi I/O is not disabled. The whole point is security is layers and in my opinion MAC should be the final layer but many distro's and more so Fedora than debian use it whilst ignoring their lax DAC permissions. I thought this would be a no-brainer default atleast for some packages. I guess I was wrong? -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd ___ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) ___ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/450827.54193...@smtp120.mail.ir2.yahoo.com
Re: goals for hardening Debian: ideas and help wanted
Le mardi 29 avril 2014 à 15:35 +, Thorsten Glaser a écrit : A wide misconception. Chroots are easily implemented and add security almost for free Bwahahahahahahahahahahahahahahahahahaha! (To casual observers: the entire paragraph is very wrong.) Maybe you should go read a book or two on defense-in-depth before making such a fool of yourself… almost for free. -- .''`. Josselin Mouette : :' : `. `' `- -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1398805595.5667.5.ca...@kagura.malsain.org
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
On Tue, Apr 29 2014, Felipe Sateler wrote: On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: Felipe Sateler fsate...@debian.org csound (U) pulseaudio (U) Add to that: Kari Pahula k...@debian.org gecode Russ Allbery r...@debian.org krb5 (U) Missing Build-Depends-Indep is a common pattern among the 60 or so remaining build failures. On both I'm getting this: dpkg-buildpackage: warning: debian/rules must be updated to support the 'build-arch' and 'build-indep' targets (at least 'build-arch' seems to be missing) Looks like the new make is not doing the expected thing when called as make -f debian/rules -qn build-arch With the old make (3.8,1), it correctly loads B-D-I and calls build-indep, with make 4.0-[12], it fails to determine of the target exists, and calls ./debian/rules build (And by expected is return 2 when not found, any other return code otherwise). Right. Since dpkg-buildpackage cannot ascertain that 'build-arch' and 'build-indep' targets exist, it calls build, and does not load B-D-I first. Most of the archive works, since B-D-I was not paid any attention to on the buildds, and every package used to build with ./debian/rules build and all the dependencies used to be in Build-Depends. Since then, B-D-I has been fixed, and we see empirical evidence that around 60 packages have made us of that. I don't know why the behaviour has changed; but I have tested it on apt and opusfile, and a couple of other packages. I will cut a normal bug on dpkg, and a serious one on make, and make the former block the latter while we figure otu what to do. The options, as I see it are: 1) Do nothing. retain make-3.81 in Debian forever more. Needless to say, this is not very attractive. Pro: There is no action to take. Con: Almost every other distro is shipping a more recent make. We will continue to diverge from everyone else, and already the featires have diverged enough that people are having to add special cases in the vuild system for the Debian family of distributions. 2) Hack dpkg-buildpackage to always load B-D-I, and go back to just calling ./debian/rules build. This is what we used to do. Pro: it is pretty easy to do (umm, I would think, but I don't know the dpkg code base so well anymore). This has the con of the inefficiency we have tried to eliminate, in that all the build dependencies are loaded for every build, even when not strictly needed. 3) We state that packages must provide build-arch and build-indep for Jessie. This should trivially be true for every package using cdbs or debhelper (or, heaven forbid, my old home brew build system), and have dpkg-buildpackage call them without testing to see if they exist. We would need to do another archive rebuild with the modified dpkg-buildpackage to see how many packages do not actually not implement these targets. None of these are very pretty. manoj -- Just because he's dead is no reason to lay off work. Manoj Srivastava sriva...@acm.org http://www.golden-gryphon.com/ 4096R/C5779A1C E37E 5EC5 2A01 DA25 AD20 05B6 CF48 9438 C577 9A1C signature.asc Description: PGP signature
Re: make 4.0: archive rebuild resulted in 73 packages broken (help wanted)
Manoj Srivastava sriva...@ieee.org writes: On Tue, Apr 29 2014, Felipe Sateler wrote: On Mon, 28 Apr 2014 23:01:58 -0700, Manoj Srivastava wrote: Felipe Sateler fsate...@debian.org csound (U) pulseaudio (U) Add to that: Kari Pahula k...@debian.org gecode Russ Allbery r...@debian.org krb5 (U) Missing Build-Depends-Indep is a common pattern among the 60 or so remaining build failures. Yeah, I was wrong about my analysis here. I'll let Sam know. (Although it's still a minor bug that the package doesn't B-D-I directly on python-lxml.) I will cut a normal bug on dpkg, and a serious one on make, and make the former block the latter while we figure otu what to do. The options, as I see it are: 1) Do nothing. retain make-3.81 in Debian forever more. Needless to say, this is not very attractive. Pro: There is no action to take. Con: Almost every other distro is shipping a more recent make. We will continue to diverge from everyone else, and already the featires have diverged enough that people are having to add special cases in the vuild system for the Debian family of distributions. 2) Hack dpkg-buildpackage to always load B-D-I, and go back to just calling ./debian/rules build. This is what we used to do. Pro: it is pretty easy to do (umm, I would think, but I don't know the dpkg code base so well anymore). This has the con of the inefficiency we have tried to eliminate, in that all the build dependencies are loaded for every build, even when not strictly needed. 3) We state that packages must provide build-arch and build-indep for Jessie. This should trivially be true for every package using cdbs or debhelper (or, heaven forbid, my old home brew build system), and have dpkg-buildpackage call them without testing to see if they exist. We would need to do another archive rebuild with the modified dpkg-buildpackage to see how many packages do not actually not implement these targets. Well, 2 is going back on something that we're trying to transition, and 1 seems obviously unacceptable. 3 is where we were trying to get to anyway. I vote for just biting the bullet and trying to do 3 for jessie. -- Russ Allbery (r...@debian.org) http://www.eyrie.org/~eagle/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87lhun2zas@windlord.stanford.edu
Re: New Cinnamon Maintainer, looking for help
On Sat, Apr 26, 2014 at 04:14:36PM +0200, Maximiliano Curia wrote: The cinnamon package and dependencies included in Debian are currently uninstallable, and have been unmantained for a year. I have prepared new packages, adding their sources to the collab-maint alioth project. There's still quite a lot of work to do in order to bring these packages into Debian shape, so I encourage anyone who's interested to contact me, so that we can work together. You should not start with fresh packages. We have processes for managing this situation: https://www.debian.org/doc/manuals/developers-reference/beyond-pkging.html#mia-qa The current package is maintained in git already at http://anonscm.debian.org/gitweb/?p=pkg-cinnamon/cinnamon.git. I haven't checked but in an ideal world your repository would be a clone of this, to make eventual harmonisation easier. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140428151302.ga3...@bryant.redmars.org
Re: New Cinnamon Maintainer, looking for help
Hi! On Apr 26, 2014 4:26 PM, Maximiliano Curia m...@debian.org wrote: Hi, Cinnamon is a desktop environment based on GNOME, but with a different shell and some other replaced parts (screensaver, file manager, system settings, etc). It was created by Linux Mint, but it's independent of the distribution. The cinnamon package and dependencies included in Debian are currently uninstallable, and have been unmantained for a year. I have prepared new packages, adding their sources to the collab-maint alioth project. There's still quite a lot of work to do in order to bring these packages into Debian shape, so I encourage anyone who's interested to contact me, so that we can work together. I'd love to help, somehow. -- Matteo F. Vescovi Debian Maintainer GnuPG KeyID: 0x83B2CF7A
Re: goals for hardening Debian: ideas and help wanted
On Thu, 24 Apr 2014 10:57:39 +0800 Paul Wise p...@debian.org wrote: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. - security patches should be clearly marked as such in every *.patch file - easy create and run programs from chroot and alternate users - apt-get should automaticaly check checksums -- http://markorandjelovic.hopto.org One should not be afraid of humans. Well, I am not afraid of humans, but of what is inhuman in them. Ivo Andric, Signs near the travel-road -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429020744.26376...@eunet.rs
Re: goals for hardening Debian: ideas and help wanted
On 4/25/14, Kevin Chadwick ma1l1i...@yahoo.co.uk wrote: previously on this list Paul Wise contributed: I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. ... Tor provides privacy and more likely lowers security so which threat against contributors or contributor actions is the Tor policy aimed to protect? I'm confused, what? How does Tor lower security and at the same time, it provides privacy? All the best, Jacob -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/CAFggDF14P25ZrOp3Yj=nfvaydtry+rnbcxgfdw-vvvrbvdf...@mail.gmail.com
Re: goals for hardening Debian: ideas and help wanted
On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: - security patches should be clearly marked as such in every *.patch file That sounds like a good idea, could you add it to the wiki page? - easy create and run programs from chroot and alternate users Could you detail what you mean by this? It sounds like you want either virtual machines or something like docker.io: https://packages.debian.org/sid/docker.io - apt-get should automaticaly check checksums That happens now, if you find an instance where it does not, please file a severity serious bug report on apt with enough detail for the maintainers to debug and fix it. https://www.debian.org/Bugs/Reporting -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caktje6fk8+7x-hrhnv-+jhn2yrnkouobgzy6c7hsg5e3oze...@mail.gmail.com
New Cinnamon Maintainer, looking for help
Hi, Cinnamon is a desktop environment based on GNOME, but with a different shell and some other replaced parts (screensaver, file manager, system settings, etc). It was created by Linux Mint, but it's independent of the distribution. The cinnamon package and dependencies included in Debian are currently uninstallable, and have been unmantained for a year. I have prepared new packages, adding their sources to the collab-maint alioth project. There's still quite a lot of work to do in order to bring these packages into Debian shape, so I encourage anyone who's interested to contact me, so that we can work together. -- I decry the current tendency to seek patents on algorithms. There are better ways to earn a living than to prevent other people from making use of one's contributions to computer science. -- Donald Knuth Saludos /\/\ /\ `/ signature.asc Description: Digital signature
Re: New Cinnamon Maintainer, looking for help
On 26.04.2014 16:14, Maximiliano Curia wrote: Hi, Cinnamon is a desktop environment based on GNOME, but with a different shell and some other replaced parts (screensaver, file manager, system settings, etc). It was created by Linux Mint, but it's independent of the distribution. The cinnamon package and dependencies included in Debian are currently uninstallable, and have been unmantained for a year. I have prepared new packages, adding their sources to the collab-maint alioth project. There's still quite a lot of work to do in order to bring these packages into Debian shape, so I encourage anyone who's interested to contact me, so that we can work together. Hi Maximiliano, I'm not Cinnamon user, but I have contact by the another users with that environment. I can help you. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/535bca66.1090...@linuxmint.pl
Re: goals for hardening Debian: ideas and help wanted
On Thu, Apr 24, 2014 at 9:49 AM, Giacomo Mulas giacomo.mula...@gmail.com wrote: On Thu, 24 Apr 2014, Steve Langasek wrote: The apparmor policies in Debian apply a principle of minimal harm, confining only those services for which someone has taken the time to verify the correct profile. There are obviously pros and cons to each approach to MAC, which I'm not interested in arguing about; but one of the pros of the approach taken for apparmor is that all software *does* continue to work out of the box. If you found it otherwise, I think you should be filing a bug report against apparmor. Good to know, actually I had tried apparmor quite some time ago and did not try again. I will give it another spin as soon as I can. However, I do not agree that I should file bugs against apparmor if a debian package does not work properly, it should go to the package manager (and maybe cc to some apparmor expert team). It cannot be the maintainer(s) of apparmor to have to shoulder the effort of creating and maintaining profiles for all debian packages. They may be called in for support, but regular package maintainers should be involved IMHO, otherwise it will never really take off and provide significantly better security. Both of you have misunderstood each other. Steve, Giacomo was advocating the creation of profiles/configurations for all debian packages and considering it a serious bug if that was not done. Giacomo, Steve thought that you meant that unconfined applications should work perfectly when the user is using a MAC, and not that they should integrate with the MAC mechanism. So he was trying to explain how AppArmor only interferes with explicitly configured (by the package maintainer or user) profiles, and would not cause any harm to non-confined applications. This is forgivably irrelevant, because you are talking about confined applications. Best regards, -- Cameron Norman -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/calzwfrlhuawxatvzeb46jbuvozm54crpxac0ksx_wajx4pd...@mail.gmail.com
Re: goals for hardening Debian: ideas and help wanted
previously on this list Paul Wise contributed: I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. Though it will take some guts, the best way I see for a distro to help users secure their machines is to provide sudoers entries disabled by default and enabled either manually through requests during various package installs or a sudoers-policies package or in sudoers.d by default. I've read a story about sudoers being packaged by distro's at one time but mistakes meaning they stopped doing so. I expect that's a myth and silly if not. I find little about it but hearsay and whilst I know sudo's maintainer prefers rules not to be enabled by default as that encourages general policies and so an insecure default. I am not sure he minds commented policies that are easily enabled. If I ever have any time I intend to create a sudoers policy site if no-one beats me to it and more searches don't find one but a project like debian may be better suited to the task. Sudo is undoubtedly more secure than polkit when used correctly and easily modified by users. If things like synaptic had an option to use sudo, users could very easily and intuitively modify the default policy to only allow a certain list of packages to be installed and synaptic would be none the wiser and work very securely with whatever exact permissions the user decides and that apt-get provides the control for. This empowers users and the more correct way of doing things. Any security related tools and settings should have a high quality man page. All security configuration should be insisted on being in /etc if it isn't already. A default polkit configuration for example should be easily found and edited and not be allowed to exist in /usr or need to be copied from anywhere to anywhere. That is simply irresponsible. sysctl.conf could perhaps have more commented entries If a doc exists in /usr/share then perhaps a man page should atleast point to it and be found via apropos in many cases as understanding is the first step to securing. You could port the privledge seperation patches for X11 from OpenBSD so that only a small part for handling device files etc. runs as root. tcpdump is more secure but for more risky things like wireshark it could be made to die perhaps by a wrapper if run as root and dumpcap be suid group wireshark mode 750 and users add themselves to that group to use it. http://marc.info/?l=openbsd-miscm=139694935227588w=2 More use of chrooting by default would be good too. Some comments on the existing content on the page follows. Tor provides privacy and more likely lowers security so which threat against contributors or contributor actions is the Tor policy aimed to protect? Asking contributor's to boot debian where possible without listening services from dedicated usb/hdd with a vpn or ssh to avoid router resident attackers maybe seen as a bit draconian but I would suggest is a better practice to aim for. If grsec is coming RBAC deserves mentioning under MACs Routers, you could simplify their usage so you are using a subset of the firmware risk. So use bridge mode and a pppoe client on a debian or an OpenBSD box where I can contest pppoe setup is dead easy and in kernel. Though the bastille debian box and VPN two paragraphs up is probably easier for most with wireless etc. -- ___ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) In Other Words - Don't design like polkit or systemd ___ I have no idea why RTFM is used so aggressively on LINUX mailing lists because whilst 'apropos' is traditionally the most powerful command on Unix-like systems it's 'modern' replacement 'apropos' on Linux is a tool to help psychopaths learn to control their anger. (Kevin Chadwick) ___ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/246269.70707...@smtp101.mail.ir2.yahoo.com
Re: goals for hardening Debian: ideas and help wanted
Apologies for the top posting, I'm writing this from my phone. I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone. Amusing. Lesley On 24 Apr 2014 03:58, Paul Wise p...@debian.org wrote: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. -- bye, pabs http://wiki.debian.org/PaulWise
Re: goals for hardening Debian: ideas and help wanted
On 10:57 Thu 24 Apr 2014, Paul Wise wrote: ..[snip].. https://wiki.debian.org/Hardening/Goals Regarding the line (at that page): Refuse to install packages that are known to have X number of unplugged exploits (i.e. X number of open security bugs in the bug tracker) unless e.g. --allow-vulnerable-packages is used. This makes it clear that you are installing software that is vulnerable. I suggest it might be better if exploits were each given a quick/approximate ranking in terms of severity (and if the severity is unknown it could be assigned a default median ranking), so that the algorithm you mention wouldn't just add number of unplugged exploits, but add them by weight. For example: the recent heartbleed exploit would be worth more than a few smaller exploits in less critical software, and would be calculated as such... -- PGP fingerprint: BB0A 0787 C0EE BDD8 7F97 3D30 49F2 13A5 265D CCBD -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140424080627.GB31307@hernia
Re: goals for hardening Debian: ideas and help wanted
On Jo, 24 apr 14, 11:06:27, Rowan Thorpe wrote: On 10:57 Thu 24 Apr 2014, Paul Wise wrote: ..[snip].. https://wiki.debian.org/Hardening/Goals Regarding the line (at that page): Refuse to install packages that are known to have X number of unplugged exploits (i.e. X number of open security bugs in the bug tracker) unless e.g. --allow-vulnerable-packages is used. This makes it clear that you are installing software that is vulnerable. I suggest it might be better if exploits were each given a quick/approximate ranking in terms of severity (and if the severity is unknown it could be assigned a default median ranking), so that the algorithm you mention wouldn't just add number of unplugged exploits, but add them by weight. For example: the recent heartbleed exploit would be worth more than a few smaller exploits in less critical software, and would be calculated as such... Bug severities are probably enough for this purpose. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt signature.asc Description: Digital signature
Re: goals for hardening Debian: ideas and help wanted
I suggest it might be better if exploits were each given a quick/approximate ranking in terms of severity (and if the severity is unknown it could be assigned a default median ranking), so that the algorithm you mention wouldn't just add number of unplugged exploits, but add them by weight That is a good idea. The Common Vulnerability Scoring System was invented for this purpose: http://en.wikipedia.org/wiki/CVSS Kind regards, Richard -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/7f6371fd-0ee0-4f36-8f36-7736f65e7...@vdberg.org
Re: goals for hardening Debian: ideas and help wanted
On Thu, 24 Apr 2014, Paul Wise wrote: On Thu, 2014-04-24 at 02:53 -0007, Cameron Norman wrote: Would the inclusion of more AppArmor profiles be applicable? Thanks, added along with SELinux/etc. I second that. Actually, some time ago I tried using both AppArmor and SELinux, but gave up because it took forever to find legitimate behaviour of all kinds of common packages (most of them standard debian packages) and prepare configuration files for things to work. If debian wants to foster adoption of such security enhancements, it must go to great lengths in making sure that (in order of importance in my humble opinion) 1) all debian-packaged software works (very nearly) out of the box with debian-supported MAC frameworks. It should be very clear that if they don't it's an important bug that needs fixing. For example, such bugs should prevent the inclusion of a package in an official stable release. Or split the main debian archive in two, one that is MAC-ready and one that is not, so each user can decide to only use packages known to work well with debian-supported MAC frameworks. 2) for each debian-supported MAC framework there should be an expert team which should a) help package maintainers learn how to create and include appropriate configuration files so that their package works with the MAC framework b) create some tools (debhelper-like?) to make it relatively easy to find the minimum access rights a package needs and implement them in a configuration file c) define appropriate style guidelines to make configuration files as readable and maintainable as possible. All of this is going to be a lot of work at the beginning, but it will quickly decrease as more and more package maintainers get familiar with MAC frameworks. 3) there should be a category of packages in contrib which just contain configuration files for commonly used non-free software. Such configuration files should be audited by the appropriate expert teams before acceptance, to make sure they do not grant unnecessary access privileges. Until at very least point 1) is fulfilled, I doubt there will be widespread adoption of MAC frameworks, except for very specialised systems for which the amount of effort in setting them up is limited. General purpose computers (i.e. the ones in a pool of computers available for PhD students at a University, which must have a lot of packages installed for general use) will remain out of the question. Bye Giacomo -- _ Giacomo Mulas gmu...@oa-cagliari.inaf.it _ INAF - Osservatorio Astronomico di Cagliari via della scienza 5 - 09047 Selargius (CA) tel. +39 070 71180244 mob. : +39 329 6603810 _ When the storms are raging around you, stay right where you are (Freddy Mercury) _ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/alpine.deb.2.10.1404241121540.8...@capitanata.oa-cagliari.inaf.it
Re: goals for hardening Debian: ideas and help wanted
On Thu, Apr 24, 2014 at 11:45:46AM +0200, Giacomo Mulas wrote: On Thu, 24 Apr 2014, Paul Wise wrote: Would the inclusion of more AppArmor profiles be applicable? Thanks, added along with SELinux/etc. I second that. Actually, some time ago I tried using both AppArmor and SELinux, but gave up because it took forever to find legitimate behaviour of all kinds of common packages (most of them standard debian packages) and prepare configuration files for things to work. If debian wants to foster adoption of such security enhancements, it must go to great lengths in making sure that (in order of importance in my humble opinion) 1) all debian-packaged software works (very nearly) out of the box with debian-supported MAC frameworks. It should be very clear that if they don't it's an important bug that needs fixing. For example, such bugs should prevent the inclusion of a package in an official stable release. Or split the main debian archive in two, one that is MAC-ready and one that is not, so each user can decide to only use packages known to work well with debian-supported MAC frameworks. The apparmor policies in Debian apply a principle of minimal harm, confining only those services for which someone has taken the time to verify the correct profile. There are obviously pros and cons to each approach to MAC, which I'm not interested in arguing about; but one of the pros of the approach taken for apparmor is that all software *does* continue to work out of the box. If you found it otherwise, I think you should be filing a bug report against apparmor. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org signature.asc Description: Digital signature
Re: goals for hardening Debian: ideas and help wanted
On Thu, 24 Apr 2014, Steve Langasek wrote: The apparmor policies in Debian apply a principle of minimal harm, confining only those services for which someone has taken the time to verify the correct profile. There are obviously pros and cons to each approach to MAC, which I'm not interested in arguing about; but one of the pros of the approach taken for apparmor is that all software *does* continue to work out of the box. If you found it otherwise, I think you should be filing a bug report against apparmor. Good to know, actually I had tried apparmor quite some time ago and did not try again. I will give it another spin as soon as I can. However, I do not agree that I should file bugs against apparmor if a debian package does not work properly, it should go to the package manager (and maybe cc to some apparmor expert team). It cannot be the maintainer(s) of apparmor to have to shoulder the effort of creating and maintaining profiles for all debian packages. They may be called in for support, but regular package maintainers should be involved IMHO, otherwise it will never really take off and provide significantly better security. Thanks for the information. Giacomo -- _ Giacomo Mulas gmu...@oa-cagliari.inaf.it _ INAF - Osservatorio Astronomico di Cagliari via della scienza 5 - 09047 Selargius (CA) tel. +39 070 71180244 mob. : +39 329 6603810 _ When the storms are raging around you, stay right where you are (Freddy Mercury) _ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/alpine.deb.2.10.1404241841420.15...@capitanata.oa-cagliari.inaf.it
Help wanted: test new shadow source package (login, passwd, uidmap, etc.)
Hello fellow developers, I would like to request your help in testing the new version of the shadow package (that provides login, passwd and such other important or base packages). Debian is upstream for shadow since Nicolas François (with my help) took over the maintenance of shadow back in 2005. Since then, Nicolas, whose expertise in C programming is millions of miles ahead of mine, did a great job in maintaining the package, keeping its bug log low and in general keep it as safe and clean as possible. However since about 2-3 years, Nicolas is much less active in Debian than he was and I'm mostly left alone really maintaining shadow as a Debian package. And thus, the package had very few uploads. Still, last work by Nicolas happened in early 2013 when he worked again on some requested new features, merging in some proposed work by Serge Hallyn. Later on, more enhancements have been proposed by other people, mostly to integrate the support for subuid/subgid. I'd like to thank, here, Eric Biedermann, Serge Hally and Micah Anderson who helped a lot integrating this, as I know nearly nothing about all this stuff. That lead to a new upstream version (4.2) which, unfortunately, Nicolas had no free time to officially publish. Moreover, all this converged roughly during the wheezy freeze and it was of course inappropriate to upload this. Then dust started to pile up again on shadowand all this work remained unpublished. Partly also because my own involvment in Debian decreased and got recentered on thing I really have expertise about. However, I finally took enough time to bring the final touch to a new package for shadow, namely 4.2-1. This package supposedly brings the long awaited new features such ad subuid, subgid, pam_loginuid in login settings,etc. See the complete changelog at the end of this mail. This package just got uploaded to experimental a few days ago and got ACCEPTed (it add a new uidmap package) yesterday. However, I'm completely unable to test the new package except its very very basic functions and here is where I need your help. I really have ZERO clue about these new features and I'm anything but a security or code expert. Indeed, I'm not the best suited person to maintain shadow alone but, as of now, I'm the last one that's left...;-) These new features apparently deserve to be added to the distribution and hopefully jessie but before uploading it to unstable, they need a lot more testing and feedback. So, please, if you're interested in this, or more generally concerned by keeping some of our core packages in goo dcondition, feel free to install the new packages from experimental and test them as you can. Full changelog for the new shadow package (including the damn typos I made here or there, as usual): shadow (1:4.2-1) experimental; urgency=low [ Nicolas FRANCOIS (Nekral) ] * New upstream release. Fixes: - Invalid free() in su fixed by using strdup(). Thanks to Serge Hallyn for the patch. Closes: #691459 - Kill the child process group, rather than just the immediate child; this is needed now that su no longer starts a controlling terminal when not running an interactive shell. Thanks to Colin Watson for the patch. Closes: #713979 - German manpages translation update. Closes: #679152 - Improve login.defs (typographic errors and better format). Closes: #685415 - Russian translation update. Closes: #718356 - Do not assume random() is limited by RAND_MAX. Closes: #677275 - Support C libraries with unknown fields in struct passwd. Closes: #675824 - su: child cleanup is performed before terminating PAM sessions. This avoids anoying ...terminated messages when PAM module send signal to su during session close. Closes: #670132 - vipw/vigr is checking arguments provided after options. Closes: #677812 - Updated Japanese translation. Closes: #720004 - vipw: Fix error reporting when editor fails. Closes: #688260 * Moved to git: replace Vcs-Git in place of Vcs-Svn and adapt Vcs-Browser. * Add pam_loginuid to login PAM settings. Closes: #677441 * passwd.install: add new subuid.5 and subgid.5 manpages * debian/rules, debian/control, debian/uidmap.install: create new uidmap package containing the new setuid-root binaries newuidmap and newgidmap Set uidmap as priority optional. * debian/login.su.pam: Enable pam_limits by default. Closes: #705301 * debian/rules: Set default editor to sensible-editor for vipw. Closes: #688252 [ Micah Anderson ] * added debian/patches/userns to enable use of subuids, plus some bugfix patches on top of them, patches from Eric Biederman, pulled from Ubuntu. Closes: #739981 * Allow LXC devices (lxc/console, lxc/tty[1234]) in securetty.linux * Update documentation of UMASK: Explain that USERGROUPS_ENAB will modify this default for UPGs. (Closes: #583971) * login.postinst: install a default /etc/subuid
goals for hardening Debian: ideas and help wanted
Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: goals for hardening Debian: ideas and help wanted
El Wed, 23 de Apr 2014 a las 7:57 PM, Paul Wise p...@debian.org escribió: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. Would the inclusion of more AppArmor profiles be applicable? Thanks, -- Cameron Norman
Re: goals for hardening Debian: ideas and help wanted
On Thu, 2014-04-24 at 02:53 -0007, Cameron Norman wrote: Would the inclusion of more AppArmor profiles be applicable? Thanks, added along with SELinux/etc. -- bye, pabs http://wiki.debian.org/PaulWise signature.asc Description: This is a digitally signed message part
Re: goals for hardening Debian: ideas and help wanted
2014-04-24 4:57 GMT+02:00 Paul Wise p...@debian.org: Hi all, I have written a non-exhaustive list of goals for hardening the Debian distribution, the Debian project and computer systems of the Debian project, contributors and users. https://wiki.debian.org/Hardening/Goals If you have more ideas, please add them to the wiki page. If you have more information, please add it to the wiki page. If you would like to help, please choose an item and start work. -- bye, pabs http://wiki.debian.org/PaulWise What about challenging a bit more default packages regarding security/feature ? We had such a debate about exim but I guess we could have the same about bind and much more. -- Cordialement, Jean-Baptiste Boisseau Eutech SSII Tel : +33 3 25 81 29 65 Mob: +33 6 63 11 79 40 Fax : +33 9 56 21 06 96
Accepted how-can-i-help 6 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 12 Mar 2014 16:43:49 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 6 Distribution: unstable Urgency: medium Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 740677 741326 Changes: how-can-i-help (6) unstable; urgency=medium . [ Tomasz Nitecki ] * If an error occurs while trying to download data file it is now correctly attributed to how-can-i-help. Closes: #740677 . [ Lucas Nussbaum ] * Use dir.home instead of ENV['HOME']. This raises an exception if the HOME directory could not be found. Closes: #741326 Checksums-Sha1: 0b2e955b1ba60e629a609411af83acd424b494e6 1627 how-can-i-help_6.dsc d359a03c6fbe5002477134d9527cac7846edbdeb 9236 how-can-i-help_6.tar.xz 6d043be05e83f5a058e488dc6f6c04c57bc9d8ae 8026 how-can-i-help_6_all.deb Checksums-Sha256: a68cd5d86e5c2842fbd681bc1946040e96bc3d1464289bcb2dbce5d1f365 1627 how-can-i-help_6.dsc b5064c907fc055eaf905545894ffb4e5b73bb1449340e9542edcca2489caf1fa 9236 how-can-i-help_6.tar.xz 2618e8b64d37bf476df3e12915f9256900413e085303c01e2506a70681ec8995 8026 how-can-i-help_6_all.deb Files: 6844fb453749d158bad049613a030419 1627 devel optional how-can-i-help_6.dsc b5d82bb4f2444e307df6d53bcdc01199 9236 devel optional how-can-i-help_6.tar.xz 13101440ef56c0fa1a44c60c15b9d27c 8026 devel optional how-can-i-help_6_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIVAwUBUyCBVDkUtTL0376ZAQoIBQ//Ya2Hz8CBlrNP7XrKo98iGz5c/hgWpMjt J7MF+dhVIeuN/865R20Ms75NAM02LqSkGYoxEr7/wNJw3g0UutwWHg57LCDbyey3 UUeGQgIk0GxHh04tW2jXTa2oojmJNWK3wS5G1c+QBX6Mkivu/O+2hIt+0upW+wiz gvFriyec3EC/jJHS618lVjt3o8k32sl7vKN5JJ9Alz2yW5NJn9BMyvFetu8qZkcM 2zlR+HTJijvuvaWo84mUmzr62M0a8pyGqExW23+S0hNe6YpIut/97CrZkFlNwOnY IpK1F+NXODnTHNt987GSDBCiz9zKNIcuFAf1QA/h4z9FNqoASKH5VsxqnGusPcJn noQK9al1zZBBLcL+hhyArsvUmDqGRO8x5Kwy7PZPA4IkFBRAupSIXAsoqQ4c6Gmv nt/O4QvUw6G/OjWXfJbe1Tm+tq7OZypaXKoKoNHW+Tj2Dhj31Y0+RRy0iQ8ceKNI AlVPM1EExkLZk+Cfa7TL10nZBLvA9iO+P+MFxYPgUgAil6TCyn6/LpSEo4rspOUP qhoxbzctZ8D/bGbZpgVx4JddLU6ZxneEs5cIhlnbtGvv15mox4BDiGNkOQVIqSp9 zPnusIqp+GWEf43+3vcd/sEF6j5cLaJjpUl/0RjmaaVi8ISZ2iRvZVr2e9ZTJQTi uVKn7RZTlrk= =YzUJ -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1wnlcn-0005uu...@franck.debian.org
Diploma thesis about media choice and usage in Free Software communities: I need your help.
Dear Free Software contributor* I'm currently in the process of writing my diploma thesis. I've worked hard during the last few weeks and months on a questionnaire [1] which shall collect some data for my thesis. Furthermore the data of this survey will be interesting for the Free Software communities as well. So please take some time or add it to your todo list or, even better, go directly to my questionnaire [1] and help me make a great diploma thesis and improve the Free Software community in some ways. The questionnaire [1] takes some 20 to 30 minutes. At the end of the questionnaire you'll find a way to participate in a draw where you can even win something nice. In a first round I got the feedback that the length of the questionnaire [1] and that some questions (mostly the ones at the beginning of the questionnaire about the 12 different tasks) are quite abstract and difficult. But please try it, try your best and take the time and brain power. The remaining part of the questionnaire [1] (after these two pages with the tasks questions) is quite easy and quickly done. And you have the possibility to come back to where you have left filling in the questionnaire [1] after a shorter or longer break. And if there are any questions, feedback or you need help don't hesitate a moment to write me an email or ping me on IRC (freenode.net and oftc.net) as unormal. This survey will be open till Sunday, the 9th of March 2014, 23.59 UTC. Thanks to all for reading and helping and towards the summer of 2014 you can read here what all the data you gave me showed us and where we can learn and improve. Thanks in advance and best regards Mario Fux [1] http://survey.kde.org/index.php/783182/lang-en * By contributor I mean not just developers but translators, artist, usability people, documentation writers and many more. Everybody who contributes in one way or the other to Free Software. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/201403011518.13208.debian...@unormal.org
Accepted how-can-i-help 5 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 27 Feb 2014 20:48:27 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 5 Distribution: unstable Urgency: medium Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Tomasz Nitecki t...@tnnn.pl Description: how-can-i-help - show opportunities for contributing to Debian Closes: 738169 738170 738826 Changes: how-can-i-help (5) unstable; urgency=medium . [ Holger Levsen ] * Lower versioned depends on ruby-debian and ruby-json so that backporting the package requires no changes. Thanks to igo...@free.fr. (Closes: #738826) . [ Antonio Terceiro ] * Fix call to `dpkg -l` with C.UTF-8 locale * Add space between blocks of opportunities . [ Tomasz Nitecki ] * Added an option to hide some types of opportunities. Closes: #738169 * Added an option to list opportunities in all packages. Closes: #738170 Patch from Matt Kraai kr...@ftbfs.org Checksums-Sha1: fc3fab89d7561f952598121318148a4d15816db9 1627 how-can-i-help_5.dsc a5f8f6922d7cd06e13e6aa2cdf89240cdad94b1c 9116 how-can-i-help_5.tar.xz 8cf2c41c023b951f62ac05212c1a824fdf3ab395 7872 how-can-i-help_5_all.deb Checksums-Sha256: 6c3e855279d720821a705cba6262e5be9fe16e00f725c67f5a23e139a3db9044 1627 how-can-i-help_5.dsc 01ce6e497782af28abf2af67332058cd8442f3aad28c314da0b0841b28c4ae82 9116 how-can-i-help_5.tar.xz 63054acae671a493010a7079df3365fcc198089c282ba617052e608d948ed4b0 7872 how-can-i-help_5_all.deb Files: 71ab3be0e7b6a9e307bf46c879de6df3 1627 devel optional how-can-i-help_5.dsc 0e2a07f7d0d73749214c08ea13b3d380 9116 devel optional how-can-i-help_5.tar.xz d72a025747245f74ba916181b685db16 7872 devel optional how-can-i-help_5_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIVAwUBUw+aUzkUtTL0376ZAQpqSw/9EB4QqUEuLUdHpVd6p0F1QyhCuunPn2oH EhK6IfadjjokvGI8RvbYBJmKzAIuGjxy8078UQgyQ4ioAi0ZTVpRIUegMMw4z6xC JaGzgAVKaMmcyhHZp0gsAJxpAoA2RDUnF7xBgHGmGg7Ylt5/7zQW7pVlvX6ek+OD CYNC1YwUdhIiqkiXruElTKcajUyca9KpP+PBw/UP4nF4Y1oCV0z6sPCyJocCnLEN QD/51BzKPu3fIRBOqGW7O283PuyFa5xgEMGjJiP2NdZWrsGkDScItmy/uE5YspH5 nxVtIHGn9e59HTr+2irnTXZMs2vUwBgZedwth6JYlobzoQjn165pUg1FO3p3yROo SuCYNuoStRDisA+pV3HgPAs2fSjTX93ljqr3/gDDx9B5RxuvZYbTzTIZuQDwIGkE bzRikyOO9wl/L4upXcXMmJrcycDw1MeFJlvb+0WIAtqtHMza2xZkFqCRUP4FrUce MFs3SAy9BUS0zAsYXBGInsG9DlHyzNCa6x3XqQH0/Q15Dzrn80cfxbeKL+ZGdeYl K0eoSola/z7qV9iiXymv0/XpbVNpkpD/yG9OnTya2YtkZRoolYx5WvQlZVoPR2fN Bxd830m7OBJUgGOQ6BP6Hs6nV/p2XwwvYCVAQ1FRDitlEXOAjTEM+VF9Ul3Nftyh 5p3hfJsUqjI= =MY/Z -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e1wj8o0-00054x...@franck.debian.org
Bug#738908: RFH: how-can-i-help -- show opportunities for contributing to Debian
Package: wnpp Severity: normal Hi, I like this package a lot, but I don't have the bandwidth required to maintain it on my own. I would love to get some help with it. The package is quite simple, and is maintained in collab-maint. Feel free to get in touch with me if you want to help. Please also feel free to commit non-controversial changes to Git (using branches, if you are not sure). Thanks, Lucas -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140213204615.23663.76105.reportbug@grep
DebConf14 organizing team needs your help to raise funds! (Won't take long.)
Hello! We are well into the planning for DebConf14 which will take place in Portland, Oregon, USA during the 23rd-31st of August, 2014. It looks like it is again going to be a great event and hope that everyone can come, but to make it happen we need your help. We are now contacting potential sponsors from all around the globe, and need to ask all Debian contributors to think if they have any personal connections to Debian-friendly organizations, that might be interested in sponsoring DebConf14. This would be particularly useful if they are organizations that are either new to sponsoring Debian, or have not sponsored Debian recently. If you can think of interested organizations, please feel free to reach out to them, and ask, or if you are not comfortable asking directly, to contact the sponsors-team with any leads. I've included a link to the sponsorship brochure, which is useful to explain DebConf to new sponsors. [1] To get in contact with the DebConf Sponsors Team, please send an email to: mailto:spons...@debconf.org. On behalf of the DebConf Sponsors Team. Cheers, Brian [1] - http://media.debconf.org/dc14/sponsors/DebConf14_SponsoringBrochure.pdf signature.asc Description: OpenPGP digital signature
FW: Again ask for a mentor who can help me by private mail
Hello, A few days ago I ask here for a mentor who can help me with becoming a Debian Maintainer. Eribo has volunteered me where I thank him a lot. But because I copied a few things from a package he maintains he wants to stop mentoring me. This was a really really stupid thing to do and it will never happen again Also I realy really want to become a good packager/Maintainer, I hope someone else is willing to help me. You can find my first made package here : https://mentors.debian.net/package/nhexed My ultimate goal is to get Cinnamon2 in Debian in the future. I know I have to lot to learn but Im willing to give 100%. Regards, Roelof Wobben -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/dub121-w38d91937381a23d79916a0ae...@phx.gbl
Re: FW: Again ask for a mentor who can help me by private mail
Hi Roelof, On 03.02.2014 19:51, Roelof Wobben wrote: But because I copied a few things from a package he maintains he wants to stop mentoring me. This was a really really stupid thing to do and it will never happen again do I understand it correct, that your (former) mentor stopped mentoring you because you copied over best practices from other packages, in particular those your mentor maintains? If so, not you should be hit with the holy hammer of clue, but your mentor. -- with kind regards, Arno Töll IRC: daemonkeeper on Freenode/OFTC GnuPG Key-ID: 0x9D80F36D signature.asc Description: OpenPGP digital signature
Re: FW: Again ask for a mentor who can help me by private mail
On Mon, Feb 03, 2014 at 07:56:57PM +0100, Arno Töll wrote: If so, not you should be hit with the holy hammer of clue, but your mentor. Uh, yeah. What the hell? Who is this guy (Eribo) and why does not think it's not OK for you to take freely licensed code and use it in-line with their licensing? Sounds like you need a better mentor... Cheers, Paul -- .''`. Paul Tagliamonte paul...@debian.org | Proud Debian Developer : :' : 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `. `'` http://people.debian.org/~paultag `- http://people.debian.org/~paultag/conduct-statement.txt signature.asc Description: Digital signature
Re: FW: Again ask for a mentor who can help me by private mail
You may have better luck on debian-mentors (but I echo what others are saying… it sounds like your mentor is not behaving in the spirit of open source software) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140203200938.gb10...@bryant.redmars.org
Re: Again ask for a mentor who can help me by private mail
On Tue, Feb 4, 2014 at 1:35 AM, Roelof Wobben wrote: Again ask for a mentor who can help me by private mail I would strongly suggest *not* doing things in private. In Debian we do as much as possible in public and this includes mentoring. If you have any questions, ask them on the debian-mentors email list or IRC channel and people will answer them as they are able. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAKTje6EjsQOqv06FSAst8OB2k4fiEiBbS4q5WJq8xPFLqgd=f...@mail.gmail.com
Accepted how-can-i-help 4 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 03 Feb 2014 22:16:08 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 4 Distribution: unstable Urgency: medium Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 731510 Changes: how-can-i-help (4) unstable; urgency=medium . * Add support for listing RFS bugs. Closes: #731510 Checksums-Sha1: 855138a4976317bd1eb9bcc9630f0a044650bfbf 1586 how-can-i-help_4.dsc 1c6525febce6fb187eb55d3c28a460bd624a57d2 8608 how-can-i-help_4.tar.xz 75dbfeb7ef59a0a4317b929b2f8839defffeeec1 7342 how-can-i-help_4_all.deb Checksums-Sha256: 1bae1df9bc9db6668e72dfc3d21782aaf4243eb7e7c8b2d9bd819444bf09184c 1586 how-can-i-help_4.dsc 0a1c193057f927986540884bf02048ff0c994f36aafb08b670970dd12f1f1527 8608 how-can-i-help_4.tar.xz aae3bd4a9e5806aaecbc0561a97f409322ba93be62f37fac2fc8c9aba4566147 7342 how-can-i-help_4_all.deb Files: ee966dc53ffa59b09bcd19de9279488e 1586 devel optional how-can-i-help_4.dsc 14dffbdb007597620176d9220e6b10ff 8608 devel optional how-can-i-help_4.tar.xz ed5a22fd0a9431ed7a7739a2a79febfb 7342 devel optional how-can-i-help_4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIVAwUBUvAJ7jkUtTL0376ZAQq+oA/+KB5+F6PBjN2z4h3A1c27ysCSPhnt8bKC AXVHtMnSb/GU23eLypmv9ehxATmMp40elU7g3wXt4VZogGPvFKGOBykv+vh5Gzsg GpJUG0ZguNAVllY9xRICpYA1ovOy1nSc5+z5J8Pfa0047tXAGYnJaoWUTULMnOVP 23Z33q42C0IVBHJ0RnZ5ovsYU9dh7CKI2ByhsOHg48WbOAc9QJVZ1jYsQ2O0BjS9 O8K+Br+usVoAwutxL42a8oCPoydPWiwRF0Ed4d4qwy1WIWv+plF8UdIkC5JcUvn2 n0qMhkLoa75YZzInV15r2zy/kayNC5IHuCC+dcPmU2/amLoTv7iO3cq6NsVocNPa r+cAV6EvF+v8YwvrI31OmOk/3jTgI6IgXTeRM4M65p7+8w33e6Skq9msqv8Gu6t8 PjlECCHLbDdNpWj46rI8jNcMQO984cxfkA0C9v1hKN2adqb6d97f9C1/1Sv+4l9z jHXJ0d4HjhbyzjlWGAq0jJeplNAT/w21YKA8EVycHph71U5vdOm3B6gJeKhj0sRf G2wgPUkd/gUHdw9MFmSeilk1yaLWVVB0+rpkTjh9XpLxeLsSIQ0oIG03BKkN9duQ IuT5f9pJXjJm2bfxIzoqkQpcwbSpuxTJkk/GIqKH+8AWNSPlFbCh0BeCsB7CLpLf XRei6m/W7HE= =XTFj -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1warog-0001oa...@franck.debian.org
Accepted how-can-i-help 3 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 19 Jan 2014 11:24:13 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 3 Distribution: unstable Urgency: medium Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 735915 Changes: how-can-i-help (3) unstable; urgency=medium . * Add support for listing testing autoremovals. * Sort all information using sorting orders that try to make sense. * Add a (undocumented) -v option. Closes: #735915. Checksums-Sha1: 4c0f108cf442e2a2349b2d23c0e511d427100036 1586 how-can-i-help_3.dsc db3e10419a6bc08488256378549125d90469701a 6604 how-can-i-help_3.tar.xz 53ba1b20fbef02121c2b0df1fa38173026a535b6 7268 how-can-i-help_3_all.deb Checksums-Sha256: 7e9b6faf2c07565e5dedd63c4d07cc1c1c1bc35bfe71da6b3fa0a8b16434bdcd 1586 how-can-i-help_3.dsc 4f9f3af52b019cfcb9b2ce26d66e9fb59443d01646b12c21efc4b1b1a4ff2861 6604 how-can-i-help_3.tar.xz f6a17a4fdc9aa8af5e65d11c04c3a5804cecb1c6bfd975760c9e679a5c289d1b 7268 how-can-i-help_3_all.deb Files: 9c09b16603e68e5ae16bc7ccf59f7df6 1586 devel optional how-can-i-help_3.dsc 87a9e493f532a2c4e8ab2b9375d85f6e 6604 devel optional how-can-i-help_3.tar.xz db3faed4bba64122c749ba4cb21de2ba 7268 devel optional how-can-i-help_3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIVAwUBUtutPDkUtTL0376ZAQpv4Q/9HBFNsQLL28H2tVy8Rm1Xpn5EI41ToQS/ C2pPMjrVW90ZnjXqT+9zox5lWfXdaCsm501FhAnbPVWgHyO1E0n0gsUDK/w0+uw+ vSdWBE11Id0ngZSozfWjZsA03xmgDDVGkfGINR9+69DG5YLD77GZK9KT5ZE90hOE 7mAicVLwdDnQ4cG0Lsv4Aktlp65lCZawUbOSPPiFHkao0/4dtN3KJFlFvrUzAiX5 hvzUL0NrE2vXHE4G4lZYYzf33QaP0NmxSdIQyw1NcgT5UF2qL12uUyoju56IRp3P S6MMyLXO7W2SR/NA6S2H3JXcn99qp3xxHj92/23Q28/0kdv8OoACQcEXDRii0KBd w5EgBwUhaPefyAH47tWRjzYC4ny10TcBKjiC9asXhb2TEGGFUBknlH5HH1JwUXVe R1Nd7gpPYorF/E7qdz+abehKs2/gQ6nytzn1Ri+Iwu9f9Mi/kB9yCj7FwveBIhEX CVZEabRFc3JPIiXlaMFCZz5agpkE+MMnhtiN/8vnSc843EDg62slvP45eWc/izlx PnF/jAHR+x1F3NRcbpIf2OPdcfOzyA28TMNcI8ElYhuR3MGU8nov5BVaoU6awEn8 8t9uTezkig5vGE/GUo2BDc1Nk6+kCj8rRrvU/GKVX50uFnPmHmsQVLpVb+M8bR6d cOtEJpG4H1I= =70j6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1w4qa7-hj...@franck.debian.org
Accepted how-can-i-help 2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 04 Jan 2014 17:23:48 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 2 Distribution: unstable Urgency: high Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 734156 Changes: how-can-i-help (2) unstable; urgency=high . * Drop alternative dependency on ruby-interpreter, and add versioned dependencies to limit future problems due to the switching between Ruby releases. Closes: #734156 Checksums-Sha1: 212eaad6ebd1887b2698d7037c956986a0d5d31a 1603 how-can-i-help_2.dsc c8073be306ce0b0b6fc83fb1fb5e298ceb053565 6584 how-can-i-help_2.tar.gz 8d2237100bf21adf5d7d3a1458ec35a136c6c541 6724 how-can-i-help_2_all.deb Checksums-Sha256: 9d01c32a84463a271226f26982f86f8c31c096d9cecba1dc09ac131b1b954cd1 1603 how-can-i-help_2.dsc 87e09db4bf10dadfbf181c2ccdeeb25703a9e9e9018abd9d4fc6974027e5153c 6584 how-can-i-help_2.tar.gz d0e57ff3dc32bd1772994850b7b81246772802dd6faddd8209c8ce35a076c425 6724 how-can-i-help_2_all.deb Files: ba97ee6c0643c07ac5e9812eade84e0f 1603 devel optional how-can-i-help_2.dsc 1f821c5345c094ab0fe6a4d0002c55d2 6584 devel optional how-can-i-help_2.tar.gz 385fd36539b5f5de6b0b4936f99b2753 6724 devel optional how-can-i-help_2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIVAwUBUsg57DkUtTL0376ZAQqnMhAApR2Z+7qoUDz3ImpKBx/2fEacgSk0pOZI HmqG+Om0NPcptksX9uob+rzms9DzKmB/PIrIAWLX1Ca4AxBZsEvtNlLhMpymfDqs DR3D5Q1bqHD3Zjlh2CkQqFFRNYgvgrxcRoylfCSfjlOAfYGIx8elcp8qhbM+aatu nyqG5aM3WCyeUxQnxHy7vJDSq0fhb8uSYdq6y2rnGTQR1NcdSqHMLke+Z44qkGet 8yKxY02Iu0NqwmTJUygCyrF6a5ijMm2OB/HCpckaOvGl5uiRKprS5U0qEij2UMeK ricqnvA6Vr6r9mpqaU/nbHjHTHRximTUzmKI/m8PFbaflT0pj9sY4+3PqM6895XP 3itsIJR8WL89BrDusJlXjDp6qtOskLQmpYFTqeKWu0uudhbdD/FgKdm0sW6d10en TjH34w3PnHXYdKH/UZ8wiGVeLIe0lfjIVWCH2AcAL/sDPRo0ruHQLnwCMFp70anG OzZmBZr0c9HU5q6FZpSM8R2mPkEOgAbhC2Jm3mhTSoxSFj0t4Xl8RqW/pYW2rlpU bxAy9ZabIMOdwusfab48pNzqEPOI/uRwTiix8qjD713bPqmE9xkUnBS1e7Lce5Zk eEOd2WS98zKNnM1FX7dHcexOmVJTjoazBEk7u4gTX1zbXxQxuboP+6GQzvRF/Bkt /pHRnvz1fsU= =rnAY -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vzupu-0001el...@franck.debian.org
Accepted how-can-i-help 1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Fri, 29 Nov 2013 11:44:11 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 1 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 728655 730293 Changes: how-can-i-help (1) unstable; urgency=low . [ Christophe Siraut ] * Fix WNPP description. * Remove obsolete sudo instructions. . [ Lucas Nussbaum ] * Also look at RFH bugs. Closes: #730293 * Another attempt at fixing the WNPP description. * Reduce gem2deb build-dep to 0.3.0. Closes: #728655 * Bump Standards-Version to 3.9.5. No changes needed. Checksums-Sha1: fe74b0d25ff6ea543f3f441b064ad90aa28937b0 1603 how-can-i-help_1.dsc 20ef919986946aae6502abce6f22a4a602266584 6435 how-can-i-help_1.tar.gz 5ab1375ea545f74bf8030d1818b54f3a61a2601d 6574 how-can-i-help_1_all.deb Checksums-Sha256: 34b7e66ca024a7b40025c702ab79dfb38f52f02d67c5b8caa3828af02cacb522 1603 how-can-i-help_1.dsc f0873145aa728186353e6aedd77869eb9871498cc81c5866cb4634a604456a40 6435 how-can-i-help_1.tar.gz ac07c6e03f2faa910593eac1dceaa590f665d97117208bb1400fc93c795afcc4 6574 how-can-i-help_1_all.deb Files: 6c16903366c2616e587b5fbe63ea3a08 1603 devel optional how-can-i-help_1.dsc 4b6be82cc002c9398f1eb40d50367a6a 6435 devel optional how-can-i-help_1.tar.gz 5ff45bf285702f455f4378d562cd3cc3 6574 devel optional how-can-i-help_1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIVAwUBUph9ijkUtTL0376ZAQrCaBAAjIHAlzj7FWIozr5ZTLilVxNbmsg1Epr6 ltrfqXBYKX0DR8VuxLLz6NAVMI4ySmJ3SBOcFJ/wrXklBMsjZ9n/WyzIsO3F8+Ox lfj2vuTLWKzrL46KXIFqNkU044Z9eAEvtvNN+6hM6LwqnVzzZUSQfZjtGjlV8eSM 9bhD/cRGN7mb13uieV4v2K6AlZ7qoKST6EQFZo1bAUW+yVamJHhXEziQcDB3/cWY RBci20BoaSLHUsqL/Zbw+5gEggigR5edqHGfLffoi9dUJq/4ISUMyKYRoBicuc7G HTJeJHoTG+ETTJAoFJaUket3fAS4NkcUmJIFnx0j6lsbNXeA+BuzLoP7/9mLE6Nn x2TInv9Oy+znlWoLOSUf/GnZuCOLyj9Yl837TjDlAgyEE9rq/lOqbV+2IzPphKuD W91UUQ19pY7P2GzTdEBH9JyKc3/Qqew2cf4pr1/uBemmU200fzwk6ZSrC6soc4ZW 0LyiPOfNUubtgr1je/ZEASR9VfIUoESFd3FmbmoLpV6nfwg+H/88aMUOnFTBbwMy G+EjFZzasDuaTCQesd601cWZ1Z166fyrUHok0vy85xd/PDDzQAGu3li9Lx96tkgd b3e0f7mvaP0RAoMVDF5qT/HziTegG0ArpIr54MeNSWyaOYqyVtYztT+LAEZeAyfI kEjVOuPeeOA= =h4So -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vmmzd-0003ue...@franck.debian.org
Help needed to maintain wordpress
[ Bcc debian-devel to make the offer both to new maintainers and experienced ones ] Hello, I would like to find someone willing to take over the maintenance of wordpress in Debian (the most popular software to run a blog). The package is in a relatively good shape but it needs active maintenance to keep up with new upstream releases and security updates. One of the immediate challenge that I won't have the time to tackle is that the Debian package has been providing translations in wordpress-l10n for a long time already, but upstream just rolled out a new language pack mechanism and we probably need to adapt debian/get-upstream-i18n to use this new mechanism. Some PHP programming skills are required for this task. I have also left a debian/TODO with some more changes that we should implement. I will gladly sponsor uploads for non-DD. Cheers, PS: Giuseppe Iuculano is marked as the main maintainer but at least for wordpress he's MIA. Giuseppe, do you intend to work again on wordpress or shall you be removed from the maintainer field ? PPS: I have just uploaded wordpress 3.7.1 but can't push to git.debian.org currently since it's down. I have pushed a copy to https://github.com/rhertzog/wordpress -- Raphaël Hertzog ◈ Debian Developer Discover the Debian Administrator's Handbook: → http://debian-handbook.info/get/ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131114103654.ga19...@x230-buxy.home.ouaza.com
Bug#728934: ITP: yara -- help to identify and classify malwares
Package: wnpp Severity: wishlist Owner: Joao Eriberto Mota Filho eribe...@eriberto.pro.br * Package name: yara Version : 1.7 Upstream Author : Victor M. Alvarez victor.alva...@virustotal.com, Mike Wiacek mjwia...@google.com * URL : http://code.google.com/p/yara-project * License : Apache-2.0 Programming Lang: C Description : help to identify and classify malwares YARA is a tool aimed at helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a Boolean expression which determines its logic. This is useful in forensics analysis. . Complex and powerful rules can be created by using binary strings with wild-cards, case-insensitive text strings, special operators, regular expressions and many other features. . Are examples of the organizations and services using YARA: . - VirusTotal Intelligence (https://www.virustotal.com/intelligence/) - jsunpack-n (http://jsunpack.jeek.org/) - We Watch Your Website (http://www.wewatchyourwebsite.com/) - FireEye, Inc. (http://www.fireeye.com) - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \ Fidelis-XPS) -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131107005358.21730.55222.reportbug@scutum.local
Accepted how-can-i-help 0.9 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 31 Oct 2013 08:54:34 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.9 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 728356 Changes: how-can-i-help (0.9) unstable; urgency=low . * Avoid using Dir.home as it is ruby1.9-specific. Future uploads should really be tested with all ruby versions. Closes: #728356 Checksums-Sha1: 3b22aed79ada511e42245bcd2e152cd7251bc361 1611 how-can-i-help_0.9.dsc 487377f1005cad5f85b8f26515b853104f6157a6 6419 how-can-i-help_0.9.tar.gz 60e22540f02bc27f683de61b9b0082a8e7ed9d73 6514 how-can-i-help_0.9_all.deb Checksums-Sha256: 4d5f1ffdb93a829971bb625fc73655dee4e9f40e32a9865d153f2de4e34a80ba 1611 how-can-i-help_0.9.dsc 2d627e42c975d65fba11c6590551fb25b325910a4275b8f22ea7337eb9704a97 6419 how-can-i-help_0.9.tar.gz d92f52677a3d788395ef1fb577ab0443c7229568b701f57ed015f4f6418cfb1c 6514 how-can-i-help_0.9_all.deb Files: 331b402c0222896d7d673fadb5c41258 1611 devel optional how-can-i-help_0.9.dsc 1ff2b05ac56b934463a9fdd13cd89883 6419 devel optional how-can-i-help_0.9.tar.gz cb941388d7a49e2627f4302b51a56f7e 6514 devel optional how-can-i-help_0.9_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIVAwUBUnINbzkUtTL0376ZAQpq7g//dDjsAmYsbgSFcpSJCzddosip7DnFh0bw 51j7u/QjfF+mh0wb9pQTyFduhpRodnSgSxUcVUIj7O4TMmLkx7CUcVNbXkVnhN17 d1qiYk0M/ZrxCtFm+vLBb5i9yTn/kkEybtPbWL4PLY13a9dq5x38HJc0XVzK7YqM KIwv5DRF3jOM/gpMSv1EC9OGEjhY+yMeLi0MHRetMws6rbTOoFqwsTg//UNNn+82 Mi+NvretGXpQRdUspTwzERlRofpMh6FzOEV7qgcFK+9YOzIvRTZZS8OilvlQ+Nzl nM4lz30ARUB0n12el2R4oQhiuicQbYY6eTD+NmiR7GknLFtJO/fgdJDI/jkIJ2Ui J294dcMikKGdwv+xD2J/7y4qD7x4jpfYwzsAwuLFPKeSff8qSfT7lsOSIaCMt7Mu SMvTtqy8beljnwnJnLanyd0Yk4ppUboNBI6tl2pquzJf0HrVRNLIgC4CL+qSxfLD w6+6wOvfD2jVsqMnLTGQquSe5zSW0MIrTsEaT0RfBNelHw/iv1Lp9XNjgyfWIzu7 cG6Ga/7Qw3eKBLqfCoZMmONsvXOa4VykrOGK/OJ7BW3HOQbeHHT3D2Ver9+2s+rN L4HR+Um9RoN7bCHEU1UG8RD2zkPS4v23SdJpSdVUTh/BrRU8Ois3RoJWtTwnAIbv 2DSJYwir6iY= =x8e0 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vboow-0004lb...@franck.debian.org
Accepted how-can-i-help 0.8 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Wed, 30 Oct 2013 20:46:41 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.8 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 720981 Changes: how-can-i-help (0.8) unstable; urgency=low . * Document how to run how-can-i-help in a cronjob. Closes: #720981. Thanks to Joseph Herlant for the help, and to Christophe Siraut for the review! Checksums-Sha1: fbf860fce51e34254ca8f5fdfe7e6df6e0cdb9c5 1611 how-can-i-help_0.8.dsc f5a672e545b4918c88d6f16469a6142047ec25fc 6331 how-can-i-help_0.8.tar.gz 8dee835f84afb14f9d0ef7d8a1d7222d29ce78a2 6412 how-can-i-help_0.8_all.deb Checksums-Sha256: 191c34f6f7b0e9188091e62fc2f90e0938aa0dacba459aa43f3170f0db4de1e1 1611 how-can-i-help_0.8.dsc 626bc023b972c0d23e16aae9b83e9f8a4b131f549ec62a244d2aca5bf86ec008 6331 how-can-i-help_0.8.tar.gz 557ac8200fe4190ee08b2b707e08aa51660700df5de9315b3e703a2d9cac633b 6412 how-can-i-help_0.8_all.deb Files: 3781abcb58d69a046b7c85f96460ffc5 1611 devel optional how-can-i-help_0.8.dsc 10ac2de72c2aa3a1c887c553aac6838e 6331 devel optional how-can-i-help_0.8.tar.gz 57bdc414803597527b00fa77eb57e26b 6412 devel optional how-can-i-help_0.8_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIVAwUBUnFjYTkUtTL0376ZAQp5tA/9H+We3kSwwvcmdwEmc3gRS1ew5oAfV/5R M2vhR+1TZrivYEhz8nPd4DKCKRbGx+kX4+FrCePFRNvN4hS40Pdx5COUQ16o46N6 Uotr5VBqfI4QG/FSrYzdeTeCm3CIbrm45DayWKR8duWEKIbdg/YmOKXE1l7mRgoi rkddaCze3Ku476Ud+nb65bjTdpbWbMAUMjjHwZ6if5qJWxTLQmJe+k3nPHS3ioGC WG4wSgoccCw3lAktagZhtoPrKlHU/6iWIp70oqP+Rvo52r2ZbrL47lLdTWG6fDrY FfaD49ZHD2SXd9008kKB/Y3lzd1jNbXv1poN8qaRmWQj7SmsJT7wf9vpnp3ZtoaL Y+v2LOHjh4D3r2SQVBx7z9a1pnxlS94LeeG7YbY0mezK+bNYwWPKKuyn2aJamUCJ Z9fMaRJmC/Nk7T1G1O2WAtDzMNPUlLYPQbtnjxNIM/OqCfSO5M+BqGAc/QK+GdUc F4RrRVlrnsLplN8iyfW7LQB1TwF6MMuK5CFvJVcuJZpT3fk3phgX4tZD1M6U6DpU 1l1XlWAPEfGW7AhoIMklHKRgK+v1RybmpLoImxwbEcc+LSrhN5I8fQW++oMJm53v /NYOWZT4f9e91oav9e95/OMs9EG0EigoBTGcXxkUcQfpxYmoBL6L88mn10nk9+/V ih6qWxJXYEQ= =8LIC -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vbdcs-0005nk...@franck.debian.org
Accepted how-can-i-help 0.7 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Tue, 29 Oct 2013 22:19:16 +0100 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.7 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 720980 720982 720985 722594 725819 726403 Changes: how-can-i-help (0.7) unstable; urgency=low . [ Christophe Siraut ] * Support providing a list of additional packages. Closes: #720982 * Remove non-root differentiation. Closes: #720980 * Cache opportunities list. Closes: #720985 . [ Arthur de Jong ] * Remove data directory op purge (Closes: #722594) . [ Lucas Nussbaum ] * Adding the support of proxy, honoring the http_proxy environment variable. Patch from Joseph Herlant herla...@gmail.com. Closes: #726403 * List packages removed from testing. Closes: #725819. * Also remove datadir on upgrade, as its content now lives in the user home directory. Checksums-Sha1: a0983b1d5df94d7c67f30500dc053ec159153659 1611 how-can-i-help_0.7.dsc e4eba399f835333a7893d90c22b34e151953c0d7 5773 how-can-i-help_0.7.tar.gz 6a32ab26f9fa5872eed294c762ea0b96c713d753 6020 how-can-i-help_0.7_all.deb Checksums-Sha256: 40142ab58281441e3714527506eb00fadf4c2fabe529f05421910177882d86c4 1611 how-can-i-help_0.7.dsc 8fb11f717edec297ebc819e2030d9d3b470e8e6ac47228bdd70a26ca93ca7beb 5773 how-can-i-help_0.7.tar.gz 5f13a2f1c7666c565e1e095dbd52792f620e2a859971f46af44aa4446a7465c3 6020 how-can-i-help_0.7_all.deb Files: c5861585a9c3f708e00483a18738 1611 devel optional how-can-i-help_0.7.dsc 2de8df68fca32b93b7d324bca6f86f2d 5773 devel optional how-can-i-help_0.7.tar.gz 0c9bcc63f223ae4cfb957841e87ac0cc 6020 devel optional how-can-i-help_0.7_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.15 (GNU/Linux) iQIVAwUBUnAreDkUtTL0376ZAQp7dhAAha+6UIA54TFFkRAw5set5LdufN/dWx1w gc1W4hK3ISPUADsJODcQhZ5l9k/FqFzCQp7sA0Cud+M5SL/3wI3NX2OYWF9NA5vX YESRHjm+hjqfeUv/InOX93pWTUJEQyz4U18a/L6MlLqTqAaCS1lJ6mwURz1+40LW i+xTH3p43XlL08yrRscfVTi+6vuebSi8IM1bfH/MU26KcZiJGaW4JbkzwhQSaTvJ nWsd4csTXuDtiPDpUi1H2HsYWb21cfOgJbLyRwtzfc/4cLx5DsKg03x53KrlcTp3 6gvIwxgWGXkcUsgwAQGqj5PphxspxeROWM5Tn2FtESLscYoxuOGiRwqYHPzw6qtp Olm2QGkYjV3cuXWew3AlNy94oWGVOqSlvyFKnN1Y3JAh2VLWznqiXbDLGFsVmlw3 n632GVqO1R/TzEg3SpTS6VmM04djTt4GfTliJSL6nk2OeXK0zboQyx/F7Jqq8lFI K9XvHSjLVTCElwo4frk/uIxwZeXDEfrHq+eg93dthBu5+178/c2UPp/qAq4819Ab kKJ2sNvt6pT4A3sDDrkzD4ewANuNK90GfayF919HaBfyD1OTv8/w7Om5JBbzlV8H n8VhD8ajx06VKCgJPgd+Pjn0kToHXWVZLOeJuhee5uoif3QCjzwlZcIQKeAtmlIg 7Ar46p1N2zc= =5Iys -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vbhcq-00027o...@franck.debian.org
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
Hi Clint, I am Akhil Mohan, new to the list and eager to help everyone here in packaging latest releases of MySQL server. Amongst the points highlighted by you, I think packaging MySQL 5.6 would be one of the priorities and I would like to participate in bringing up quality packages for the same. I am already on #debian-mysql at OFTC and will try to make myself visible to alioth team. Please let me know if you have any immediate pointers for me and I will try to contribute to the same. Regards, Akhil On Friday 25 October 2013 09:02 PM, Clint Byrum wrote: Greetings earthlings, As some of you may know, I've been doing the bulk of the package maintenance on the mysql package for a while now. It started as part of my day job with Canonical, but since leaving Canonical it has been more a labor of love for Debian. I have love for other things too, such as my children, and seeing the sun shine every once in a while. Thus, I have found almost no time for packaging MySQL for Debian. I am asking you, the Debian developers, to step up and help. I am basically unable to contribute more than an hour a month now. There is a new round of secret CVE bugs to fix, and some old bugs that need to be handled. I think my October hour is about to be available, so I might be able to address those, but after that, if I don't get any more help, I'm done. What can you do to help? - Raise your hand and say you'll help - Perhaps help us do this right (I suspect I should have an RFH bug) - Join #debian-mysql on OFTC - Join the alioth team and request svn access - Triage bugs (src:mysql-5.5 and for oldstable src:mysql-5.1) - Help package the latest patch releases from Oracle - Help with MariaDB (James Page and Otto, thanks for doing this btw!) - Help us migrate to git Now, all of that said, please do not just pick up the package and run off and do a bunch of things without first letting us know you're doing it. There are people quietly working on some long term interesting things and you may be duplicating or diverging heavily from their work. ___ pkg-mysql-maint mailing list pkg-mysql-ma...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/526e5355.7000...@oracle.com
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
Hi, On Fri, Oct 25, 2013 at 08:32:23AM -0700, Clint Byrum wrote: As some of you may know, I've been doing the bulk of the package maintenance on the mysql package for a while now. It started as part of my day job with Canonical, but since leaving Canonical it has been more a labor of love for Debian. [...] I am asking you, the Debian developers, to step up and help. I am basically unable to contribute more than an hour a month now. There is a new round of secret CVE bugs to fix, and some old bugs that need to be handled. I think my October hour is about to be available, so I might be able to address those, but after that, if I don't get any more help, I'm done. What can you do to help? - Raise your hand and say you'll help *raises hand*. I am not sure how much because LibreOffice keeps me busy at times, but I would like to help in the other time. - Perhaps help us do this right (I suspect I should have an RFH bug) - Join #debian-mysql on OFTC - Join the alioth team and request svn access - Triage bugs (src:mysql-5.5 and for oldstable src:mysql-5.1) - Help package the latest patch releases from Oracle - Help with MariaDB (James Page and Otto, thanks for doing this btw!) - Help us migrate to git I am not sure because LibreOffice keeps me busy at times, but I would like to help. Regards, Rene -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131028121911.gf29...@rene-engelhard.de
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
Excerpts from Jonathan Aquilina's message of 2013-10-25 23:36:22 -0700: I would like to help in some capacity. Would working in a chrooted environment or would one need a fully fledged os? These days I have no standing machines of Debian. I do spin up cloud instances often that I use to do smoke testing. Basically all of my packaging work is done using sbuild/schroot on Ubuntu. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1382883557-sup-8381@clint-HP
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
i do have a testing vps i can setup for you an account on to do tetsting etc of mysql and maria db if it helps. I will also want to use it for my own testing purposes along side. On Sun, Oct 27, 2013 at 3:21 PM, Clint Byrum spam...@debian.org wrote: Excerpts from Jonathan Aquilina's message of 2013-10-25 23:36:22 -0700: I would like to help in some capacity. Would working in a chrooted environment or would one need a fully fledged os? These days I have no standing machines of Debian. I do spin up cloud instances often that I use to do smoke testing. Basically all of my packaging work is done using sbuild/schroot on Ubuntu. -- Jonathan Aquilina
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
Clint Byrum spam...@debian.org writes: I am asking you, the Debian developers, to step up and help. I am basically unable to contribute more than an hour a month now. There is a new round of secret CVE bugs to fix, and some old bugs that need to be handled. I think my October hour is about to be available, so I might be able to address those, but after that, if I don't get any more help, I'm done. What can you do to help? - Raise your hand and say you'll help I'm currently putting effort into getting Percona Server packages able to be included and after that work is done, will be focusing on having less variation between them and the MySQL packages, hopefully improving everything as part of that effort. So this is a somewhat raised hand :) -- Stewart Smith pgphYjRKjv0J5.pgp Description: PGP signature
Re: [debian-mysql] MySQL.. no.. _I_ need your help!
I would like to help in some capacity. Would working in a chrooted environment or would one need a fully fledged os? On Fri, Oct 25, 2013 at 5:32 PM, Clint Byrum spam...@debian.org wrote: Greetings earthlings, As some of you may know, I've been doing the bulk of the package maintenance on the mysql package for a while now. It started as part of my day job with Canonical, but since leaving Canonical it has been more a labor of love for Debian. I have love for other things too, such as my children, and seeing the sun shine every once in a while. Thus, I have found almost no time for packaging MySQL for Debian. I am asking you, the Debian developers, to step up and help. I am basically unable to contribute more than an hour a month now. There is a new round of secret CVE bugs to fix, and some old bugs that need to be handled. I think my October hour is about to be available, so I might be able to address those, but after that, if I don't get any more help, I'm done. What can you do to help? - Raise your hand and say you'll help - Perhaps help us do this right (I suspect I should have an RFH bug) - Join #debian-mysql on OFTC - Join the alioth team and request svn access - Triage bugs (src:mysql-5.5 and for oldstable src:mysql-5.1) - Help package the latest patch releases from Oracle - Help with MariaDB (James Page and Otto, thanks for doing this btw!) - Help us migrate to git Now, all of that said, please do not just pick up the package and run off and do a bunch of things without first letting us know you're doing it. There are people quietly working on some long term interesting things and you may be duplicating or diverging heavily from their work. ___ pkg-mysql-maint mailing list pkg-mysql-ma...@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-mysql-maint -- Jonathan Aquilina
Re: MySQL.. no.. _I_ need your help!
Clint - perhaps you and I can talk about this in Hong Kong? -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5f7ce033-3ae0-4c17-8356-a31015a72...@patg.net
MySQL.. no.. _I_ need your help!
Greetings earthlings, As some of you may know, I've been doing the bulk of the package maintenance on the mysql package for a while now. It started as part of my day job with Canonical, but since leaving Canonical it has been more a labor of love for Debian. I have love for other things too, such as my children, and seeing the sun shine every once in a while. Thus, I have found almost no time for packaging MySQL for Debian. I am asking you, the Debian developers, to step up and help. I am basically unable to contribute more than an hour a month now. There is a new round of secret CVE bugs to fix, and some old bugs that need to be handled. I think my October hour is about to be available, so I might be able to address those, but after that, if I don't get any more help, I'm done. What can you do to help? - Raise your hand and say you'll help - Perhaps help us do this right (I suspect I should have an RFH bug) - Join #debian-mysql on OFTC - Join the alioth team and request svn access - Triage bugs (src:mysql-5.5 and for oldstable src:mysql-5.1) - Help package the latest patch releases from Oracle - Help with MariaDB (James Page and Otto, thanks for doing this btw!) - Help us migrate to git Now, all of that said, please do not just pick up the package and run off and do a bunch of things without first letting us know you're doing it. There are people quietly working on some long term interesting things and you may be duplicating or diverging heavily from their work. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1382714368-sup-6959@clint-HP
help needed: dist-upgrade of quantz.debian.org
Hi, i would like to dist-upgrade quantz.debian.org to wheezy this weekend. It would be helpful if someone who knows the running cronjobs and services on quantz.d.o could contact me either by mail or on IRC. Cheers, Martin -- Martin Zobel-Helas zo...@debian.orgDebian System Administrator Debian GNU/Linux Developer Debian Listmaster http://about.me/zobel Debian Webmaster GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B signature.asc Description: Digital signature
Accepted doublecmd-help 0.5.5-1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Tue, 20 Aug 2013 15:33:48 +0200 Source: doublecmd-help Binary: doublecmd-help-en doublecmd-help-ru doublecmd-help-uk Architecture: source all Version: 0.5.5-1 Distribution: unstable Urgency: low Maintainer: Graham Inggs gra...@nerve.org.za Changed-By: Graham Inggs gra...@nerve.org.za Description: doublecmd-help-en - Documentation for Double Commander (English) doublecmd-help-ru - Documentation for Double Commander (Russian) doublecmd-help-uk - Documentation for Double Commander (Ukrainian) Closes: 720325 Changes: doublecmd-help (0.5.5-1) unstable; urgency=low . * Initial release (Closes: #720325) Checksums-Sha1: 64a14093ab74ca59689120987c2c2c6a604a9be5 2024 doublecmd-help_0.5.5-1.dsc 3dde9e0d368c8f1a7194b23adf81d1cea3d0081b 10762769 doublecmd-help_0.5.5.orig.tar.gz b7c390666bf7ac2986833e92045d20f1296fcd9c 2010 doublecmd-help_0.5.5-1.debian.tar.gz bca48b3c3fea4bb0aa18c9a76d9739e89982734b 3807628 doublecmd-help-en_0.5.5-1_all.deb 38764fc1d189b413afc8886b4de7ec9659a22563 3856768 doublecmd-help-ru_0.5.5-1_all.deb 7417a43ee7228531b3c544272bf7f4a9bc2ea062 3051050 doublecmd-help-uk_0.5.5-1_all.deb Checksums-Sha256: 9dd23b4ece60bf4e118c93f36e11f9f163e8a390eaea568c1488f6e4633ef779 2024 doublecmd-help_0.5.5-1.dsc 5c5d00187df811df0734bf751a581bce7e1bdd4cf4639b2a1101f1da8743daaf 10762769 doublecmd-help_0.5.5.orig.tar.gz b2b53dbbfa7398fc35dc13f178707eca1da31563c73a81bdc3dd2726dc8a93ab 2010 doublecmd-help_0.5.5-1.debian.tar.gz bcfbf5afcc034f99fe563d73a34e7efdb5f01258c879c8cf16184c6b48980eac 3807628 doublecmd-help-en_0.5.5-1_all.deb f9a70bd9e8600c5b8634e19177c4307e564d46ede98b740d07cc87ff03a6303d 3856768 doublecmd-help-ru_0.5.5-1_all.deb 79259eb206f769488ec2cb480473eaf6fc93d72e25618d4b2d6611bfa8e26305 3051050 doublecmd-help-uk_0.5.5-1_all.deb Files: 8670d519bc4f51804b27780ea37fc110 2024 doc optional doublecmd-help_0.5.5-1.dsc 9997a2e4e1e74f1fe36bccee0df7a0a6 10762769 doc optional doublecmd-help_0.5.5.orig.tar.gz 3aa66874e6605ed81fb7e28ed82a4eec 2010 doc optional doublecmd-help_0.5.5-1.debian.tar.gz 24963065d9e0f5b372afe98674ec2a93 3807628 doc optional doublecmd-help-en_0.5.5-1_all.deb bab714b285b07433044a354990819f9a 3856768 doc optional doublecmd-help-ru_0.5.5-1_all.deb eb5842e2524f61c6149f0483771907e0 3051050 doc optional doublecmd-help-uk_0.5.5-1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBAgAGBQJSQ0ehAAoJENPhc4PPp/8GiToP/3Ie267jD/Y11fvJoHCITw81 goNmBkG+e+ug2kweDGMCwVza8Ilen6vTdU4Hdkky5AwpgILqBeXqJ4HwHK9bN4tM mcuN6aWTLuwqvMExwVj0M913HKDS19Nk368CAo7EI0NTIihyLjfHx0EfERex4M8i rAp004YMod36C56J23nDEJ5vNbmuKeAnJYuxxgQ6KlGiuLUo8SKSV4iGPabxeLWy gk+INx6lQwZQkY8FwTWqkGHXtGAf4XK2ruMoIFa5SBga89iLH7DJeiHBVF5UZUtD 3AD9FSAHza5E3dLbMfjsm5ycbqYUw/uci4Qn8mUoB/6Kx+EORLWSXGxtCXq7qWSW 4gDeRdvM+yEAqaKWTUtndgsbFHMwszK+QwjJnV9xEJIiXT2N7Z/5P+o5GGzevyjM CUNu0mgiVKPlIf2qDoIGYpyJdsPdoA9a/2vdMyftKjFpHJnsdAotZri08fceLfsD IfxRDOV7wYhzp6nuv4xCDxudgLUqQx8kGnnswgBt95f3ZBmeZinctUO9wWWv3C19 Pfr2LtoT1A0tOt48Indbr4xwWD91CtuQQZdDRX3s5Hr9gjmvfTydG1KxzMFUtgxx 9qsIU2lVKls5ZVNMbuKD+ie5F/9+vFy4SwhpGaqqSDNDBC7k14TA/4bC/DJq/WOd oVZAdbEFB5gEFYtK3eOS =SNtF -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vsrge-0007jd...@franck.debian.org
Help needed to debug a failing bot on i18n.debian.org
Hello fellow developers, The i18n crowd needs your help. In order to provide translators and teams with valuable material to work, we have a few automated processes that are running on the i18n.debian.org machine. The source code for all this stuff is stored in git+ssh://git.debian.org/git/debian-l10n/dl10n One of these processes is failing since September 6th and people who had a look at this up to now (me and David Prévot) can't debug it. This process, cronned under the debian-i18n role on i18n.debian.org is aimed at extracting all translatable material from the archive (either from unstable, or testing, etc.) and stored it in a way that it can be processed by other automated tasks (such as the one building i18n stats pages on http://www.debian.org/intl/l10n). The script that fails is named cron/gen-material in the git repo. It uses a configuration file that is stored in etc/dl10n.conf, still in the repo. It calls a Perl script named dl10n-check (stored in the root of the git repo)...which is the one apparently failing with errors like: Unable to open /srv/mirrors/debian//pool/main/3/3depict/3depict_0.0.13-1.debian.tar.gz at /home/debian-i18n/dl10n-check line 463 read() on closed filehandle GEN5 at /srv/i18n.debian.org//dl10n/git/lib/Debian/Pkg/Tar.pm line 176. Of course, the said file *is* there and this file is not even the first one that is processed by the script. If I tweak the script to ignore this package, it fails a bit later on another package, and so on. In short, it fails on *some* packagesand this is all we have. And we're beyond our skills. So, in short, we need fellow developers' help. Preferrably from people who can access i18n.debian.org and work under the debian-i18n role in order to test things as they are. In short, Debian developers who would be granted that role(maybe the latter is not mandatory, dunno). Is anyone willing to help us? -- signature.asc Description: Digital signature
Re: Help needed to debug a failing bot on i18n.debian.org
Christian PERRIER bubu...@debian.org (2013-09-30): So, in short, we need fellow developers' help. Preferrably from people who can access i18n.debian.org and work under the debian-i18n role in order to test things as they are. In short, Debian developers who would be granted that role(maybe the latter is not mandatory, dunno). Is anyone willing to help us? Yes; debian-i18n membership ping. Can't see the page on alioth due to: Permission denied. This project's administrator will have to grant you permission to view this page. so can't request it myself. You should be able to add me from your end though. Mraw, KiBi. signature.asc Description: Digital signature
Re: Help needed to debug a failing bot on i18n.debian.org
Cyril Brulebois k...@debian.org (2013-09-30): Yes; debian-i18n membership ping. Can't see the page on alioth due to: Permission denied. This project's administrator will have to grant you permission to view this page. so can't request it myself. You should be able to add me from your end though. Nevermind, that probably should go through rt.d.o (and it did). Anyway, running the script against unstable, with the first patch attached for debugging purposes, shows the package before 3depict is 0ad-data, which leads to an exec of xd which allocates a lot of memory. I suspect memory issue handling is poor, and leads to the nasty side effect we saw: an unrelated package gets blamed. The second (quick and dirty) patch seems to work around that, and the script is still running for now. I guess fixing error handling and maybe getting some more memory should be enough to get that part to work reliably. I think I'll drop -devel@ from any further replies since the call for help was answered, and people know where to follow the rest, should they be interested. Mraw, KiBi. From 94ea088fc1de135abe80e19eb11151ae95bba4c3 Mon Sep 17 00:00:00 2001 From: Cyril Brulebois k...@debian.org Date: Mon, 30 Sep 2013 22:17:39 + Subject: [PATCH 1/2] dl10n-check: mention parsed $path,$pkg in parse_tarball --- dl10n-check |2 ++ 1 file changed, 2 insertions(+) diff --git a/dl10n-check b/dl10n-check index 4bad7a1..af38535 100755 --- a/dl10n-check +++ b/dl10n-check @@ -414,6 +414,8 @@ sub parse_tarball { $data-version($pkg, shift); $data-maintainer($pkg, shift); $data-upstream($pkg, debian); + +print STDERR Going to parse $path / $pkg\n; # Debian::Pkg::DebSrc-new() seem to have bad time when no / is in there. # A broken basename somewhere? FIXME properly -- 1.7.10.4 From ceabda4c9a2910a5f1b8768b9dc34db86a810b36 Mon Sep 17 00:00:00 2001 From: Cyril Brulebois k...@debian.org Date: Mon, 30 Sep 2013 22:19:24 + Subject: [PATCH 2/2] dl10n-check: exclude 0ad-data, due to possible memory shortage and bad error handling --- dl10n-check |3 +++ 1 file changed, 3 insertions(+) diff --git a/dl10n-check b/dl10n-check index af38535..ae26261 100755 --- a/dl10n-check +++ b/dl10n-check @@ -462,6 +462,9 @@ sub parse_tarball { return -1 if $match($file); return 0; }; +# Avoid ENOMEM or similar? +next +if $path =~ /0ad-data/; my $deb = Debian::Pkg::DebSrc-new($path, parse_dft = $match, patch_parse_dft = $match_patch, -- 1.7.10.4 signature.asc Description: Digital signature
Re: Help needed to debug a failing bot on i18n.debian.org
Quoting Cyril Brulebois (k...@debian.org): Cyril Brulebois k...@debian.org (2013-09-30): Yes; debian-i18n membership ping. Can't see the page on alioth due to: Permission denied. This project's administrator will have to grant you permission to view this page. so can't request it myself. You should be able to add me from your end though. Nevermind, that probably should go through rt.d.o (and it did). Anyway, running the script against unstable, with the first patch attached for debugging purposes, shows the package before 3depict is 0ad-data, which leads to an exec of xd which allocates a lot of memory. I suspect memory issue handling is poor, and leads to the nasty side effect we saw: an unrelated package gets blamed. The second (quick and dirty) patch seems to work around that, and the script is still running for now. I guess fixing error handling and maybe getting some more memory should be enough to get that part to work reliably. top - 05:12:13 up 30 days, 16:06, 2 users, load average: 0,06, 0,15, 0,19 Tasks: 103 total, 1 running, 102 sleeping, 0 stopped, 0 zombie %Cpu(s): 0,0 us, 1,7 sy, 0,0 ni, 98,3 id, 0,0 wa, 0,0 hi, 0,0 si, 0,0 st KiB Mem: 2061292 total, 1950408 used, 110884 free, 286504 buffers KiB Swap: 524284 total,66436 used, 457848 free, 890868 cached PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 2508 clamav20 0 398m 330m 5436 S 0,0 16,4 414:12.81 clamd So, it seems that: - the virtual machine doesn't have that much memory (2GB) - it doesnt have much swap - clamd is eating a lot of memory clamd seems to be running for 17 days, about a week after we started to have some issues with statistics. If I had root access to this machine, I would: - restart clamd - add more swap - eventually add more memory Anyway, I applied your patch and we'll see what happens signature.asc Description: Digital signature
Accepted how-can-i-help 0.5 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Sep 2013 08:18:17 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.5 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Changes: how-can-i-help (0.5) unstable; urgency=low . * Upload to unstable. Checksums-Sha1: 867af43a52012dc4651d6acd38f964996ac22235 1611 how-can-i-help_0.5.dsc 285e6419042e70097a4c0ea0bca0ae416be148d3 4556 how-can-i-help_0.5.tar.gz 0d2b900e69c463d9ffac3b564e4c8d783bd62f34 4880 how-can-i-help_0.5_all.deb Checksums-Sha256: 72d3b540811044e6ce3245acfd5c8cbe5c1ae7762193623bec482369a522b678 1611 how-can-i-help_0.5.dsc 199376d5ecc1bcba61c561f111a0d0fca493169a4f5fc6f13cfd230235793b9c 4556 how-can-i-help_0.5.tar.gz 5a71a3367a4f3a5d5462a2c22b9901f2ac26af146c5cbb988293fe41225a6919 4880 how-can-i-help_0.5_all.deb Files: d7d6961bdc9603ae0556ac4b6f6e2a7d 1611 devel optional how-can-i-help_0.5.dsc d7a4355a795b35d3d3f90667bd474ce1 4556 devel optional how-can-i-help_0.5.tar.gz 3d57af4a2218faa98d0889c81039e71d 4880 devel optional how-can-i-help_0.5_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUjFjFjkUtTL0376ZAQpYPA//eyL2+j7n4Tkg7KiEoFf7cNjOV/uxxbhe IiL/69M5l/9rfSzrcm6tLNDBc0odRfdzYGaafaP/+ubiDI0swj7w7ej6B58n7oIw E+owkC6EMgEgPtir/X8cgPx/rX6aLeqkDV47aL6+jiriyRAXRsPbyNRJZEmNmOXg pWNwisBx9sdljxYOgme5Ceo4wfbMRtZmwgKVcaB98xu2FDgNZlXTUfZDGz7759Gs Ltt1LZ9HrTmMbx7uMkTGZ2DDB2fOaiHB0HF9Jj3ItOTGCHneQ9FHTHf9A0DhXSsX B0ATgUOHu5zw3xVSEb5msiR3vPqWyT84ftJiEH7qQPfL3HL91xtNY5s9jgns9dvl NAbdC2CwFxOmnbtthUmLJqSlF/Fh5XIdCk0/GO/KA5mI4MlXAWzhHKanEJOed/Sc zW6MBKUeu0mCI53eMmDU5PqhTT2+TI0DxRivAqW0ZXzgoB2cHU6pBvVXInmWTx/T SwmzcKmpv44iXxyiiHQDFMUJoBA4RxWY6uFpsCliN1Y1qOph+yITd0nruuryTIXB iGfqrsjwvZAJw9Q19CeWxHCtPOelLyV7d2qbUdRPMCqjtijLTUrM/z7+6+Vau0St 365Z9SoEHox1FozeMye7teHsLixAvhhbDVUEPyJxBxjOVQioKkd1nJ8KppWCNibi 9nlOHfekW54= =yQZh -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vk0ha-0003um...@franck.debian.org
Accepted how-can-i-help 0.6 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Thu, 12 Sep 2013 09:03:27 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.6 Distribution: unstable Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Changes: how-can-i-help (0.6) unstable; urgency=low . * Add --quiet option. Contributes to fixing #720981. Checksums-Sha1: 110046b0362418fb8a01698ed3bf88393f76 1611 how-can-i-help_0.6.dsc a99ac0916fdee50618d7626684a675a28d73057b 4714 how-can-i-help_0.6.tar.gz 1d00cf6f6a3fd25e4d28b41002dc5395f3d0e62d 5040 how-can-i-help_0.6_all.deb Checksums-Sha256: d59870ffe1756afc6cb383461c50c72b93f56f580f494c1fe4da98245c6f2809 1611 how-can-i-help_0.6.dsc 7401d561833318f81424f821d0ae3f5c97c9639138f6927ff8a0f6c992c297db 4714 how-can-i-help_0.6.tar.gz f6ddecf01f1aa933edc353cd4581a7d1cdfd91007509da48430f8ebf6785a464 5040 how-can-i-help_0.6_all.deb Files: f89e99cd9db2135c18cf4ddd28c97b5b 1611 devel optional how-can-i-help_0.6.dsc 57e1624a63580b9dfae227d3c5863c3d 4714 devel optional how-can-i-help_0.6.tar.gz baf07b003f7de8e53f986386d5b44874 5040 devel optional how-can-i-help_0.6_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUjFpSzkUtTL0376ZAQo+XRAAiCINSNRG/dPGr6Hlf4qHkc0R8rKNJAuU pM+FE3PfMiaytPteXp++pgLKbBYe/UqT4YuzD2lLQAFDdQI6hKxSsShBRm7CDVcn hi+p8+7nU79QKhl6CgjT1XdSM75StgmRG/j1avy4kg1hgSI6GwJ2B2TXzOINdrB3 4CiIsNbHpZDxgfwbu97dAbzr9XJr4H2vUu+fvvofDqVP7Ra54gW0nvjzPp+S24rq ANCT/pe3DXfCaJCaFycMaABXWAM/kiUJW5oV6h076PCTS6mzVB5qMpiurYqJzUdQ Ny8rNKOML1JXbLicpkJcEXDPrZRXPKkfACjlTPO/n2jPyp/Mjcjp5GM55WQZtEyO Fg+5CETFAP9wb/UjWxzqXHjyWFLf4S98TGVQqp2VF9Rii9+ef7BjVzBT+OmzinL6 RLY8NtoROJDEce4zdM+dNrmv4fQd6H2FYDAUb8hhEIkuoq4YIs9F5IxBTfccHaUj QH8IHIcvGCf/LC7vJQaJS0fnwWmn49b6M7PfvowNCkx8Vb3qgxBkkDGSgWYcKD7i ERdOFDLIy3+DRCLtYO/S1+WhWMVsf+5O3UlOVtP3JKZZGw31Fm+eEdmKE8ADlShA MpXNiNme1M0Tq56uan1KhWPq7610htLUKNxEUTZ3MDyjlaPg+UNtU/ADMWxvxh4q D2jTEuSbpoE= =B1aU -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vk1a8-00084e...@franck.debian.org
Accepted how-can-i-help 0.4 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 26 Aug 2013 18:12:35 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.4 Distribution: experimental Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 720928 Changes: how-can-i-help (0.4) experimental; urgency=low . [ Holger Levsen ] * Add manpage, thus add asciidoc to build-depends. . [ Lucas Nussbaum ] * Force encoding of output of 'dpkg -l' to UTF-8. It seems that dpkg -l outputs UTF-8 even when the locale is a non-UTF-8 one (e.g. C), which breaks with Ruby 1.9. Closes: #720928 * Document how to generate the manpage in debian/rules, and drop asciidoc from build-depends. a2x actually requires a whole docbook installation (200+ MB). Checksums-Sha1: 45458fceb4c7e5ef36b1ac798f6aeeb530f7ceb5 1611 how-can-i-help_0.4.dsc 38458edb6709d459695a3970322d106422300f7c 4483 how-can-i-help_0.4.tar.gz c7fd32046c5d60d5f8a84790fffd21e58be9be02 4822 how-can-i-help_0.4_all.deb Checksums-Sha256: 93874d655e08d5699e9712310a6f205a0a50720a9b1e712e39cb4bf312d09da3 1611 how-can-i-help_0.4.dsc 2f8b68011726640e45eb0e29d2706fe864f0f58462eb47cfe2e4a8e9920d0f7c 4483 how-can-i-help_0.4.tar.gz 63c21f102358c8722a751bac3fe52e8df9811b901a1cbaded63032b0628b0609 4822 how-can-i-help_0.4_all.deb Files: c96915a9f6d5a25161e3e0c18aa4d637 1611 devel optional how-can-i-help_0.4.dsc ea8b25b448cfae11c0d905d64aff5a59 4483 devel optional how-can-i-help_0.4.tar.gz debb0c837c85ebbb21fe8b3f0dec718b 4822 devel optional how-can-i-help_0.4_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUhuDkTkUtTL0376ZAQr4VxAAjEN8tSUq9xXodm25TMz4L8eyJKdSoXie f7Gv8AfWuLr+heRcnfafFqTdTL7kH3QpErblgS6KJpSwnNkkJpX4Mz9Fm1a4CAiW V5wVTES5cNGh26K1K5y0ne+FUJmmoqbR18IGwepzWMIVTmN1Mw9ww/g33X0yuNYt eVcW/KUTk9Dw4ZtwT9zMUOpgaLhxWnlMnBnBqsa+YYjGghJEusG6bXo3ck2z4Ytl 2e4t8pBjXWy8bGF++9T9yNi8xr3dayiV+CHrc/nBRC60yza5yc+oHONP7Hpm4uRu f9SRwA4j3Oulc8OkRpRDVJf1M9ax9HBlBrv1up8ijvjBnr8mOxYk9ZRuO3s3KxV5 JAuRIc13eWBmtcIFakTlK7JpVdR0FZM8D2Esw+ypk+F3mbX5tEh1Dgq1Vc8siBI5 hNNZmv3iqjx4nzeHQG+/oGNe1SPz1Mtk9egmdBjDJUzBmOOyFH2rWn8+7tt9MJPn kxKu73HPz90wUMtvOFEuQVnFSuI8W5i532QiZjTRTiWXt00a3GBgRsms3h2M4j2z jwGl5P6i+DSne5jYxtMS1paOJXBo/KNWYCvE1XyjT2PURvyoI1GlYpOC8GCmIEVr yj933wrEXgDziHduVt5uZpi1asDFn5BCkt2cZaDMZ35Xa6aTWHJNNL5cYLWrketA XnR+19jQ/o0= =jpmE -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vdzxo-0003xt...@franck.debian.org
Accepted how-can-i-help 0.2 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 25 Aug 2013 19:22:44 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.2 Distribution: experimental Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Changes: how-can-i-help (0.2) experimental; urgency=low . * Use the production URL to list opportunities, not the debugging one. Checksums-Sha1: a4631ebb50bce7689a2f5a9e72ff96d638342618 1611 how-can-i-help_0.2.dsc f74dd992e76277ad550d36c915e2e4e38da7d13a 3129 how-can-i-help_0.2.tar.gz d7c6b5377d01d4916bbc7e8f1e6d4be8f21e6845 3408 how-can-i-help_0.2_all.deb Checksums-Sha256: 2016cae336debb655d4b5bae8febcdbebc1280a14f6f66d2088cb400a3b1ba7a 1611 how-can-i-help_0.2.dsc e5e4328491633646e778ca7f563aa34c29de99b773b6fe8c1161b9441abcaf6c 3129 how-can-i-help_0.2.tar.gz 449e8f6d3f1429bb0c215e4af2a197c13fb18f4c635eae0b9d66a2d8fbcdcbef 3408 how-can-i-help_0.2_all.deb Files: afd0f669426335272a6a16604a355c4d 1611 devel optional how-can-i-help_0.2.dsc b24f18409b50ec381353123a18c8cdb1 3129 devel optional how-can-i-help_0.2.tar.gz b422a15bc67c29ccbd14010b2264dcd7 3408 devel optional how-can-i-help_0.2_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUhpAdzkUtTL0376ZAQrkpxAAr2qfzeqYlF07b2BnE0LzveN/uYCmRuRj Rv5EM7o9MIvg0OkB4CH48IDL2QfG5OvDZ6Mvfb25PT4oVHN7xfNorddtyx0aa/T+ wP7WYYMO2XIVE1/wOwENZZdcX5s/MX9sYTTKkqQUBtp3tkJUNDZAKOVviBpyqig9 +jVUg4t3GiCiMWN3EZ0pFFKYK+dWAyLtfu+SUNhpAAVFwc3p6KWA8agntfcz/3+a ZhGPXDvkCpGnFgoUq0jkgMKyERLyCX+l5Z1zRnLofn8PpjEsAmRM1c3KQwRzO9Pd 8LaA5qtlhm/ueF9MIxE+Fjey/+U2PPpzps1oqdU+rQcKUOeUKGhQ8O4e9+WPXvwC qxmGADa0a00Hgoq3C/RxSA+C+V4M/HqKIeHVy/rCBBNPdnjSyoSnnBixw3XQmWzm HmEf9/+J3GyXcP+MuXXrCBeLEy/fsXdR6ADNMoTEVGXbyJw+/H6RD/D6Y/+lDP7j WV3ZjRjFPx3+4A0iOcsNJ6a63Ppb2zh7LEqJcovsd/tZCiI/7HbMZayfTjsETNcO vU8H7WciC4m4n0LDKfpPhUSP0l55nNmCVW4ELOohQQso5bfUuMlfnyHwfprIPp2B /6jeJepdYWzzX/zwQeS0KpvDFulbLbYQ1KGLLFQ/Hp7W1mX9BXT0qHMyuJcsAAJZ z3lOL9TgHuU= =qDnp -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vdeq5-0002i3...@franck.debian.org
Accepted how-can-i-help 0.3 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sun, 25 Aug 2013 21:16:42 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.3 Distribution: experimental Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Closes: 720857 Changes: how-can-i-help (0.3) experimental; urgency=low . * Test for existence of /usr/bin/how-can-i-help in the APT hook, in case the package was removed but not purged, or in case purge is in progress. Thanks to Shawn Landden for reporting. Closes: #720857 Checksums-Sha1: 9eb388c7e549176f3786388ff676fb42f0b98c1b 1611 how-can-i-help_0.3.dsc 6d3f66b4d564af5a2ff3e84a48614aea506b2a24 3267 how-can-i-help_0.3.tar.gz 7bed60fbc3f030ce03a6f39197c538eebabf57d5 3564 how-can-i-help_0.3_all.deb Checksums-Sha256: 44c41cb2c4299724d7c2f70919f247b6ba0ff756d47c306d8afa044ca9b13ebc 1611 how-can-i-help_0.3.dsc 8a94bcacf9116e49c33595602bbfc50bcd02005c84f38fadf887271aa73b2ba6 3267 how-can-i-help_0.3.tar.gz e061f7e443fda105265f41735f0cad32f270f84f9cf184ea821508fa1b4e201b 3564 how-can-i-help_0.3_all.deb Files: 190d9f735d357ddd1da544193ddca310 1611 devel optional how-can-i-help_0.3.dsc 3c274cc674c13ee260391de2dbd0a304 3267 devel optional how-can-i-help_0.3.tar.gz 33e809d1f21568f9ad501c497af99953 3564 devel optional how-can-i-help_0.3_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUhpZdzkUtTL0376ZAQoSkA/+OCu3R7fTnpWfa/NDUecV5Wx5CzdcoCCC cH7BAMz0uLsfZBRFZP7hKYKP8dFBMFKvjRYZpzsN4IzsH3WIh7+e+ej+nugGSw8a x4Q3HwyZqNxAxQQCX5sDZZHMzRTNq9xm5sjdJGs0ggzHdW8Iih3i9jBfPIW3bpr4 spi7M6Nl4WO+4uPxpAgCprWVrB9VXROouDIVbj6LP0gqoDSmfbJ65T7iQCVRDQ5A 5uQNk+YT+rAU2LwqiwXGsIObSeZ9g66vVlbUvkfZIablZu9UjlKW46SaxzMoMADj 8oe6IZaMOB+w0di/+Imb8PVO+9crtkZ9R44JDXrPTKvgxBzRGkaTw9Ul5svkXcOR /055DXoPwMOlspoa1YuCuIap/dIqrjgaVss6ebJPUqhErNQpT36wdOOzcG9Z5N1d XVALfaXMwiLiuIajKX6v0X2yHl6E4Wx3TZ8uC3OkYVMJt8UIiwrbjqcrKWf00uxO GFDNlC8VTBgZNjAwbZhFOsAs0v7wm6TCwVdZN6ukqdgObFutqpyjHMH1oCOzy54A 27CN3rOAlUf89isATwSyxxIq09y3YuHxaq7Cu2sliMHOdcKzT3ns3jdN/CxghTWs lvxwJpnBqKRUmIROqYji/jrJIDyLN89NIavojeryP/LRitLj3U3xtApU0IgGfu9s yYMRPe1npAo= =Sr6X -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vdg3c-0007pd...@franck.debian.org
Accepted how-can-i-help 0.1 (source all)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Sat, 24 Aug 2013 17:29:45 +0200 Source: how-can-i-help Binary: how-can-i-help Architecture: source all Version: 0.1 Distribution: experimental Urgency: low Maintainer: Lucas Nussbaum lu...@debian.org Changed-By: Lucas Nussbaum lu...@debian.org Description: how-can-i-help - show opportunities for contributing to Debian Changes: how-can-i-help (0.1) experimental; urgency=low . * Initial release. Checksums-Sha1: c7c718eeb8e404624914c2238815a24a5f9b87ab 1611 how-can-i-help_0.1.dsc b678578699b99234c6d744aaf434888a46c5cc9c 3030 how-can-i-help_0.1.tar.gz 25f013eea568df25e94362465d8b8641acccfc0c 3328 how-can-i-help_0.1_all.deb Checksums-Sha256: 2134114f2addd131de6700af4bb920b5d4aa275dc8e04512c974d25b65d16055 1611 how-can-i-help_0.1.dsc 6132391cfbdd9d42b3ff60386102d4f8c1ba156af541372e6243488ff2b0e4ba 3030 how-can-i-help_0.1.tar.gz 8d09497b48eee590d578fe62b72861b5d0e8ebd92407455d685aa41ad8d20381 3328 how-can-i-help_0.1_all.deb Files: f1dbd7f697141127806714dade67aefc 1611 devel optional how-can-i-help_0.1.dsc 5d30f8df02d0e096647ca1c923fcd93d 3030 devel optional how-can-i-help_0.1.tar.gz 9d0c083ff46bdf0afa98412dbde5b2e9 3328 devel optional how-can-i-help_0.1_all.deb -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) iQIVAwUBUhjWGTkUtTL0376ZAQq+RA//YaDcJigRGQ0DAJuTHgmvypf5c81ejkXP 17KMaFo2Q9jlVTQRA/PZ7QQmBOYNYkXiA5wwoPmo79lfXRJ8eJPAR6Lq7rWebpvO Hr7e5vnVFHv0bExCcKNzf2rmoljbsesWYtRAszBBlAcXcH5TN/Y3Z1TXzgeYnp+b cfkM0eM9xAEwv3He9w3wsGGCrEfAe9SxJa/z8DPMZyivfoCUUiV4wDhioNXpE3T7 r3VGt+ABN2rG1zh/4cR6Y/fVq3+S8Atiw0ZAcRXOzhXQUhyP93LjaIEwbu0tM8F2 HYFzFSalwPXdAyKzz1Lq1+jeeH5toqHFF3wpH4s8JnBfYI47PGGFSllEOF1rI9YV xpDYCUA0cHhDwAB9Dan2YFyNWEgNGBb5uqkSVE53bc2Nv0yqmJVEoJAdBlJKnck0 MSa7qtmP4g/PKBIf49xKs+46/rnyLHye9beVjXbwJtDxA9wT5rH8B9JwFZX6J/lK 5BuLRipSJj+nT/8ZynqPhdM4olc/pOEKMNzu+c1N6hXcy1T+7xadukWkz1y00zXB Thd8WhshvomkrV6e/QOqMax6YA8f2ahcnLeLe6w0h1cdpHPssn/tjGzVTwh4P4Pp E4MuZgH10nRSg8AP95x1Eq32v9DJYW7+TTj3D8MhBJfMEV1IhwdlUjGa1+8TaPr7 WCHwfeH8YkM= =t6ds -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1vdnkv-0001xr...@franck.debian.org
Re: Requesting DDs who want to help greet new contributors
Hi Asheesh, I just watched your talk on my way home from DebConf and decided I want to join you in the welcoming team or whatever it will be called :). A few more details on what will be happening and what is the expectation of me (and others) would be appreciated. -- Best regards, Michael -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/x6k3jiad6v@midna.lan
Re: Requesting DDs who want to help greet new contributors
On 30/07/13 at 12:00 -0400, Asheesh Laroia wrote: Hi all Debianites, I've been inspired by the Developer Advisory Team in another project [1], and so I want to create a similar team within Debian. In this email, first I'll summarize what the concept of Developer Advisory Team is, and second I'll request help. The stated goals are: * Reach out to new contributors, thank them for their work and get feedback. * Reach out to people who might be ready to apply for upload rights and help them. * Reach out to contributors that went inactive and get feedback from them and offer help. Hi, I'm currently processing the answers to the survey I mentioned in [1]. Looking at what I've processed so far, one of the conclusions, I think, will be that a very large proportion of people who managed to get their first package uploaded had a friend or colleague to whom they could ask questions when needed. This is not a bad thing per se, but it means that it's much harder for people without such a direct support channel to succeed. This initiative could be the basis for a way for new contributors to find such a online Debian friend that could then answer their questions about BTS usage, packaging, etc. Lucas [1] https://lists.debian.org/debian-project/2013/07/msg00010.html -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130804100815.ga9...@xanadu.blop.info
Re: Requesting DDs who want to help greet new contributors
Hi, On Sun, Aug 04, 2013 at 12:08:15PM +0200, Lucas Nussbaum wrote: I'm currently processing the answers to the survey I mentioned in [1]. Looking at what I've processed so far, one of the conclusions, I think, will be that a very large proportion of people who managed to get their first package uploaded had a friend or colleague to whom they could ask questions when needed. This is not a bad thing per se, but it means that it's much harder for people without such a direct support channel to succeed. IMHO newcomers just do not expect to find such a friend inside the Debian community. My canonical answer to increase the chances that people will be able to easily find friends is to build teams with a certain focus which should try to make themselves visible to users (=potential developers). We just found the name Blends for this and I hope to be able to *prove* that Blends can be help getting new developers in my talk at DebConf[1] when I present numbers that we have won one DD per year (in average) who admitted that he is only in Debian *because* this specific Blend exist. If this is possible for a leaf project as I defintely regard medicine and biology how much better could be our chances in other fields if people would *actively* reach out for users and thus developers as Debian Med did? This initiative could be the basis for a way for new contributors to find such a online Debian friend that could then answer their questions about BTS usage, packaging, etc. In Debian Med this is called Mentoring of the Month[2] and besides I will metnion it in[1] as well I will have a dedicated talk about MoM as well[3]. Kind regards Andreas. [1] http://penta.debconf.org/dc13_schedule/events/986.en.html [2] http://wiki.debian.org/DebianMed/MoM [3] http://penta.debconf.org/dc13_schedule/events/987.en.html -- http://fam-tille.de -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130804184944.gb19...@an3as.eu
Re: Requesting DDs who want to help greet new contributors
On Wed, 31 Jul 2013, Paul Wise wrote: I already do similar stuff but without the benefit of the tool you are working on, just based on mailing list mails from folks asking how to get involved or what I remember of folks activities. I might be interested to get more involved here but that would probably need to be later in the year. *nod*! Hopefully as the team gets up and documents the tools and process, and refines the goals, and so on, you'll find it interesting to join! -- Asheesh. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1308010209030.4...@rose.makesad.us
Re: Requesting DDs who want to help greet new contributors
On Wed, 31 Jul 2013, Nicolas Guilbert wrote: On Tuesday, July 30, 2013 12:00:18 PM Asheesh Laroia wrote: Hi all Debianites, I've been inspired by the Developer Advisory Team in another project [1], and so I want to create a similar team within Debian. In this email, first I'll summarize what the concept of Developer Advisory Team is, and second I'll request help. The stated goals are: * Reach out to new contributors, thank them for their work and get feedback. * Reach out to people who might be ready to apply for upload rights and help them. * Reach out to contributors that went inactive and get feedback from them and offer help. This sounds like means rather than goals to me. My guess is that the goal would be something like create a feel-good atmosphere around and within Debian or get more people engaged in the development of Debian. I think I agree with this clarification. Thank you for that! If the latter is what we want, how about also involving some other leverages: * promoting the mentoring principle as the official Debian way of building the community's skill pool. Mentoring is known to be the by far most efficient pedagogy [citation pending] - a perfect match for the best distribution :) * the mentoring principle holds the promise of exponential growth, which is interesting if you can get the coefficient sufficiently far above 0 (one mentor can teach two, who can teach two etc.). Pushing up the coefficient could also be achieved by contributors to the project acting increasingly as advocates for it. This advocacy could be built around narratives such as Contributing to a project like Debian is something one can be proud of - tell that you do, what you do, why you do it and encourage others to do it. Social engineering can also be quite efficient :) (-: I agree that mentoring is often very effective. One of the key elements I find missing in mentoring, however, is the work to establish a relationship between mentor and mentee that leads to them having meaningful discussions rather than not asking each other questions. As for your citation pending -- clarifying this sort of thing is one of the goals of this project. One plan that Mako and I came up with that since at first, we may not have enough bandwidth to ping everyone, we can see if those who we *do* manage to reach become more active in the project than the people we do get around to pinging. I'm excited by the warm reception to the ideas here! I'll work with David Lu on fixing more our bugs, and y'all will hear more from us soon. (And if that's not soon enough, http://lists.openhatch.org/mailman/listinfo/greenhouse + https://github.com/openhatch/oh-greenhouse + #openhatch on freenode!) -- Asheesh. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1308010211240.4...@rose.makesad.us
Re: Requesting DDs who want to help greet new contributors
Hi, On Thu, Aug 01, 2013 at 02:24:43AM -0400, Asheesh Laroia wrote: I agree that mentoring is often very effective. I'd like to give some report at DebConf[1] about Mentoring of Month[2]. The report will probably not fill more than 15-20min and the focus of this BoF is rather on seeking more ideas. People who are interested into this thread might like to join the event. One of the key elements I find missing in mentoring, however, is the work to establish a relationship between mentor and mentee that leads to them having meaningful discussions rather than not asking each other questions. I tried to clarify this inside the MoM rules[2]. Kind regards Andreas. [1] https://penta.debconf.org/dc13_schedule/events/987.en.html [2] https://wiki.debian.org/DebianMed/MoM -- http://fam-tille.de -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130801075954.gd10...@an3as.eu
Re: Requesting DDs who want to help greet new contributors
I already do similar stuff but without the benefit of the tool you are working on, just based on mailing list mails from folks asking how to get involved or what I remember of folks activities. I might be interested to get more involved here but that would probably need to be later in the year. -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caktje6gk3uzqcifpxd+o7mjqanyy9sfrfsvc2snqcoypm1p...@mail.gmail.com
Requesting DDs who want to help greet new contributors
Hi all Debianites, I've been inspired by the Developer Advisory Team in another project [1], and so I want to create a similar team within Debian. In this email, first I'll summarize what the concept of Developer Advisory Team is, and second I'll request help. The stated goals are: * Reach out to new contributors, thank them for their work and get feedback. * Reach out to people who might be ready to apply for upload rights and help them. * Reach out to contributors that went inactive and get feedback from them and offer help. The key concept here is that we use automated tools, based on the Ultimate Debian Database that already exists, to make it very easy to see who is newly contributing to the project, and commit as a team to reaching out to as many of them as we can in order to greet them. We'd try to reach out to them within a few days of them doing their first successful upload. The people on the Developer Advisory Team would also use these tools to help track the progress of new prospective developers into the project. This way, when it seems that someone is ready to apply, the DAT members can realize that and ping them. Generally, I believe it's useful to give people personal contacts within Debian, above and beyond their first package sponsor. (Lucas Nussbaum remarked to me that this is something like the MIA team, only it's to help people get *into* Debian, rather than to identify who is *absent*!) Does any of that sound interesting to you? * If anyone is interested in participating on that team, just reply on-list or off-list to me and I will loop you in (for example, if we create a mailing list for this team, will invite you) (simplest way to do so: reply off-list to me with the word yes) * If you have ideas for how to make this more feasible or useful, reply here on debian-devel. There's surely scope to revise the goals, if we want. * If you want to reply saying, This is a boring project and you should not waste your time, please refrain, since I am committed to doing something like this. (-: * If you're on the MIA team or the QA team or some other team and think that this should just be a part of your existing team, that's fine by me! Preferably discuss here on debian-devel. I'm interested in finding out how effective this is, so I intend to have the team work to measure our results. I'm also interested in bringing this idea to other large free software communities that want it! David Lu (a GSoC student at OpenHatch) has been hacking with me this summer on some of the tooling [2], and we've been testing the UI with Paul Tagliamonte as a first member of the prospective team. Do you want to join in too? (-: I know many of us in Debian are very busy with our existing commitments to the project, so no need to volunteer if you're unable to commit more time. paultag and I are interested in being part of this team initially, but naturally we'd love more volunteers. -- Asheesh. References: 1. https://wiki.ubuntu.com/DeveloperAdvisoryTeam 2. https://lists.debian.org/debian-mentors/2013/07/msg00045.html -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1307301158250.29...@rose.makesad.us
Re: Requesting DDs who want to help greet new contributors
Le Tue, Jul 30, 2013 at 12:00:18PM -0400, Asheesh Laroia a écrit : Hi all Debianites, I've been inspired by the Developer Advisory Team in another project [1], and so I want to create a similar team within Debian. In this email, first I'll summarize what the concept of Developer Advisory Team is, and second I'll request help. The stated goals are: * Reach out to new contributors, thank them for their work and get feedback. * Reach out to people who might be ready to apply for upload rights and help them. * Reach out to contributors that went inactive and get feedback from them and offer help. Hi Asheesh, When I saw a couple of emails about Developer Advisory Team on debian-mentors, I had a hard time figuring out what it was about, and since I had no extra time to find an answer, I concluded that Ubuntu do what it wants... The goals that you list above give me the impression that such a team in Debian would better be named Greeeting, Reachout, Encouragement, etc. Team. Not being a native speaker, Advisory for me is has strong connotations, that remind me that much of the music that I listened when I was younger had a Parental Advisory sticker on it... Now that I am older, Advisory means prestigious scientist that give us their point of view from outside, on how to better steer our research institute. With all the respect I have from my experienced colleagues, I think that it would not fit the Debian way. My fear is that after a few years of drifting and rotation of its members, the Advisory team, influenced by its own name, might engage in giving less greetings and more advices... In summary, I welcome the goal of increasing new contributions to Debian, but recommend to pick a more casual name for your project. Cheers, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130730220407.ga18...@falafel.plessy.net
Re: Requesting DDs who want to help greet new contributors
On Tuesday, July 30, 2013 12:00:18 PM Asheesh Laroia wrote: Hi all Debianites, I've been inspired by the Developer Advisory Team in another project [1], and so I want to create a similar team within Debian. In this email, first I'll summarize what the concept of Developer Advisory Team is, and second I'll request help. The stated goals are: * Reach out to new contributors, thank them for their work and get feedback. * Reach out to people who might be ready to apply for upload rights and help them. * Reach out to contributors that went inactive and get feedback from them and offer help. This sounds like means rather than goals to me. My guess is that the goal would be something like create a feel-good atmosphere around and within Debian or get more people engaged in the development of Debian. If the latter is what we want, how about also involving some other leverages: * promoting the mentoring principle as the official Debian way of building the community's skill pool. Mentoring is known to be the by far most efficient pedagogy [citation pending] - a perfect match for the best distribution :) * the mentoring principle holds the promise of exponential growth, which is interesting if you can get the coefficient sufficiently far above 0 (one mentor can teach two, who can teach two etc.). Pushing up the coefficient could also be achieved by contributors to the project acting increasingly as advocates for it. This advocacy could be built around narratives such as Contributing to a project like Debian is something one can be proud of - tell that you do, what you do, why you do it and encourage others to do it. Social engineering can also be quite efficient :) Thanks for a fine initiative, Nicolas -- Nicolas Guilbert Intelligence: property of a lifeform capable of outliving its planet of origin -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4185618.VxLhrfubq3@ikulrir
Re: Requesting DDs who want to help greet new contributors
On Wed, 31 Jul 2013, Charles Plessy wrote: Hi Asheesh, When I saw a couple of emails about Developer Advisory Team on debian-mentors, I had a hard time figuring out what it was about, and since I had no extra time to find an answer, I concluded that Ubuntu do what it wants... The goals that you list above give me the impression that such a team in Debian would better be named Greeeting, Reachout, Encouragement, etc. Team. Not being a native speaker, Advisory for me is has strong connotations, that remind me that much of the music that I listened when I was younger had a Parental Advisory sticker on it... Now that I am older, Advisory means prestigious scientist that give us their point of view from outside, on how to better steer our research institute. With all the respect I have from my experienced colleagues, I think that it would not fit the Debian way. My fear is that after a few years of drifting and rotation of its members, the Advisory team, influenced by its own name, might engage in giving less greetings and more advices... In summary, I welcome the goal of increasing new contributions to Debian, but recommend to pick a more casual name for your project. I appreciate all this feedback and encouragement! For now I like Developer Encouragement Team, and I'll take your advice to heart that Advisory sounds like Parental Advisory; I agree something more casual would be better. I'm not totally settled on the name, and will mull it over. -- Asheesh. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/alpine.deb.2.02.1307301958360.19...@rose.makesad.us
Re: adequate now reports incompatible-licenses - need help to verify and file bugs
* Sune Vuorela nos...@vuorela.dk, 2013-07-10, 11:59: On 2013-07-10, Andreas Beckmann a...@debian.org wrote: osgearth: incompatible-licenses /usr/bin/osgearth_cache LGPLv3+ (libgnutls.so.26) + GPLv2 (libpoppler.so.19) osgearth: incompatible-licenses /usr/bin/osgearth_toc LGPLv3+ (libgnutls.so.26) + GPLv2 (libpoppler.so.19) osgearth: incompatible-licenses /usr/bin/osgearth_version LGPLv3+ (libgnutls.so.26) + GPLv2 (libpoppler.so.19) osgearth: incompatible-licenses /usr/bin/osgearth_viewer LGPLv3+ (libgnutls.so.26) + GPLv2 (libpoppler.so.19) osgearth also (transitively) links against OpenSSL, which is another incompatibility. tellico: incompatible-licenses /usr/bin/tellico GPLv2 (libpoppler.so.19) + LGPLv3+ (libgnutls.so.26) No need to file these. Poppler is going GPLv2+3 once next upstream lands in debian. [citation needed] At least the Debian Poppler maintainer claims that 0.20.5 is still effectively GPLv2-only: #717732. Perhaps you meant an even newer version, but I can't see anything relevant in the NEWS file either. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130724171611.ga4...@jwilk.net
Re: how can we help DSA save money
On 2013-07-21 08:09, Tollef Fog Heen wrote: The only realistic alternative to spending the money here would be if some company donated the equivalent in hardware. It's not really possible to code ourselves out of this one. Well, we could make snapshot store binary deltas. That would kill some redundancy in data to require less storage at the expense of more computing power needed to reconstruct the file to be delivered to the user (and more computing power to store packages in it). Just sayin', not suggesting that we should do that. Kind regards Philipp Kern -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/bd71e67f1157d71a9d0075afd6727...@hub.kern.lc
Re: how can we help DSA save money
Hi! On 2013-07-21 08:09, Tollef Fog Heen wrote: Backups is 8 x 4T Seagate Constellation drives. Bytemark is 24 x 4T Seagate Constellation drives. We get setup, hosting, power, etc donated, so that is not part of the cost there. Thanks; was this just a purchase of drives, or also a new storage appliance / enclosure for them? Having these numbers allows for some very rough estimates of cost saving from different ideas. It's not really possible to code ourselves out of this one. It's a challenge of course. I think these are fun and educational; I like to keep things like this in mind over a period of months, while working on unrelated projects. This problem is unlimited in scope, and the benefit of any change could possibly extend beyond snapshot.d.o, e.g. to mirrors or end-users. * if maintainers knew the true cost of snapshot.d.o it may affect their upload habits * we can measure impact of xz and other compression of .debs * dedup.d.n seems it could help reduce unnecessary growth of the archive in future * de-duplicating between *versions* of a package is another area of interest; just one method of that is:- On 2013-07-22 09:31, Philipp Kern wrote: Well, we could make snapshot store binary deltas. [...] Just sayin', not suggesting that we should do that. Exactly, and with some numbers and costs we can evaluate if it's worthwhile or practical. That may change over time depending on compute/storage cost tradeoff or through different techniques. At a lower level we can consider the capabilities of the storage system, which is really software. Depending on that, it may have been practical to manage with just 6 disks initially and add more later (when they may be half the price or less). OTOH its performance may then be insufficient, but then it could be potentially fixed in software of the application. So yes, I think this certainly could be seen as a software challenge. Thanks again for all the details and your thoughts. Regards, -- Steven Chamberlain ste...@pyro.eu.org -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/51ed18a0.9090...@pyro.eu.org