Re: Seeking mentor for CellWriter 1.3.5

[Paul Wise]

On Fri, Nov 25, 2011 at 11:49 AM, Michael Levin wrote:

> GNOME Unity

There is no such thing as GNOME Unity, I guess you mean GNOME 3? Or
maybe you mean Unity (which is not in Debian).

> The problem is, I've lost the email address of my previous mentor

pabs@chianamo:~$ who-uploads cellwriter
Uploads for cellwriter:
1.3.4-1.1 to unstable: gregor herrmann 
1.3.4-1 to unstable: Nelson A. de Oliveira 
1.3.3-1 to unstable: Nelson A. de Oliveira 

> completely forgotten how the Debian packaging process works! I'm looking for
> a kind soul to give me some tips on how to get a package uploaded to mentors
> and help me submit the new version to Debian so that the Debian CellWriter
> package is in good shape again.

http://mentors.debian.net/intro-maintainers
http://wiki.debian.org/DebianMentorsFaq
http://www.debian.org/doc/manuals/maint-guide/
http://packages.qa.debian.org/c/cellwriter.html

> Please reply to me directly, I am not subscribed to the mentors list.

CCed you, please reply to the list.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/caktje6fjtoxsqsrf3a0qrjm+jlm-dimf+mlvvur+aoyx2o_...@mail.gmail.com

Seeking mentor for CellWriter 1.3.5

[Michael Levin]

Hello!

I am the sole developer working on CellWriter, a program for handwriting
recognition that's already in Debian and has essentially been in
maintenance mode for several years now. Due to changes in the GTK
libraries, CellWriter has had a very nasty bug when using GNOME Unity for
several months now. Additionally, a number of errors are now reported by
Debian build tools that have been fixed via patches to 1.3.4 in Debian and
also fixed at the upstream version.

I've released a new upstream version that takes care of all of these issues:
http://code.google.com/p/cellwriter/

The problem is, I've lost the email address of my previous mentor and have
completely forgotten how the Debian packaging process works! I'm looking
for a kind soul to give me some tips on how to get a package uploaded to
mentors and help me submit the new version to Debian so that the Debian
CellWriter package is in good shape again.

Please reply to me directly, I am not subscribed to the mentors list.

Thanks in advance, and happy Thanksgiving! :)

Re: RFS: vpnc 0.5.3r449-2.2 (NMU to fix RC bugs)

[gregor herrmann]

On Fri, 25 Nov 2011 00:20:34 +0100, Florian Schlichting wrote:

> I am looking for a sponsor for my NMU of "vpnc".
> It fixes #624203 and #640978.

Uploaded [0], thanks for your work.

(Jakub's remark about merged bugs is of course correct but no real
problem IMO.)
 
Cheers,
gregor


[0] directly, and not to DELAYED/x, after reading the maintainer's
mail in #640978

-- 
 .''`.   Homepage: http://info.comodo.priv.at/ - OpenPGP key ID: 0x8649AA06
 : :' :  Debian GNU/Linux user, admin, & developer - http://www.debian.org/
 `. `'   Member of VIBE!AT & SPI, fellow of Free Software Foundation Europe
   `-NP: Kings of Convenience: Summer On The West Hill


signature.asc
Description: Digital signature

RFS: shedskin

[Paul Boddie]

Dear mentors,

This is a friendly reminder that I am still looking for a sponsor for my 
package "shedskin". I sent a request about 14 days ago but haven't had any 
responses.

 * Package name: shedskin
   Version : 0.9-1
   Upstream Author : Mark Dufour 
 * URL : http://shedskin.googlecode.com/
 * License : GPL-3+
   Section : python

It builds those binary packages:

shedskin   - Python-to-C++ compiler designed to speed up Python programs

To access further information about this package, please visit the following 
URL:

  http://mentors.debian.net/package/shedskin

Alternatively, one can download the package with dget using this command:

  dget -x \
http://mentors.debian.net/debian/pool/main/s/shedskin/shedskin_0.9-1.dsc

I would be glad if someone uploaded this package for me.

Kind regards,

Paul Boddie


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20250053.33779.p...@boddie.org.uk

Re: RFS: vpnc 0.5.3r449-2.2 (NMU to fix RC bugs)

[Jakub Wilk]

(I don't intend to sponsor this package, sorry.)

* Florian Schlichting , 2011-11-25, 00:20:

+vpnc (0.5.3r449-2.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Bug fix: "more verbose iproute makes vpnc fail connecting", taken from
+http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/4deaaf9a32
+Closes: #624203, #640978, LP: #805435.


If multiple bugs are merged, close only *one* of them in the changelog.

--
Jakub Wilk


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/202547.ga...@jwilk.net

RFS: vpnc 0.5.3r449-2.2 (NMU to fix RC bugs)

[Florian Schlichting]

Dear mentors,

I am looking for a sponsor for my NMU of "vpnc".
It fixes #624203 and #640978.

To access further information about this package, please visit the following 
URL:

  http://mentors.debian.net/package/vpnc

Alternatively, one can download the package with dget using this command:

  dget -x 
http://mentors.debian.net/debian/pool/main/v/vpnc/vpnc_0.5.3r449-2.2.dsc

As it is fairly short, I'm including the debdiff below.

I'd be glad if someone uploaded this package for me.

Florian


diff -u vpnc-0.5.3r449/debian/changelog vpnc-0.5.3r449/debian/changelog
--- vpnc-0.5.3r449/debian/changelog
+++ vpnc-0.5.3r449/debian/changelog
@@ -1,3 +1,12 @@
+vpnc (0.5.3r449-2.2) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Bug fix: "more verbose iproute makes vpnc fail connecting", taken from
+http://git.infradead.org/users/dwmw2/vpnc-scripts.git/commitdiff/4deaaf9a32
+Closes: #624203, #640978, LP: #805435.
+
+ -- Florian Schlichting   Thu, 24 Nov 2011 
15:06:35 +
+
 vpnc (0.5.3r449-2.1) unstable; urgency=low

   * Non-maintainer upload.
diff -u vpnc-0.5.3r449/debian/patches/00list 
vpnc-0.5.3r449/debian/patches/00list
--- vpnc-0.5.3r449/debian/patches/00list
+++ vpnc-0.5.3r449/debian/patches/00list
@@ -5,0 +6 @@
+08_bug640978.dpatch
only in patch2:
unchanged:
--- vpnc-0.5.3r449.orig/debian/patches/08_bug640978.dpatch
+++ vpnc-0.5.3r449/debian/patches/08_bug640978.dpatch
@@ -0,0 +1,22 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 08_bug640978.dpatch by Florian Schlichting 
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: more verbose iproute makes vpnc fail connecting
+
+@DPATCH@
+
+diff --git a/vpnc-script.in b/vpnc-script.in
+index 59750d0..bd4f120 100755
+--- a/vpnc-script.in
 b/vpnc-script.in
+@@ -116,7 +116,8 @@ destroy_tun_device() {
+
+ if [ -n "$IPROUTE" ]; then
+   fix_ip_get_output () {
+-  sed 's/cache//;s/metric \?[0-9]\+ [0-9]\+//g;s/hoplimit [0-9]\+//g'
++sed -e 's/ /\n/g' | \
++sed -ne '1p;/via/{N;p};/dev/{N;p};/src/{N;p};/mtu/{N;p}'
+   }
+
+   set_vpngateway_route() {


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2024232034.gx25...@zedat.fu-berlin.de

Re: RFS: mpg321 (4th try)

[Nanakos Chrysostomos]

Thank you very much!



On 24 Νοε 2011, at 22:57, Tobias Quathamer  wrote:


Am 20.11.2011 11:09, schrieb Nanakos Chrysostomos:

Dear mentors,

I am looking for a sponsor for my package "mpg321".


Hi Nanakos,

thanks for your work, I've just uploaded your package.

Regards,
Tobias





--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/4e1488e7-7ecb-45c4-b587-9a9da8e75...@wired-net.gr

Re: RFS: mobile-broadband-provider-info (updated package)

[Michael Biebl]

On 24.11.2011 22:09, Michael Biebl wrote:
> That said, mobile-broadband-provider-info sounds like a good candidate
> for volatile.

Small correction: volatile was lenny. It's -updates now.

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: RFS: mobile-broadband-provider-info (updated package)

[Michael Biebl]

On 24.11.2011 14:36, Didier Raboud wrote:
> Paul Wise wrote:
> 
>> This is why I think packaging it at all is possibly a bad idea since
>> people running Debian stable/oldstable will always have old
>> information. It would be better if the software that uses it were to
>> be responsible for downloading it periodically.
> 
> I respectfully disagree.
> 
> If we take that path, then we might as well allow usb-modeswitch to download 
> its latest "modeswitching" strategies for the 3G dongles that need one. Oh 
> and usb-modeswitch could then also update its binary too as "anyone wants 
> the latest" anyway.

Once your hardware is working, there is no need to periodically update
the database. On the contrary, this introduces the risk, that a update
might actually have a regression and it stops working.

That said, mobile-broadband-provider-info sounds like a good candidate
for volatile.

Cheers,
Michael

-- 
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?



signature.asc
Description: OpenPGP digital signature

Re: RFS: mpg321 (4th try)

[Tobias Quathamer]

Am 20.11.2011 11:09, schrieb Nanakos Chrysostomos:
> Dear mentors,
> 
> I am looking for a sponsor for my package "mpg321".

Hi Nanakos,

thanks for your work, I've just uploaded your package.

Regards,
Tobias




signature.asc
Description: OpenPGP digital signature

Re: RFS: mobile-broadband-provider-info (updated package)

[Joseph R. Justice]

On 11/24/11, Bhavani Shankar R  wrote:
> On Thu, Nov 24, 2011 at 9:06 PM, Joseph R. Justice  
> wrote:
>> On 11/23/11, Paul Wise  wrote:
>>> On Sun, Nov 13, 2011 at 9:55 PM, Bhavani Shankar R wrote:

 Regarding watch file I'm a bit skeptical as its a package which has
 regular commits upstream and requires frequent updation of the package
 in the archives I think personally and using the ftp site for the
 tarball location in watch file could lead to confusions with the
 versions in the archive. And if the watch file is removed lintian
 throws up error. So Antii (marked in CC) can pitch in I guess.
>>>
>>> This is why I think packaging it at all is possibly a bad idea since
>>> people running Debian stable/oldstable will always have old
>>> information. It would be better if the software that uses it were to
>>> be responsible for downloading it periodically.
>>
>> Wouldn't this combination of factoids [(1) that the package has
>> regular commits upstream of important data contained within the
>> package, (2) that the package therefore needs to be frequently updated
>> to get the new data from upstream incorporated into the package, and
>> (3) that these updates need to be made available to people running
>> Debian stable and oldstable without requiring those people to install
>> a version of this package from testing or unstable] therefore suggest
>> that this package is a candidate for debian-volatile (or whatever that
>> is called these days)?  I've been subscribing to the applicable Debian
>> announcement mailing list (debian-volatile-announce@lists.d.o) for a
>> little while now, and I see mention of updates to tzdata and clamav.
>>
>> Looking at
>> http://lists.debian.org/debian-volatile-announce/2011/msg0.html
>> , I guess it's now called squeeze-updates, not debian-volatile.
>> However, the point still stands: "This suite will contain updates that
>> satisfy one of the following criteria: [...] * The package in question
>> is a data package and the data must be updated in a timely manner
>> (e.g. tzdata)."
>
> I was thinking of uploading regular stable release updates both in
> debian and ubuntu. I'll work on this regard coming weekend. Thanks for
> all inputs and support.

Cool.  I don't know the process for getting a package qualified to be
considered under the squeeze-updates policy, but that sounds like what
you (and/or the DD who sponsors your uploads of this package) want to
look into, at least down the road.



>> As for if there should be a watch file, or what the watch file should
>> be if there should be one at all, that I do not know.  (Is there a
>> facility / capability yet for watching for changes to a git / bzr / hg
>> / svn / cvs / etc archive, and should that facility be used instead
>> for this package instead of watching a (relatively) static tarball
>> file if the facility is available for use?)
>
> Yes the package does have a git handle:
>
> http://git.gnome.org/browse/mobile-broadband-provider-info/
>
> but there is nothing as such as a static tarball on the site. Need
> more clarity on this.

Well, I'm not involved in packaging for Debian at all, just standing
on the sidelines, so I could be All Wrong about the following.  But...

I have the impression that the watch files being talked about
elsewhere in this discussion _typically_ refer to a distinct file or
files of some sort, which can be obtained via anonymous ftp / http /
etc, and which have a distinct version of some sort, be it something
embedded in the file name, or a file time stamp, or whatever.  And,
watching that file, changes to its file name, changes to its time
stamp, etc is what's used to determine if a Debian package is
"up-to-date" in terms of its version with respect to the version of
the original source the Debian package is derived from.

If what you are packaging here does not have a distinct file of some
sort that can be used to determine the version of the original source,
but a worthwhile version of some sort can be derived from the source
version's Git handle, and if that Git handle can be used by the Debian
watch file mechanisms to automatically determine when the Debian
package's version is out of date with respect to the original source
file, then it seems to me that this is what should be done.  Now, _if_
one can do this, and if how _how_ one does this, I do not know.  But,
that seems to be the question that needs to be answered.

Thanks for your time.  Hope this is of some use, interest.

Joseph


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAC58tq_R3LH1zP7O8cQ772zdtcKjSM7WfU=dxhfenunbp9i...@mail.gmail.com

Re: RFS: mobile-broadband-provider-info (updated package)

[Bhavani Shankar R]

On Thu, Nov 24, 2011 at 9:06 PM, Joseph R. Justice  wrote:
> On 11/23/11, Paul Wise  wrote:
>> On Sun, Nov 13, 2011 at 9:55 PM, Bhavani Shankar R wrote:
>
>>> Regarding watch file I'm a bit skeptical as its a package which has
>>> regular commits upstream and requires frequent updation of the package
>>> in the archives I think personally and using the ftp site for the
>>> tarball location in watch file could lead to confusions with the
>>> versions in the archive. And if the watch file is removed lintian
>>> throws up error. So Antii (marked in CC) can pitch in I guess.
>>
>> This is why I think packaging it at all is possibly a bad idea since
>> people running Debian stable/oldstable will always have old
>> information. It would be better if the software that uses it were to
>> be responsible for downloading it periodically.
>
> [Kerrect speeling note: Instead of "updation of", I probably would
> have written "updates [of/to]".]

Sorry for the typo. I'll correct my spellings in the future :)

>
> Wouldn't this combination of factoids [(1) that the package has
> regular commits upstream of important data contained within the
> package, (2) that the package therefore needs to be frequently updated
> to get the new data from upstream incorporated into the package, and
> (3) that these updates need to be made available to people running
> Debian stable and oldstable without requiring those people to install
> a version of this package from testing or unstable] therefore suggest
> that this package is a candidate for debian-volatile (or whatever that
> is called these days)?  I've been subscribing to the applicable Debian
> announcement mailing list (debian-volatile-announce@lists.d.o) for a
> little while now, and I see mention of updates to tzdata and clamav.
>
> Looking at http://lists.debian.org/debian-volatile-announce/2011/msg0.html
> , I guess it's now called squeeze-updates, not debian-volatile.
> However, the point still stands: "This suite will contain updates that
> satisfy one of the following criteria: [...] * The package in question
> is a data package and the data must be updated in a timely manner
> (e.g. tzdata)."
>

I was thinking of uploading regular stable release updates both in
debian and ubuntu. I'll work on this regard coming weekend. Thanks for
all inputs and support.

> As for if there should be a watch file, or what the watch file should
> be if there should be one at all, that I do not know.  (Is there a
> facility / capability yet for watching for changes to a git / bzr / hg
> / svn / cvs / etc archive, and should that facility be used instead
> for this package instead of watching a (relatively) static tarball
> file if the facility is available for use?)
>

Yes the package does have a git handle:

http://git.gnome.org/browse/mobile-broadband-provider-info/

but there is nothing as such as a static tarball on the site. Need
more clarity on this.

> Thanks for your time.  Hope this is of some use, interest.
>

Thank you too for your time and interest

Regards.

-- 
Bhavani Shankar
Ubuntu Developer   |  www.ubuntu.com
https://launchpad.net/~bhavi


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/CAESiwnsRuSRzDvQ9TUV0oXkVvJbYy1aCe6f4RFyk+UZpWo7=5...@mail.gmail.com

Re: RFS: mobile-broadband-provider-info (updated package)

[Joseph R. Justice]

On 11/23/11, Paul Wise  wrote:
> On Sun, Nov 13, 2011 at 9:55 PM, Bhavani Shankar R wrote:

>> Regarding watch file I'm a bit skeptical as its a package which has
>> regular commits upstream and requires frequent updation of the package
>> in the archives I think personally and using the ftp site for the
>> tarball location in watch file could lead to confusions with the
>> versions in the archive. And if the watch file is removed lintian
>> throws up error. So Antii (marked in CC) can pitch in I guess.
>
> This is why I think packaging it at all is possibly a bad idea since
> people running Debian stable/oldstable will always have old
> information. It would be better if the software that uses it were to
> be responsible for downloading it periodically.

[Kerrect speeling note: Instead of "updation of", I probably would
have written "updates [of/to]".]

Wouldn't this combination of factoids [(1) that the package has
regular commits upstream of important data contained within the
package, (2) that the package therefore needs to be frequently updated
to get the new data from upstream incorporated into the package, and
(3) that these updates need to be made available to people running
Debian stable and oldstable without requiring those people to install
a version of this package from testing or unstable] therefore suggest
that this package is a candidate for debian-volatile (or whatever that
is called these days)?  I've been subscribing to the applicable Debian
announcement mailing list (debian-volatile-announce@lists.d.o) for a
little while now, and I see mention of updates to tzdata and clamav.

Looking at http://lists.debian.org/debian-volatile-announce/2011/msg0.html
, I guess it's now called squeeze-updates, not debian-volatile.
However, the point still stands: "This suite will contain updates that
satisfy one of the following criteria: [...] * The package in question
is a data package and the data must be updated in a timely manner
(e.g. tzdata)."

As for if there should be a watch file, or what the watch file should
be if there should be one at all, that I do not know.  (Is there a
facility / capability yet for watching for changes to a git / bzr / hg
/ svn / cvs / etc archive, and should that facility be used instead
for this package instead of watching a (relatively) static tarball
file if the facility is available for use?)

Thanks for your time.  Hope this is of some use, interest.



Joseph


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/cac58tq8d1wk_zwfc562jbdlpzgvh1wyjsjlhxrmuccq1lty...@mail.gmail.com

Re: splitting packages: trouble with overwriting/replacing files during upgrade

[IOhannes m zmoelnig]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2011-11-21 23:25, Jakub Wilk wrote:
>> hmm, i only now realized that my package actually uses an epoch, so it
>> should read "<< 1:0.93", but this doesn't seem to help either.
> 
> It should help. Are you sure that you corrected versions in both Breaks
> and Replaces?

i did.
and indeed it does help!

dpkg bails out, but this time it complains about the old version
conflicting with the replacement package, which is obviously what i
asked for (i only misread the error message, believing i still get the
error about overwriting files)

thanks.

fmasdr
IOhannes
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk7OWSkACgkQkX2Xpv6ydvRIZACgpsWxsYAdJvNpah8IBh+jgDEt
UYcAnRapvdsU7mCEwWUYvN0x4b+6saOH
=1yTE
-END PGP SIGNATURE-



smime.p7s
Description: S/MIME Cryptographic Signature

Re: How to suppress expected lintian warnings?

[Jakub Wilk]

* Alexander Reichle-Schmehl , 2011-11-24, 15:11:
... and I think your check for the 32-Bit architecture is incomplete, 
but I miss the machine to test that ;)
I'm not sure what you mean by that. Which check do you think is 
missing?


You do the following:

machine=`uname -m`
[..]
elif [ "$machine" = "i686" ];
then
architecture="32"
md5sums=$md5sums32
else
echo "Error: NemID is not supported for your computer: $machine"
exit 1
fi

And I'm not sure, but I could think that there are 32-Bit machines out 
there, which don't report i686 but something less,


Or even more:
| $ dpkg --print-architecture
| i386
| $ uname -m
| x86_64

--
Jakub Wilk


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2024142252.ga4...@jwilk.net

Re: How to suppress expected lintian warnings?

[Alexander Reichle-Schmehl]

Hi!

Am 24.11.2011 14:19, schrieb Ole Wolf:

>> ... and I think your check for the 32-Bit architecture is incomplete,
>> but I miss the machine to test that ;)
> I'm not sure what you mean by that. Which check do you think is missing?

You do the following:

machine=`uname -m`
[..]
elif [ "$machine" = "i686" ];
then
architecture="32"
md5sums=$md5sums32
else
echo "Error: NemID is not supported for your computer: $machine"
exit 1
fi

And I'm not sure, but I could think that there are 32-Bit machines out
there, which don't report i686 but something less, which would make your
check too restrict - unless the downloaded library is indeed i686 only.


Best regards,
  Alexander


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ece50af.20...@schmehl.info

Re: How to suppress expected lintian warnings?

[Alexander Reichle-Schmehl]

Hi!

Am 24.11.2011 14:41, schrieb Ole Wolf:

> I actually thought I was required to include a copy of the GPL, but
> removing it is easy. :)

For the binary package take a look at /usr/share/common-licenses/.  And
IMHO should your debian/copyright make it clear, that the GPL is just
for your packaging work, not for the downloaded scripts.


> I'm building the package by simply issuing "debuild," with no options.
> This seems to provide both md5, sha1, and sha256 checksums. Are you
> suggesting I should try to get rid of the md5sums entirely (if so, how),
> or did I misunderstand you?

I'm talking about your postinst-Script, which only checks the md5sums of
the downloaded files.


Best regards,
  Alexander


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ece4f49.3000...@schmehl.info

Re: RFS: mobile-broadband-provider-info (updated package)

[Stefano Rivera]

Hi Didier (2011.11.24_15:36:37_+0200)
> If we take that path, then we might as well allow usb-modeswitch to download 
> its latest "modeswitching" strategies for the 3G dongles that need one. Oh 
> and usb-modeswitch could then also update its binary too as "anyone wants 
> the latest" anyway.

+1 Didier

Let's not forget, packages like this need to work when you are offline,
and your only connectivity is 3G. They need to be usable from an install
from a stack of Debian DVDs.

SR

-- 
Stefano Rivera
  http://tumbleweed.org.za/
  H: +27 21 465 6908 C: +27 72 419 8559  UCT: x3127


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/2024134447.gb9...@bach.rivera.co.za

Re: How to suppress expected lintian warnings?

[Ole Wolf]

Quoting Alexander Reichle-Schmehl :

Others already commented on the lintian warning thing, however looking
  at your package it doesn't qualify for main; as long as it downloads
  some stuff it qualifies at most contrib, your changelog doesn't actually
  describe your changes, you seem to install a copy of the GPL, and you
  use md5sums, which are considered weak, so please use stronger checksums.

I actually thought I was required to include a copy of the GPL, but
removing it is easy. :)

I'm building the package by simply issuing "debuild," with no options.
This seems to provide both md5, sha1, and sha256 checksums. Are you
suggesting I should try to get rid of the md5sums entirely (if so, how),
or did I misunderstand you?

   --
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
   Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net



Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: RFS: mobile-broadband-provider-info (updated package)

[Didier Raboud]

Paul Wise wrote:

> This is why I think packaging it at all is possibly a bad idea since
> people running Debian stable/oldstable will always have old
> information. It would be better if the software that uses it were to
> be responsible for downloading it periodically.

I respectfully disagree.

If we take that path, then we might as well allow usb-modeswitch to download 
its latest "modeswitching" strategies for the 3G dongles that need one. Oh 
and usb-modeswitch could then also update its binary too as "anyone wants 
the latest" anyway.

Having that type of data packaged and uploaded to our archive puts trust on 
its contents. You don't get any close to that level of trust with programs 
that download random stuff from the Internet for their uptodatedness; 
especially when the "random stuff" is critical for the Internet access (as 
mobile-broadband-provider-info can be). 

In fact, I would be suprised if our Stable Release Managers were to refuse 
updates of such data packages.

Cheers,

OdyX




-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/jalh95$kqe$1...@dough.gmane.org

Re: How to suppress expected lintian warnings?

[Ole Wolf]

Quoting Paul Wise :

What does this app do? Can it not be replaced with something more
  standard, say OpenSSL?

The application takes care of authorizing users against a centralized
server using login, password, and a keycard (made of paper; you may laugh
now). It also works as a PKCS#11 key token processor that allows users to
sign or encrypt their documents.

   I wish it could use OpenSSL, However, the authorization service uses a
inherently flawed architecture where the users don't own their private
keys, and has been shown to rely on security by obscurity and other of the
don'ts you'd find in any security expert's books. The government and the
authorization service has received heavy criticism for their
closed-source, insecure model, but we're required by law to use them.

   --
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
   Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net



Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: How to suppress expected lintian warnings?

[Ole Wolf]

Quoting Alexander Reichle-Schmehl :

... and I think your check for the 32-Bit architecture is incomplete,
  but I miss the machine to test that ;)

I'm not sure what you mean by that. Which check do you think is missing?

   (It installs fine on both 64-bit and 32-bit architectures, though,
including downloading the correct library version from the external web
site.)

   --
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
   Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net
    



Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: How to suppress expected lintian warnings?

[Paul Wise]

On Thu, Nov 24, 2011 at 8:57 PM, Ole Wolf wrote:

> That would be a preferred solution, but regrettably not an option. The
> background is that the Danish government has mandated the use of a shared
> authorization service which creates keys for each individual in Denmark. The
> private keys are created and stored by that authorization service and never
> handed over to the users, violating a basic principle of security, but
> unfortunately there's very little we can do about that.
>
> The authorization service also provides a PKCS#11 application that enables
> users to sign and encrypt documents using a personal certificate.

What does this app do? Can it not be replaced with something more
standard, say OpenSSL?

-- 
bye,
pabs

http://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/caktje6g2ruvk_jvnjde_1tuljhccbu7z+wzslznoeap+a5x...@mail.gmail.com

Re: How to suppress expected lintian warnings?

[Ole Wolf]

Quoting Gergely Nagy :

It does condemn your package to contrib at best.

I have no feelings about that at all; I just want to make the package
easily available. :)

Does that require me to submit an RFS somewhere else than here on this list?

   --
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
   Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net



Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: RFS: php-pecl-http - extended HTTP support for php5

[Mathias Ertl]

On Monday, November 21, 2011 07:16:56 PM Thomas Goirand wrote:
> Also, since we try to maintain everything as a team when it comes to
> PHP packages, I would advise that this package is also sent to the
> pkg-php git repository. That means that you should join the Alioth
> project for it, and do your packaging using Git.

Since this also affects me (I filed an RFS for php-phpdocumentor... still 
waiting for Reviewer/Sponsor ;-)): Am I required to maintain packages in that 
git-repository? I joined that Alioth project, but I doubt I get write-access 
right away...

> If you do the above effort, and nobody steps in (maybe Ondrej or Sean
> has enough time to check on it? You guys might have a better level
> than me for such PECL modules...), I'll review it and sponsor it (if of
> course, it's good enough).
> 
> But before I do that, could you please explain a bit more what it
> does, and why php5-pecl-http is useful?

Since Peter seems to be MIA again, here is my opinion: This library supports 
extended HTTP *client* support for PHP. It has far greater possibilities then 
built-in PHP (i.e. "exotic" requests like PUT and DELETE, often used in 
webservices) and is much easier to use than php-curl, since it provides a very 
object-oriented approach. I would be very happy to see this package in Debian!

greetings, Mati

-- 
me on twitter: @mathiasertl | soup: http://soup.er.tl
I only read plain-text mail!  I prefer signed/encrypted mail!


signature.asc
Description: This is a digitally signed message part.

Re: How to suppress expected lintian warnings?

[Gergely Nagy]

Ole Wolf  writes:

> I could perhaps download the library and include it in the "nemid"
> package, and the first versions of "nemid" actually did just that.
> However, I've been unable to get a response from the company that provides
> the application about the distribution rights of their software, and I'd
> rather be safe than sorry.

I see. That's a reasonable explanation, thank you!

It does condemn your package to contrib at best.

-- 
|8]


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87k46pvfjp.fsf@algernon.balabit

Re: How to suppress expected lintian warnings?

[Alexander Reichle-Schmehl]

Hi!

Am 24.11.2011 13:57, schrieb Alexander Reichle-Schmehl:

> Others already commented on the lintian warning thing, however looking
> at your package it doesn't qualify for main; as long as it downloads
> some stuff it qualifies at most contrib, your changelog doesn't actually
> describe your changes, you seem to install a copy of the GPL, and you
> use md5sums, which are considered weak, so please use stronger checksums.

... and I think your check for the 32-Bit architecture is incomplete,
but I miss the machine to test that ;)


Best regards,
  Alexander


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ece4017.9010...@schmehl.info

Re: How to suppress expected lintian warnings?

[Ole Wolf]

Thanks for all the prompt replies!

   Quoting Gergely Nagy :

Out of curiosity, why the need to download the lib? Couldn't it be
  included in the "source" someway?

That would be a preferred solution, but regrettably not an option. The
background is that the Danish government has mandated the use of a shared
authorization service which creates keys for each individual in Denmark.
The private keys are created and stored by that authorization service and
never handed over to the users, violating a basic principle of security,
but unfortunately there's very little we can do about that.

The authorization service also provides a PKCS#11 application that enables
users to sign and encrypt documents using a personal certificate. The
application is closed source, and the current Linux support requires users
to download a tarball and manually copy the contents into /usr/lib--even
overwriting existing, newer libraries. This is rather bad, somewhat
difficult, and to add insult to injury, overwriting existing libraries is
not even necessary. The "nemid" package downloads the tarball and extracts
only the specific PKCS#11 application and associated library, then
provides a script for the user to install his or her certificate.

I could perhaps download the library and include it in the "nemid"
package, and the first versions of "nemid" actually did just that.
However, I've been unable to get a response from the company that provides
the application about the distribution rights of their software, and I'd
rather be safe than sorry.

--
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
   Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net
    



Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: How to suppress expected lintian warnings?

[Alexander Reichle-Schmehl]

Hi!

Am 24.11.2011 12:51, schrieb Ole Wolf:
> I'm getting some lintian warnings on one of my packages (at
> http://mentors.debian.net/package/nemid):
]..]
> The reason is quite evident: the nemid package doesn't include a
> library; instead, the postinst and postrm scripts download a library
> from an external web page and call ldconfig afterwards. Lintian
> obviously can't know that a library is being installed and removed,
> hence the warning.

Uhm...

Others already commented on the lintian warning thing, however looking
at your package it doesn't qualify for main; as long as it downloads
some stuff it qualifies at most contrib, your changelog doesn't actually
describe your changes, you seem to install a copy of the GPL, and you
use md5sums, which are considered weak, so please use stronger checksums.


Best regards,
  Alexander


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ece3f2d.5060...@schmehl.info

Re: How to suppress expected lintian warnings?

[Gergely Nagy]

Ole Wolf  writes:

> I'm getting some lintian warnings on one of my packages (at
> http://mentors.debian.net/package/nemid):
>
>   W: nemid: postinst-has-useless-call-to-ldconfig
>   W: nemid: postrm-has-useless-call-to-ldconfig

Lintian overrides are what you seek. Since you're using debhelper, see
dh_lintian(1).

>   The reason is quite evident: the nemid package doesn't include a library;
> instead, the postinst and postrm scripts download a library from an
> external web page and call ldconfig afterwards. Lintian obviously can't
> know that a library is being installed and removed, hence the warning.

Out of curiosity, why the need to download the lib? Couldn't it be
included in the "source" someway?

-- 
|8]


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87obw1vgis.fsf@algernon.balabit

Re: How to suppress expected lintian warnings?

[Rodolfo kix Garcia]

On Thu, 24 Nov 2011 12:51:43 +0100, Ole Wolf wrote:

I'm getting some lintian warnings on one of my packages (at
http://mentors.debian.net/package/nemid):

 W: nemid: postinst-has-useless-call-to-ldconfig
 W: nemid: postrm-has-useless-call-to-ldconfig

 The reason is quite evident: the nemid package doesn't include a
library; instead, the postinst and postrm scripts download a library
from an external web page and call ldconfig afterwards. Lintian
obviously can't know that a library is being installed and removed,
hence the warning.

 How do I suppress this lintian warning without resorting to, e.g.,
secondary download-and-install scripts that are invoked from postinst
and postrm?

 Oh, by the way: I'm still looking for a sponsor for the package. :)


You can use the file debian/nemid.lintian-overrides to do that. Add 
comments about why are doing the override.


More info at http://lintian.debian.org/manual/section-2.4.html

Cheers
kix
--
||// //\\// Rodolfo "kix" Garcia
||\\// //\\ http://www.kix.es/


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/675d583418ada73a67ba952f22ba8...@kix.es

Re: How to suppress expected lintian warnings?

[Alex Mestiashvili]

On 11/24/2011 12:51 PM, Ole Wolf wrote:
> I'm getting some lintian warnings on one of my packages (at
> http://mentors.debian.net/package/nemid):
>
> W: nemid: postinst-has-useless-call-to-ldconfig
> W: nemid: postrm-has-useless-call-to-ldconfig
>
> The reason is quite evident: the nemid package doesn't include a
> library; instead, the postinst and postrm scripts download a library
> from an external web page and call ldconfig afterwards. Lintian
> obviously can't know that a library is being installed and removed,
> hence the warning.
>
> How do I suppress this lintian warning without resorting to, e.g.,
> secondary download-and-install scripts that are invoked from postinst
> and postrm?
>
> Oh, by the way: I'm still looking for a sponsor for the package. :)
>
> --
> *Ole Wolf* 
> Rødhættevej 4 * 9400 Nørresundby
> Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
> ole.w...@ekiga.net
>  
Hi ,
you can use packagename.lintian-overrides  in debian directory .

man dh_linitian

http://www.debian.org/doc/manuals/maint-guide/dother.en.html#lintian

Best regards ,
Alex

Re: How to suppress expected lintian warnings?

[Kai Wasserbäch]

Dear Ole,
Ole Wolf schrieb am 24.11.2011 12:51:
> I'm getting some lintian warnings on one of my packages (at
> http://mentors.debian.net/package/nemid):
> 
>   W: nemid: postinst-has-useless-call-to-ldconfig
>   W: nemid: postrm-has-useless-call-to-ldconfig
> 
>   The reason is quite evident: the nemid package doesn't include a library;
> instead, the postinst and postrm scripts download a library from an
> external web page and call ldconfig afterwards. Lintian obviously can't
> know that a library is being installed and removed, hence the warning.
> 
>   How do I suppress this lintian warning without resorting to, e.g.,
> secondary download-and-install scripts that are invoked from postinst and
> postrm?

without looking further at your package: you can supress Lintian
warnings/errors/notices by adding an override file to your package. See
dh_lintian(1) for further information. [0] shows such an override file in one of
my packages (note, that the override is for the source and not the binary 
package).

>   Oh, by the way: I'm still looking for a sponsor for the package. :)

Well, your package should be Lintian clean (that can include overrides) first.
Afterwards you can send a RFS to debian-mentors. Though I'm not sure many will
jump into uploading a package, that downloads a library...

Kind regards,
Kai Wasserbäch


[0]




-- 

E-Mail: cu...@debian.org
IRC: Curan
Jabber: dri...@debianforum.de
URL: http://wiki.debian.org/C%C3%B9ran
GnuPG: 0xE1DE59D2  0600 96CE F3C8 E733 E5B6 1587 A309 D76C E1DE 59D2



signature.asc
Description: OpenPGP digital signature

How to suppress expected lintian warnings?

[Ole Wolf]

I'm getting some lintian warnings on one of my packages (at
http://mentors.debian.net/package/nemid):

  W: nemid: postinst-has-useless-call-to-ldconfig
  W: nemid: postrm-has-useless-call-to-ldconfig

  The reason is quite evident: the nemid package doesn't include a library;
instead, the postinst and postrm scripts download a library from an
external web page and call ldconfig afterwards. Lintian obviously can't
know that a library is being installed and removed, hence the warning.

  How do I suppress this lintian warning without resorting to, e.g.,
secondary download-and-install scripts that are invoked from postinst and
postrm?

  Oh, by the way: I'm still looking for a sponsor for the package. :)

  --
OLE WOLF[1]
Rødhættevej 4 * 9400 Nørresundby
  Telefon: 9632-0108 * Mobil: 2467-5526 * Skype: ole.wolf * SIP:
ole.w...@ekiga.net
   


Links:
--
[1] http://naturloven.dk


smime.p7s
Description: S/MIME Cryptographic Signature

Re: RFS: Duplicati - encrypted online backups

[Alexander Reichle-Schmehl]

Hi!

Am 24.11.2011 09:35, schrieb Rene Stach:

> Download: http://code.google.com/p/duplicati/downloads/list
> Source Code:  http://code.google.com/p/duplicati/source/browse/
> Web site: http://www.duplicati.com/

Sounds interesting, but could you please provide a link to the actual
source package?


Best regards,
  Alexander


-- 
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4ece08d0.8050...@schmehl.info

RFS: Duplicati - encrypted online backups

[Rene Stach]

Hello!

Duplicati is looking for a sponsor.

Duplicati is a backup client that securely stores encrypted,
incremental, compressed backups on cloud storage services and remote
file servers. It supports targets like Amazon S3, Windows Live
SkyDrive, Rackspace Cloud Files or WebDAV, SSH, FTP (and many more).

Duplicati should be included into Debian because it is the only
easy-to-use software that allows not-so-technical users to back up
their data securely on cloud storage systems and remote file servers.
Duplicati comes with a nice UI and also works on the command line.

Name: Duplicati
Synopsis: Backup client for encrypted online backups
License:  LGPL 2.1
Download: http://code.google.com/p/duplicati/downloads/list
Source Code:  http://code.google.com/p/duplicati/source/browse/
Web site: http://www.duplicati.com/

We would be happy if any sponsor could assist us in getting Duplicati
into the Debian repository, so that more people can easily and
securely back up their data.

Best regards,

René


--
To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
http://lists.debian.org/ca+8rwjwg3aautsea61d8ey4fru-9lw9gx1zr18kea2hcy...@mail.gmail.com