Re: debian image questions
On Sun, Aug 06, 2023 at 08:42:21AM -0400, Bill Miller wrote: > When Apple makes a new OS or IOS I do not need to download anything. I go > to update, it will ask me if i am sure i want to install a new OS. Updating an installed OS with a new version of the same OS is something completely different from installing an entirely NEW OS on a system that has a different OS or none at all. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: debian image questions
Hello Bill, thanks for your Interest in Debian and also for your ramblings, which I don't quote for brevity. On Wed, Aug 02, 2023 at 08:40:51PM -0400, Bill Miller wrote: > I really want to try Debian but i dont live in the 90's CDs and USB > drives times. why cant i just install Debian from a digital cloud? i > dont understand why i need physical hardware to run digital software? Kindly educate us. What is the "modern" way to install an operating system on hardware if using an USB stick or some other boot medium is unwanted 1990ies technology? Please give detailed instructions how installing an operating system from "a digital cloud" would work? Best regards Marc Haber -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: From kali to debian
On Mon, Feb 27, 2023 at 02:46:07PM +0700, Arnaud Rebillout wrote: > In any case, answer is No. Kali Linux and Debian are different Linux > distributions. If you want to install Debian, you need to download the > Debian installer and install Debian on your disk, therefore erasing your > previous Kali Linux installation. You can't jump from one distro to the > other. Kali is somewhat based on Debian, so changing from Kali to a Debian distribution that is NEWER than the Debian that this Kali version is based on should be technically possible. This however needs vast expertise in Debian and might result in a package combination that nobody tested, making it difficult to support that installation. Additionally, this crosscrade path might end up on Debian unstable, making it necessary to wait at least one Debian release cycle to eventually end up on Debian stable. In a nutshell, if you have to ask whether it's possible, chances are big that your technical skills are not sufficient to end up in a useable and supportable Debian installation. Hence, my advice to the original poster is "don't do this". Of course it is possible to move over the home directory's contents to the new installation. Best restore from a backup (hint! hint!) and don't restore the dotfiles. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Version of Chromium and Firefox ESR available on Stable (Re: Chromium on Debian 11)
On Sun, Apr 17, 2022 at 09:56:37PM +0900, Charles Plessy wrote: > "packages.debian.org misleads users about which version of major > browsers are available in Stable" That message was actually hidden behind all that unfriendlyness. I totally missed it. Greetings Marc, speaking for the record, wishing a nice sunday as well -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Chromium on Debian 11
On Sun, Apr 17, 2022 at 01:18:25PM +0200, phil995511 - wrote: > Forgive me but your answer is off topic, my e-mail is not bossy but it > surely points the finger at the biggest security gap in Debian... Replying public to a private message is considered very bad style. Please don't do that in the future. Your messages appear to me as demanding and unfriendly. I would be offended by them even if you were my paying customer (which you are not). Please consider working on you style. In the past, you have been pointed out that debian-project is not the correct list for your issues, why do you keep coming here? Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Questions around Justice and Our Current CoC procedures
On Mon, Feb 21, 2022 at 01:08:42PM -0500, Scott Kitterman wrote: > OTOH, I think a DAM warning for a single instance of someone losing their > temper and calling someone an unfortunate name is like ringing a doorbell > with > a sledge hammer. If that's now the standard for threatening removal, I think > it's FAR to low. This worries me more than it being too hard to make > decisions. THIS. I fully agree with. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Questions around Justice and Our Current CoC procedures
On Mon, Feb 21, 2022 at 09:18:15AM +0100, Pierre-Elliott Bécue wrote: > Russ Allbery wrote on 21/02/2022 at 07:30:48+0100: > > BTW, also on that front, I think that announcing DAM warnings to the > > project is a serious mistake. I understand the thought process that went > > into that decision, but I really don't agree with it. The effect is to > > make someone feel attacked and shamed publicly, which directly interferes > > with the goal of a warning. It's also one of the major factors in making > > people feel like warnings are some sort of permanent black mark against > > them, which I strongly do not want to be the case. > > I agree. Warnings should be private at first. Some cases could be made > public if the problem was big enough to be mentioned, but generally I'd > expect as a random member to not be informed of a warning. But please don't forget that a person vanishing from a heated discussion just in a whim creates the feeling of victory in the orht discussion parties. And I KNOW what I would do as participant of a heated discussion after receiving a DAM warning. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Name suggestions
On Mon, Nov 01, 2021 at 02:15:01PM +0100, Albin Lidén wrote: > Here goes a few name suggestions for future Debian > > STIRM (coolest) > Rex <--- favorite To quote Wikipedia: Debian 1.2 (Rex), released 12 December 1996, contained 848 packages maintained by 120 developers Personal Note: That was almost two years before my first Debian installation. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Freeipa-client in Debian11
On Sat, 4 Sep 2021 09:05:35 +0300, Timo Aaltonen wrote: >On 3.9.2021 19.02, Marc Haber wrote: >> On Fri, Sep 03, 2021 at 01:10:17PM +, Domagoj Bazina wrote: >>> This package is not available in Debian 11 distribution, and version from >>> older Debian 10 can't be installed. Is there any replacement for this >>> package, or are there any plans for implementation of that package in >>> Debian 11? >> >> Packages that didn't make it into a release before the release won't >> make it back into the release after the release. There might be a >> possibility via a backport, but for this to happen, freeipa would need >> to return to testing first. > >My plan was to backport a client-only package, like it was in Buster >(though not via backports). Is that not possible? You're of course free to roll your own, local package. It shold be possible. Just don't expect any official movement in Debian stable, testing or stable-backports until that RC bug is fixed or resolved in some other way. Greetings Marc -- -- !! No courtesy copies, please !! - Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
Re: Freeipa-client in Debian11
On Fri, Sep 03, 2021 at 01:10:17PM +, Domagoj Bazina wrote: > I have question about freeipa-client, that packages was available as > apt-package in Debian 10, also it can be found in Sid option, > https://pkgs.org/search/?q=freeipa-client. Freeipa was removed from Debian 11 due to a long-standing release-cricital bug, #970880. > This package is not available in Debian 11 distribution, and version from > older Debian 10 can't be installed. Is there any replacement for this > package, or are there any plans for implementation of that package in Debian > 11? Packages that didn't make it into a release before the release won't make it back into the release after the release. There might be a possibility via a backport, but for this to happen, freeipa would need to return to testing first. #970880 has not seen action in half a year, so I'd not hold my breath waiting for a backport to appear. > *I've also tried option with adding contribution repository. (apt-get install > software-properties-common apt-add-repository contrib) This is a totally not helping action. Please consider reading a few Debian docs. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian and GitLab Open Source Partnership
On Mon, Jul 26, 2021 at 09:13:53AM +0300, Adrian Bunk wrote: > Debian as a project actively promoting open core software would be quite > a change since so far Debian was the major distribution pushing the most > for a system with only free software as defined by the Debian Free > Software Guidelines. I agree. As long as we still ship installation DVDs that won't cleanly install on the majority of end-user workstation hardware and even on a sizeable portion of server hardware, call this a feature and dismiss the working DVD image as "unofficial and not part of Debian proper" this looks at least a bit skewed. > There are many developers, and also many companies some of them close to > Debian, for whom fully free software is a mission. > Debian promoting a company with an open core business model is a slap > in the face for many people. Alone going for Gitlab as the software platform for Salsa was problematic, but OK for me due to lack of a viable alternative. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian and GG
On Wed, Apr 21, 2021 at 03:11:26PM +0500, Andrey Rahmatullin wrote: > On Wed, Apr 21, 2021 at 08:00:05AM +, Hermann Ingjaldsson wrote: > > I have developed a program that makes it easier to work in the terminal. > > I have published it here: > > https://openage.org/gg/ > To be honest I couldn't understand from this page what does this software > actually do except for displaying the folder contents, for which you could > just use a much more featureful file navigator like mc (or, if one likes > toys and vim integration, run `vim .`). > > > Would Debian be interested in including GG in the Debian system? > Debian cannot include it until it has a license (and a DFSG-free one). That being said (I agree), there needs to be a Debian Developer or a Debian Maintainer who would be willing to do the packaging, take care of bug reports etc. Best method would be to file a wishlist RFP (Request for Package) with the wnpp (Work Needing and Prospective Packages) pseudopackage in our BTS. Greetings Marc P.S.: While I agree that this is an attempt of an Upstream to plug his software, which I find legitimate, I would not call this a Spam mail. -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: [External] Re: ThinkPad laptops preinstalled Linux
On Sat, Jun 06, 2020 at 03:09:26AM +, Paul Wise wrote: > Debian used to publish a "recovery" variant of Debian Live, but that > was dropped due to lack of maintenance at one point. I note there are > several Debian derivatives producing rescue/recovery live media (Grml, > rescatux, Finnix come to mind), I wonder if any of them would be > interested in forming a new Debian rescue/recovery team to publish > console and GUI recovery variants of Debian Live images. Why would we want to do that when downstream distributions for this purpose are available. Frankly, I don't currently see that a Debian rescue image could reach grml's level of matureness in time. We do have more important things to spend our personpower on that are not alreadys solved downstream. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: [External] Re: ThinkPad laptops preinstalled Linux
On Fri, Jun 05, 2020 at 09:13:39AM -0400, Mark Pearson wrote: > On 6/5/2020 5:03 AM, Pirate Praveen wrote: > > I also use a Thinkpad (X240) with Debian unstable, it mostly work except > > for some issues with touchpad and suspend (touchpad stops working after > > resuming from suspend, but I work around it using an external mouse). > > > OK - I'll see if I can find out about that. We previously had a similar > issue on the X1C7 and that was fixed by a touchpad firmware update. I don't > have a X240 myself but I'll see what I can find. Generally, the [TX][245]40 series was not a very good machine regarding Linux, like the older T61[p] line. Things have become a lot better again since then, my X260 works like a charm, the T450 and T460 I had from my last customers were ok as well. Generally, T- and X-Thinkpads are a very good choice for Linux, very popular and widely recommended inside the Community. While we're asking for rainbow colored unicorns here, I'd love the Lenovo support organiation to be a little less bitchy when one admits using Linux, at least for clear hardware faults like broken mouse buttons etc¹, and can I please have the old keyboard style back as an option? And please keep in mind that Linux nerds enjoy tinkering around with their older hardware, so it would be great to have disk slots that conform to the standard and memory that is not soldered in. I have been holding back buying a new Thinkpad for a while because I hate to lose the flexibility that the older series used to have, and I have bought my last three Thinkpads without a support package because Lenovo won't help me anyway because I happen to use the wrong OS. Greetings Marc, writing this on the X260, with three T520 and one X121e in daily use ¹ it really sucks to be required to have a disk with a never-used Windows installation sitting on the shelf just to make the support tech happy -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian and Non-Free Services
On Thu, Sep 12, 2019 at 01:30:24PM -0400, Sam Hartman wrote: > He proposed the following text for such a GR. > > I think such a discussion is better on -project. > > [1]: > > https://lists.debian.org/msgid-search/23927.51367.848949.15...@chiark.greenend.org.uk > [2]: https://lists.debian.org/msgid-search/tslwoedy93e.fsf...@suchdamage.org > [3]: > > https://lists.debian.org/msgid-search/23930.17192.131171.455...@chiark.greenend.org.uk > > > Subject: Free Software Needs Free Tools Count my vote in as a firm "No". This is going the same road as the "editorial changes" two decades ago, the first occasion where my motivation in Debian was damaged. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Results of the Antiharassment Team Survey
On Sun, Jul 14, 2019 at 10:04:43PM +0200, Christian Kastner wrote: > Answering the second question first: my interpretation of mediation in > this context is a resolution process for the aforementioned conflicting > interpretations, whereby one or more neutral roles (eg: DPL or A-H) > attempt a resolution in cooperation with the involved parties. > > I see this form of mediation helping to draw that line because (a) it > gives all parties an opportunity to have their side heard, (b) it > demonstrates that those drawing the line have sufficiently engaged in > understanding the problem, and (c) it sends a clear signal that we as a > project aim to solve conflicts cooperatively. > > To me, (a) is an issue of fairness of the process. "The Project will > draw a line but will hear you before drawing that line". > > It is my impression that some of the grievances, or the magnitude > thereof, result not from actual actions against an individual, but > rather from not being heard in the process. +1 > First, there are numerous reasons why two parties might arrive at > conflicting interpretations, ranging anywhere from misunderstandings to > moral differences to incomplete information to simple matters of principle. > > Second, even if the root cause is correctly identified, there might be > more than one solution to the problem, with varying costs and benefits > to the parties but also to the project. > > To me, the no-mediation-approach is at best a crude heuristic that just > targets a specific symptom, regardless of the actual cause. The no-mediation approach is un-inclusive towards people who involuntarily write things that sound more harsh than meant. This is a rather common pattern in nerds that we tend to overreact and overstress things. Not doing any mediation before making actions such as expelling people from the project is a violation of the diversity statement. The no-mediation approach will cause people who know that they sometimes get over the top with things they write and say to shut up and not feel welcome any more in the project. Is that what we want? Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Results of the Antiharassment Team Survey
On Fri, Jul 12, 2019 at 10:23:15PM -0400, Sam Hartman wrote: > While Russ didn't challenge my reading of the project's requirements, he > did something very important. He argued that mediation is focusing even > more energy on bad behavior; he argued that we don't have the resources > to approach mediation; and he argued that it would make it impossible > for us to find volunteers for the AH team. That is, he raised a > blocking objection in the form of a insufficiently considered issue. > He demonstrated that even if we had a consensus, it would be > uninformed. If you stand the chance of being expelled without your case being heard just on the cause that somebody might consider what you said a CoC violation, the project should not expect people to speak at all. I don't think that Debian silenced based on fear is what we want. At least it is not what I want. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Cultural differences and how to handle them
On Wed, Jul 03, 2019 at 08:51:38PM +0200, Fabian Grünbichler wrote: > another case in point from last month(!) and a little more to the South, > where Vienna hosted this year's Europride: > > https://www.wienerlinien.at/eportal3/ep/contentView.do/pageTypeId/66526/programId/74577/contentTypeId/1001/channelId/-47186/contentId/4203520 > > the rainbow flags on trams have been a stable of the weeks leading up to > pride for years: > > https://www.vienna.at/2019/05/20190530-Regenbogenf%C3%A4hnchen-1-1-4-3-330933700-933x700.jpg > > one of the main sponsors this year was REWE group, which everyone from > Austria or Germany is probably familiar with, but as were others like > Coca-Cola, one of the biggest banks in Austria, Siemens and some > public/privatized stuff like unions, state railways, public transport of > Vienna, .. full list here: https://europride2019.at/sponsors-partners/ Did any of those companies change their website logo for a month? Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Cultural differences and how to handle them
On Wed, Jul 03, 2019 at 10:32:04AM -0600, Jason Crain wrote: > On Wed, Jul 03, 2019 at 05:40:54PM +0300, Adrian Bunk wrote: > > In this gay pride month discussion what is politically correct for > > people in the US is considered offensive by people in Germany, and > > what would be considered politically correct by Germans would be > > considered offensive by people in the US. > > I have a hard time believing that German culture prevents you (or > Debian) from supporting gay pride, That is not what Adrian tried to say. Don't try turning his words around against him. No German company would change its logo for a pride month, and if they did, other minorities would sue for their own logo month on basis of discrimination. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Cultural differences and how to handle them
On Tue, Jul 02, 2019 at 11:17:50PM +0200, Adam Borowski wrote: > On Tue, Jul 02, 2019 at 11:21:03PM +0300, Adrian Bunk wrote: > > People in the US are used to minority quotas in various places. > > > > In most European countries it would be considered unacceptable racism > > if skin color would play any role in university admission. > [...] > > Children in the US grow up learning that they are living in the greatest > > country in the world, an example for the world. > > > > Children in Germany grow up learning that "I am proud of being German" > > is an unacceptable antisemitic expression, nearly synonymous to > > "I am proud of the holocaust". > [...] > > This. This and the rest of your post. > You nailed it. I fully agree with Adrian. We have a cultural issue here. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian supports pridemonth?
On Mon, Jul 01, 2019 at 10:24:33PM +0200, Karsten Merker wrote: > On Mon, Jul 01, 2019 at 09:24:34AM -0700, Russ Allbery wrote: > > Gerardo Ballabio writes: > [...] > > > And I don't think that this is, or should be, within the bounds of the > > > Publicity Team delegation. > > > > I think this is probably the place where we disagree. > > > > That said, how *do* you want to handle this, assuming that other people in > > the project do want to acknowledge important events for our community > > members? For example, Debian has made note of Diwali in the past in > > various ways (arguably less obviously than changing the logo, to be fair), > > and it's been entirely uncontroversial. > [...] > > Perhaps it's just because I come from a work culture where this sort of > > acknowledgement is entirely routine and unexceptional, but this all feels > > like a tempest in a teapot to me. > > The latter is probably a cultural issue that varies significantly > depending on where one lives and works. My personal experience > with the various places that I have worked at has been exactly > the opposite from yours - employers have strictly avoided any > form of communication towards their employees that could be even > remotely related to religion or politics and employees were > expected to not issue any statements with religious or political > connotations when they spoke on behalf of the company. Fully agreed. I don't think of any German company that would change its LOGO (for crying out loud!) to care for a minority or even the majority of its employees. I once worked at a company where they rolled out a green carpet with white lines in the entrance hall (thereby covering their logo that was woven in the regular carpet) and put up a soccer goal during the world championship. I don't care about the multi-million euro business that masquerades itself as "sports", and I hated it. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian supports pridemonth?
On Tue, Jul 02, 2019 at 10:54:08AM +0200, Jonathan Carter wrote: > On 2019/07/02 10:35, Martin Steigerwald wrote: > > How about a month of welcoming *all* contributors regardless of their > > skin color, their sexual orientation, their political viewpoints, their > > appearance? > > > > How about "all is welcome here"? > > That's basically our default state, so you could basically say we do > that every month. I do feel significantly less welcome in Debian since diversity / antiharassment / policitcal correctnes / CoC came around the corner. I do feel that Debian has lost its goal of creating superior technology for just being the umpteenth organization that cares more about supporting minorities. > As for a literal "all is welcome here", that gets more complicated > because people who go against our ethos aren't welcome here. If someone > is a bigot and wants to spew out hatred and propaganda on our platforms, > I'll be one of the first to make a call that they be kicked out. Amen. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian supports pridemonth?
On Tue, Jul 02, 2019 at 10:35:21AM +0200, Martin Steigerwald wrote: > How about a month of welcoming *all* contributors regardless of their > skin color, their sexual orientation, their political viewpoints, their > appearance? Does having a "month of welcome" for $GROUP not imply that we're not welcoming $GROUP all the other time? I'd hate to not welcome blue haired people outside their "welcome blue hair" month. Why dont we just welcome people based on the technology they care for? Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian supports pridemonth?
On Mon, Jul 01, 2019 at 07:40:23PM +0300, Adrian Bunk wrote: > The easy way would be if Debian would consider itself a purely technical > project and abstain from making any political statements, except ones > strongly related to being a Linux distribution. Yes please! Let's keep Debian about technology and bring Debian back to technical leadership. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Debian supports pridemonth?
On Fri, Jun 28, 2019 at 07:54:34AM -0400, Roberto C. Sánchez wrote: > Agreed. This is as uncomplicated as the suggestions I made above for > Debian to show solidarity with similarly affected groups. I hope that > we can do that with the same enthusiasm as in this instance. There are > sure to be other groups which I have overlooked and hope that additional > suggestions are forthcoming from others. How much will being enthusiastic for various underrepresented communities make the people who care about Free Software and an Universal Operating System underrepresented in Debian? Can we probably find consensus abut having one "Free Software Month" in the year? Greetings Marc, caring about technology -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Power-Management
On Thu, Apr 26, 2018 at 04:30:06PM +0200, Martin Steigerwald wrote: > Marc Haber - 26.04.18, 15:12: > > On Thu, Apr 26, 2018 at 10:12:40PM +1000, Russell Stuart wrote: > > > laptop-mod-mode tools seems to put the laptop into pretty optimal > > > settings without me having to touch anything, or so powertop says. > > > > Can Laptop-mode-tools in Thinkpads also limit charging of that battery > > to 70 % or another non-100 percentage? > > > > Unfortunately laptop-mode-tools conflicts tlp which is currently my > > tool to implement the battery saving charge limit. > > tp-smapi can: Sure, and tlp is a nice front-end for that. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Power-Management
On Thu, Apr 26, 2018 at 10:12:40PM +1000, Russell Stuart wrote: > laptop-mod-mode tools seems to put the laptop into pretty optimal > settings without me having to touch anything, or so powertop says. Can Laptop-mode-tools in Thinkpads also limit charging of that battery to 70 % or another non-100 percentage? Unfortunately laptop-mode-tools conflicts tlp which is currently my tool to implement the battery saving charge limit. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Power-Management
On Thu, Apr 26, 2018 at 09:35:45AM +0100, Chris Lamb wrote: > > I was just Wondering if you have any considerations for issuing an > > update or designing lets say Debian 10 with Power Management for > > laptops in mind. > > Such modifications are typically (and best) made in a distribution- > agnostic manner, rather than being, say, Debian-specific. :) > > However, may I take this opportunity to promote Jonathan Carter aka > highvoltage's "Debian Package of the Day" video series? As it > happens, yesterday's package was "powertop": > > https://www.youtube.com/watch?v=p3M_g3C15R4 Power Management is a general big issue in Linux on Laptops. I have also made the experience that Windows achives vastly better battery run times than any Linux I have ever encountered, even if powertop doesn't have anything to complain. Alas, I don't have the slightest idea why, maybe somebody can shed a light on that. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Project to improve Debian support model
On Sun, Oct 22, 2017 at 04:40:18PM -0400, Katy Tolsen wrote: > Well that's interesting, but in all honesty, not to me. I have absolutely > no interest what-so-ever in accessing users computers as a means of doing > volunteer support. This system I am proposing is all about integrating > Debian's support resources and providing users with a sort of Help and > Support Center type frontend in Debian much like Microsoft has put in > Windows since XP, where they can easily access support options at a glance. I would like to point out that we cannot be compared to a commercial, closed-source entity since most of the channels that are mis-taken by our users as support channels (such as the -project and -devel mailing lists) would be inaccessible to the public at Microsoft. In Debian, those channels are open, which I see as a feature, even if that means having to redirect the occasional mis-led user to the real support channels. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Security advisory for YubiKey 4: RSA generation broken
On Mon, Oct 16, 2017 at 03:22:35PM -0400, Antoine Beaupré wrote: > What I would like to know is whether other keycards, like the Nitrokey > Start, FST-01 or the Zeitcontrol smartcards, are affected. > > I suspect only the Nitrokey PRO and Zeitcontrol cards *could* be > affected (and may not be, since i heard noises about gemalto *not* using > those routines) but I don't really have any hard info on that. Nitrokey support says that they don't infineon in any of their products and they're therefore not affected. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
Ian, thanks for your level-headed response and your solid reasoning. On Wed, Aug 30, 2017 at 12:10:34PM +0100, Ian Jackson wrote: > How far down the paranoia road you want to go is up to you, but buying > an open hardware / libre firmware security device, rather than a > proprietary one, has relatively few downsides (esp. compared to other > things you might do to reduce your risks). > > Also of course buying a libre device has other wider benefits. Otoh, the GnuK is rather bulky when it's compared with one of the commercial devices, and it's unlikely to survive being on my keychain for a reasonable time due to its fragility. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Wed, Aug 30, 2017 at 01:52:54PM +0200, Christian Seiler wrote: > Am 2017-08-30 09:01, schrieb Marc Haber: > > On Tue, Aug 29, 2017 at 04:07:45PM -0300, Henrique de Moraes Holschuh > > wrote: > > > The **public** portion of *every* key (master and all subkeys) go into > > > the public keyrings and also in the Debian keyring. gnupg will handle > > > this automatically if you use "--export" (do *NOT* confuse with a > > > different export option that is for private keys). > > > > So it is probably a bad idea / impossible (?) to have a dedicated > > signing-only key used for Debian that guared more closely than the > > "regular every-day" key? > > Well, you could create a completely separate key pair (with a separate > master key) for Debian purposes only. That would double the effort of obtaining signatures and also double the burden on my signers. Doesnt scale. > > People keep mentioning to store the private key on a LUKS-encrypted > > device. Why? Is the private key encryption that happens inside GnuPG > > itself when you protect your private key with a passphrase not > > sufficient? > > Defense in depth. First of all, it's not immediately clear that the > media I keep my private key on is actually the one that contains my > private key (_all_ external media I have at home is LUKS encrypted, > except for a couple of USB sticks I use to share data with other > people), That sounds like security-by-obscurity. >and secondly I use a different passphrase for LUKS as > compared to the private key. That, of course, goes without saying. > Basically, it's an added level of paranoia. Usually I am the one who is paranoid, that's why I asked. > However, you _could_ achieve that if you export the private key > manually and accidentally upload that via the web interface that > some keyservers provide. ;-) They'll probably reject the upload > (because it's not a public key), but who knows where that'll be > logged... yes, but that's truely advanced stupidity. I hope that I am not capable of that. > To be fair: SSH's naming convention for files is not the easiest > to understand for new users. Using ${filename} for the private key > and ${filename}.pub for the public key does not make it obvious > that they need to keep ${filename} private. Had they used > ${filename}.secret for the private key this might have reduced > such occurrences. agreed. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
I seem to have offended people by trying to make up my mind and introducing arguments into the discussion that might not be wanted. I can only lose by continuing this thread. No offense was ever intended, and neither was an attack. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Wed, Aug 30, 2017 at 12:42:13PM +0200, Adam Borowski wrote: > On Wed, Aug 30, 2017 at 12:17:33PM +0200, Marc Haber wrote: > > On Wed, Aug 30, 2017 at 10:09:38AM +0100, Jonathan McDowell wrote: > > > The Start is based on the GnuK and I think should be upgradable to do 4K > > > keys. The Pro uses a non-free smartcard internally for the RSA > > > operations. I believe the Start should also be capable of ECC, as per > > > the GnuK. It's possible Nitrokey haven't updated their firmware to > > > support this yet. > > > > I might be missing something, but I am wondering what a free hardware > > design will help here. I am not in a position to validate it anyway, and > > an USB token is unlikely to take any private data and phone it home. > > What do I gain from using the GnuK over a yubi- or nitrokey other than > > being able to say "yay, it's free"? > > Assume you're passing a border, or otherwise have the token temporarily in > hands of someone nasty. > * with a non-backdoored token: there's no way to copy the key off the token, > the attacker may try their luck decapping, or try https://xkcd.com/538/ > while keeping you in custody the whole time In this usecase, the idea is the same for a free and a non-free token, with the added fun of perps being too stupid to believe that the device is indeed secure and continuing the torture of the human to make her reveal the secret key. > * with Yubikey 4 (suspected): they send the secret handshake, get a copy of > the key, and you don't even know anything happened That's a point, but I cannot validate whether the free hardware design running the free software crypto app isn't backdoored anyway due to lack of knowledge and expertise. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Wed, Aug 30, 2017 at 10:09:38AM +0100, Jonathan McDowell wrote: > On Tue, Aug 29, 2017 at 07:34:35PM +0200, Marc Haber wrote: > > Their web page says that it will only suppor 2048 bit RSA keys, which is > > the limitation of most USB crypto tokens on the market today. The > > Nitrokey Pro will also do 3072 and 4096 bit, but it's considerably less > > free? > > The Start is based on the GnuK and I think should be upgradable to do 4K > keys. The Pro uses a non-free smartcard internally for the RSA > operations. I believe the Start should also be capable of ECC, as per > the GnuK. It's possible Nitrokey haven't updated their firmware to > support this yet. I might be missing something, but I am wondering what a free hardware design will help here. I am not in a position to validate it anyway, and an USB token is unlikely to take any private data and phone it home. What do I gain from using the GnuK over a yubi- or nitrokey other than being able to say "yay, it's free"? > > I have been postponing the offline master stuff for years because of > > the hassle connected. Would it be a stupid idea to have one hardware > > token for the Master key (generated on the device, never having left > > it) and a second token for the everyday signing and encryption keys? > > Can I have a master certification key on one device and subkeys on > > another one? Can I also have this when the private parts of master and > > sub keys have been generated on different devices? > > Yes. I have a GnuK which holds my 0x21E278A66C28DBC0 master key, and > then a separate device which has the 3 active subkeys (signing, > encryption + authentication) for this key. How do you back up the key? Was the 0x21E278A66C28DBC0 master key created on the GnuK, or was it imported into the GnuK with a backup somewhere? What do I gain from having my certification master key on a GnuK or other hardware token stored away in the safe over having the certificatio master key with a nasty passphrase on a memory card in the safe? The only issue that I see is that someone who gets access to my safe can (a) copy the encrypted key without me noticing and (b) brute force the passphrase of that copy with unlimited tries. Otoh, with a hardware device, an attacker will have to steal the actual device since he cannot make a copy, and the PIN will self-destruct after three tries, making brute force impossible. The price I pay for this added security is that I have to decide now how many backups of the key I want to have since once the file version of the key was deleted there is no more making copies of it, regardless of how many devices I have it on, and that it would be impossible to move to a different kind of device (smaller, more robust, faster) without creating a new key. Those price is rather severe. What is an acceptable trade-off between: (1) only one copy of the key on one hardware device, with the key never having left that device (2) arbitrary copies of the key on hardware device with no readable copy of the key left (3) key on hardware device with a readable backup stored away in $SAFE_PLACE Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Tue, Aug 29, 2017 at 04:07:45PM -0300, Henrique de Moraes Holschuh wrote: > On Tue, 29 Aug 2017, Marc Haber wrote: > > - Which key goes on the paper slab that everybody uses to collect > > signatures? The certification only master key? > > The main key fingerprint. Which happens to be the certification master > key in gnupg, yes. Understood. > > - For which (set of) keys should I have revocation certificates on file? > > You need to have a revocation certificate for the master key. When you > revoke it, you revoke every subkey as well. Also, as long as you keep > control of the master key, you can revoke any subkey. Understood. I didn't find that information in all clearness anywhere. > It goes without saying that losing control of your revocation > certificate can open you to a DoS attack, so please keep it protected > somehow, but NOT in a way you might find yourself unable to use it. Of course. > > - What key goes into the Debian keyring? A signing (only?) subkey of the > > certification master key? Is it recommended to have this key > > "available", for example in a Gnuk on my keychain next to the key to > > my home? > > The **public** portion of *every* key (master and all subkeys) go into > the public keyrings and also in the Debian keyring. gnupg will handle > this automatically if you use "--export" (do *NOT* confuse with a > different export option that is for private keys). So it is probably a bad idea / impossible (?) to have a dedicated signing-only key used for Debian that guared more closely than the "regular every-day" key? > In the "normal use" smartcard, you store the *private* portion of the > *subkeys* you need. > > In a offline digital vault of some sort (encrypted removable storage, or > secure smartcard, etc), you need to keep everything including the > private portion of the master (main) key. After pondering about that for a while, it might be not wise to have the master certification key generated on a "the key never leaves the card" smart card since that doesn't allow you to have backups. So one needs to have the certificatio master key somewhere on a medium from where you can read it, to be able to write it to a new smart card. People keep mentioning to store the private key on a LUKS-encrypted device. Why? Is the private key encryption that happens inside GnuPG itself when you protect your private key with a passphrase not sufficient? > In .gnupg you might have to store a "crippled" version of the main key, > which has its private data zeroed, for it to work. This is where people > screw up and lose the key, or fail to protect it, so it should be a > topic of its own. That is the "stub" in GnuPG-Ling, right? > > - Which (set of) keys goes to the key servers? > > Only the public keys (all of them: master and subkeys). gnupg will > handle this automatically if you use --send-key. And I hope that it's really hard to fuck up here and to send private keys to the keyserver. I have had people send me the private parts of their ssh keys... Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Fri, Aug 11, 2017 at 01:41:39PM +0100, Jonathan McDowell wrote: > * If you don't want to buy hardware, use an offline master key. Create >a certification only master key using something like PGP Clean Room >on a non-networked host, and store that on a USB key you only ever put >into your machine when running your clean, non-networked, >environment. Create at least 2 subkeys - signing + encryption - and >use those in your day to day work. You then only need the master key >when dealing with signing other keys, or updating your subkeys. In >the event of your subkeys being compromised or lost or whatever you >can just regenerate; because your master key is offline it should >remain secure meaning you don't have to go through the pain of >getting cross signatures again. - Which key goes on the paper slab that everybody uses to collect signatures? The certification only master key? - For which (set of) keys should I have revocation certificates on file? - What key goes into the Debian keyring? A signing (only?) subkey of the certification master key? Is it recommended to have this key "available", for example in a Gnuk on my keychain next to the key to my home? - Which (set of) keys goes to the key servers? Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: ... key dongles GNUK is available
On Wed, Aug 16, 2017 at 11:55:02PM +0900, Osamu Aoki wrote: > According to Niibe-san, the web page says out-of-stock after their site > update, but if you ask, they have it! Typical for this kind of site > according to Niibe-san. It's 100% FREE. "They" would be the seeedstudio.com store? Or the japanese store on http://www.gniibe.org/category/shop.html? Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: wanted: educate us please on key dongles
On Fri, Aug 11, 2017 at 01:41:39PM +0100, Jonathan McDowell wrote: > * GnuK: My favourite choice. It's slow with RSA4096, but does > support it. The hardware is open. The software is open (you can > compile and flash it using tools available in main). Upstream is > responsive (and a DD). However it's physically not quite as > polished and there are availability issues. Would that be this device: https://www.amazon.de/Fst-Without-Enclosure-32-Bit-Computer/dp/B01IOYSIBG ? Is that a reasonable price? > * Nitrokey Start: This is based on the GnuK (note their other > devices are not) and seems like it might be a good alternative > that is more physically robust will still being reasonably Free. > I've not actually had my hands on one however so this is guesswork > - but they do pop up on the GnuK dev list occasionally. Their web page says that it will only suppor 2048 bit RSA keys, which is the limitation of most USB crypto tokens on the market today. The Nitrokey Pro will also do 3072 and 4096 bit, but it's considerably less free? > * Yubikey. I'm not sure about this; it's entirely closed these days > I believe. However they're easily available and I understand > they're pretty robust in terms of living on a keyring all the > time. I am using these devices for ssh login via the PIV suite. It's also limited to 2048 bit RSA, but can also do Elliptic Curve stuff. I neither have tried the Elliptic Curve cryptography in my Yubikeys and have never tried GnuPG (afraid of overwriting my ssh key). > I appreciate this is not the "key dongles for dummies" asked for, but > hopefully it's more helpful than continued silence. I personally would > like us to get to the point where the "offline master" is our base line > for how contributors to Debian manage their key - it provides a useful > measure of extra security without the extra expense that a USB token > involves. That said a USB token is definitely a better option. I have been postponing the offline master stuff for years because of the hassle connected. Would it be a stupid idea to have one hardware token for the Master key (generated on the device, never having left it) and a second token for the everyday signing and encryption keys? Can I have a master certification key on one device and subkeys on another one? Can I also have this when the private parts of master and sub keys have been generated on different devices? Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: Are online services also software for Debian's rules?
On Sun, Aug 13, 2017 at 05:29:20PM -0700, Russ Allbery wrote: > "Dr. Bas Wijnen" <wij...@debian.org> writes: > > Also, I don't want to move lots of software to contrib. I would much > > rather have it fixed by removing the support for the non-free services, > > or by having plugin systems that allow only the non-free-interfacing > > part to be in contrib. > > I believe this would be hugely counter-productive for free software. It > would hurt us way more than it would hurt proprietary services. I fully agree with Russ' assessment of the situation. Greetings Marc -- ----- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Re: CD Images
On Tue, Mar 03, 2015 at 04:51:08PM -0800, Dave Turner wrote: Looks like al the links to CD/DVD images on your main site are broken, due to cdimage.debian.org not resolving. Works for me. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things.Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600420 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20150304084602.gl26...@torres.zugschlus.de
Re: Google contacting (harassing?) new DDs
On Tue, Dec 10, 2013 at 06:02:27PM +0100, Enrico Zini wrote: it looks like as soon as one becomes DD, an email arrives from Google recruiters. So they basically take our DD selection process as a filter to weed out potential candidates. How flattering. Greetings Marc, who made the experience that Google will stop contacting you if you state that you are not willing to move to a Googlecity -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131213123225.gt12...@torres.zugschlus.de
Re: Debian in space
On Thu, May 09, 2013 at 06:29:07PM +0200, Paweł Sadkowski wrote: It is! What's really disappointing is the lack of puns out there. Beam me up, NASA Upload me. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130509200941.ga16...@torres.zugschlus.de
Re: Using corporate accounts when posting to Debian mailing lists
On Wed, May 11, 2011 at 11:10:49PM +0200, Florian Weimer wrote: This is mostly an etiquette question, and I'm not sure if this is the right mailing list to post to. It is an interesting topic. As a freelance consultant, my personal mail domain is the only domain that is going to stay. I have been working in more than ten places since I registered Zugschlus.de. Also, as a matter of privacy for my clients, I tend to use zugschlus.de as a mail address even when dealing with an issue that happened to surface at my current work place. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110515204941.gc31...@torres.zugschlus.de
Re: Debian FTPMaster Meeting, September
On Sun, Aug 29, 2010 at 03:57:00PM +0200, Joerg Jaspert wrote: - dak policy That is, a command so $whoever_DD can do policy work on a suite, which is otherwise run by ftpmaster. Examples: backports.org, volatile, possibly p-u. The teams of that define which packages go in those suites, while ftpmaster runs the suite (and has the usual legalise stuff and general rules around the archive). Will the other suites have policy changes as deeply as volatile has suffered since you took over? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100901181224.gb8...@torres.zugschlus.de
Re: Debian FTPMaster Meeting, September
On Wed, Sep 01, 2010 at 09:59:46PM +0200, Joerg Jaspert wrote: - dak policy That is, a command so $whoever_DD can do policy work on a suite, which is otherwise run by ftpmaster. Examples: backports.org, volatile, possibly p-u. The teams of that define which packages go in those suites, while ftpmaster runs the suite (and has the usual legalise stuff and general rules around the archive). Will the other suites have policy changes as deeply as volatile has suffered since you took over? If that means getting rid of such abominations as the clamav-data has been, then we will happily make any such ones, yes. Sanity is better than that. Given that the former admin of debian-volatile actually asked me to use clamav-getfiles to upload current clamav-data, it is very disturbing to have one's work vilified like that by the new admin. I bet that not only me will take this as a reason for reducing time spent on Debian since one doesn't know whether one will be called names tomorrow. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100901202058.gi8...@torres.zugschlus.de
Re: [DEP5] [patch] Renaming the ‘Maintainer’ field ‘Contact’
On Sat, Aug 14, 2010 at 12:30:06PM +0900, Charles Plessy wrote: I propose to rename the ‘Maintainer’ field ‘Contact’, Please don't. Contact would be often misinterpreted as support or hotline: Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100822085553.gb25...@torres.zugschlus.de
Re: Invite to join the Release Team
On Mon, Mar 15, 2010 at 02:24:51PM -0700, Don Armstrong wrote: On Mon, 15 Mar 2010, Matthew Johnson wrote: I'm confused as to why you are expecting to be involved in or be informed about a meeting of a team you are not a part of? If a team is meeting, the meeting and agenda should be announced, and the decisions and discussions which occur in the meeting should be made as public and available as possible, as soon as possible. It doesn't have to be perfect, and it doesn't need to be pretty, but meetings without announcements and notes should be avoided as much as possible in Debian. And by all means: The first opportunity to learn about a team's decision MUST NOT be a press release. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100315223216.ga32...@torres.zugschlus.de
Re: Debian money
On Thu, Sep 10, 2009 at 06:19:21PM +0200, Harald Geyer wrote: Well, after the dunc-tank desaster I started to recommend to people not to donate any money to debian at all but to upstreams instead, because debian has more money than it needs and giving more money to debian only will cause DDs to start arguing about it and effectively distracting them from working on the distro. Did you actually do this while wearing a Debian shirt on a Debian booth? Anyway, the feedback I got after recommending donations to upstreams was mostly that people generally don't know which upstreams need them and actually would do something useful with it. The canonical answer would be take the bug or wishlist item that you would love to have fixed, locate the program's author, donate to him with a strong suggestion that you would really like to see your pet bug or wishlist item fixed. Personally, working on Debian is a very big gratification for me. Maybe a better one that other things I do for money or am forced to do for free. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Switching the default startup method
On Mon, Aug 24, 2009 at 08:45:03PM +0100, Steve McIntyre wrote: On Mon, Aug 24, 2009 at 09:34:42PM +0200, Marc 'HE' Brockschmidt wrote: Steve Langasek vor...@debian.org writes: There is no good reason to break non-insserv setups, and it is not hard to allow other configurations to live on - just moving insserv to recommends would do the job! We have supported regular sysv-rc and file-rc for years, why should we just stop now? Supported is rather a strong term for what we've had with file-rc; it's never worked well compared to sysv-rc. Please don't tell this to any of my systems. file-rc has worked very well in the last eleven years and it would really be a shame to lose it. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: On cadence and collaboration
On Thu, Aug 06, 2009 at 04:25:47PM +0200, Matthias Andree wrote: GRUB 2 is going to be another opportunity where Ubuntu can prove either useful or detrimental to your stated goals: invest time to polish it and contribute back to the upstream; or use it raw as it is and leave the user with the shards if it breaks. The upstream abandoned GRUB 1, GRUB 2 isn't ready. This is a good point where people can actually help: GRUB 2 is, besides all other shortcomings, severely underdocumented. Ubuntu as a very user-friendly distribution probably has skilled writers at hand - task some of them to produce useable documentation on GRUB 2. The rest of the mail which I am replying to gets a clear +1. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: On cadence and collaboration
Hi, On Wed, Aug 05, 2009 at 09:32:36PM +0200, Jesús M. Navarro wrote: In other words: freeze on december the first doesn't mean that if, say, Gnome will publish it's new shiny 1.2 version by december the 15, the last beta should have to be included, but that the december version will ship version 1.1 (or whatever is the previous known to work stable). It's up to the upstreamer to decide if next time they will publish by november the 15th instead of december the 15th so their latest greatest gets to be shipped. So we basically force a time-based release schedule upon our upstreams when we do time-based freezes? I am not sure whether upstreams are going to like this. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: On cadence and collaboration
On Wed, Aug 05, 2009 at 08:44:29PM +0100, Mark Shuttleworth wrote: My expectation is that Debian will want to have more flexibility in how long the release is baked than Ubuntu would normally give itself. My hope is that we can agree on a GNOME and KDE version, and that Debian will thus benefit from all the work Ubuntu does on that and then have a few extra months (as many as deemed necessary) to bake it to Debian's satisfaction. And you are willing to allow Ubuntu to release with outdated KDE and outdated GNOME, frozen in Dezember, while both upstreams releasing again in January? In the past, so I have been told, Ubuntu has let the current versions slip into the April release, which would not be possible if you were syncing with Debian. Or do you expect that we would let new KDE and new GNOME into a distribution frozen two months earlier to accomodate Ubuntu? The difference in our language is about the meaning of freeze in December. I think December is not about actually freezing, it's about reviewing and planning and looking for opportunities. Certainly, I think the Debian team will want to freeze some things very early (December!), but some maintainer teams may well be willing to commit to using something that will freeze a little later, especially if they can collaborate well with Ubuntu on those packages. If you mean that Debian continues its staged freeze, starting with the toolchain in December, followed by other stages and the last stage including the desktop environments in february, do you seriously expect us to release before October? That would be overly optimistic, we're not that fast. And, even if we were that fast, Ubuntu LTS would be on the market half a year earlier, giving Ubuntu a strong advantage over Debian stable. This still looks like marketing suicide for Debian to me. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Mon, Aug 03, 2009 at 09:15:03PM +0200, Cyril Brulebois wrote: Bernd Zeimetz be...@bzed.de (03/08/2009): Ack ack ack. I even have the impression that the Canonical employees want to ensure that Debian gets important things much much later than Ubuntu. Obviously false, see how (e)glibc maintainers are pushed by Ubuntu people to get the next release ready, ignoring their own bugs? There are always exceptions to a rule. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 10:28:52PM -0300, Otavio Salvador wrote: I also believe that December freeze is quite difficult for all parts involved. Another team that will have bigger problems is the security team but it is not yet clear how they will manage to support an extra release. Actually, the security team will probably have a hard time during the one-shot we allow skipping squeeze phase, but afterwards they will probably profit from being just a little behind Ubuntu. The rest of Debian won't. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
Hi, On Thu, Jul 30, 2009 at 08:45:41AM +0200, Carsten Hey wrote: Why not freeze in June 2010 instead of December 2009 and then freeze again in December 2011*? Mark Shuttleworth seems (at least seemed) to be fine with delaying Ubuntu LTS by half a year to get Ubuntu and Debian in sync [1]: | The LTS will be either 10.04 or 10.10 - based on the conversation that | is going on right now between Debian and Ubuntu. I don't think that we shouldn't time our releases according to what Mark Shuttleworth says. We are not Ubuntu's slave even if they try hard to make it look like that. In fact, I would prefer if Ubuntu had to change _their_ scheduled to accomodate us, if they want to have the advantage of being in sync with us. It's _their_ advantage after all, not ours. Our 18-to-24-month release cycle was a nice vehicle to stay asynchronous with Ubuntu, which _I_ consider a desireable feature to prevent Debian from perishing. We are not only major supplier to Ubuntu, we have our end customers ourselves. I'd prefer that it stayed that way. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 12:58:30AM -0700, Gustavo Franco wrote: On Thu, Jul 30, 2009 at 12:16 AM, Marc Habermh+debian-proj...@zugschlus.de wrote: On Thu, Jul 30, 2009 at 08:45:41AM +0200, Carsten Hey wrote: Why not freeze in June 2010 instead of December 2009 and then freeze again in December 2011*? Mark Shuttleworth seems (at least seemed) to be fine with delaying Ubuntu LTS by half a year to get Ubuntu and Debian in sync [1]: | The LTS will be either 10.04 or 10.10 - based on the conversation that | is going on right now between Debian and Ubuntu. I don't think that we shouldn't time our releases according to what Mark Shuttleworth says. We are not Ubuntu's slave even if they try hard to make it look like that. In fact, I would prefer if Ubuntu had to change _their_ scheduled to accomodate us, if they want to have the advantage of being in sync with us. It's _their_ advantage after all, not ours. Our 18-to-24-month release cycle was a nice vehicle to stay asynchronous with Ubuntu, which _I_ consider a desireable feature to prevent Debian from perishing. We are not only major supplier to Ubuntu, we have our end customers ourselves. I'd prefer that it stayed that way. I don't get why do you consider 18-to-24-month release cycles a desirable feature to prevent Debian from perishing. Is this just to stay out of sync with another deb-based distro? If we work _this_ hard to allow Ubuntu to get their LTS releases in sync with out stable releases in a way that allows Ubuntu to get a later KDE _and_ a later GNOME[1], things are running in the wrong direction. Why continue releasing stable in the first place then? We could freeze in December, thus missing both KDE and GNOME, and unfreeze when Ubuntu has detached itself before their release. Nobody would even think about using Debian stable when there is Ubuntu LTS with more recent software _and_ commercial support by its vendor available. That way, Debian would deteriorate into what OpenSUSE is for SLES and what Fedora is for RHEL - the technical playground for the unpaid developers who iron out the kinks from what will be the basis of the commercial release. I don't think that this is desireable. We are definitely not only major supplier to any other deb-based distro, Yes, currently. With the new release schedule, we will be. and you act our end customers are really happy with not even knowing the date when we will freeze to our next release. I do not think that we were too late with announcing our freezes in the past. What we did in the past was just fine, and I was very satisfied with the way etch and lenny were released. No need to change the system which we _FINALLY_ got running. At least we do not need to change if there is no advantage for us, only for our competitors. Greetings Marc [1] Assuming that KDE continues releasing Januar and July and GNOME continues releasing March and September -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 10:37:46AM +0200, Raphael Hertzog wrote: On Thu, 30 Jul 2009, Marc Haber wrote: In fact, I would prefer if Ubuntu had to change _their_ scheduled to accomodate us, if they want to have the advantage of being in sync with us. It's _their_ advantage after all, not ours. I don't mind who changes the date for the other but I really don't agree that doing it is only for Ubuntu's advantage. Nobody in Debian would have taken such a decision, we are Debian developers and have no interest in helping only Ubuntu. I don't see the advantage for Debian short of probable ease of work for the security team (which doesn't seem to have commented yet). What we're speaking of is synergy between both distributions. You know the it's the principle behind “the combination of both is worth more that the sum of individual parts”. What kind of synergy could Debian get from Ubuntu which it couldn't get in the past? I surely haven't seen any in the past. We are not only major supplier to Ubuntu, we have our end customers ourselves. I'd prefer that it stayed that way. The synchronization with Ubuntu is not going to remove our identity. It is going to harm our identiy. We'll keep our user base That's what I doubt. Ubuntu LTS will be better than Debian stable in all aspects, why should anybody continue using Debian stable? and the possible improvements in both distributions will help us do better in the competition with other operating systems Which improvements could Debian get from Ubuntu? An installer that doesn't ask any questions, or non-free proprietary (graphics) drivers? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 10:59:05AM +0200, Tshepang Lekhonkhobe wrote: so if they keep honouring publicly stating and recognizing Debian as their upstream, google, debian site:ubuntu.com delivers _one_ hit that is actually inside ubuntu.com. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 11:28:09AM +0200, Lucas Nussbaum wrote: On 30/07/09 at 11:17 +0200, Didier 'OdyX' Raboud wrote: It *might* be that losing relevance on the desktop side is of little importance (which I believe it is _not_), but if corporate entities turn to use Ubuntu LTS because insert a bunch of valuable reasons instead of Debian stable, I fail to see how developers from these corporate entities will contribute to Debian and not to Ubuntu. Seriously, do we just fear that synchronizing with Ubuntu will instantly remove all good reasons to use Debian? I'm a bit shocked that Debian developers seem to take for granted that the next Ubuntu LTS will be of better quality than Debian. That depends on what you define as better quality. Ubuntu LTS will definetely look better than Debian in magazine tests (because the installer looks better, doesn't ask any confusing questions and immediately delivers a graphical desktop on the nVidia graphics card that the test box has) and at distrowatch and its clones because it has more current KDE and GNOME, and probably a later kernel. In the end, synchronising Debian stable and Ubuntu LTS freezes will only make Debian stable appear as weaker (no commercial support, older software, not-so-greater stability, no longer support, less fancy) than Ubuntu LTS. Why would _anybody_ reasonable (and outside of the cultural thing) choose Debian stable over Ubuntu LTS ? If we can't provide an answer to that question, maybe we should make Debian a derivative distribution of Ubuntu? :-) That's what we have just made a huge step towards. I mean, Mark Shuttleworth already takes vital decisions for Debian and talks about them to the press before Debian even knows. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 11:28:01AM +0200, Stefano Zacchiroli wrote: On Thu, Jul 30, 2009 at 11:11:12AM +0200, Marc Haber wrote: google, debian site:ubuntu.com delivers _one_ hit that is actually inside ubuntu.com. Search better: http://www.ubuntu.com/community/ubuntustory/debian . That's the one hit I was refering to. FWIW, that page has been added, rather quickly, after a precise requests of ours, the history is available at http://upsilon.cc/~zack/blog/posts/2007/10/debian_on_ubuntu_com_just_a_bug/ So that page wasn't even their idea. Bottom line: I have no particular problem with Ubuntu bashing, but please get the facts right. I do. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 01:07:39PM +, Anthony Towns wrote: Debian stable Ubuntu LTS 2 year rel cycle 2 year rel cycle 3 years security 3 years desktop security, 5 years server guaranteed freeze dateguaranteed release date support for all pkgs support for main, best-effort for universe stabilise from testingupgrade support from previous Ubuntu 6mo release upgrade from oldstableupgrade support from previous Ubuntu LTS (?) support for 6-12 archssupport for 2-3 architectures availability of pre-installed systems full-time security support staff commercial quality support larger userbase some additional packages Debian stable has commercial quality support as well, but it is significantly harder to find companies offering such and it requires corporate entities to actuall think (*gah*) and take a choice, both of which is mostly undesired in current commerceland. Plus for Ubuntu, since one can simply go to canonical without having to decide. Greetins Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Thu, Jul 30, 2009 at 05:10:29PM +0200, Julien Cristau wrote: On Thu, Jul 30, 2009 at 10:34:05 -0430, Muammar El Khatib wrote: I think if Debian has worked more than 13 years as it is right now It has not. How do you call what we have done since then if not working? I mean, we have our troubles and we are not always as fast as we would like ourselves to be, but we have always shelled out useable and stable releases. What more do you want, blood? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
Hi, On Wed, Jul 29, 2009 at 03:08:02AM +0200, Meike Reichle wrote: The Debian project has decided to adopt a new policy of time-based development freezes for future releases, on a two-year cycle. I find it deeply disturbing that DDs not attending Debconf learn about this decision via debian-announce. I would have expected at the very least to announce, if not discuss, on a developer list before. Do we really need to go Ubuntu on this matter (both in the objective and in the way of decision making)? I do sincerely hope that there will be a GR to overrule this decision. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 11:40:30AM +0200, Luk Claes wrote: Who would you like to propose a release cycle to the project if not the Release Team? To be clear the Release Team cannot just decide what the release cycle will be, though we proposed a plan in the team's keynote at DebConf and the plan was welcomed by the audience. There were some important considerations though. Nobody would have objected to a proposal. This was a press release, which has already been picked up by the major news sites. You didn't propose anything, you announced a decision. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 11:25:01AM +0200, Alexander Reichle-Schmehl wrote: Steffen Moeller schrieb: Same here. The release team, or the individual that pressed the button for the announcement, I suggest to apologize for disturbing our community. The text was coordinated within the entire press team, our release masters, the head of the technical commitee and the DPL. So that's the new secret cabal taking our decisions? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 09:59:46AM +0200, Sandro Tosi wrote: of course, if we have to take formal steps for everything, we'll do a GR. I hoped that in this project we can discuss ideas instead of fight. I think the way this decision was announced showed clearly that is was not intended to have a discussion about this topic. Grüße Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 12:22:48PM +0200, Luk Claes wrote: Sandro Tosi wrote: No, the project DID NOT decide it, the release team did, and the project has to accept it; there's a lot of difference. No, the Release Team proposed a plan. The project is free to accept or refuse the plan. Of course refusing the plan will have its consequences within the Release Team as well as within the project. My legal teacher once said (in German): If you have a cow, it doesn't matter whether or how often you write 'horse' on it, it will stay a cow. The Release Team didn't propose a plan. It announced a decision to the press. The main advantage of a time based freeze would be that developers have a clear idea about when the cutoff is for new features and when the period of stabilising to a release starts. This should give developers a better chance to plan and more responsibility in how they want to support their packages. As a developer, I felt myself well-informed by the release time about freeze and release time plans in the past. No need to change anything here. The announcement was made to be sure that press coverage would not differ from the actual message and confuse people. The actual message was this is how we're going to do things in the future and no discussion about this is wanted. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian decides to adopt time-based release freezes
On Wed, Jul 29, 2009 at 06:32:03PM +0200, Bernhard R. Link wrote: * Stefano Zacchiroli z...@debian.org [090729 18:22]: Please, everybody, stop this kind of you evil DebConf attendees have decided for us all arguments. The time-based freeze has been announced/proposed during a talk at DebConf; it was fresh news for the attendees as it was fresh news for everybody else receiving it via -announce a few hours later. Well, it was not totally fresh news. After all there was already http://derstandard.at/1246541995003/Interview-Shuttleworth-about-GNOME-30---Whats-good-whats-missing-what-needs-work (which was linked from slashdot and other sides). Call me paranoid, but this looks to me like Ubuntu's cash source knew more about our release team's innards than Debian itself. This is wildly disturbing. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Debian and non-free
On Tue, Sep 16, 2008 at 11:40:17PM +0200, David Paleino wrote: In another 10 years (less, I hope!), the world will be more conscious about Free Software, and its principles. And everyone will be suspicious over closed-source. Am I a dreamer? Yes. The closed-source software word is accelerating faster than we do, they're going to pass us sooner or later. The next Killer Argument against Free Software is that it is probably never going to be legally able to play a movie from BluRay disc because the committees developing the standard didn't goof up this time. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Misc development news (#8)
On Sun, Jun 01, 2008 at 09:47:30AM -0700, Steve Langasek wrote: Ideally, I would hope that at some future date the openssh packages gain support for disabling DSS user keys via the config and the debian.org machines could use that, bringing the behavior back closer into line with the stock OpenSSH. IIRC, DSS is mandatory part of ssh protocol 2. RSA is only optional. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 05:31:01PM +1000, Anthony Towns wrote: Over the past few years (2005, 2006 and 2007 at least), there's been a keyring update during the DPL election period; this one's not long after that. It might likewise be correlated with the Ubuntu .04 releases. A German would be inclined to say Das hat ein Geschmäckle. I tend to question what the DPL election and an Ubuntu release has to do with creating new DDs. The former may be interpreted as they keyring manager doesn't want the new DDs to vote in the DPL election, the latter as the keyring manager is too busy with his paid work to do his Debian duties, both of which I'd see as a reason to fire the keyring manager. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: can I boot from USB?
On Thu, Feb 21, 2008 at 05:07:33PM +0200, Ginis.com wrote: my name is George... can I boot from USB? Depends. Your hardware/BIOS needs to be fairly recent. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian logo
On Sat, Feb 16, 2008 at 09:26:38PM +0100, Jakub Daniel wrote: I wonder if i can use logo of Debian with my website (dedicated to my program that is designed to run under Debian distribution of GNU/Linux) to let the users know what system it is meant to be run on. See http://www.debian.org/logos/ (google: debian logo license, first hit) Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Making Debian work: a question of trust indeed
On Wed, Nov 21, 2007 at 01:39:39AM +0100, Sam Hocevar wrote: I also learned tonight that a few of the things I was complaining about were being worked on (though I was not aware of it), The fact that the DPL does not know about important things going on with Debian is a strong indicator that there is something wrong with the communication behavior of people in key positions. Greetings Marc, who thinks that Sam did well -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Making Debian work: a question of trust indeed
On Wed, Nov 21, 2007 at 02:06:57PM +0100, Holger Levsen wrote: On Wednesday 21 November 2007 12:10, Martin Schulze wrote: Then the outcome should be reported. Not the beginning of a process. Sometimes it's very useful information too, to learn a process has been started. Or stalled. Or reached an important milestone. It's not always the result in the end that's interesting. I could not agree more. Having this information is not only a motivational issue, but it is also vital when you would like to gain some insight in how things work. This will probably help new volunteers in accumulating knowledge that will once enable them to offer help to the team in question. _I_ have moved to open source because I hate working with black boxes with internals that I don't know. Having the source for the software I work with available enables me to better understand what it does and to make better use of it. I can find better workarounds for bugs (or even _fix_ them *gasp*). This is really really really great. Otoh, I hate every day that I am faced with so many black boxes formed from humans in the Debian project. It would be great to gain some insight into these boxes as well. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Hiding email addresses from spammers on https://nm.debian.org/nmlist.php
On Fri, Aug 03, 2007 at 06:35:24PM +0200, Andreas Barth wrote: * Ben Pfaff ([EMAIL PROTECTED]) [070803 18:26]: Russ Allbery [EMAIL PROTECTED] writes: However, I *strongly* object to any change that would munge, hide, put behind captcha, or otherwise make it difficult for people to see *my* e-mail address on the bugs that I report or on the packages that I maintain. Please do *not* protect my e-mail address in some well-meaning but misguided desire to help me with my spam. I already have tools that do that, and I do not want anyone to put any hurdles whatsoever in the way of people being able to contact me about any of my Debian work. I want to second this. I post to Usenet, a lot, using my real email address. I'd rather be accessible than spam-free. Fully agreed. (And, BTW, my mailadress is burned anyways - I'm using it for years in usenet now, and even posted to news.answers for a few years - nothing worse can happen to any address.) I agree as well. I do post a lot on usenet as well (using a different address, so I can see where an address was scraped from), and I can say that most of my spam goes to the addresses that are visible on Debian web pages, namely [EMAIL PROTECTED] and [EMAIL PROTECTED] Addresses used on Usenet do not get a lot of spam nowadays. Greetings Marc, rather reachable than spam-free -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Need of non-germany-tree in Debian?
On Fri, Jul 13, 2007 at 05:01:03PM +0200, Michelle Konzack wrote: Am 2007-07-06 19:26:44, schrieb Malte Hahlbeck: Today the upper House of the German Parliament (Bundesrat) decided to declare Security Software like nmap, nessus etc. illegal in a way that the software itself and not it's criminal use is indictable. That is no Joke. This Law will be active when it is published. That should last a few weeks. What would be the consequence? Will there be the need of a non-germany-tree in the Debian Repositories? This question is no joke. Sorry, but this is NOT REALY RIGHT! The new german LAW is talking about Software which was build to hack sites. Security Software like nmap, nessus etc. are not build to do illegal hacking. (Greetings from my Advocat from Offenburg) Interpretation of that law differs. Ask three lawyers, get five answers. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: message from Sven Luther
On Fri, Jun 29, 2007 at 03:51:32PM +0200, Robert Millan wrote: The message is political in nature, but its tone is not something that I would find offensive or rude. I'm aware that Sven is banned, so if someone thinks I should not forward it, please say it now. If nobody objects after a reasonable period of time, I will send it. Sven also told me that if nobody will forward it, he will make it by the slashdot way. If this is just the umpteenth re-hash of his well-known arguments about his right to directly commit to d-i, I would prefer if he would carry this to Slashdot. I strongly suspect that Slashdot wouldn't carry the story anyway. If it is something new, by all means, post it. Your call. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian release cycle for enterprise ?
On Fri, Jun 08, 2007 at 09:41:09AM +0200, Fr?d?ric PICA wrote: How much easy is a distribution upgrade under debian ? Quite easy. I'm looking for experienced users, having debian in a production environnement with 24H/24H 7d/7d requirements. Running a 24/7 shop without the possibility to take boxes out of service (failover, redundant, cluster stuff) is asking for trouble anyway. Does apt-get dist-upgrade works really well ? Very well, if you upgrade in a prepared way (i.e. have read the release notes and have done some tests). I have never needed the backup I make before upgrading. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: gpg changesets
On Sat, Feb 24, 2007 at 12:54:41AM -0500, Joey Hess wrote: I'm not sure what classes of changes keyring-maint typically makes so it seemed best to cover all of them. Please note that this is a direct cause of keyring-maint not communicating with the outside. The absence of documentation makes it awfully hard to produce things that actually help. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the DPL: DSA and buildds and DAM, oh my!
On Fri, Feb 23, 2007 at 11:54:40AM +0200, Kalle Kivimaa wrote: Pierre Habouzit [EMAIL PROTECTED] writes: I understand they cannot communicate about _everything_. But a downtime like that _is_ worth communicating. If they don't understand You did notice that the DSA team is about to install a request tracker for issues like you described? I would think that takes care of most of the current communication related issues. Our core teams not communicating is a social problem. RT is a technical solution. There are no technical solutions for social problems. I feel that RT is not a silver bullet, and adresses a non-issue in my opinion. I fear that its introduction will not help in solving the pressing issue that makes people stop caring about things. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: BREAKING NEWS: Debian developers aren't trusted
On Fri, Feb 16, 2007 at 01:27:17AM +1000, Anthony Towns wrote: The right way of dealing with that is to work with the potential contributor to ensure they understand the issues that're involved so that their future contributions can be accepted and will be useful. This is a very important sentence. Working with these people is what is desired and necessary. If the Debian core teams all manage to live by this single sentence, we're all fine. Today, most Debian core teams do not communicate with mere mortals, which is the complete opposite of working with people. This needs to change, and if Debian manages to implement these changes, 80 % of our recurring problems will simply vanish in a haze. How do you plan to improve our core teams' communication skills? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Please appoint one new person to the DSA Team
On Thu, Dec 21, 2006 at 04:06:56PM +1000, Anthony Towns wrote: I would greatly appreciate it if people would help the process by supporting the efforts of the DSA team consistently rather than heaping praise on them when they fix compromises and scorn on them the rest of the time. It would also be helpful if there were people who are able to commit time to do significant but boring tasks to help DSA, expecting neither praise, acknowledgement or, most importantly, any additional rights/priveleges in return. This is once again _THE_ _ONE_ classical Debian problem: The people in key positions don't communiate. I have never seen DSA say that they need help. They do not say in which fields they need help, they do not say what they're doing. Nobody wants to submit random patches to a black hole to have a tiny fraction of the patches applied. Delegates, communicate. Say what you need, say what hurts you. People are going to help then. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian Etch Stable.
On Wed, Dec 13, 2006 at 12:30:16PM +0100, Sven Luther wrote: On Wed, Dec 13, 2006 at 12:11:19PM +0100, Marc Haber wrote: On Wed, Dec 13, 2006 at 11:59:24AM +0100, Sven Luther wrote: One thing you could do is to end *NOW* the experiment, Can you please roughly outline what is going to happen when the experiment is continued until its scheduled end, and what's going to happen when the experiment is aborted immediately as you suggested? I would be interested in the difference of the two action lists. Well, the experiment is flawed upto a point to start with. We all are interested, and maybe even for some have a compulsive need to participate to the debian effort, and as thus it is a violent effort even for those who decided to become less active in protest against the 'experiment' to actually go on with the boycot. So, right now we have this experiment ongoing, whose measure of success is rather vague and knowing the persons involved and how previous conclusions where taken from the most flimsy of facts, the only way for those opposing the experiment to act is to freeze their involvement. Let me ask again: What is going to happen when the experiment is continued? Which experiment steps that are scheduled will still need to happen? As far as I remember, the experiment has two steps, paying Steve for a month and paying Andi for a month. Steve's month is already over, and Andi is like in his third week. So - again - as far as I remember there is only one week of experiment left in _any_ case so it does not make too much sense talking about continuing or not. It's over soon anyway. If I'm wrong, please correct me. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian Etch Stable.
On Wed, Dec 13, 2006 at 01:21:35PM +0100, Sven Luther wrote: Like said, the experiment will finish once it is officially finished, and once the analysis has been done, and the final report result is published. Given the impact of long-term demotivation, you can thus not expect the experiment impact to finish any time soon. And this is not going to change whether we continue (as in having Andi finish his term) or not. So aborting now is irrelevant. Greetings Marc, resting my case -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian Etch Stable.
On Tue, Dec 12, 2006 at 09:11:31AM +0100, Julien BLACHE wrote: Anthony Towns aj@azure.humbug.org.au wrote: Personally, I'd say that now would be the time for any anti-payment people to say we can do this better, and look, we'll prove it, and make up their own target date for etch, and demonstrate how much energy and Now if only you could understand that we don't give a shit about the release date, that would be a great step forward. Only quality matters. Kindly speak for yourself. I happen to give a shit about the release date, since not releasing on time, and releasing with outdated software is one of the last points that our critics have left. I like the idea of being able to tell them to shut up with this point. The other critics' point that we have successfully disabled is our unfriendly installer. The new Debian installer positively rocks. Now, people need to notice that. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Delete my message on one Debian List Please
On Sun, Dec 03, 2006 at 03:31:44PM +0100, Javier Candeira wrote: Regardless of past disclaimers and policies, would it be possible in the future to do some masking of email addresses in online archives? I strongly oppose this suggestion. It is frequently needed to e-mail the author of a mailing list message that has been posted a long time ago, and a chance of doing so is worth it. Additionally, again, Martin already said that Debian mailing lists are publicly archived on the web in a truckload of places. And, again, additionally, nothing keeps the spammers from subscribing to the mailing lists themselves. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Position Statement to the Dunc-Tanc experiment
On Thu, Nov 02, 2006 at 09:35:31PM -0300, calvesmit wrote: Marc Haber, there's no need for special privileges in Debian. Nobody is or does jobs better than others. I was talking about technical privileges, which are of course needed. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Position Statement to the Dunc-Tanc experiment
On Fri, Oct 27, 2006 at 02:44:20PM +1000, Anthony Towns wrote: On Thu, Oct 26, 2006 at 08:37:43PM +0200, Marc Haber wrote: Just let me pick the NEW queue: Has it been stated publicly that ftpmaster is going to reduce work spent on NEW due to dunc tank? Have ftpmaster considered to accept offers to take over some of the work load they are not motivated to do any more because they're not being paid? For the record, I haven't seen any such offers, and I've been looking for them since May or so. For the record, I haven't seen a request for help issued by ftpmaster, and ftpmaster didn't even say that the amount of time spent would be reduced by dunc tank until the position statement yesterday. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Proposal to delay the decition of the DPL of the withdrawal of the Package Policy Committee delegation
On Wed, Oct 25, 2006 at 03:39:38PM -0500, Debian Project Secretary wrote: There are three ways policy can be changed: a) The Technical ctte can do so b) A group of developers can do so, via a GR, with a 2:1 super majority (essentially, making the decision the tech ctte can make -- think of it as over riding inaction) c) The DPL can delegate people with the power to change policy. If c) implies that the DPL can delegate the power to change policy to himself, then there needs to be d) the DPL. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Position Statement to the Dunc-Tanc experiment
This is going to be a personal reply, containing my personal opinion only. On Thu, Oct 26, 2006 at 07:46:00PM +0200, Joerg Jaspert wrote: Especially since it is clear now that we currently can not keep the scheduled release date, even with DT paying our RMs. Is that clear? - During the discussion before the experiment it was said that the living costs of the release managers are to be paid. Additionally it was said that it is providing a reasonable amount of money to cover living expenses and later on, that this is below the average they could get elsewhere. However, the official donation site[1] mentions US$ 6000.00 for each release manager. We do consider this to be neither just living costs nor below average, not even by applying common taxes and insurances one has to pay. On what grounds has this amount been calculated? US$ 6000 is like 4.800 EUR. That's like a dayly rate of 220 EUR. Like a fourth of what a contractor of Andi's and Steve's expertise would cash in on the free market. People left the project, others are orphaning packages, the NEW queue is rising, system administration and security work is reduced, DWN is no longer released weekly and a lot of otherwise silent maintainers simply put off Debian work and work on something else. While some of these actions simply tend to happen, all the listed points are explicitly due to DT. Just let me pick the NEW queue: Has it been stated publicly that ftpmaster is going to reduce work spent on NEW due to dunc tank? Have ftpmaster considered to accept offers to take over some of the work load they are not motivated to do any more because they're not being paid? Another bad feeling introduced by DT is that of a two-class project. Until DT, Debian has been a completely volunteer-based project. Today there are two paid Release Managers, opposed to all other project members. This creates a set of two uber-DDs, in contrast to all the other nearly 1000 Developers and many more maintainers, whose work seems to be considered less important for Debian. Actually, personally, I do feel more threatened by uber-DDs that happen to be in power of ftp, system administration and other key positions in Debian. Especially by the uber-DDs that are being paid by a direct competitor. If people need to be paid, I'd like them (1) to be paid by the project (2) to be paid by something friendly to the project (3) to be paid by a competitor I know of more DDs that (3) applies than of DDs that (2) applies. And unfortunately, no DD that (1) applies to. Another statement we heard repeatedly from DT supporters is that DT is a separate project and not Debian. We do think that this is, at best, a joke. The DT board consists solely of the current Debian Project Leader, his assistant and other high-profile Debian Developers, working on a Debian related project. This simply can't be seen as something separated From Debian and the public has already proven that it doesn't consider it a totally separate project. I fully agree here. So, to summarize DTs effects on Debian: It has demotivated a lot of people who now either resigned, simply stopped doing (parts of their) Debian work or are doing a lot less than they did before DT was started. At this place, one of our worst problems surfaces again: People stop working _silently_ so that nobody can step in for them. And, even worse, people in key positions (that need special privileges do work) reduce their committment without stepping down, actively _prevent_ other people from doing their work. _THIS_ is doing _BIG_ harm to the project. Jörg Jaspert, ftp-master assistant, DAM, DebConf Organizer Alexander Schmehl, Debian Developer, press, event manager, DebConf Organizer Alexander Wirt, Debian Developer Daniel Priem, New Maintainer Martin Würtele, Debian Developer Gerfried Fuchs, Debian Developer Patrick Jäger, User Otavio Salvador, Debian Developer Joey Schulze, Debian Developer, Security, DWN, DSA, press, promoter Felipe Augusto van de Wiel, New Maintainer Sam Hocevar, Debian Developer Pierre Habouzit, Debian Developer Julien Danjou, Debian Developer, Stable Release Manager Peter Palfrader, Debian Developer Julien Blache, Debian Developer, promoter Christoph Berg, Debian Developer, QA, NM front-desk Holger Levsen, New Maintainer, DebConf Organizer I'd like to know if these are the jobs that used to be done, or the jobs that you guys intend to continue doing. Of course, I am especially interested in that information for the jobs that need special privileges, such as release manager, press, DWN, DSA, Security, ftpmaster and/or DAM. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835
Re: Position Statement to the Dunc-Tanc experiment
On Thu, Oct 26, 2006 at 01:45:11PM -0500, Adam Majer wrote: Thus at $6000 and assuming my calculation is correct, this is 60% more than the average salary in the US hence not below average or just living costs. Speaking naively (since the average doesn't follow the standard distribution, but let's assume it does), 50% of the people live in the US on *less* than $3741/mo/person. Please note that this is not a salary which can be relied on coming in month after months. Freelance people which high qualifications have to calculate differently. I am actually surprised that people on this list are not aware of these differences. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Position Statement to the Dunc-Tanc experiment
On Thu, Oct 26, 2006 at 10:12:09PM +0200, Florian Weimer wrote: * Marc Haber: Please note that this is not a salary which can be relied on coming in month after months. Freelance people which high qualifications have to calculate differently. I am actually surprised that people on this list are not aware of these differences. You make this sound as if the RMs had come up with the $6,000 figure, which isn't true AFAIK. Sorry, that was not my intention. I do not know where that figure originated. I, personally, do not, however, find that amount unreasonable for a one-month engagement as a contractor. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Debian firefox
On Tue, Oct 03, 2006 at 09:09:41PM +0200, Bastian Venthur wrote: Not sure what you mean. Firefox is free- and opensource. AFAIK they are only trying to protect their brand/trademark, which is IMHO ok, since the code itself is still free. They just want to make sure, that a product wearing the official logo and carrying the official name actually *is* the official firefox. They also have an abysmally bad handling of security issues for everything that is not the latest and most shiny version. I don't know whether they're noticeably better for what they claim to support. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Security incident on Alioth and other Alioth news
On Wed, Sep 06, 2006 at 12:25:54PM +0200, Raphael Hertzog wrote: Alioth's web server was unavailable for most of the 5th of september. It was simply stopped because we discovered that some script kiddies were running an IRC proxy. After thorough investigation, we discovered that they exploited a pmwiki security hole[1] to deface some web pages, to install some malicious php pages which in turn were used to setup the IRC proxy. Is it possible to rule out privilege escalation? Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Rethinking stable updates policy
On Fri, Aug 25, 2006 at 04:45:31PM -0500, John Goerzen wrote: I think it's time we reopen the discussion on what stable means and what it should mean. To start with, [1] says that a package is only uploaded to stable when it meets one of these criteria: * it fixes a truly critical functionality problem * the package becomes uninstallable * a released architecture lacks the package I would love to have the new package for stable eases future update as this would allow to fix stable issues which would otherwise cause future grief to fix. For example, a more allowing policy would allow exim 3 to warn against new installations and in turn motivate people to update to exim3 before they take the etch plunge. Examples of things that should happen in stable, but haven't been happening reliably: * Kernel updates with more broad hardware support * Infrastructure updates such as ClamAV and Spamassassin * Security and other important Firefox updates I think we have volatile for this, allowing people to choose whether they need absolute stability or new infrastructure. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Please accept packages to proposed-updates
On Wed, Jul 26, 2006 at 07:19:41AM +0200, Christian Perrier wrote: (updates handled by the SRM team) Not checked too. We have a nice backlog. We go as fast as possible, but are currently slowed down because some stuff depends on ftp-master will. Is there some reason for not having at least one SRM team member in the ftpmaster team? I find that a very very good idea. This will help in lessening ftpmaster's work load, and will thus not only speed up the stable point releases, but also other things that fall into ftpmaster's domain since the work load of supporting the stable release team is not any more necessary. Delegating a part of the ftpmaster power to the SRM team and also probably the security team seems to be seomthing that could at least temporarily solve such a problem.waiting for possibly cleaner solutions for the long term. Amen. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Call for a new DPL mediation ... This will be the only thread i will reply to in the next time about this issue.
On Mon, Jun 19, 2006 at 11:32:03PM -0500, Ean Schuessler wrote: Was his access suspended because he simply was not liked? AFAICS, from the installer team's point of view, he resigned from the team, and the access was suspended as a logical conclusion of that resignation. From his point of view, he was forced to resign by extortion. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Private copies of list replies
On Sat, Mar 18, 2006 at 10:10:47PM +0100, Michelle Konzack wrote: I am on the Debian mailinglists since 04/1999 and never had problems with the lists. Basically, it's usually the other way around. I do not know, what we can do with such thread One resists the urge to participate. Greetins Ma guilty as charged rc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]