Deleting a MySQL database in postrm
Hi ya, I am currently trying to package RefDB, a bibliography database manager. RefDB uses MySQL, so one thing that the package has to do is to create/delete MySQL databases and users. For that, the scripts need the admin password for the MySQL database server. What is the best way to handle this potential security problem? I do not find it suitable to store the password in the debconf database, but the only way I see out of it is to ask for the password in the postrm script. Any ideas? Cheers, Marco msg06425/pgp0.pgp Description: PGP signature
Re: Deleting a MySQL database in postrm
The standard way of storing the root password for MySQL is in ~root/.my.cnf.. It should look something like this: [mysqladmin] user= username password= password In any case, I don't think it wise to add/remove databases on installation/removal, that should probably be left up to the user to do - I don't think any package, including TWIG, which needs MySQL to run, installs a database automatically. Marco Kuhlmann wrote: Hi ya, I am currently trying to package RefDB, a bibliography database manager. RefDB uses MySQL, so one thing that the package has to do is to create/delete MySQL databases and users. For that, the scripts need the admin password for the MySQL database server. What is the best way to handle this potential security problem? I do not find it suitable to store the password in the debconf database, but the only way I see out of it is to ask for the password in the postrm script. Any ideas? Cheers, Marco -- ___ ___ / _ | / _ \ Ari Pollak - [EMAIL PROTECTED] - www.aripollak.com / __ |/ ___/ /_/ |_/_/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Sponsor request for cernlib
Hi everyone, I have made unofficial Debian packages of Cernlib, a set of libraries and programs used by a lot of high-energy physicists. The web page is here: http://wwwinfo.cern.ch/asd/cernlib/ and the license is GPL. To download my packages, you can find the required sources.list lines here: http://gobo.princeton.edu/~kmccarty/ (note: gobo will change to borex soon) I know Cernlib is hardly a suitable project for someone who hopes to become a new Debian developer; it includes shared libraries, data files, and all sorts of good stuff. (Even getting it to compile with shared instead of static libraries took a good deal of work.) But what can I say -- I needed it :) So if there are any physicists who would be interested in sponsoring me for these packages, please take a look. (FWIW, I'm the upstream author of starplot, http://www.princeton.edu/~kmccarty/starplot.html , and have written a debian/ directory for that, which I think the current official package of starplot uses pretty much unchanged.) Thanks, -- Kevin McCartyPhysics Department [EMAIL PROTECTED] Princeton University www.princeton.edu/~kmccarty Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Sponsor request for cernlib
On Sun, Jun 16, 2002 at 01:55:23PM -0400, Kevin B. McCarty wrote: I have made unofficial Debian packages of Cernlib, a set of libraries and programs used by a lot of high-energy physicists. The web page is here: http://wwwinfo.cern.ch/asd/cernlib/ and the license is GPL. To download my packages, you can find the required sources.list lines here: http://gobo.princeton.edu/~kmccarty/ (note: gobo will change to borex soon) There's a problem: Blackbird:~/debian$ dpkg-source -x cernlib_2002.04.26-0.1.dsc dpkg-source: error: file cernlib_2002.04.26-0.1.diff.gz has size 22765 instead of expected 22737 Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Sponsor request for cernlib
Hi Kevin! You wrote: I know Cernlib is hardly a suitable project for someone who hopes to become a new Debian developer; it includes shared libraries, data files, and all sorts of good stuff. (Even getting it to compile with shared instead of static libraries took a good deal of work.) But what can I say -- I needed it :) So if there are any physicists who would be interested in sponsoring me for these packages, please take a look. I'd like to see this in Debian, so I'll sponsor you. I'll take a look at your packages later this week. It would be nice if, in the mean time, you could get your key signed. I think there are a lot of develoepr sin your area, so it shouldn't be much of a problem to arrange a meeting. -- Kind regards, +---+ | Bas Zoetekouw | Si l'on sait exactement ce | || que l'on va faire, a quoi| | [EMAIL PROTECTED] | bon le faire?| |[EMAIL PROTECTED] | Pablo Picasso | +---+ msg06429/pgp0.pgp Description: PGP signature
Re: Sponsor request for cernlib
Thanks for the note. It should be fixed now. (What happened was that I gunzipped the diff file to make sure everything looked right, then re-zipped it, but apparently to a different size. Fortunately I had a copy of the original diff file lying around.) -- Kevin McCartyPhysics Department [EMAIL PROTECTED] Princeton University www.princeton.edu/~kmccarty Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Deleting a MySQL database in postrm
Hi ya, I am currently trying to package RefDB, a bibliography database manager. RefDB uses MySQL, so one thing that the package has to do is to create/delete MySQL databases and users. For that, the scripts need the admin password for the MySQL database server. What is the best way to handle this potential security problem? I do not find it suitable to store the password in the debconf database, but the only way I see out of it is to ask for the password in the postrm script. Any ideas? Cheers, Marco pgpttzxNDdEsF.pgp Description: PGP signature
Re: Deleting a MySQL database in postrm
The standard way of storing the root password for MySQL is in ~root/.my.cnf.. It should look something like this: [mysqladmin] user= username password= password In any case, I don't think it wise to add/remove databases on installation/removal, that should probably be left up to the user to do - I don't think any package, including TWIG, which needs MySQL to run, installs a database automatically. Marco Kuhlmann wrote: Hi ya, I am currently trying to package RefDB, a bibliography database manager. RefDB uses MySQL, so one thing that the package has to do is to create/delete MySQL databases and users. For that, the scripts need the admin password for the MySQL database server. What is the best way to handle this potential security problem? I do not find it suitable to store the password in the debconf database, but the only way I see out of it is to ask for the password in the postrm script. Any ideas? Cheers, Marco -- ___ ___ / _ | / _ \ Ari Pollak - [EMAIL PROTECTED] - www.aripollak.com / __ |/ ___/ /_/ |_/_/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Sponsor request for cernlib
Hi everyone, I have made unofficial Debian packages of Cernlib, a set of libraries and programs used by a lot of high-energy physicists. The web page is here: http://wwwinfo.cern.ch/asd/cernlib/ and the license is GPL. To download my packages, you can find the required sources.list lines here: http://gobo.princeton.edu/~kmccarty/ (note: gobo will change to borex soon) I know Cernlib is hardly a suitable project for someone who hopes to become a new Debian developer; it includes shared libraries, data files, and all sorts of good stuff. (Even getting it to compile with shared instead of static libraries took a good deal of work.) But what can I say -- I needed it :) So if there are any physicists who would be interested in sponsoring me for these packages, please take a look. (FWIW, I'm the upstream author of starplot, http://www.princeton.edu/~kmccarty/starplot.html , and have written a debian/ directory for that, which I think the current official package of starplot uses pretty much unchanged.) Thanks, -- Kevin McCartyPhysics Department [EMAIL PROTECTED] Princeton University www.princeton.edu/~kmccarty Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Sponsor request for cernlib
On Sun, Jun 16, 2002 at 01:55:23PM -0400, Kevin B. McCarty wrote: I have made unofficial Debian packages of Cernlib, a set of libraries and programs used by a lot of high-energy physicists. The web page is here: http://wwwinfo.cern.ch/asd/cernlib/ and the license is GPL. To download my packages, you can find the required sources.list lines here: http://gobo.princeton.edu/~kmccarty/ (note: gobo will change to borex soon) There's a problem: Blackbird:~/debian$ dpkg-source -x cernlib_2002.04.26-0.1.dsc dpkg-source: error: file cernlib_2002.04.26-0.1.diff.gz has size 22765 instead of expected 22737 Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Sponsor request for cernlib
Hi Kevin! You wrote: I know Cernlib is hardly a suitable project for someone who hopes to become a new Debian developer; it includes shared libraries, data files, and all sorts of good stuff. (Even getting it to compile with shared instead of static libraries took a good deal of work.) But what can I say -- I needed it :) So if there are any physicists who would be interested in sponsoring me for these packages, please take a look. I'd like to see this in Debian, so I'll sponsor you. I'll take a look at your packages later this week. It would be nice if, in the mean time, you could get your key signed. I think there are a lot of develoepr sin your area, so it shouldn't be much of a problem to arrange a meeting. -- Kind regards, +---+ | Bas Zoetekouw | Si l'on sait exactement ce | || que l'on va faire, a quoi| | [EMAIL PROTECTED] | bon le faire?| |[EMAIL PROTECTED] | Pablo Picasso | +---+ pgptWrXQLwe9U.pgp Description: PGP signature
Re: Sponsor request for cernlib
Thanks for the note. It should be fixed now. (What happened was that I gunzipped the diff file to make sure everything looked right, then re-zipped it, but apparently to a different size. Fortunately I had a copy of the original diff file lying around.) -- Kevin McCartyPhysics Department [EMAIL PROTECTED] Princeton University www.princeton.edu/~kmccarty Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Unidentified subject!
Kevin! Long time no see. I trust that all is well and that the case was finally settled. I was sitting in Applebee's with Ian tonight before work, munching away on chicken fingers and fries and longing for a Guinness to celebrate St. Paddy's Day. And I was idly watching SportsCenter on the TV over the bar and half-listening to the pop station being piped in over the stereo system in the restaurant. Whatever this music network is, the selection is... interesting. It ranges from 90s bubblegum pop to disco to reggae to ballads to country to hard rock -- and everything in between. I think every mainstream, franchise/ chain restaurant in America has the same radio network, cause the music is ALL the same. Anyway, some Lionel Richie song or other came on, and it made me think of the early eighties. Lionel Richie songs always make me think of the early eighties for some reason. And it occurred to me that music has the capability to make us think of an era of time, even if we weren't alive to experience it. Not exactly a new revelation, I know. But the next thought that occurred to me is that this may possibly be a phenomenon unique to this century. I mean, music historians can point to a baroque piece as being from this century or that, or a popular drinking song from the 1860s as being a prime example of Civil War period music, yes. But never has music been so wide-spread and widely propogated as in the twentieth century. Let us not forget that until this century, we didn't have the capability to record music and keep it for posterity. We do have sheet music, but every musician who's spent any time studying classical music will tell you that the symphonies and concertoes of the masters have lost something over the years. It really is a shame we can't hear how it was when Beethoven was directing the orchestra in his Fifth Symphony. But in this century, anything we attempt can be recorded and laid down for generations to come, just the way it sounded when it was performed, for better or worse. I still have tapes and LPs of my old high school band performances, with all the squeaks and squawks preserved in hi-fi glory. Regardless of how you feel about them, they're here to stay, at least as long as we preserve the technology to play them (which is another debate altogether). This isn't even mentioning restoring old recordings from the early twentieth century. It's one of the nice benefits we're reaping from the digital age. Personally, I'm glad we've been able to rescue decades of music through the magic of digital remastering. The world would be worse off if not for the resurrected wailings of Louis Armstrong and Dizzy Gillespie on trumpet, or Billie Holiday and Lena Horne crooning at us from forty years back. From here on out, there is no excuse for us not to have any type of music, from any time this century, at our disposal. This will finally let us have the closest we're going to get to a time machine. What is a time machine after all, if not something that sends us back to a certain period in our lives? Anyway, just some thoughts. I dunno... I think I'm thinking too much. Especially since all this was inspired by a Lionel Ritchie song. Shudder. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Your spam
I'm sorry but I have no idea who you are. Unless of course you're a TROLL: http://www.geocrawler.com/archives/3/210/2001/10/0/6953555/ If that was supposed to be spam, it failed because I have no idea what you're selling. Now begone from this list! (I apologize to everyone else for the intrusion.) -- Kevin McCartyPhysics Department [EMAIL PROTECTED] Princeton University www.princeton.edu/~kmccarty Princeton, NJ 08544 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Multiple changelogs?
Should changelog.Debian.gz apply to the source package and all binary packages created from the source, or should there be a separate changelog.Debian.gz for each binary package? I have used one changelog for the dictd source package, covering both the dictd and the dict binary packages, but for the vera source package I have separate changelogs for each of the two binaries. Is one of these wrong? Regards, Bob -- _ |_) _ |_ Robert D. Hilliard [EMAIL PROTECTED] |_) (_) |_) 1294 S.W. Seagull Way [EMAIL PROTECTED] Palm City, FL USA GPG Key ID: 390D6559 PGP Key ID: A8E40EB9 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
GPG Key question
My GPG key currently is: pub 1024D/6BE69CD0 2001-06-20 Duncan Findlay [EMAIL PROTECTED] sig 3 6BE69CD0 2002-05-12 Duncan Findlay [EMAIL PROTECTED] uidDuncan Findlay [EMAIL PROTECTED] sig 3 6BE69CD0 2001-09-22 Duncan Findlay [EMAIL PROTECTED] sig D0980A99 2001-10-03 Jeff Bailey [EMAIL PROTECTED] uidDuncan Findlay [EMAIL PROTECTED] sig 3 6BE69CD0 2001-11-24 Duncan Findlay [EMAIL PROTECTED] uidDuncan Findlay [EMAIL PROTECTED] sig 3 6BE69CD0 2001-11-28 Duncan Findlay [EMAIL PROTECTED] sub 1024g/EF6D200F 2001-06-20 sig 6BE69CD0 2001-06-20 Duncan Findlay [EMAIL PROTECTED] However, [EMAIL PROTECTED] is no longer a valid e-mail address. Should I delete the uid, even though it is the only signed uid, or should I leave it, even though the e-mail is not valid? -- Duncan Findlay -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]