Re: Package name conflict with retired package

[Florian Weimer]

On 09/12/2013 10:40 PM, Sandro Mani wrote:


I just posted a review for avl (the Aerodynamic and flight-dynamic
analysis of rigid aircrafts package) [1], and the reviewer noticed that
it conflicts with the retired avl package (the AVL tree manipulation
library). How should one proceed in such situations? Does the old
repository needs to be deleted before the new one is created?


Please do not reuse package names for unrelated software.  It is quite 
confusing and can interfere with all kinds of tracking/package mapping 
efforts.


--
Florian Weimer / Red Hat Product Security Team
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18

[Peter Lemenkov]

2013/9/12 Jan Kratochvil :
> On Thu, 12 Sep 2013 10:42:20 +0200, Peter Lemenkov wrote:
>> I'm afraid that's just adds additional work for maintainers w/o any
>> visible benefits.
>
> The benefits are the stable Fedora release does not break 3rd party
> applications during its deployment/lifecycle.
>
>
>> Let's move further instead of backporting - that's just a leafnode app so
>> nobody got hurt by a potential dependency issue.
>
> wireshark.rpm contains many commandline utilities which may be used by
> 3rd party sysadmin scripts (and maybe even 3rd party C applications).

Don't worry about that. If these people processed external data for
two months with software containing more than 30+ exploitable
vulnerabilities then they either dead/offline permanently, or already
hacked. In both cases they lost control over their hardware and won't
complain.

Regarding command line utilities - they are quite stable in terms of
CLI interface and compatible.
-- 
With best regards, Peter Lemenkov.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Package name conflict with retired package

[Anshu Prateek]

Also, I guess it would be nice to have a package name that gives some
indication of what it is about (unless ofcourse the name itself is  well
and widely known )


On Fri, Sep 13, 2013 at 1:24 PM, Florian Weimer  wrote:

> On 09/12/2013 10:40 PM, Sandro Mani wrote:
>
>  I just posted a review for avl (the Aerodynamic and flight-dynamic
>> analysis of rigid aircrafts package) [1], and the reviewer noticed that
>> it conflicts with the retired avl package (the AVL tree manipulation
>> library). How should one proceed in such situations? Does the old
>> repository needs to be deleted before the new one is created?
>>
>
> Please do not reuse package names for unrelated software.  It is quite
> confusing and can interfere with all kinds of tracking/package mapping
> efforts.
>
> --
> Florian Weimer / Red Hat Product Security Team
>
> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.**org/mailman/listinfo/devel
> Fedora Code of Conduct: 
> http://fedoraproject.org/code-**of-conduct
>
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: numatop: %{optflags} fail the 32bit build

[Dridi Boukelmoune]

The issue has been solved by my reviewer, so thank you all because as
usual I've learned interesting things :)

Comments inlined.

On Thu, Sep 12, 2013 at 2:53 PM, Florian Weimer  wrote:
> On 09/12/2013 02:11 PM, Dridi Boukelmoune wrote:
>
>>> This version should work in 32 bit mode, and only in 32 bit mode:
>>>
>>> void
>>> cpuid(unsigned int *eax, unsigned int *ebx, unsigned int *ecx,
>>>unsigned int *edx)
>>> {
>>>__asm volatile
>>>  ("push %%ebx\n\t"
>>>   "cpuid\n\t"
>>>   "mov %%ebx, (%1)\n\t"
>>>   "pop %%ebx"
>>>   : "=a" (*eax),
>>> "=S" (ebx),
>>> "=c" (*ecx),
>>> "=d" (*edx)
>>>   : "0" (*eax));
>>> }
>>
>>
>> I "kind of" understand what you're doing here, but it's not all clear.
>>
>> I get the push/pop instructions save and restore the reserved ebx
>> register, which is needed because apparently the cpuid instruction
>> would otherwise overwrite it.
>>
>> I don't understand the mov instruction, but I suppose you're storing
>> ebx's value from cpuid "somewhere else" before restoring it with the
>> pop instruction.
>
>
> Correct, the intent is to write the %ebx register value to the address in
> the %esi register.  "(%1)" is a pointer dereference, as oppose to plain %1.
>
>
>> I don't understand the last 5 lines of __asm in both functions, I've
>> never seen this syntax before.
>
>
> These are register constraints.  "a", "c", "d", "S" refer to the %eax, %ecx,
> %edx, %esi registers, respectively.  "=" marks output constraints.  The
> constraints before the final ":" are output registers, and after colon,
> there are the input registers.  There's just one, and "0" means to reuse the
> first output register.
>
> Okay, silly me, I should have listed "S" among the output registers, instead
> the inputs:

Actually, this morning (in the train) I've tested your code with my
tmp variable and it works if I remove the deref!

mov %%ebx, %1
(btw, what do %1 and %4 mean ?)

I could painlessly add a println in my patch since the file already
includes stdio.h. Normal and hardened build provide the same cpuid
values.

> void
> cpuid(unsigned int *eax, unsigned int *ebx, unsigned int *ecx,
>   unsigned int *edx)
> {
>   __asm volatile
> ("push %%ebx\n\t"
>  "cpuid\n\t"
>  "mov %%ebx, (%4)\n\t"
>  "pop %%ebx"
>  : "=a" (*eax),
>"=c" (*ecx),
>"=d" (*edx)
>  : "0" (*eax),
>"S" (ebx));
> }
>
> I also forget that for full correctness, there should now be a "memory"
> clobber as well (in the clobber section after yet another colon):

What would it do ? A compiler memory barrier ?

> void
> cpuid(unsigned int *eax, unsigned int *ebx, unsigned int *ecx,
>   unsigned int *edx)
> {
>   __asm volatile
> ("push %%ebx\n\t"
>  "cpuid\n\t"
>  "mov %%ebx, (%4)\n\t"
>  "pop %%ebx"
>  : "=a" (*eax),
>"=c" (*ecx),
>"=d" (*edx)
>  : "0" (*eax),
>"S" (ebx)
>  : "memory");
> }

It's a good thing my reviewer submitted a patch, because I wouldn't
feel that confident with mine :)

> By the way, we could generate much better code if the registers were passed
> as an array or struct, so that they are in consecutive memory:
>
> struct regs {
>   unsigned eax, ebx, ecx, edx;
> };
>
> void
> cpuid(struct regs *r)
>
> {
>   __asm volatile
> ("push %%ebx\n\t"
>  "cpuid\n\t"
>  "mov %%eax, (%0)\n\t"
>  "mov %%ebx, 4(%0)\n\t"
>  "mov %%ecx, 8(%0)\n\t"
>  "mov %%edx, 12(%0)\n\t"
>  "pop %%ebx"
>  :
>  : "S" (r)
>  : "eax", "ecx", "edx", "memory");
> }
>
> Obviously, this needs adjustments to the callers.

Yup, but for the sake of simplicity, I wouldn't do that.

> --
> Florian Weimer / Red Hat Product Security Team

Dridi
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Oracle considering DB6 license

[Honza Horak]

On 09/12/2013 09:56 AM, "Jóhann B. Guðmundsson" wrote:

On 09/12/2013 07:16 AM, Jan Staněk wrote:

Hello,

some time back Oracle released new version of Berkeley DB under AGPL,
which is incompatible with Fedora licensing politics.

However,

https://forums.oracle.com/message/11184885#11184885

If you are interested in DB6, consider leaving feedback there :)



Week later...

it turns out that Oracle might consider re-licensing it back :)

JBG


Can you provide some more info about re-licensing, please? Where did you 
learn about it?


Honza
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: numatop: %{optflags} fail the 32bit build

[Florian Weimer]

On 09/13/2013 10:12 AM, Dridi Boukelmoune wrote:


Actually, this morning (in the train) I've tested your code with my
tmp variable and it works if I remove the deref!


Yes, that should work as well, because the value itself is an output 
register.



mov %%ebx, %1
(btw, what do %1 and %4 mean ?)


These are placeholders for the register names and are replaced with the 
actual register names chosen by the compiler, based on the specified 
constraints and the surrounding code the compiler generated from the C 
source.



I also forget that for full correctness, there should now be a "memory"
clobber as well (in the clobber section after yet another colon):


What would it do ? A compiler memory barrier ?


Correct.

--
Florian Weimer / Red Hat Product Security Team
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: numatop: %{optflags} fail the 32bit build

[Dridi Boukelmoune]

On Thu, Sep 12, 2013 at 5:39 PM, Dave Jones  wrote:
> On Wed, Sep 11, 2013 at 08:46:33AM +0200, Florian Weimer wrote:
>
>  > This is the offending function:
>  >
>  > void
>  > cpuid(unsigned int *eax, unsigned int *ebx, unsigned int *ecx,
>  >   unsigned int *edx)
>  > {
>  >   __asm volatile
>  > ("cpuid\n\t"
>  >  : "=a" (*eax),
>  >"=b" (*ebx),
>  >"=c" (*ecx),
>  >"=d" (*edx)
>  >  : "a" (*eax));
>  > }
>  >
>  > The cryptic GCC error message (inconsistent operand constraints in
>  > an ‘asm’) refers to the fact that in PIC mode (which is activated
>  > by the hardening flags), %ebx is a reserved register.
>  >
>  > This version should work in 32 bit mode, and only in 32 bit mode:
>  >
>  > void
>  > cpuid(unsigned int *eax, unsigned int *ebx, unsigned int *ecx,
>  >   unsigned int *edx)
>  > {
>  >   __asm volatile
>  > ("push %%ebx\n\t"
>  >  "cpuid\n\t"
>  >  "mov %%ebx, (%1)\n\t"
>  >  "pop %%ebx"
>  >  : "=a" (*eax),
>  >"=S" (ebx),
>  >"=c" (*ecx),
>  >"=d" (*edx)
>  >  : "0" (*eax));
>  > }
>  >
>  > I have not actually tested this.  There are other solutions
>  > floating around, but they are clearly incorrect and produce wrong
>  > code.
>
> A better fix would be to rip all this out, and use reads from
> /dev/cpu/*/cpuid, which is arch agnostic, and also takes care of cpu affinity 
> problems.
>
> Dave

On my ubuntu machine at work, I have this:

$ ls /dev/cpu/
microcode

Also, wouldn't it be a problem on a chrooted environment ?

And during my tests I've noticed that numatop calls cpuid once for
each core on my laptop. It should discard the affinity problem,
shouldn't it ?

Tanks again for your help, it's been very interesting for me !

Dridi

> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Firewall blocking desktop features

[Oron Peled]

On Friday 13 September 2013 01:51:00 drago01 wrote:
> On Fri, Sep 13, 2013 at 1:26 AM, Oron Peled  wrote:
> >- This means that any privileged service controlled by GUI client (e.g:
> >  NetworkManager) is still only as secure as it's controller (e.g:
> >  nm-applet).
> This is wrong. That's not how "controlling the service" works.

Care to explain?
 * Let's assume someone exploit a buffer overflow in nm-applet to execute
   arbitrary code.

 * Now she can ask (over dbus) from NM to do "legitimate" operations without
   the user consent/knowledge -- e.g: connect to some random-joe wireless
   network, etc. (btw, the user can still discover the truth via other
   client which isn't subverted -- like nmcli, the kde widget, etc.)

 * I don't claim this attack is easy, because the arbitrary code would
   have to hook into all relevant dbus callbacks for the wanted transaction
   to complete successfully, but I don't see any theoretical show-stopper.

 * IMO, all this just set some upper bound to our security expectations.
   Privilege separation of services into "controller-controlled" pair
   is an improvement over the previous state of affairs, but a
   "verified-good" controller can still become rogue during runtime
   due to a buffer overflow -- it than still have the same power
   it had before :-(

-- 
Oron Peled Voice: +972-4-8228492
o...@actcom.co.il  http://users.actcom.co.il/~oron
It's not the software that's free; it's you.
- billyskank on Groklaw

-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Package name conflict with retired package

[Sandro Mani]

On 13.09.2013 09:54, Florian Weimer wrote:

On 09/12/2013 10:40 PM, Sandro Mani wrote:


I just posted a review for avl (the Aerodynamic and flight-dynamic
analysis of rigid aircrafts package) [1], and the reviewer noticed that
it conflicts with the retired avl package (the AVL tree manipulation
library). How should one proceed in such situations? Does the old
repository needs to be deleted before the new one is created?


Please do not reuse package names for unrelated software.  It is quite 
confusing and can interfere with all kinds of tracking/package mapping 
efforts.


Ok, I guess I'll go with avl-analysis or something similar. It would 
probably be more user friendly to rename the the existing avl to libavl, 
but I take that again interferes with package mapping efforts?


Thanks,
Sandro
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Firewall blocking desktop features

[drago01]

On Fri, Sep 13, 2013 at 10:23 AM, Oron Peled  wrote:
>
> On Friday 13 September 2013 01:51:00 drago01 wrote:
>> On Fri, Sep 13, 2013 at 1:26 AM, Oron Peled  wrote:
>> >- This means that any privileged service controlled by GUI client (e.g:
>> >  NetworkManager) is still only as secure as it's controller (e.g:
>> >  nm-applet).
>> This is wrong. That's not how "controlling the service" works.
>
> Care to explain?

Yes. What I meant is nm-applet is not more privileged then any other
application in the session.
The policy says "the active session is allowed to do foo" not
"nm-applet is allowed to do foo".
So you can securing the "controller" wont help you much as long as any
other app from the active
session can be exploited.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

OCaml 4.01.0 coming to Fedora Rawhide this weekend

[Richard W.M. Jones]

OCaml 4.01.0 is a new major release of the language.

I'm not expecting any incompatibilities, but it will require a mass
rebuild of the 100 or so Fedora OCaml packages in Rawhide, which I
will do this weekend.

I'm also planning to:

 - update the ARM code generator

 - enable debuginfo generation, since the OCaml compiler has generated
   useful debuginfo for a while now

 - tidy up the spec files and try to come up with a modern set of
   packaging guidelines, since the de-facto packaging rules have
   diverged a little from the guidelines published back in 2008

For people not using OCaml (or even those that are) there shouldn't be
any significant disruption.

More about the new release here:

https://sympa.inria.fr/sympa/arc/caml-list/2013-09/msg00173.html

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Package name conflict with retired package

[Michael Schwendt]

On Fri, 13 Sep 2013 09:54:49 +0200, Florian Weimer wrote:

> On 09/12/2013 10:40 PM, Sandro Mani wrote:
> 
> > I just posted a review for avl (the Aerodynamic and flight-dynamic
> > analysis of rigid aircrafts package) [1], and the reviewer noticed that
> > it conflicts with the retired avl package (the AVL tree manipulation
> > library). How should one proceed in such situations? Does the old
> > repository needs to be deleted before the new one is created?
> 
> Please do not reuse package names for unrelated software.  It is quite 
> confusing and can interfere with all kinds of tracking/package mapping 
> efforts.

That could be documented.

It would be wrong for an old retired (!) "avl" to block that component
name forever. What if that project has been abandoned or renamed?

I can't reach the old  git.fruit.je/avl  currently, but the README in the
old F14 package calls it "AVLTREE", "AVLTree" and "AVL-Tree library",
and the Fedora src.rpm uses the libavl source tarball from Debian.

 => It could (should?) have been named "libavl" or "avltree".

Again related to the General Naming Guidelines, FPC ticket #336.
If the AVL-Tree project were still alive, what would happen in a new
package review request at Fedora? Would a different pair of submitter
and reviewer approve the same "avl" as "libavl"?
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Get FAS account authentication facility for my Web page‏

[Malintha Adikari]

Hi,I am a student who is participating GSOC 2013 for Fedora organization. I am 
developing a web application for fedora ambassadors. I want to give users to 
login facility with FAS. I could found that the FAS is providing OpenID 
facility. How can I implement a login with FAS in my web page. Could you give 
me a direction

Thanks & Regards,
Malintha Adikari,
Department Of Computer Engineering,
University of Peradeniya,
Sri Lanka
  -- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Proposal: AppData files in all application packages?

[Elad Alfassa]

On Fri, Sep 13, 2013 at 1:39 AM, Dennis Gilmore  wrote:

> > Legal approved:
> >
> https://lists.fedoraproject.org/pipermail/legal/2013-September/002232.html
>
> So I am confused. In your request to legal you say Release Engineering
> asked for legal to okay it. However I dont remember ever asking you to
> get legal's okay.  Who in releng asked you to?
>

nirik did

I really do not think we can integrate this into our release processes
> right now.
>
> Why?

-- 
-Elad Alfassa.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page‏

[Pierre-Yves Chibon]

On Fri, Sep 13, 2013 at 03:56:03PM +0600, Malintha Adikari wrote:
>  * Hi,
> 
>I am a student who is participating GSOC 2013 for Fedora organization. I
>am developing a web application for fedora ambassadors. I want to give
>users to login facility with FAS. I could found that the FAS is providing
>OpenID facility. How can I implement a login with FAS in my web page.
>Could you give me a direction

Hi,

You might want to port this question over to the infrastructure list:
https://admin.fedoraproject.org/mailman/listinfo/infrastructure

However, to answer it, it all depends on how your application was written. Is
there not an OpenID plugin for the framework you used?
If so, then it's probably the easiest starting point.

Could we have some more information about your application?
(language, sources, framework, goal?)

Thanks,
Pierre
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Oracle considering DB6 license

[Jóhann B. Guðmundsson]

On 09/13/2013 08:14 AM, Honza Horak wrote:

On 09/12/2013 09:56 AM, "Jóhann B. Guðmundsson" wrote:

On 09/12/2013 07:16 AM, Jan Staněk wrote:

Hello,

some time back Oracle released new version of Berkeley DB under AGPL,
which is incompatible with Fedora licensing politics.

However,

https://forums.oracle.com/message/11184885#11184885

If you are interested in DB6, consider leaving feedback there :)



Week later...

it turns out that Oracle might consider re-licensing it back :)

JBG


Can you provide some more info about re-licensing, please? Where did 
you learn about it?


It was poor attempt of humour afaik at least in this point in time 
Oracle is not thinking about re-licensing it back but since they have 
start playing that licensing game ( changing licenses ) they are likely 
to do it again...


JBG

--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Proposal: AppData files in all application packages?

[Matthias Clasen]

On Thu, 2013-09-12 at 17:39 -0500, Dennis Gilmore wrote:

> 
> So I am confused. In your request to legal you say Release Engineering
> asked for legal to okay it. However I dont remember ever asking you to
> get legal's okay.  Who in releng asked you to?

 I'm going to not continue this, because it's not actually my
argument and I am not a lawyer. Please go talk to fedora-legal. 

> I really do not think we can integrate this into our release processes
> right now.

Thankfully, we're not asking for it for 'right now'. We want it for f21.

-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

RE: Get FAS account authentication facility for my Web page‏

[Malintha Adikari]

Hi,
I am using PHP as my language, and codeigniter as my framework. The goal is to 
provide facility to people to register for fedora event. They can use their FAS 
account to authenticate identity to register for the events. 


> Date: Fri, 13 Sep 2013 12:14:00 +0200
> From: pin...@pingoured.fr
> To: devel@lists.fedoraproject.org
> Subject: Re: Get FAS account authentication facility for my Web page‏
> 
> On Fri, Sep 13, 2013 at 03:56:03PM +0600, Malintha Adikari wrote:
> >  * Hi,
> > 
> >I am a student who is participating GSOC 2013 for Fedora organization. I
> >am developing a web application for fedora ambassadors. I want to give
> >users to login facility with FAS. I could found that the FAS is providing
> >OpenID facility. How can I implement a login with FAS in my web page.
> >Could you give me a direction
> 
> Hi,
> 
> You might want to port this question over to the infrastructure list:
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
> 
> However, to answer it, it all depends on how your application was written. Is
> there not an OpenID plugin for the framework you used?
> If so, then it's probably the easiest starting point.
> 
> Could we have some more information about your application?
> (language, sources, framework, goal?)
> 
> Thanks,
> Pierre
> -- 
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
  -- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Oracle considering DB6 license

[Honza Horak]

On 09/13/2013 12:26 PM, "Jóhann B. Guðmundsson" wrote:

On 09/13/2013 08:14 AM, Honza Horak wrote:

On 09/12/2013 09:56 AM, "Jóhann B. Guðmundsson" wrote:

On 09/12/2013 07:16 AM, Jan Staněk wrote:

Hello,

some time back Oracle released new version of Berkeley DB under AGPL,
which is incompatible with Fedora licensing politics.

However,

https://forums.oracle.com/message/11184885#11184885

If you are interested in DB6, consider leaving feedback there :)



Week later...

it turns out that Oracle might consider re-licensing it back :)

JBG


Can you provide some more info about re-licensing, please? Where did
you learn about it?


It was poor attempt of humour afaik at least in this point in time
Oracle is not thinking about re-licensing it back but since they have
start playing that licensing game ( changing licenses ) they are likely
to do it again...


Yeah, sorry, my sense for humor approaches zero when comes for licensing 
issues :) Before I had to solve the first license problem I'd never 
thought re-licensing from one "free" to another "free" license can bring 
so many problems and can make couple of people quite desperate.


Honza
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Package name conflict with retired package

[Sandro Mani]

On 13.09.2013 11:48, Michael Schwendt wrote:

On Fri, 13 Sep 2013 09:54:49 +0200, Florian Weimer wrote:


On 09/12/2013 10:40 PM, Sandro Mani wrote:


I just posted a review for avl (the Aerodynamic and flight-dynamic
analysis of rigid aircrafts package) [1], and the reviewer noticed that
it conflicts with the retired avl package (the AVL tree manipulation
library). How should one proceed in such situations? Does the old
repository needs to be deleted before the new one is created?

Please do not reuse package names for unrelated software.  It is quite
confusing and can interfere with all kinds of tracking/package mapping
efforts.

That could be documented.

It would be wrong for an old retired (!) "avl" to block that component
name forever. What if that project has been abandoned or renamed?

I can't reach the old  git.fruit.je/avl  currently, but the README in the
old F14 package calls it "AVLTREE", "AVLTree" and "AVL-Tree library",
and the Fedora src.rpm uses the libavl source tarball from Debian.

  => It could (should?) have been named "libavl" or "avltree".
I would definitely prefer this option. Should I file a rel-eng ticket or 
what would the procedure be?


--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Atlas update

[Frantisek Kluknavsky]

Hi list,

Atlas currently bundles Lapack. I want to update Atlas to 3.10.1 and 
unbundle Lapack as well. This will require rebuild of dependent packages 
and maybe adding explicit dependency on Lapack.


Would anyone object to that?

If I understand things correctly, Lapack in Fedora uses Atlas and not 
its own Blas implementation.


Frantisek Kluknavsky

PS:
DSDP
MUMPS
MUMPS-openmpi
Macaulay2
R-RScaLAPACK
SuperLU
apbs
armadillo
arpack
cp2k
cp2k-mpich
cp2k-mpich2
cp2k-openmpi
cp2k-smp
csdp
csdp-tools
ergo
freefem++
freefem++-glx
freefem++-mpi
ga-mpich2
ga-openmpi
grass-libs
gretl
gsl
iml
jblas
lapack
levmar
libghemical
linbox
mpqc
ncl
numpy
ocaml-lacaml
octave
octave-control
octave-odepkg
octave-optim
pocketsphinx
psfex
python-cvxopt
python-scikit-learn
python3-cvxopt
python3-numpy
python3-scipy
qrupdate
scilab
scipy
sextractor
sphinxbase
sphinxbase-libs
sphinxtrain
suitesparse
wannier90
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Atlas update

[Susi Lehtola]

On Fri, 13 Sep 2013 14:16:46 +0200
Frantisek Kluknavsky  wrote:
> Hi list,
> 
> Atlas currently bundles Lapack. I want to update Atlas to 3.10.1 and 
> unbundle Lapack as well. This will require rebuild of dependent
> packages and maybe adding explicit dependency on Lapack.
> 
> Would anyone object to that?

ATLAS doesn't really bundle LAPACK, since it uses the static library
from the Fedora LAPACK package. But yes, it does duplicate the
libraries in binary form.

I'd think twice about debundling. For instance OpenBLAS actually
replaces some LAPACK routines with more efficient implementations, and
because of this OpenBLAS also includes a bunch functions from the
lapack package.

So, please check with ATLAS upstream whether you can safely unbundle
LAPACK.

> If I understand things correctly, Lapack in Fedora uses Atlas and not 
> its own Blas implementation.

Yes and no. The LAPACK library you get from the blas package doesn't
contain any BLAS routines, so you can in principle choose what
BLAS library you want to use it with.
-- 
Susi Lehtola
Fedora Project Contributor
jussileht...@fedoraproject.org
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Atlas update

[Susi Lehtola]

On Fri, 13 Sep 2013 15:24:28 +0300
Susi Lehtola  wrote:
> On Fri, 13 Sep 2013 14:16:46 +0200
> Frantisek Kluknavsky  wrote:
> > Atlas currently bundles Lapack. I want to update Atlas to 3.10.1
> > and unbundle Lapack as well. This will require rebuild of dependent
> > packages and maybe adding explicit dependency on Lapack.
>
> I'd think twice about debundling. For instance OpenBLAS actually
> replaces some LAPACK routines with more efficient implementations, and
> because of this OpenBLAS also includes a bunch functions from the
> lapack package.
> 
> So, please check with ATLAS upstream whether you can safely unbundle
> LAPACK.

Actually, this is stated pretty clearly on the ATLAS page:
 "At present, it provides C and Fortran77 interfaces to a portably
 efficient BLAS implementation, as well as a few routines from LAPACK."

So, if you remove LAPACK from ATLAS, you'll also prevent compiling
LAPACK dependent packages against ATLAS.
-- 
Susi Lehtola
Fedora Project Contributor
jussileht...@fedoraproject.org
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page

[Uditha Bandara Wijerathna]

On Fri, Sep 13, 2013 at 4:23 PM, Malintha Adikari <
malintha.adik...@hotmail.com> wrote:

>
>
> Hi,
>
> I am using PHP as my language, and codeigniter as my framework. The goal
> is to provide facility to people to register for fedora event. They can use
> their FAS account to authenticate identity to register for the events.
>
>
> > Date: Fri, 13 Sep 2013 12:14:00 +0200
> > From: pin...@pingoured.fr
> > To: devel@lists.fedoraproject.org
> > Subject: Re: Get FAS account authentication facility for my Web page
>
> >
> > On Fri, Sep 13, 2013 at 03:56:03PM +0600, Malintha Adikari wrote:
> > > * Hi,
> > >
> > > I am a student who is participating GSOC 2013 for Fedora organization.
> I
> > > am developing a web application for fedora ambassadors. I want to give
> > > users to login facility with FAS. I could found that the FAS is
> providing
> > > OpenID facility. How can I implement a login with FAS in my web page.
> > > Could you give me a direction
> >
> > Hi,
> >
> > You might want to port this question over to the infrastructure list:
> > https://admin.fedoraproject.org/mailman/listinfo/infrastructure
> >
> > However, to answer it, it all depends on how your application was
> written. Is
> > there not an OpenID plugin for the framework you used?
> > If so, then it's probably the easiest starting point.
> >
> > Could we have some more information about your application?
> > (language, sources, framework, goal?)
> >
> > Thanks,
> > Pierre
> > --
> > devel mailing list
> > devel@lists.fedoraproject.org
> > https://admin.fedoraproject.org/mailman/listinfo/devel
> > Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>
> --
> devel mailing list
> devel@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
>

Hi Malintha,

The media-wiki auth [0] and wordpress auth plugin for FAS [1] will help you
to get in to the track. Those things were written in PHP too. You can write
the fas-auth as Codeigniter auth plugin.

--

[0] -
https://git.fedorahosted.org/cgit/fedora-infrastructure.git/tree/scripts/Auth_FAS_MediaWiki/Auth_FAS.php?id=ba6349c6aee8e2ee588cfe358aca49e85a8fb3f0
[1] -
https://git.fedorahosted.org/cgit/fedora-infrastructure.git/tree/plugins/wordpress-mu-plugin-fasauth/fasauth.php?id=ba6349c6aee8e2ee588cfe358aca49e85a8fb3f0
-- 
- UD -
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Atlas update

[Orion Poplawski]

On 09/13/2013 06:26 AM, Susi Lehtola wrote:

On Fri, 13 Sep 2013 15:24:28 +0300
Susi Lehtola  wrote:

On Fri, 13 Sep 2013 14:16:46 +0200
Frantisek Kluknavsky  wrote:

Atlas currently bundles Lapack. I want to update Atlas to 3.10.1
and unbundle Lapack as well. This will require rebuild of dependent
packages and maybe adding explicit dependency on Lapack.


I'd think twice about debundling. For instance OpenBLAS actually
replaces some LAPACK routines with more efficient implementations, and
because of this OpenBLAS also includes a bunch functions from the
lapack package.

So, please check with ATLAS upstream whether you can safely unbundle
LAPACK.


Actually, this is stated pretty clearly on the ATLAS page:
  "At present, it provides C and Fortran77 interfaces to a portably
  efficient BLAS implementation, as well as a few routines from LAPACK."

So, if you remove LAPACK from ATLAS, you'll also prevent compiling
LAPACK dependent packages against ATLAS.



I think you can do -latlas -llapack.  The problem with the current atlas 
is that it wants the lapack *source* not just the library as the current 
version did.  It would been a bundling exception.  Might be okay since 
lapack doesn't change much, probably not many security concerns.


--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA/CoRA DivisionFAX: 303-415-9702
3380 Mitchell Lane  or...@cora.nwra.com
Boulder, CO 80301  http://www.cora.nwra.com
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page

[Sarup Banskota]

>
> > > I am a student who is participating GSOC 2013 for Fedora organization.
>> I
>> > > am developing a web application for fedora ambassadors. I want to give
>> > > users to login facility with FAS. I could found that the FAS is
>> providing
>> > > OpenID facility. How can I implement a login with FAS in my web page.
>> > > Could you give me a direction
>>
>
Hi Malintha,

I'm doing a GSoC this year too, and although it uses Ruby on Rails,
building a web application for designers. I had added FAS-OpenID support to
the application, and had blogged about that here[1]. I'm not sure how much
it would be of use to you, but you might want to take a look at it too :)

[1]-
http://thirstyforcola.wordpress.com/2013/06/30/setting-up-openid-on-rails/
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

File ParseUtil-Domain-2.30.tar.gz uploaded to lookaside cache by pghmcfc

[Paul Howarth]

A file has been added to the lookaside cache for perl-ParseUtil-Domain:

d998aacd52ed1490d24cc1b04206b234  ParseUtil-Domain-2.30.tar.gz
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/perl-devel

Re: Atlas update

[Susi Lehtola]

On Fri, 13 Sep 2013 07:44:50 -0600
Orion Poplawski  wrote:
> On 09/13/2013 06:26 AM, Susi Lehtola wrote:
> > So, if you remove LAPACK from ATLAS, you'll also prevent compiling
> > LAPACK dependent packages against ATLAS.
> >
> 
> I think you can do -latlas -llapack. 

Yes, but this is because currently -llapack -latlas uses the ATLAS
version of the LAPACK library... which is very ugly:

$ find /usr/lib64/atlas -type f
/usr/lib64/atlas/libf77blas.so.3.0
/usr/lib64/atlas/libatlas.so.3.0
/usr/lib64/atlas/liblapack.so.3.0
/usr/lib64/atlas/libptcblas.so.3.0
/usr/lib64/atlas/libclapack.so.3.0
/usr/lib64/atlas/libptf77blas.so.3.0
/usr/lib64/atlas/libcblas.so.3.0

This is in addition to the library provided by the LAPACK package:
/usr/lib64/liblapack.so.3.4.2

Ideally, ATLAS would only ship a single library containing everything,
much the same way OpenBLAS does.

> The problem with the current
> atlas is that it wants the lapack *source* not just the library as
> the current version did.  It would been a bundling exception.  Might
> be okay since lapack doesn't change much, probably not many security
> concerns.

This is probably something that can be patched out. I had to do the
same thing for OpenBLAS.
-- 
Susi Lehtola
Fedora Project Contributor
jussileht...@fedoraproject.org
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page

[Toshio Kuratomi]

On Sep 13, 2013 6:56 AM, "Sarup Banskota"  wrote:
>>>
>>> > > I am a student who is participating GSOC 2013 for Fedora
organization. I
>>> > > am developing a web application for fedora ambassadors. I want to
give
>>> > > users to login facility with FAS. I could found that the FAS is
providing
>>> > > OpenID facility. How can I implement a login with FAS in my web
page.
>>> > > Could you give me a direction
>
>
> Hi Malintha,
>
> I'm doing a GSoC this year too, and although it uses Ruby on Rails,
building a web application for designers. I had added FAS-OpenID support to
the application, and had blogged about that here[1]. I'm not sure how much
it would be of use to you, but you might want to take a look at it too :)
>
> [1]-
http://thirstyforcola.wordpress.com/2013/06/30/setting-up-openid-on-rails/
>
Yeah, openid is the way to go for now.  The WordPress auth module is from
before we had reliable openid and the ability to check your groups from
openid.  (That is available via an extension to openid now).

But to pause for one moment - do either of these apps have a goal of
running on fedora infrastructure?  If so you should know that all of our
own apps that we have to do maintenance on are written in python with a
distinct preference for the flask and pyramid web frameworks.  We run some
third party apps, well maintained upstream, written in php.  And we do not
run any java or ruby apps (the latter we might be able to start using under
similar rules to our third party php apps once we get rid of puppet
(migration to ansible is happening but slowly)).  No idea what it would
take for us to run java apps.

-Toshio
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

File Config-Tiny-2.17.tgz uploaded to lookaside cache by pghmcfc

[Paul Howarth]

A file has been added to the lookaside cache for perl-Config-Tiny:

6cbd7e5bb433fee17a2337f42a7e418e  Config-Tiny-2.17.tgz
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/perl-devel

abrt Bugzilla summary

[Jakub Filak]

Hello,

a bugzilla ticket [1] requiring a better Bugzilla summary field text
produced by abrt has been filed. Before I start changing the bug summary
format I'd like to do a little survey:

What would you like see in the bug summaries produced by abrt?


Regards
Jakub

1: https://bugzilla.redhat.com/show_bug.cgi?id=1005762

-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Firewall blocking desktop features

[Dan Williams]

On Fri, 2013-09-13 at 11:23 +0300, Oron Peled wrote:
> On Friday 13 September 2013 01:51:00 drago01 wrote:
> > On Fri, Sep 13, 2013 at 1:26 AM, Oron Peled  wrote:
> > >- This means that any privileged service controlled by GUI client (e.g:
> > >  NetworkManager) is still only as secure as it's controller (e.g:
> > >  nm-applet).
> > This is wrong. That's not how "controlling the service" works.
> 
> Care to explain?
>  * Let's assume someone exploit a buffer overflow in nm-applet to execute
>arbitrary code.
> 
>  * Now she can ask (over dbus) from NM to do "legitimate" operations without
>the user consent/knowledge -- e.g: connect to some random-joe wireless
>network, etc. (btw, the user can still discover the truth via other
>client which isn't subverted -- like nmcli, the kde widget, etc.)

nm-applet can certainly *ask* NetworkManager to do something.  Depending
on the policy that an administrator has set, NetworkManager will ask the
user to authorize the request via PolicyKit.  Only if the request is
authorized, will that request be granted.  If your user must authorize
before you can obtain the ModifySystem and ModifyOwn permissions, then
no, nm-applet can't ask NetworkManager to connect to malicious networks
unless that trojan also somehow subverts PolicyKit.

Dan

-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

[perl-NetAddr-IP] Update to 4.070

[Paul Howarth]

commit 78cdd666a368a7f70556b8263e98cf008cfae7ad
Author: Paul Howarth 
Date:   Fri Sep 13 16:39:27 2013 +0100

Update to 4.070

- New upstream release 4.070
  - Yet another documention error fixed
  - Add new6, RFC4291 compliant ipv4->ipV6 new in Lite.pm

 perl-NetAddr-IP.spec |9 +++--
 sources  |2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)
---
diff --git a/perl-NetAddr-IP.spec b/perl-NetAddr-IP.spec
index a566a27..85f591f 100644
--- a/perl-NetAddr-IP.spec
+++ b/perl-NetAddr-IP.spec
@@ -1,6 +1,6 @@
 Name:   perl-NetAddr-IP
-Version:4.069
-Release:3%{?dist}
+Version:4.070
+Release:1%{?dist}
 Summary:Manages IPv4 and IPv6 addresses and subnets
 # Lite/Util/Util.xs is GPLv2+
 # Other files are (GPLv2+ or Artistic clarified)
@@ -56,6 +56,11 @@ make test
 %{_mandir}/man3/NetAddr::IP::UtilPP.3pm*
 
 %changelog
+* Fri Sep 13 2013 Paul Howarth  - 4.070-1
+- Update to 4.070
+  - Yet another documention error fixed
+  - Add new6, RFC4291 compliant ipv4->ipV6 new in Lite.pm
+
 * Sat Aug 03 2013 Fedora Release Engineering  
- 4.069-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
 
diff --git a/sources b/sources
index 1dbea83..25ee3bb 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-7721135fcea390327f75421a6b701144  NetAddr-IP-4.069.tar.gz
+74aa1dcdab7824e228528a64f48ad5a0  NetAddr-IP-4.070.tar.gz
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/perl-devel

[perl-Config-Tiny] Created tag perl-Config-Tiny-2.17-1.fc21

[Paul Howarth]

The lightweight tag 'perl-Config-Tiny-2.17-1.fc21' was created pointing to:

 be705c0... Update to 2.17
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/perl-devel

rpmdiff causing failing build

[Richard Hughes]

Hi all,

I'm trying to build the new colord for F20. All the arches build file,
but the task fails with:

BuildError: mismatch when analyzing
colord-extra-profiles-1.1.2-1.fc20.noarch.rpm, rpmdiff output was:
added   /usr/share/color/icc/colord/FOGRA27L_coated.icc

Task here: http://koji.fedoraproject.org/koji/taskinfo?taskID=5931690

Any ideas? Thanks,

Richard
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: rpmdiff causing failing build

[Dan Horák]

On Fri, 13 Sep 2013 16:56:51 +0100
Richard Hughes  wrote:

> Hi all,
> 
> I'm trying to build the new colord for F20. All the arches build file,
> but the task fails with:
> 
> BuildError: mismatch when analyzing
> colord-extra-profiles-1.1.2-1.fc20.noarch.rpm, rpmdiff output was:
> added   /usr/share/color/icc/colord/FOGRA27L_coated.icc
> 
> Task here: http://koji.fedoraproject.org/koji/taskinfo?taskID=5931690
> 
> Any ideas? Thanks,

the reason for the failure is that the noarch sub-packages differ
between the arm/i686/x86_64 arches, IIRC you disabled building profiles
on non-x86 arches some time ago when there were problems with OOM
conditions on ARM and s390


Dan
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: abrt Bugzilla summary

[Kevin Fenzi]

On Fri, 13 Sep 2013 17:35:20 +0200
Jakub Filak  wrote:

> Hello,
> 
> a bugzilla ticket [1] requiring a better Bugzilla summary field text
> produced by abrt has been filed. Before I start changing the bug
> summary format I'd like to do a little survey:
> 
> What would you like see in the bug summaries produced by abrt?

I actually disagree with the reporter of the bug. 

I prefer to have the component name in the subject of the bug. It's
true that you can look this up by going to the bug on the web and that
it's in the initial email, but after that the context of update emails
is not there, so it's harder for me to know _which_ of the many abrt
bugs this is. 

My thought would be: 

Current: 

[abrt] util-linux-2.23.2-2.fc19: recount_geometry:
Process /usr/sbin/fdisk was killed by signal 8 (SIGFPE)

New: 
[abrt] util-linux: fdisk:recount_geometry() killed by SIGFPE

kevin



signature.asc
Description: PGP signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Proposal: AppData files in all application packages?

[Kevin Fenzi]

On Fri, 13 Sep 2013 06:28:09 -0400
Matthias Clasen  wrote:

> On Thu, 2013-09-12 at 17:39 -0500, Dennis Gilmore wrote:
> 
> > 
> > So I am confused. In your request to legal you say Release
> > Engineering asked for legal to okay it. However I dont remember
> > ever asking you to get legal's okay.  Who in releng asked you to?
> 
>  I'm going to not continue this, because it's not actually my
> argument and I am not a lawyer. Please go talk to fedora-legal. 

Note that I was simply saying that this is the issue that the previous
plan ran into. :) It doesn't mean thats the only issue to be overcome. 

> > I really do not think we can integrate this into our release
> > processes right now.
> 
> Thankfully, we're not asking for it for 'right now'. We want it for
> f21.

Great. I still think it would be good to look at and come to a plan
sooner rather than wait for f21. (If things could get done in rawhide
when they are agreed on that would be good). 

kevin


signature.asc
Description: PGP signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page

[Nathanael D. Noblet]

On 09/13/2013 10:35 AM, Kevin Fenzi wrote:

We want to make sure people don't enter their fas information into any
3rd party forms or websites. You should only enter your fas
login/password to a fedoraproject.org site.


Ah shoot! I'm going to have to write that nice Nigerian prince and see 
if we can still do the $100,000,000 transfer with only my personal 
information and without my FAS credentials. :D Fingers crossed!



--
Nathanael d. Noblet
t 403.875.4613
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Get FAS account authentication facility for my Web page

[Kevin Fenzi]

On Fri, 13 Sep 2013 18:53:36 +0530
Uditha Bandara Wijerathna  wrote:

> Hi Malintha,
> 
> The media-wiki auth [0] and wordpress auth plugin for FAS [1] will
> help you to get in to the track. Those things were written in PHP
> too. You can write the fas-auth as Codeigniter auth plugin.

Just as a note here... you can use openid, but you shouldn't use direct
FAS unless your application really is running inside Fedora
Infrastructure. 

We want to make sure people don't enter their fas information into any
3rd party forms or websites. You should only enter your fas
login/password to a fedoraproject.org site. 

kevin


signature.asc
Description: PGP signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Orphaning Package: cfengine

[Jeff Sheltren]

It's been a long time since I've had time or interest to maintain the
cfengine package in Fedora and EPEL.  I've informally reached out through
other channels and found a few interested parties, but nobody ended up
actually stepping up to take ownership.  So I'm officially orphaning
cfengine in hopes that one of you great people will be willing to take it
over.

-Jeff
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

ibus-typing-booster Obsoletes failure

[Michael Schwendt]

What is going on in package "ibus-typing-booster"?

http://pkgs.fedoraproject.org/cgit/ibus-typing-booster.git/plain/ibus-typing-booster.spec

It attempts at obsoleting various packages, but since it does that with a
specific dist tag and without retiring those packages, it fails entirely,
because the packages have been bumped and rebuilt several times.

  http://fedoraproject.org/wiki/Package_Renaming_Process
  https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life

If you need help, feel free to contact me.

Once the supposed to be retired packages have been blocked by rel-eng,
it becomes easier to determine the necessary Obsoletes versions.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: php-gettext

[Michael Schwendt]

> What's the full story here?
> 
> php-gettext
> php-gettext-0:1.0.11-5.fc20.noarch  isn't obsoleted
> php-gettext-0:1.0.11-4.fc19.noarch  isn't obsoleted
> php-gettext-0:1.0.11-3.fc18.noarch  isn't obsoleted
> php-gettext-0:1.0.9-3.fc15.noarch  is oldest
> php-gettext < 0:1.0.11-3  obsoleted by  
> php-php-gettext-0:1.0.11-8.fc20.noarch
> 

No reply. :-(

Filed bugs 1008026 and 1008027.
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Update notice FEDORA-2013-13577 (von updates-testing) is broken, or a bad duplicate, skipping

[Reindl Harald]

a few days ago i upgraded to F19 and my cron-script checking
for updates as well as "yum check-update" reports these
warnings - unsure where to report a bug because it's not
a specific package, so i post it here

Update notice FEDORA-2013-13577 (von updates-testing) is broken, or a bad 
duplicate, skipping.
You should report this problem to the owner of the updates-testing repository.
Update notice FEDORA-2013-15734 (von updates-testing) is broken, or a bad 
duplicate, skipping.
Update notice FEDORA-2013-15106 (von updates-testing) is broken, or a bad 
duplicate, skipping.
Update notice FEDORA-2013-14132 (von updates-testing) is broken, or a bad 
duplicate, skipping.
Update notice FEDORA-2013-14172 (von updates-testing) is broken, or a bad 
duplicate, skipping.



signature.asc
Description: OpenPGP digital signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Self Introduction

[William Brown]

Hi,

I am a student of computer science, and systems administrator for a
University using el. I have been using Fedora as my primary OS for a
number of years now.

I have had some intermittent exposure to many projects here such as
MATE, isc-dhcp and FreeIPA. Sadly in the past, I have not been able to
dedicate as much time to these as I would have liked, but a small number
of my patches have been accepted.

I generally focus on server and networking systems, but I am willing to
contribute to anything that I see that needs fixing. (IE writing SELinux
policy)

-- 
Sincerely,

William Brown

pgp.mit.edu
http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x3C0AC6DAB2F928A2




signature.asc
Description: This is a digitally signed message part
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct

Re: Update notice FEDORA-2013-13577 (von updates-testing) is broken, or a bad duplicate, skipping

[Theodore Lee]

On 14/09/13 08:51, Reindl Harald wrote:
> a few days ago i upgraded to F19 and my cron-script checking
> for updates as well as "yum check-update" reports these
> warnings - unsure where to report a bug because it's not
> a specific package, so i post it here
> 
> Update notice FEDORA-2013-13577 (von updates-testing) is broken, or a bad 
> duplicate, skipping.
> You should report this problem to the owner of the updates-testing repository.
> Update notice FEDORA-2013-15734 (von updates-testing) is broken, or a bad 
> duplicate, skipping.
> Update notice FEDORA-2013-15106 (von updates-testing) is broken, or a bad 
> duplicate, skipping.
> Update notice FEDORA-2013-14132 (von updates-testing) is broken, or a bad 
> duplicate, skipping.
> Update notice FEDORA-2013-14172 (von updates-testing) is broken, or a bad 
> duplicate, skipping.

Evidently this is a bodhi bug that's been around for a while, being
tracked in bug 960642.[1]

-- 
Regards,
Theo

[1] https://bugzilla.redhat.com/show_bug.cgi?id=960642



signature.asc
Description: OpenPGP digital signature
-- 
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct