Re: texlive-2009 tlmgr
On Tue, Nov 03, 2009 at 02:00:19PM -0500, Neal Becker wrote: > tlmgr > Can't locate TeXLive/TLPOBJ.pm in @INC (@INC contains: > /usr/share/texlive/tlpkg /usr/local/lib64/perl5/site_perl/5.10.0/x86_64- > linux-thread-multi /usr/local/lib/perl5/site_perl/5.10.0 > /usr/lib64/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi > /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl > /usr/lib64/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 > /usr/lib/perl5/site_perl .) at /usr/bin/tlmgr line 36. > BEGIN failed--compilation aborted at /usr/bin/tlmgr line 36. > > sure enough, /usr/share/texlive/tlpkg dir exists, but is empty. > tlmgr seems to be useless with the Fedora TeX Live 2009 because we handle instalation/removal of TL packages ourselves. The perl classes needed to run tlmgr is removed but not the tlmgr binary yet. I will remove it in the next update. Jindrich -- Jindrich Novyhttp://people.redhat.com/jnovy/ -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: texlive-2009 man & info
On Tue, Nov 03, 2009 at 07:23:03AM -0500, Neal Becker wrote:
> I'm trying texlive-2009 packages for f11. I see man and info pages get
> installed (not in standard system locations, but into texlive tree), but man
> and info search paths don't seem to be setup to find them.
>
Good point. The man and info pages are installed to texmf/doc/{info,man}
by TeX Live and aren't actually visible to info/man. I'll fix it in
the next update.
Jindrich
--
Jindrich Novyhttp://people.redhat.com/jnovy/
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: texlive-2009 breakage?
On Tue, Nov 03, 2009 at 11:19:56AM -0500, Neal Becker wrote: > I had texlive* installed. > > After today's update, I no longer have any /usr/share/texlive directory! > > I'm guessing some install script removed it?? > There was a mistake in the previous release. The %postun scriptlet tried to remove the texlive directory after removal of the main package in order to not to leave empty directories in /usr/share/texlive RPM didn't remove itself for some reason. It is now fixed with the current packages in the repository. Jindrich -- Jindrich Novyhttp://people.redhat.com/jnovy/ -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Mesa 7.6.0 bugs
On Wed, Nov 4, 2009 at 1:04 AM, Bojan Smojver wrote: > New mesa (7.6.0) is causing trouble for people using F-11/12 code (see > bugs #524338 and #509528 for instance). I've seen a couple of bugs in the 3D stuff with Moblin/clutter as well. RHBZ #521714 and #529372 come to mind. Peter -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: texlive-2009 breakage?
BTW Jindrich, I know you are very busy, and we never seem to be on irc at the same times, but how is progress on the texlive font packaging front? Font automation QA has progressed quite a bit since you started, you can self-check your progress with repo-font-audit now if you want: http://kojipkgs.fedoraproject.org/packages/fontpackages/1.31/2.fc13/noarch/fontpackages-tools-1.31-2.fc13.noarch.rpm -- Nicolas Mailhot -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
conflict between seedit <-> selinux-policy and qstat <-> torque-client
Why do those packages have to conflict with each other?
1. seedit and selinux-policy-{targeted,mls} -> i dont see a single
file conflicting atleast with the targeted policy...
2. qstat and torque-client both provide a qstat binary... is there
anything done to get that resolved upstream? or is it a "conflicts and
forget" scenario?
from my personal pov conflicts should be resolved instead of just
marked so things can be properly installed in parallel. everything
else looks broken to me.
kind regards,
Rudolf Kastl
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
> "RK" == Rudolf Kastl writes: RK> 2. qstat and torque-client both provide a qstat binary... is there RK> anything done to get that resolved upstream? or is it a "conflicts RK> and forget" scenario? This one, I think, should be easily resolvable with alternatives. Actually I think all but a small number of the currently conflicting packages could be fixed up pretty easily. Currently it doesn't seem that there's any sort of enforcement outside of the original package review. The way around this is, of course, for someone to spend some time generating the current list of conflicting packages, proposing solutions, and working with FESCo in the case that those solutions are not applied. - J< -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
On 11/03/2009 04:35 PM, Adam Jackson wrote: > On Tue, 2009-11-03 at 21:31 +, Mike Cloaked wrote: >> For people running wine or Crossover and using MS Office 2003 and related >> codes >> it is necessary to do: >> # setsebool -P allow_unconfined_mmap_low 1 >> To prevent AVC denials. >> >> However there is recent publicity at >> http://www.theregister.co.uk/2009/11/03/linux_kernel_vulnerability/ >> which highlights that there is still a vulnerability in the kernel if this is >> set. >> >> For people running f11 with this boolean set how can one run wine and still >> remain secure? i.e. what should an admin do to protect the system? > > You can't. > > If I'm being slightly less flip: run wine in a kvm instance with selinux > disabled, forward X to the host. > > - ajax > You can run with SELinux in enforcement. mmap_low_allowed is the name of the boolean moving forward. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
rawhide report: 20091104 changes
Compose started at Wed Nov 4 08:15:08 UTC 2009 Broken deps for ppc64 -- eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires eclipse-cdt >= 1:6.0 New package globus-gram-job-manager-callout-error Globus Toolkit - Globus GRAM Jobmanager Callout Errors New package globus-scheduler-event-generator Globus Toolkit - Scheduler Event Generator Updated Packages: DeviceKit-disks-009-3.fc12 -- * Tue Nov 03 2009 David Zeuthen - 009-2.fc12 - Update udev rules to better cope with device-mapper (#528909) * Tue Nov 03 2009 David Zeuthen - 009-3.fc12 - Avoid automounting LVM LVs (fdobz #24885, rhbz #528909) abrt-0.0.11-1.fc12 -- * Mon Nov 02 2009 Jiri Moskovcak 0.0.11-1 - re-enabled kerneloops - abrt-debuginfo-install: download packages one-by-one - better logging (vda.li...@googlemail.com) - do not report empty fields (vda.li...@googlemail.com) - Added abrt.png, fixed rhbz#531181 (jmosk...@redhat.com) - added option DebugInfoCacheMB to limit size of unpacked debuginfos (vda.li...@googlemail.com) - fixed the problem with overwriting the default plugin settings (jmosk...@redhat.com) - disabled kerneloops in config file (jmosk...@redhat.com) - added dependency to gdb >= 7.0 (jmosk...@redhat.com) - better format of report text (vda.li...@googlemail.com) - Python backtrace size limited to 1 MB (kk...@redhat.com) - lib/Plugins/Bugzilla: better message at login failure (vda.li...@googlemail.com) - build fixes, added plugin-logger to abrt-desktop (jmosk...@redhat.com) - blacklisted nspluginwrapper, because it causes too many useless reports (jmosk...@redhat.com) - GUI: Wrong settings window is not shown behind the reporter dialog rhbz#531119 (jmosk...@redhat.com) - Normal user can see kerneloops and report it Bugzilla memory leaks fix (npajk...@redhat.com) - dumpoops: add -s option to dump results to stdout (vda.li...@googlemail.com) - removed kerneloops from abrt-desktop rhbz#528395 (jmosk...@redhat.com) - GUI: fixed exception when enabling plugin rhbz#530495 (jmosk...@redhat.com) - Improved abrt-cli (kk...@redhat.com) - Added backtrace rating to CCpp analyzer (dnovo...@redhat.com) - GUI improvements (jmosk...@redhat.com) - Added abrt-pyhook-helper (kk...@redhat.com) anaconda-12.43-1.fc12 - * Tue Nov 03 2009 Chris Lumens - 12.43-1 - Remove "anaconda" from attributes to skip (#532612, #532737). (clumens) - Fix status for and consolidate handling of '-' in vg/lv names. (#527302) (dlehman) cronie-1.4.3-1.fc12 --- * Tue Nov 03 2009 Marcela Mašláňová - 1.4.3-1 - 531963 and 532482 creating noanacron package * Mon Oct 19 2009 Marcela Mašláňová - 1.4.2-2 - 529632 service crond stop returns appropriate value * Mon Oct 12 2009 Marcela Mašláňová - 1.4.2-1 - new release cups-1.4.1-13.fc12 -- * Tue Nov 03 2009 Tim Waugh 1:1.4.1-13 - Removed stale patch from STR #2831 which was causing problems with number-up (bug #532516). eclipse-photran-5.0.0-0.3.200910081739.fc12 --- * Tue Nov 03 2009 Orion Poplawski - 5.0.0-0.3.200910081739 - Make noarch fedora-release-12-1 --- * Mon Nov 02 2009 Jesse Keating - 12-1 - Set up for Fedora 12 gdm-2.28.1-22.fc12 -- * Tue Nov 03 2009 Ray Strode 2.28.1-21 - Evict Log In button from its house * Tue Nov 03 2009 Ray Strode 2.28.1-22 - Hide search entry. It's too easy to show others your password. glibc-2.11-1 * Mon Nov 02 2009 Andreas Schwab - 2.11-1 - Update to 2.11 release. - Disable multi-arch support on PowerPC again since binutils is too old. - Fix crash in tzdata-update due to use of multi-arch symbol (#532128). * Fri Oct 30 2009 Andreas Schwab - 2.10.90-27 - Update from master. - Fix races in setXid implementation (BZ#3270). - Implement IFUNC for PPC and enable multi-arch support. - Implement mkstemps/mkstemps64 and mkostemps/mkostemps64 (BZ#10349). - Fix IA-64 and S390 sigevent definitions (BZ#10446). - Fix memory leak in NIS grp database handling (BZ#10713). - Print timestamp in nscd debug messages (BZ#10742). - Fix mixing IPv4 and IPv6 name server in resolv.conf. - Fix range checks in coshl. - Implement SSE4.2 optimized strchr and strrchr. - Handle IFUNC symbols in dlsym (#529965). - Misc fixes (BZ#10312, BZ#10315, BZ#10319, BZ#10391, BZ#10425, BZ#10540, BZ#10553, BZ#10564, BZ#10609, BZ#10692, BZ#10780, BZ#10717, BZ#10784, BZ#10789, BZ#10847 - No longer build with -fno-var-tracking-assignments. * Mon Oct 19 2009 Andreas Schwab - 2.10.90-26 - Update from master. - Add longjmp_chk for sparc. - Avoid installing the same libraries twice. gnome-system-monitor-2.28.0-3.fc12 -- * Tue Nov 03 2009 Matthias Clasen - 2.28.0-3 - Don't rely on lsb_release for sysinfo (#532860) gstreamer-plugins-base-0.10.25-5.fc12 -
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
On 11/04/2009 08:14 AM, Rudolf Kastl wrote:
> Why do those packages have to conflict with each other?
>
> 1. seedit and selinux-policy-{targeted,mls} -> i dont see a single
> file conflicting atleast with the targeted policy...
>
> 2. qstat and torque-client both provide a qstat binary... is there
> anything done to get that resolved upstream? or is it a "conflicts and
> forget" scenario?
>
> from my personal pov conflicts should be resolved instead of just
> marked so things can be properly installed in parallel. everything
> else looks broken to me.
>
> kind regards,
> Rudolf Kastl
>
Because seedit getting installed causes selinux-policy-targeted and friends to
get screwed up. People installing everything installs accidentally get seedit
installed and start reporting weird bugs to the selinux-policy package and a
shocked that they are not in the default install.
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
CVS daily checkout seeds
The CVS daily checkout seeds at http://cvs.fedoraproject.org/webfiles/ don't contain a checkout for F-12. Would it be possible for someone to add that? I have also noted that a checkout seed for F-9 is still included, which seems somewhat superfluous. Many thanks, Quentin -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
On Wed, Nov 4, 2009 at 3:07 PM, Jason L Tibbitts III wrote: >> "RK" == Rudolf Kastl writes: > > RK> 2. qstat and torque-client both provide a qstat binary... is there > RK> anything done to get that resolved upstream? or is it a "conflicts > RK> and forget" scenario? > > This one, I think, should be easily resolvable with alternatives. > Would be happy for an alternatives solution. I have yet another /usr/bin/qstat for a POSIX interface to batch on the way at some point. > Actually I think all but a small number of the currently conflicting > packages could be fixed up pretty easily. Currently it doesn't seem > that there's any sort of enforcement outside of the original package > review. > > The way around this is, of course, for someone to spend some time > generating the current list of conflicting packages, proposing > solutions, and working with FESCo in the case that those solutions are > not applied. > > - J< > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
> "ST" == Steve Traylen writes: ST> Would be happy for an alternatives solution. I have yet another ST> /usr/bin/qstat for a POSIX interface to batch on the way at some ST> point. Turns out that the other queuing systems (torque and gridengine) have already renamed their qstat binaries (to qstat-torque and qstat-ge). I would expect that other queuing packages should do the same. - J< -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
2009/11/4 Jason L Tibbitts III : >> "ST" == Steve Traylen writes: > > ST> Would be happy for an alternatives solution. I have yet another > ST> /usr/bin/qstat for a POSIX interface to batch on the way at some > ST> point. > > Turns out that the other queuing systems (torque and gridengine) have > already renamed their qstat binaries (to qstat-torque and qstat-ge). I > would expect that other queuing packages should do the same. that means that the conflict tags in the qemu and the torque-clients package are invalid. thanks for checking jason! kind regards, Rudolf Kastl > > - J< > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote: > 2009/11/4 Jason L Tibbitts III : >>> "ST" == Steve Traylen writes: >> >> ST> Would be happy for an alternatives solution. I have yet another >> ST> /usr/bin/qstat for a POSIX interface to batch on the way at some >> ST> point. >> >> Turns out that the other queuing systems (torque and gridengine) have >> already renamed their qstat binaries (to qstat-torque and qstat-ge). I >> would expect that other queuing packages should do the same. > Yes a qstat-slurm with qstat as alternative across them. Good news. > that means that the conflict tags in the qemu and the torque-clients > package are invalid. > > thanks for checking jason! > > kind regards, > Rudolf Kastl >> >> - J< >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Re: A question about allow_unconfined_mmap_low in f11 amd selinux
Daniel J Walsh redhat.com> writes: > You can run with SELinux in enforcement. > > mmap_low_allowed is the name of the boolean moving forward. > By "moving forward" do you mean that one can, in f11, reset the original boolean and set boolean mmap_low_allowed instead, in a forthcoming policy update? Or is this a planned change coming for f12 but not yet policy in earlier versions? Thanks -- mike -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
2009/11/4 Steve Traylen : > On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote: >> 2009/11/4 Jason L Tibbitts III : "ST" == Steve Traylen writes: >>> >>> ST> Would be happy for an alternatives solution. I have yet another >>> ST> /usr/bin/qstat for a POSIX interface to batch on the way at some >>> ST> point. >>> >>> Turns out that the other queuing systems (torque and gridengine) have >>> already renamed their qstat binaries (to qstat-torque and qstat-ge). I >>> would expect that other queuing packages should do the same. >> > Yes a qstat-slurm with qstat as alternative across them. > Good news. but then the alternatives qstat conflicts with /usr/bin/qstat from the qstat rpm package, doesent it? kind regards, Rudolf Kastl > >> that means that the conflict tags in the qemu and the torque-clients >> package are invalid. >> >> thanks for checking jason! >> >> kind regards, >> Rudolf Kastl >>> >>> - J< >>> >>> -- >>> fedora-devel-list mailing list >>> fedora-devel-list@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > > > -- > Steve Traylen > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
On Wed, Nov 4, 2009 at 4:33 PM, Rudolf Kastl wrote: > 2009/11/4 Steve Traylen : >> On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote: >>> 2009/11/4 Jason L Tibbitts III : > "ST" == Steve Traylen writes: ST> Would be happy for an alternatives solution. I have yet another ST> /usr/bin/qstat for a POSIX interface to batch on the way at some ST> point. Turns out that the other queuing systems (torque and gridengine) have already renamed their qstat binaries (to qstat-torque and qstat-ge). I would expect that other queuing packages should do the same. >>> >> Yes a qstat-slurm with qstat as alternative across them. >> Good news. > > but then the alternatives qstat conflicts with /usr/bin/qstat from > the qstat rpm package, doesent it? The torque spec is creating correctly /usr/bin/qstat as a symlink via alternatives mechanism (reading the .spec only, have not checked). The qstat pkg should do the same. Currently while the qstat pkg is creating a file at /usr/bin/qstat then it is conflicting in the RPM sense. Once qstat pkg uses alternatives as well it will no longer conflict. Two packages that contain alternatives for a single file don't conflct in the RPM sense. You can install both pkgs and then select one to be the real /usr/bin/qstat via the alternatives mechanism. Hope that makes sense. Steve > > kind regards, > Rudolf Kastl > >> >>> that means that the conflict tags in the qemu and the torque-clients >>> package are invalid. >>> >>> thanks for checking jason! >>> >>> kind regards, >>> Rudolf Kastl - J< -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >>> -- >>> fedora-devel-list mailing list >>> fedora-devel-list@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >> >> >> >> -- >> Steve Traylen >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
2009/11/4 Steve Traylen : > On Wed, Nov 4, 2009 at 4:33 PM, Rudolf Kastl wrote: >> 2009/11/4 Steve Traylen : >>> On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote: 2009/11/4 Jason L Tibbitts III : >> "ST" == Steve Traylen writes: > > ST> Would be happy for an alternatives solution. I have yet another > ST> /usr/bin/qstat for a POSIX interface to batch on the way at some > ST> point. > > Turns out that the other queuing systems (torque and gridengine) have > already renamed their qstat binaries (to qstat-torque and qstat-ge). I > would expect that other queuing packages should do the same. >>> Yes a qstat-slurm with qstat as alternative across them. >>> Good news. >> >> but then the alternatives qstat conflicts with /usr/bin/qstat from >> the qstat rpm package, doesent it? > > The torque spec is creating correctly /usr/bin/qstat as a symlink > via alternatives mechanism (reading the .spec only, have not checked). > > The qstat pkg should do the same. Currently while the qstat > pkg is creating a file at /usr/bin/qstat then it is conflicting in > the RPM sense. Once qstat pkg uses alternatives as well > it will no longer conflict. > > Two packages that contain alternatives for a single file > don't conflct in the RPM sense. You can install both pkgs > and then select one to be the real /usr/bin/qstat via > the alternatives mechanism. > Hope that makes sense. it does with one exception... the qstat rpm is basically "quake stat". so it does something completly different than the qstat of torque or gridengine and hmm the real resolution would maybe be to rename the binary of the qstat package then. kind regards, Rudolf Kastl p.s. thanks everyone for the replies and the effort done already. > > Steve > > >> >> kind regards, >> Rudolf Kastl >> >>> that means that the conflict tags in the qemu and the torque-clients package are invalid. thanks for checking jason! kind regards, Rudolf Kastl > > - J< > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >>> >>> >>> -- >>> Steve Traylen >>> >>> -- >>> fedora-devel-list mailing list >>> fedora-devel-list@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > > > -- > Steve Traylen > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
On Wed, Nov 4, 2009 at 4:43 PM, Rudolf Kastl wrote: > 2009/11/4 Steve Traylen : >> On Wed, Nov 4, 2009 at 4:33 PM, Rudolf Kastl wrote: >>> 2009/11/4 Steve Traylen : On Wed, Nov 4, 2009 at 4:11 PM, Rudolf Kastl wrote: > 2009/11/4 Jason L Tibbitts III : >>> "ST" == Steve Traylen writes: >> >> ST> Would be happy for an alternatives solution. I have yet another >> ST> /usr/bin/qstat for a POSIX interface to batch on the way at some >> ST> point. >> >> Turns out that the other queuing systems (torque and gridengine) have >> already renamed their qstat binaries (to qstat-torque and qstat-ge). I >> would expect that other queuing packages should do the same. > Yes a qstat-slurm with qstat as alternative across them. Good news. >>> >>> but then the alternatives qstat conflicts with /usr/bin/qstat from >>> the qstat rpm package, doesent it? >> >> The torque spec is creating correctly /usr/bin/qstat as a symlink >> via alternatives mechanism (reading the .spec only, have not checked). >> >> The qstat pkg should do the same. Currently while the qstat >> pkg is creating a file at /usr/bin/qstat then it is conflicting in >> the RPM sense. Once qstat pkg uses alternatives as well >> it will no longer conflict. >> >> Two packages that contain alternatives for a single file >> don't conflct in the RPM sense. You can install both pkgs >> and then select one to be the real /usr/bin/qstat via >> the alternatives mechanism. >> Hope that makes sense. > > it does with one exception... the qstat rpm is basically "quake stat". > so it does something completly different than the qstat of torque or > gridengine and hmm the real resolution would maybe be to rename the > binary of the qstat package then. Yes you are right, the qstat qstat package should rename since that location is reserved by POSIX and anyway torque got there first. > > kind regards, > Rudolf Kastl > > p.s. thanks everyone for the replies and the effort done already. > >> >> Steve >> >> >>> >>> kind regards, >>> Rudolf Kastl >>> > that means that the conflict tags in the qemu and the torque-clients > package are invalid. > > thanks for checking jason! > > kind regards, > Rudolf Kastl >> >> - J< >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >>> -- >>> fedora-devel-list mailing list >>> fedora-devel-list@redhat.com >>> https://www.redhat.com/mailman/listinfo/fedora-devel-list >>> >> >> >> >> -- >> Steve Traylen >> >> -- >> fedora-devel-list mailing list >> fedora-devel-list@redhat.com >> https://www.redhat.com/mailman/listinfo/fedora-devel-list >> > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
On 11/04/2009 10:23 AM, mike cloaked wrote: > Daniel J Walsh redhat.com> writes: > >> You can run with SELinux in enforcement. >> >> mmap_low_allowed is the name of the boolean moving forward. >> > > By "moving forward" do you mean that one can, in f11, reset the > original boolean and set boolean mmap_low_allowed instead, in a > forthcoming policy update? > > Or is this a planned change coming for f12 but not yet policy in > earlier versions? > > Thanks > allow_unconfined_mmap_zero boolean meant to allow unconfined_domains to mmap_zero. vbetool_exec_t and wine_exec_t have this capability without the boolean. We have removed that altogether. Now out of the box NO apps will have the ability to mmap_zero. If you want to run wine or vbetool(Hopefully fixed soon) You will have to set the boolean. All unconfined_domains will continue then also have this access. This access has proven to be a critical security feature, and several kernel/root vulnerabilities will be prevented by turning this boolean off, with the only down side, preventing old windows applications from running by default in wine. (If vbetool is fixed). -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
On 11/04/2009 10:23 AM, mike cloaked wrote: > Daniel J Walsh redhat.com> writes: > >> You can run with SELinux in enforcement. >> >> mmap_low_allowed is the name of the boolean moving forward. >> > > By "moving forward" do you mean that one can, in f11, reset the > original boolean and set boolean mmap_low_allowed instead, in a > forthcoming policy update? > > Or is this a planned change coming for f12 but not yet policy in > earlier versions? > > Thanks > We have setroubleshoot plugins that explain exactly to the users what they need to do to turn make their wine apps run. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On 11/04/2009 07:47 AM, Rawhide Report wrote: Compose started at Wed Nov 4 08:15:08 UTC 2009 Broken deps for ppc64 -- eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires eclipse-cdt>= 1:6.0 Is there any way to exclude a noarch package from certain arches? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA DivisionFAX: 303-415-9702 3380 Mitchell Lane or...@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
* Orion Poplawski [2009-11-04 10:58]: > On 11/04/2009 07:47 AM, Rawhide Report wrote: > >Compose started at Wed Nov 4 08:15:08 UTC 2009 > > > >Broken deps for ppc64 > >-- > > eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires > > eclipse-cdt>= 1:6.0 > > > > Is there any way to exclude a noarch package from certain arches? ExcludeArch -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On 11/04/2009 09:04 AM, Andrew Overholt wrote: * Orion Poplawski [2009-11-04 10:58]: On 11/04/2009 07:47 AM, Rawhide Report wrote: Compose started at Wed Nov 4 08:15:08 UTC 2009 Broken deps for ppc64 -- eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires eclipse-cdt>= 1:6.0 Is there any way to exclude a noarch package from certain arches? ExcludeArch I did ExcludeArch: ppc64 and submitted a build, but it attempted to build it on a ppc64 machine: http://koji.fedoraproject.org/koji/taskinfo?taskID=1787949 Should I just keep retrying until I get another arch? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA DivisionFAX: 303-415-9702 3380 Mitchell Lane or...@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, Nov 4, 2009 at 5:04 PM, Andrew Overholt wrote: > * Orion Poplawski [2009-11-04 10:58]: >> On 11/04/2009 07:47 AM, Rawhide Report wrote: >> >Compose started at Wed Nov 4 08:15:08 UTC 2009 >> > >> >Broken deps for ppc64 >> >-- >> > eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires >> > eclipse-cdt>= 1:6.0 >> > >> >> Is there any way to exclude a noarch package from certain arches? > > ExcludeArch > Maybe I am missing something here but if the architecture matters it's not a a noarch package by definition. > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- Steve Traylen -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
* Steve Traylen [2009-11-04 11:18]: > On Wed, Nov 4, 2009 at 5:04 PM, Andrew Overholt wrote: > > * Orion Poplawski [2009-11-04 10:58]: > >> On 11/04/2009 07:47 AM, Rawhide Report wrote: > >> >Compose started at Wed Nov 4 08:15:08 UTC 2009 > >> > > >> >Broken deps for ppc64 > >> >-- > >> > eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires > >> > eclipse-cdt>= 1:6.0 > >> > > >> > >> Is there any way to exclude a noarch package from certain arches? > > > > ExcludeArch > > > Maybe I am missing something here but if the architecture matters it's not a > a noarch package by definition. The architecture of a dependency matters. In the past, we've made packages such as this arch-dependent. Andrew -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
2009/11/4 Steve Traylen : > On Wed, Nov 4, 2009 at 5:04 PM, Andrew Overholt wrote: >> * Orion Poplawski [2009-11-04 10:58]: >>> On 11/04/2009 07:47 AM, Rawhide Report wrote: >>> >Compose started at Wed Nov 4 08:15:08 UTC 2009 >>> > >>> >Broken deps for ppc64 >>> >-- >>> > eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires >>> > eclipse-cdt>= 1:6.0 >>> > >>> >>> Is there any way to exclude a noarch package from certain arches? >> >> ExcludeArch >> > Maybe I am missing something here but if the architecture matters it's not a > a noarch package by definition. > It's a Java package, so it *is* effectively noarch, but it depends on an archful package that excludes ppc64. -- Mat Booth A: Because it destroys the order of the conversation. Q: Why shouldn't you do it? A: Posting your reply above the original message. Q: What is top-posting? -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, 04 Nov 2009 09:06:34 -0700, Orion wrote: > On 11/04/2009 09:04 AM, Andrew Overholt wrote: > > * Orion Poplawski [2009-11-04 10:58]: > >> On 11/04/2009 07:47 AM, Rawhide Report wrote: > >>> Compose started at Wed Nov 4 08:15:08 UTC 2009 > >>> > >>> Broken deps for ppc64 > >>> -- > >>> eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires > >>> eclipse-cdt>= 1:6.0 > >>> > >> > >> Is there any way to exclude a noarch package from certain arches? > > > > ExcludeArch > > > > I did ExcludeArch: ppc64 and submitted a build, but it attempted to > build it on a ppc64 machine: > > http://koji.fedoraproject.org/koji/taskinfo?taskID=1787949 > > Should I just keep retrying until I get another arch? No. If it cannot be built on ppc64, it's not noarch, but arch-specific. However, the previous response was correct. You can use ExcludeArch for noarch packages, which can be built on an arbitrary arch, but would suffer from missing install-time dependencies on specific archs. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
rfkill
Addition of a working version of rfkill in Fedora 12 has been really welcomed. In my application, I would like to monitor the RF kill switch to detect when user enables/disables Wi-Fi on the system. I thought I could use the rfkill executable to do this, using "rfkill event", piping the output using popen in my process. However, rfkill outputs the events on standard output, but does not flush every time it reports an event. When I perform fgets to get the events, I get nothing. I am wondering if it would be possible to add a fflush on stdout when events are reported on stdout inside rfkill. Martin -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
mmap_low_allowed is the name of the boolean moving forward.
This access has proven to be a critical security feature,
and several kernel/root vulnerabilities will be prevented
by turning this boolean off, with the only down side,
preventing old windows applications from running by default in wine.
(If vbetool is fixed).
It is a mistake to believe "the only down side is preventing
old [W]indows applications from running by default in wine."
The claim is not true.
I have three applications that fundamentally fail to work
if mmap(0,PAGE_SIZE,,MAP_FIXED,,) is disallowed. Addressing
memory at address 0 is fundamental to the way that they work.
Using "any other page" would totally prevent two of the apps
from working at all, and would severely cripple the third.
They are not "old [W]indows apps". They are every-day utilities
and development tools written for Linux, and I object to them
being broken.
The kernel could remove 99.9% of the vulnerability, with
no dynamic cost to processes that don't use page 0, by:
1. Reduce STACK_TOP by one page, and reserve the corresponding
virtual page frame.
2. If a process does mmap(0,,,MAP_FIXED,,) then turn on the
process status bit which forces "slow path" for kernel entry
via system call from that process. In the slow path, check for
a mapping at page 0 and if so then move that mapping to the
reserved page at STACK_TOP, and turn off the mapping at page 0.
Reverse the substitution when returning from the syscall.
3. Add the necessary check in the trap handler for
copy_{to,from}_user() to handle intended kernel access to page 0
(including I/O) by substituting the reserved page instead.
This would allow mmap(0,,,MAP_FIXED,,) yet still protect all
synchronous kernel execution. The only remaining window of
vulnerability is interrupt handlers. If an interrupt handler
is touching *any* user address space then the problems are more
serious than mmap(0).
--
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rfkill
On Wed, 2009-11-04 at 11:35 -0500, Martin Dubuc wrote: > Addition of a working version of rfkill in Fedora 12 has been really > welcomed. In my application, I would like to monitor the RF kill > switch to detect when user enables/disables Wi-Fi on the system. I > thought I could use the rfkill executable to do this, using "rfkill > event", piping the output using popen in my process. However, rfkill > outputs the events on standard output, but does not flush every time > it reports an event. When I perform fgets to get the events, I get > nothing. I am wondering if it would be possible to add a fflush on > stdout when events are reported on stdout inside rfkill. You're probably better off monitoring /dev/rfkill yourself directly (for now[1]), there's example code in gnome-bluetooth, look at lib/bluetooth-killswitch.c. You'd basically just need to change the type of killswitch you're monitoring. Cheers [1]: We'd probably want a D-Busified rfkilld in the future. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Ubuntu shows updates / security updates on shell logins
Newly installed Ubuntu 9.10, when you log in over ssh you may see: 34 packages can be updated. 10 updates are security updates. I think this is a nice feature, because many administrators will log in to servers remotely over ssh and never see the graphical indications from packagekit et al. Actually I was trying to work out how it's implemented. The text goes into /etc/motd, and as near as I can tell, the Ubuntu "update-manager" (roughly equivalent of PackageKit) rewrites it whenever packages become available or get installed. Is this something that PackageKit could also do? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
On Wed, 2009-11-04 at 08:38 -0800, John Reiser wrote:
> The kernel could remove 99.9% of the vulnerability, with
> no dynamic cost to processes that don't use page 0, by:
> 1. Reduce STACK_TOP by one page, and reserve the corresponding
> virtual page frame.
> 2. If a process does mmap(0,,,MAP_FIXED,,) then turn on the
> process status bit which forces "slow path" for kernel entry
> via system call from that process. In the slow path, check for
> a mapping at page 0 and if so then move that mapping to the
> reserved page at STACK_TOP, and turn off the mapping at page 0.
> Reverse the substitution when returning from the syscall.
> 3. Add the necessary check in the trap handler for
> copy_{to,from}_user() to handle intended kernel access to page 0
> (including I/O) by substituting the reserved page instead.
>
> This would allow mmap(0,,,MAP_FIXED,,) yet still protect all
> synchronous kernel execution. The only remaining window of
> vulnerability is interrupt handlers. If an interrupt handler
> is touching *any* user address space then the problems are more
> serious than mmap(0).
That's an interesting thought, do you think you could code something
like that and post it to lkml? I certainly might get some traction.
-Eric
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, Nov 04, 2009 at 09:06:34AM -0700, Orion Poplawski wrote: > I did ExcludeArch: ppc64 and submitted a build, but it attempted to > build it on a ppc64 machine: > > http://koji.fedoraproject.org/koji/taskinfo?taskID=1787949 > > Should I just keep retrying until I get another arch? Koji / RPM doesn't understand this case. It occurs for Fedora MinGW too: if we want to run tests, we need Wine. Wine is an x86-only package, but all mingw32-* packages are built as noarch. It's pot-luck whether they get an x86 builder or not. As a sad result of this, we cannot run any tests in mingw32-* packages. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones New in Fedora 11: Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 70 libraries supprt'd http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, Nov 04, 2009 at 05:18:00PM +0100, Steve Traylen wrote: > Maybe I am missing something here but if the architecture matters it's not a > a noarch package by definition. No. "noarch" describes the contents of the final RPM. But it doesn't take into account that arch-specific stuff might be required to build the package. This is a shortcoming of RPM / Koji -- see my other post in this thread. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-top is 'top' for virtual machines. Tiny program with many powerful monitoring features, net stats, disk stats, logging, etc. http://et.redhat.com/~rjones/virt-top -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, 4 Nov 2009, Richard W.M. Jones wrote: Newly installed Ubuntu 9.10, when you log in over ssh you may see: 34 packages can be updated. 10 updates are security updates. I think this is a nice feature, because many administrators will log in to servers remotely over ssh and never see the graphical indications from packagekit et al. Administrators should not be relying on logging into a machine to know what is in need of updates. We have multiple mechanisms to notify admins about boxes needing updates. Adding it to the MOTD seems like an odd choice. > Actually I was trying to work out how it's implemented. The text goes into /etc/motd, and as near as I can tell, the Ubuntu "update-manager" (roughly equivalent of PackageKit) rewrites it whenever packages become available or get installed. Is this something that PackageKit could also do? Look at yum-cron and how it is can send emails or other events when updates need to be applied. -sv -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
> "RWMJ" == Richard W M Jones writes: RWMJ> Newly installed Ubuntu 9.10, when you log in over ssh you may see: RWMJ> 34 packages can be updated. 10 updates are security updates. What a terrible idea. My users, who are welcome to ssh into a number of machines at my site, have no need to see that information. RWMJ> Actually I was trying to work out how it's implemented. Get information, append to /etc/motd. You could parse yum output in a cron job if you really wanted it. It would almost certainly be better to mail that information, though, if the admin really wants it. I often go some time without actually having to ssh into many of my server. - J< -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, Nov 04, 2009 at 11:57:29AM -0500, Seth Vidal wrote: > On Wed, 4 Nov 2009, Richard W.M. Jones wrote: >> Newly installed Ubuntu 9.10, when you log in over ssh you may see: >> >> 34 packages can be updated. >> 10 updates are security updates. >> >> I think this is a nice feature, because many administrators will log >> in to servers remotely over ssh and never see the graphical >> indications from packagekit et al. > > Administrators should not be relying on logging into a machine to know > what is in need of updates. We have multiple mechanisms to notify admins > about boxes needing updates. Adding it to the MOTD seems like an odd > choice. Perhaps in the perfect world of Big Enterprise Installs, but I can assure in the real world that sysadmins do log in at ad hoc intervals to check if anything needs updating. In any case, what is the downside to displaying this? Your logging/ email mechanisms might have gone wrong, and this would be an indication that scheduled updates didn't happen. > Look at yum-cron and how it is can send emails or other events when > updates need to be applied. I'll take a look. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones New in Fedora 11: Fedora Windows cross-compiler. Compile Windows programs, test, and build Windows installers. Over 70 libraries supprt'd http://fedoraproject.org/wiki/MinGW http://www.annexia.org/fedora_mingw -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
2009/11/4 Orion Poplawski : > Is there any way to exclude a noarch package from certain arches? If it does depends on arch, then it isn't a noarch. -- With best regards, Peter Lemenkov. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, Nov 4, 2009 at 11:02 AM, Jason L Tibbitts III wrote: >> "RWMJ" == Richard W M Jones writes: > > RWMJ> Newly installed Ubuntu 9.10, when you log in over ssh you may see: > RWMJ> 34 packages can be updated. 10 updates are security updates. > > What a terrible idea. My users, who are welcome to ssh into a number of > machines at my site, have no need to see that information. It's a good idea for one off jobs where the primary user is also the admin, but not so good for shared systems. Personally I think a better plan would be to display that information *only* if the user is flagged as an administrator, group root, wheel, etc. > RWMJ> Actually I was trying to work out how it's implemented. > > Get information, append to /etc/motd. You could parse yum output in a > cron job if you really wanted it. It would almost certainly be better > to mail that information, though, if the admin really wants it. I often > go some time without actually having to ssh into many of my server. > > - J< > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list -- Richard June Orion Technology Solutions 574.933.1576 http://www.oriontechnologysolutions.com -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
bug against qstat filed: https://bugzilla.redhat.com/show_bug.cgi?id=533016 as for seedit: i am going to investigate it further. kind regards, Rudolf Kastl -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On 04/11/09 17:09, Peter Lemenkov wrote: 2009/11/4 Orion Poplawski: Is there any way to exclude a noarch package from certain arches? If it does depends on arch, then it isn't a noarch. So a noarch script package that depends on its arch script interpreter (e.g. all python and perl packages) should be arch packages? Paul. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, 2009-11-04 at 17:20 +, Paul Howarth wrote: > So a noarch script package that depends on its arch script interpreter > (e.g. all python and perl packages) should be arch packages? > And bash for that matter. This is a known problem with rpm/koji. The distinction between "noarch" and "arch specific" is a difficult one to draw. We do have support in our compose tools to look up an srpm and determine whether or not a noarch rpm has Exclude/ExclusiveArch settings (since that data doesn't propagate to the noarch rpm itself). What we don't have just yet is code in koji to detect a noarch build that has Exclude/ExclusiveArch settings and avoid sending said build to one of those arches. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating signature.asc Description: This is a digitally signed message part -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes
Rawhide Report wrote: > Broken deps for ppc64 > -- > eclipse-photran-5.0.0-0.3.200910081739.fc12.noarch requires eclipse-cdt >= > 1:6.0 [snip] > eclipse-photran-5.0.0-0.3.200910081739.fc12 > --- > * Tue Nov 03 2009 Orion Poplawski - > 5.0.0-0.3.200910081739 - Make noarch Thank you for having introduced this broken dependency with this completely unnecessary change so late in F12's cycle. It was looking so boring without any broken dependencies! Now seriously, this dependency will normally be satisfied by the 32-bit ppc package (we don't really support pure ppc64 installations), so it's not a big deal, but why was this change made at this point in time? Making a package noarch is not a critical bugfix! Kevin Kofler -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Kernel using LZMA compression
> The executive summary is: Xen does not let a kernel boot itself, because > mimicking bare hardware is too tedious (and pointless.) Instead, Xen > instantiates an instance of a kernel into the Xen environment. To do this > instantiation, Xen does its own decompression, so Xen must know everything > about the compression. I know you're right. But that sound stupid to me: The kernel itself has routines built-in for decompression. Why isn't it enough to let Xen use the same routines for decompression as the kernel? -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Kernel using LZMA compression
On 11/04/2009 06:18 PM, Ikem Krueger wrote: The executive summary is: Xen does not let a kernel boot itself, because mimicking bare hardware is too tedious (and pointless.) Instead, Xen instantiates an instance of a kernel into the Xen environment. To do this instantiation, Xen does its own decompression, so Xen must know everything about the compression. I know you're right. But that sound stupid to me: The kernel itself has routines built-in for decompression. Why isn't it enough to let Xen use the same routines for decompression as the kernel? I am reading between the lines here (I have never looked at this stuff in Xen) but I would assume it's for the reason given above. The kernel's own decompression routines must run very early on in the boot process - well before the first line of C code runs and while the CPU (on x86) is still running in legacy real addressing mode (right after the handover from the bootloader and relocation of the kernel image). It's emulating this early-boot environment that is tedious and pointless and being able to use the in-kernel decompresser is not sufficient motivation to go down that route. Regards, Bryn. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
Jesse Keating wrote: > On Wed, 2009-11-04 at 17:20 +, Paul Howarth wrote: > > So a noarch script package that depends on its arch script interpreter > > (e.g. all python and perl packages) should be arch packages? > > And bash for that matter. Unless the interpreter is available on all of the architectures that Fedora supports, which Python, Perl and Bash are as far as I can see. Björn Persson signature.asc Description: This is a digitally signed message part. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Kernel using LZMA compression
> I am reading between the lines here (I have never looked at this stuff in > Xen) but I would assume it's for the reason given above. The kernel's own > decompression routines must run very early on in the boot process - well > before the first line of C code runs and while the CPU (on x86) is still > running in legacy real addressing mode (right after the handover from the > bootloader and relocation of the kernel image). Ok. Sounds plausible. How is it to seperate the routines? Can they brought from "legacy mode" to "real mode"? -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
> Because seedit getting installed causes selinux-policy-targeted and friends > to get screwed up. That sounds like a reason to not ship seedit. Am I missing something? Bill -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
Richard June wrote: > It's a good idea for one off jobs where the primary user is also the > admin, but not so good for shared systems. Personally I think a better > plan would be to display that information *only* if the user is > flagged as an administrator, group root, wheel, etc. It's actually a security risk to display this to non-admin users. It's like putting a sticker on your door saying "This door is not locked because my keyhole is not working." Kevin Kofler -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, Nov 4, 2009 at 12:38 PM, Kevin Kofler wrote: > It's actually a security risk to display this to non-admin users. It's like > putting a sticker on your door saying "This door is not locked because my > keyhole is not working." > By that logic, Packagekit displaying that to endusers is the same thing. I like the idea of showing that on admin login. I think its useful for server administrators. -- Ing. Juan M. Rodriguez Moreno Desarrollador de Sistemas Abiertos Sitio: http://proyectofedora.org/mexico -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, 2009-11-04 at 19:31 +0100, Björn Persson wrote: > > Unless the interpreter is available on all of the architectures that Fedora > supports, which Python, Perl and Bash are as far as I can see. Until we add a new arch. But that still leaves things like java, mono, ruby, etc as problem areas where "noarch" may not actually be "noarch". -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating signature.asc Description: This is a digitally signed message part -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
On Wed, 2009-11-04 at 08:38 -0800, John Reiser wrote:
> I have three applications that fundamentally fail to work
> if mmap(0,PAGE_SIZE,,MAP_FIXED,,) is disallowed. Addressing
> memory at address 0 is fundamental to the way that they work.
> Using "any other page" would totally prevent two of the apps
> from working at all, and would severely cripple the third.
> They are not "old [W]indows apps". They are every-day utilities
> and development tools written for Linux, and I object to them
> being broken.
You're saying you have apps that rely on being able to dereference the
zero page, and _not_ because the processor mode requires it? I thought
the vax died long ago.
> The kernel could remove 99.9% of the vulnerability, with
> no dynamic cost to processes that don't use page 0, by:
> 1. Reduce STACK_TOP by one page, and reserve the corresponding
> virtual page frame.
> 2. If a process does mmap(0,,,MAP_FIXED,,) then turn on the
> process status bit which forces "slow path" for kernel entry
> via system call from that process. In the slow path, check for
> a mapping at page 0 and if so then move that mapping to the
> reserved page at STACK_TOP, and turn off the mapping at page 0.
> Reverse the substitution when returning from the syscall.
> 3. Add the necessary check in the trap handler for
> copy_{to,from}_user() to handle intended kernel access to page 0
> (including I/O) by substituting the reserved page instead.
>
> This would allow mmap(0,,,MAP_FIXED,,) yet still protect all
> synchronous kernel execution. The only remaining window of
> vulnerability is interrupt handlers. If an interrupt handler
> is touching *any* user address space then the problems are more
> serious than mmap(0).
The problem is that the address space doesn't change when in the
interrupt handler; the zero page will still be mapped, so if there's a
bug in the interrupt handler that would normally oops, well, now it
won't.
Yes, bugs like that _have_ been found. Pretty sure they've been
exploited in the wild too.
You could probably fix this by checking if the zero page is mapped at
any context switch into the kernel (including interrupt) and doing
mprotect(PROT_NONE) on it if so. This adds a small but more or less
fixed overhead on every interrupt, plus a fairly high overhead when an
interrupt fires while the zero-mapping process is running.
- ajax
signature.asc
Description: This is a digitally signed message part
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: conflict between seedit <-> selinux-policy and qstat <-> torque-client
2009/11/4 Bill Nottingham : >> Because seedit getting installed causes selinux-policy-targeted and friends >> to get screwed up. > > That sounds like a reason to not ship seedit. Am I missing something? on first start of the seedit-gui there is a popup: "you have to initialize before using selinux policy editor. and policy is replaced with seedits original policy. if ok press initialize button" there is no cancel button... but you can close that popup window. actually this looks like a bad idea and terrible design to me. why do i have to replace my workstations default policy to use the editor? *shrugs* kind regards, Rudolf Kastl > > Bill > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On 11/04/2009 10:39 AM, Jesse Keating wrote: On Wed, 2009-11-04 at 17:20 +, Paul Howarth wrote: So a noarch script package that depends on its arch script interpreter (e.g. all python and perl packages) should be arch packages? And bash for that matter. This is a known problem with rpm/koji. The distinction between "noarch" and "arch specific" is a difficult one to draw. We do have support in our compose tools to look up an srpm and determine whether or not a noarch rpm has Exclude/ExclusiveArch settings (since that data doesn't propagate to the noarch rpm itself). What we don't have just yet is code in koji to detect a noarch build that has Exclude/ExclusiveArch settings and avoid sending said build to one of those arches. So, I managed to do a build with: BuildArch: noarch ExcludeArch: ppc64 If that gets tagged, it will get excluded from the ppc64 repo? -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA DivisionFAX: 303-415-9702 3380 Mitchell Lane or...@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, Nov 4, 2009 at 11:50 AM, Jesse Keating wrote: > Until we add a new arch. But that still leaves things like java, mono, > ruby, etc as problem areas where "noarch" may not actually be "noarch". We seem to be using "noarch" in two different senses: 1. Contains no machine code, other architecture-specific bits, or build-system-specific artifacts (like build timestamps, build machine names, etc.) 2. Can be built/installed/consumed on any architecture. Those aren't the same. Since the addition of a new arch can break #2, how can packagers mean anything other than #1 by "noarch"? -- Jerry James http://www.jamezone.org/ -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, Nov 4, 2009 at 12:38 PM, Kevin Kofler wrote: > Richard June wrote: >> It's a good idea for one off jobs where the primary user is also the >> admin, but not so good for shared systems. Personally I think a better >> plan would be to display that information *only* if the user is >> flagged as an administrator, group root, wheel, etc. > > It's actually a security risk to display this to non-admin users. It's like > putting a sticker on your door saying "This door is not locked because my > keyhole is not working." > > Kevin Kofler Perhaps I was unclear. It's a good idea to display this for administrative users. Somebody in the root or wheel group for example. But not so useful for normal users. -- Richard June Orion Technology Solutions 574.933.1576 http://www.oriontechnologysolutions.com -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: A question about allow_unconfined_mmap_low in f11 amd selinux
You're saying you have apps that rely on being able to dereference the zero page, and _not_ because the processor mode requires it? I thought the vax died long ago. The apps were written intentionally to exploit being able to use page 0. It's significantly faster (a factor of 10 or more) and simpler (thousands of lines of code that aren't needed) and easier to use (x<==>y versus x<==>(y + k).) With an identity map the hardware already understands the app's abstraction. -- -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, 4 Nov 2009, Kevin Kofler wrote: Richard June wrote: It's a good idea for one off jobs where the primary user is also the admin, but not so good for shared systems. Personally I think a better plan would be to display that information *only* if the user is flagged as an administrator, group root, wheel, etc. It's actually a security risk to display this to non-admin users. It's like putting a sticker on your door saying "This door is not locked because my keyhole is not working." i don't think it is a security risk. Or rather - if it is then the rpmdb should not be readable by non-root users. -sv -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Kernel using LZMA compression
On 11/04/2009 06:37 PM, Ikem Krueger wrote: I am reading between the lines here (I have never looked at this stuff in Xen) but I would assume it's for the reason given above. The kernel's own decompression routines must run very early on in the boot process - well before the first line of C code runs and while the CPU (on x86) is still running in legacy real addressing mode (right after the handover from the bootloader and relocation of the kernel image). Ok. Sounds plausible. How is it to seperate the routines? Can they brought from "legacy mode" to "real mode"? Quite tricky I'd guess - it's chicken-and-egg. The code to switch the CPU from real mode to protected mode is in the kernel's startup routines *inside* the compressed image. I don't think anyone is going to want to reorganise things to move that code to the primitive early-boot period - the idea is to do as little as possible in that part of the kernel and leave everything else to later in the boot process when life gets easier. Decompressing the kernel is always going to be done in that part of the startup sequence because that's when it has to happen. Regards, Bryn. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
2009/11/4 Kevin Kofler : > Richard June wrote: >> It's a good idea for one off jobs where the primary user is also the >> admin, but not so good for shared systems. Personally I think a better >> plan would be to display that information *only* if the user is >> flagged as an administrator, group root, wheel, etc. > > It's actually a security risk to display this to non-admin users. It's like > putting a sticker on your door saying "This door is not locked because my > keyhole is not working." Well, in this case you're posting it on the *inside* of your door. :) If someone has shell access, they can always run "foo --version", so I don't think this introduces any security risks that aren't already posed by someone having a shell on your server. Cheers, -- McGill University IT Security Konstantin Ryabitsev Montréal, Québec -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rfkill
On Wed, 2009-11-04 at 16:48 +, Bastien Nocera wrote: > On Wed, 2009-11-04 at 11:35 -0500, Martin Dubuc wrote: > > Addition of a working version of rfkill in Fedora 12 has been really > > welcomed. In my application, I would like to monitor the RF kill > > switch to detect when user enables/disables Wi-Fi on the system. I > > thought I could use the rfkill executable to do this, using "rfkill > > event", piping the output using popen in my process. However, rfkill > > outputs the events on standard output, but does not flush every time > > it reports an event. When I perform fgets to get the events, I get > > nothing. I am wondering if it would be possible to add a fflush on > > stdout when events are reported on stdout inside rfkill. > > You're probably better off monitoring /dev/rfkill yourself directly (for > now[1]), there's example code in gnome-bluetooth, look at > lib/bluetooth-killswitch.c. > > You'd basically just need to change the type of killswitch you're > monitoring. > > Cheers > > [1]: We'd probably want a D-Busified rfkilld in the future. johannes and marcel keep talking about this but haven't gotten there yet. Dan -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Boot from CD, safe changes to USB-Stick
You don't wanna change something on the harddisks, but wanna safe the changes. So you boot from Live-CD and the changes are redirected to the USB-Stick. Puppy Linux does it that way*. I wanna see it in Fedora. :D *http://puppylinux.com/development/howpuppyworks.html *http://puppylinux.com/development/pup2layers.png -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
Once upon a time, Seth Vidal said: > i don't think it is a security risk. Or rather - if it is then the rpmdb > should not be readable by non-root users. If knowing installed versions are a security risk, then so is "uname -r" and almost any command that takes "-v" to display the version. -- Chris Adams Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Ubuntu shows updates / security updates on shell logins
On Wed, 4 Nov 2009, Chris Adams wrote: Once upon a time, Seth Vidal said: i don't think it is a security risk. Or rather - if it is then the rpmdb should not be readable by non-root users. If knowing installed versions are a security risk, then so is "uname -r" and almost any command that takes "-v" to display the version. right. -sv -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
Duane Smith on 11/04/2009 02:13 PM wrote: > You don't wanna change something on the harddisks, but wanna safe the > changes. So you boot from Live-CD and the changes are redirected to > the USB-Stick. Puppy Linux does it that way*. I wanna see it in > Fedora. :D Already possible I believe. I think there's a persistent overlay kernel command argument that you can point to use a file on your USB drive if you're booting from CD. I may be wrong on this though. It's easier just to boot from USB though. Faster all the way around. CD/DVDs take ages to boot. I know persistant overlay works swell with this method. I use it personally. Is booting from USB not an option for you? -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
> Already possible I believe. I think there's a persistent overlay kernel > command argument that you can point to use a file on your USB drive if you're > booting from CD. I may be wrong on this though. I research for that.. > It's easier just to boot from USB though. Faster all the way around. CD/DVDs > take ages to boot. I know persistant overlay works swell with this method. I > use it personally. Is booting from USB not an option for you? Nope. My pc won't boot from stick. :S -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, 2009-11-04 at 11:53 -0700, Orion Poplawski wrote: > If that gets tagged, it will get excluded from the ppc64 repo? Yes -- Jesse Keating RHCE (http://jkeating.livejournal.com) Fedora Project (http://fedoraproject.org/wiki/JesseKeating) GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub) identi.ca (http://identi.ca/jkeating) signature.asc Description: This is a digitally signed message part -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: rawhide report: 20091104 changes - excluding noarch packages
On Wed, 2009-11-04 at 12:00 -0700, Jerry James wrote: > Those aren't the same. Since the addition of a new arch can break #2, > how can packagers mean anything other than #1 by "noarch"? They can't, but it was a historical assumption that if you indicate #1, you're implicitly indicating #2. This has proven to break down as of late, so we have to re-do the logic code around where a build can be done. It's no longer safe to assume that "noarch" means "anyarch". -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating signature.asc Description: This is a digitally signed message part -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: help debugging segfault with alienarena 7.32
On 11/03/2009 03:23 PM, Tom "spot" Callaway wrote: > On 11/03/2009 02:16 PM, Jerry James wrote: >> My guess (and it is just a guess) is that this is triggering multiple >> initializations of portaudio. Try this patch: Well, it turned out to be a lot more complicated than that. Alienarena uses OpenAL-soft, which dlopens portaudio if it is present. Portaudio is compiled with support for jack, and asks jack if there is a valid client available to use. On my system (default F-12), there isn't, so the jack call returns NULL. Unfortunately, when that jack function which checks on the client is run, it spawns a new thread, which wasn't getting closed. After portaudio finished its check, openal-soft dlclosed it, with that thread that jack spawned still alive. This caused the segfault. Your original suggestion merely delayed the issue, because openal was being dlopened later instead of loading on initial execution. Ray Strode helped me debug this, and I've updated jack with the fix for this. Patch is here: http://trac.jackaudio.org/ticket/140 Thanks to all who helped out here. ~spot -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: CVS daily checkout seeds
On Wed, Nov 04, 2009 at 02:51:27PM +, Quentin Armitage wrote: > The CVS daily checkout seeds at http://cvs.fedoraproject.org/webfiles/ > don't contain a checkout for F-12. Would it be possible for someone to > add that? > > I have also noted that a checkout seed for F-9 is still included, which > seems somewhat superfluous. I have created a ticket for this in the infrastructure bug tracker: https://fedorahosted.org/fedora-infrastructure/ticket/1784 If you have an FAS account, you can also create tickets there by yourself, because this is not the right mailing list to report such issues. You can also add yourself on the CC list, if you have FAS account to get notified in case someone works on it. Regards Till pgpQcYK0HSUi6.pgp Description: PGP signature -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
2009/11/4 Ikem Krueger : >> Already possible I believe. I think there's a persistent overlay kernel >> command argument that you can point to use a file on your USB drive if >> you're booting from CD. I may be wrong on this though. > > I research for that.. > >> It's easier just to boot from USB though. Faster all the way around. CD/DVDs >> take ages to boot. I know persistant overlay works swell with this method. I >> use it personally. Is booting from USB not an option for you? > > Nope. My pc won't boot from stick. :S > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > This way you can make changes to your "home directory" on the usb stick. No changes to the iso image though. Otherwise you have to recreate the iso. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
2009/11/4 Ikem Krueger : >> Already possible I believe. I think there's a persistent overlay kernel >> command argument that you can point to use a file on your USB drive if >> you're booting from CD. I may be wrong on this though. > > I research for that.. > >> It's easier just to boot from USB though. Faster all the way around. CD/DVDs >> take ages to boot. I know persistant overlay works swell with this method. I >> use it personally. Is booting from USB not an option for you? > > Nope. My pc won't boot from stick. :S > > -- > fedora-devel-list mailing list > fedora-devel-list@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-devel-list > Look here: https://fedoraproject.org/wiki/How_to_create_and_use_Live_USB and scroll down to data persistence -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: help debugging segfault with alienarena 7.32
On Wed, Nov 04, 2009 at 16:12:40 -0500, Tom spot Callaway wrote: > On 11/03/2009 03:23 PM, Tom "spot" Callaway wrote: > > Well, it turned out to be a lot more complicated than that. Alienarena > uses OpenAL-soft, which dlopens portaudio if it is present. Portaudio is Are you able to adjust the volume when using pulse? I am having a problem with glest (that also uses OpenAL-soft), and I think it is probably an OpenAL-soft issue, but I don't know for sure. I also tried telling OpenAL-soft to use a pulse plugin and that just caused glest to hang. If the problem is with glest, I need to figure it out. If it is with OpenAL-soft I need to make sure proper bugs have been filed against it. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Addition to the Policy for non responsive maintainers
Greetings. FESCo has made an additional 'fast track' process for non responsive maintainers available for some rare cases. See https://fedoraproject.org/wiki/Policy_for_nonresponsive_package_maintainers#Fast_Track_procedure for more details. See https://fedorahosted.org/fesco/ticket/251 for more discussion. As well as: http://meetbot.fedoraproject.org/fedora-meeting/2009-09-18/fedora-meeting.2009-09-18-16.59.log.html#l-31 For the meeting discussion. Sorry for the delay in writing this up and announcing it. We have enacted a new process that should update the wiki and make announcements like these whenever policy is changed. thanks, kevin signature.asc Description: PGP signature ___ Fedora-devel-announce mailing list fedora-devel-annou...@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-announce-- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Outage Notification - 2009-11-05 13:00 UTC
There will be an outage starting at 2009-11-05 13:00 UTC, which will last approximately 1 hour. To convert UTC to your local time, take a look at http://fedoraproject.org/wiki/Infrastructure/UTCHowto or run: date -d '2009-11-05 13:00 UTC' Affected Services: Buildsystem DNS Torrent Translation Services Websites Unaffected Services: CVS / Source Control Database Fedora Hosted Fedora People Fedora Talk Mail Mirror System Ticket Link: https://fedorahosted.org/fedora-infrastructure/ticket/1785 Reason for Outage: IBM wants us reseat the DIMMs and get FRU information off of them. Don is going to do this work for us (thanks ibiblio). Seth is going to do a graceful shutoff. Contact Information: Please join #fedora-admin in irc.freenode.net or respond to this email to trackthe status of this outage. ___ Fedora-devel-announce mailing list fedora-devel-annou...@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-announce -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: help debugging segfault with alienarena 7.32
On 11/04/2009 05:26 PM, Bruno Wolff III wrote: > On Wed, Nov 04, 2009 at 16:12:40 -0500, > Tom spot Callaway wrote: >> On 11/03/2009 03:23 PM, Tom "spot" Callaway wrote: >> >> Well, it turned out to be a lot more complicated than that. Alienarena >> uses OpenAL-soft, which dlopens portaudio if it is present. Portaudio is > > Are you able to adjust the volume when using pulse? I am having a problem > with glest (that also uses OpenAL-soft), and I think it is probably an > OpenAL-soft issue, but I don't know for sure. I also tried telling OpenAL-soft > to use a pulse plugin and that just caused glest to hang. If the problem > is with glest, I need to figure it out. If it is with OpenAL-soft I need to > make sure proper bugs have been filed against it. Looks like alienarena defaults to ALSA. When I tell it to tell OpenAL-soft to use "PulseAudio Software", it doesn't actually make any sound at all, even though PulseAudio sees the application trying to do so. ~spot -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
>> Already possible I believe. I think there's a persistent overlay kernel >> command argument that you can point to use a file on your USB drive if >> you're booting from CD. I may be wrong on this though. > I research for that.. I looked for "kernel command". The only sources I found where this* and this*. Both doesn't mention "persistent overlay". *http://fedoraproject.org/wiki/Anaconda/Options *http://docs.fedoraproject.org/install-guide/f11/en-US/html/ap-admin-options.html Only for USB-Sticks "persistent overlay" is mentioned. *http://fedoraproject.org/wiki/How_to_create_and_use_Live_USB And I found another guy who asked for the same feature. *https://www.redhat.com/archives/fedora-livecd-list/2008-October/msg9.html -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Boot from CD, safe changes to USB-Stick
>> Look here: https://fedoraproject.org/wiki/How_to_create_and_use_Live_USB and >> scroll down to data persistence > The primary usage of this feature is booting a USB stick with your live image > as well as the persistent changes. Sorry. But that's not what I meant. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Pyhton image
Dear sir, I have open a bug: https://bugzilla.redhat.com/show_bug.cgi?id=532248 But i have any answer! What can i do? Kind regards -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Pyhton image
> "JM" == Jonathan MERCIER writes: JM> Dear sir, I have open a bug: JM> https://bugzilla.redhat.com/show_bug.cgi?id=532248 JM> But i have any answer! What can i do? Somehow acquire patience? Work on debugging the problem yourself? You haven't given much time at all for the volunteer on the other end of that bug report to look at it (not even three weekdays). - J< -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
source file audit - 2009-11-01
Here's attached another run of my sources/patches url checker. - There are 932 lines in this run. Down from 1060 last run. 700 sourcecheck-20070826.txt 620 sourcecheck-20070917.txt 561 sourcecheck-20071017.txt 775 sourcecheck-20080206.txt 685 sourcecheck-20080214.txt 674 sourcecheck-20080301.txt 666 sourcecheck-20080401.txt 660 sourcecheck-20080501.txt 642 sourcecheck-20080603.txt 649 sourcecheck-20080705.txt 662 sourcecheck-20080801.txt 912 sourcecheck-20081114.txt 884 sourcecheck-20090215.txt 1060 sourcecheck-20090810.txt 932 sourcecheck-20091101.txt You can find the results file at: http://www.scrye.com/~kevin/fedora/sourcecheck/sourcecheck-20091101.txt And also attached to this mail. Lines in the output are of three forms: - BADURL:base-file-name:$PACKAGENAME This means that the URI provided in the Source(s) line didn't result in a download of the source. This could be any of: URL changed, version changed and URL wasn't updated, Site is down, Site is gone, etc. Also there are a number of packages with incorrect sourceforge links. (BTW, there are still some packages with ftp://people.redhat.com/ URLs). - BADSOURCE:$SOURCENAME:$PACKAGENAME This means that the source was downloaded ok from the upstream site, but doesn't match the md5sum given in the sources file. This could be due to needing to strip out content that fedora cannot ship (but in that case you shouldn't have the full URI in the Source line). Or upstream following poor release practices and updating without changing their release. - BAD_CVS_SOURCE:$SOURCENAME:$PACKAGENAME This means that the file was downloaded from the URI given, and the md5sum did not match the file thats present in CVS (not the lookaside). This might be due to timestamps, or any of the above reasons. kevin -- rmeggins:BADURL:389-ds-base-1.2.4.tar.bz2:389-ds-base jmoskovc:BADURL:abrt-0.0.10.tar.gz:abrt bkearney:BADURL:ace-0.0.7.tar.gz:ace spot:BADURL:acetoneiso_2.1.1.tar.gz:AcetoneISO2 nim:BADSOURCE:Tribun-Std.zip:adf-tribun-fonts jussilehtola:BADURL:agedu-r8642.tar.gz:agedu ruben:BADURL:Ajaxterm-0.10.tar.gz:Ajaxterm pcheung:BAD_CVS_SOURCE:ant-1.7.1.pom:ant tagoh:BADURL:anthy-9100h.tar.gz:anthy dwmw2:BADURL:apmud-1.0.0.tgz:apmud athimm:BADURL:apt-0.5.15lorg3.95.git416.tar.bz2:apt sherry151:BADSOURCE:archmage-0.2.4.tar.gz:archmage athimm:BAD_CVS_SOURCE:RiceBSD.doc:arpack than:BADURL:arts-1.5.10.tar.bz2:arts jstanley:BADSOURCE:asyropoulos_-_Asana_Math.otf:asana-math-fonts chrisw:BADURL:asciidoc-8.4.5.tar.gz:asciidoc spot:BADURL:asymptote-1.88.src.tgz:asymptote mschwendt:BADURL:audacious-plugin-fc-0.4.tar.bz2:audacious-plugin-fc tmraz:BADURL:authconfig-5.4.13.tar.bz2:authconfig pwouters:BADURL:autotrust-0.3.1.tar.gz:autotrust sindrepb:BADURL:avant-window-navigator-0.3.2.tar.gz:avant-window-navigator tnorth:BADSOURCE:gcc-core-4.3.3.tar.bz2:avr-gcc phuang:BADURL:awn-extras-applets-0.3.2.2.tar.gz:awn-extras-applets abompard:BADURL:awstats-6.9.tar.gz:awstats bjensen:BADURL:ax25-tools.tar.gz:ax25-tools overholt:BAD_CVS_SOURCE:backport-util-concurrent-3.1.pom:backport-util-concurrent ixs:BADURL:bacula-3.0.3.tar.gz:bacula ixs:BADURL:bacula-docs-3.0.3.tar.bz2:bacula zkota:BADURL:bazaar_1.4.2.tar.gz:bazaar zkota:BADURL:bazaar-doc_1.4.tar.gz:bazaar satyak:BADSOURCE:beacon-0.5.tar.gz:beacon danken:BADURL:bidiv-1.5.tgz:bidiv peter:BADSOURCE:bios_extract-17ca1c5e6a8df6b5663e899504d197862c286d1e.tar.bz2:bios_extract jskala:BADURL:bltk-1.0.9.tar.gz:bltk akahl:BADURL:bmpx-0.40.14.tar.bz2:bmpx rrakus:BADSOURCE:netkit-bootparamd-0.17.tar.gz:bootparamd langel:BAD_CVS_SOURCE:bcprov-jdk16-1.43.pom:bouncycastle oget:BAD_CVS_SOURCE:bcmail-jdk16-1.43.pom:bouncycastle-mail oget:BAD_CVS_SOURCE:bctsp-jdk16-1.43.pom:bouncycastle-tsp fab:BADURL:bournal-1.3.tar.gz:bournal mattdm:BADURL:calc-2.12.2.1.tar.gz:calc nomis80:BADURL:camstream-0.26.3.tar.gz:camstream rrelyea:BADSOURCE:ccid-1.3.9.tar.bz2:ccid pbrobinson:BADURL:ccss-0.5.0.tar.gz:ccss hubbitus:BADURL:ccze-0.2.1.tar.gz:ccze mmahut:BADSOURCE:cdk.tar.gz:cdk edhill:BADSOURCE:cdo.pdf:cdo edhill:BADSOURCE:cdo_refcard.pdf:cdo steve:BADURL:celestia-1.5.1.tar.gz:celestia sheltren:BADURL:cfengine-2.2.10.tar.gz:cfengine gilboa:BAD_CVS_SOURCE:cgdb.png:cgdb jortel:BADSOURCE:chameleon-0.2.tar.gz:chameleon dwalsh:BADURL:checkpolicy-2.0.19.tgz:checkpolicy pali:BADURL:cherokee-0.99.24.tar.gz:cherokee trasher:BADURL:childsplay-1.4.tgz:childsplay herlo:BADSOURCE:2bc.zip:chisholm-to-be-continued-fonts athimm:BADURL:chrpath-0.13.tar.gz:chrpath fnasser:BADSOURCE:inetlib-1.1.1.tar.gz:classpathx-mail jmrcpn:BADSOURCE:clement-2.1.320.tar.gz:clement walters:BADURL:clojure_20090320.zip:clojure sergiopr:BADURL:cloudy_v07_02_01.tar.gz:cloudy beekhof:BADSOURCE:b79635605337.tar.bz2:cluster-glue itamarjp:BADURL:clutter-gst-0.10.0.tar.bz2:clutter-gst orphan:BADURL:cluttermm-0.9.4.20090907git.tar.bz2:cluttermm rjones:BADURL:coccinelle-0.1.10.tgz:coccinelle green:BADURL:common-lisp-controller_6.15.tar.gz:common-lisp-con
Re: source file audit - 2009-11-01
On 11/05/2009 05:48 AM, Kevin Fenzi wrote: > sundaram:BADSOURCE:cryptopp560.zip:cryptopp Upstream source modified to remove patent encumbered portions. Rahul -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: Web page for distro life cycle stage
Shakthi Kannan said the following on 11/03/2009 08:51 AM Pacific Time: Hi, Is there a web-page or is it possible to have one that shows the Fedora distro release and its stage in the release cycle? Would this page help? If so, setting a page watch might be helpful. https://fedoraproject.org/wiki/Releases John -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Upcoming schedule tasks
Start End Name Wed 04-Nov Wed 04-Nov Compose RC Wed 04-Nov Wed 04-Nov Enable Fedora 12 Updates Wed 04-Nov Wed 11-Nov Test RC Fri 06-Nov Fri 06-Nov Blocker Bug Day (F12Blocker) #3 Mon 09-Nov Mon 09-Nov F12 Blocker Review (go/no go) 1 PM EST Wed 11-Nov Wed 11-Nov F12 Project Wide Release Readiness Meeting Thu 12-Nov Thu 12-Nov Start Stage & Sync RC to Mirrors Thu 12-Nov Tue 17-Nov Stage & Sync RC to Mirrors Fri 13-Nov Fri 13-Nov Final Export Control Reporting Tue 17-Nov Tue 17-Nov GA Release -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: help debugging segfault with alienarena 7.32
On Wed, Nov 04, 2009 at 18:12:42 -0500, Tom spot Callaway wrote: > > Looks like alienarena defaults to ALSA. When I tell it to tell > OpenAL-soft to use "PulseAudio Software", it doesn't actually make any > sound at all, even though PulseAudio sees the application trying to do so. Thanks for checking. It looks like I should start by filing a bug or two against OpenAL-soft and see what the maintainer says. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
Re: source file audit - 2009-11-01
On Wed, Nov 04, 2009 at 17:18:16 -0700, Kevin Fenzi wrote: > Here's attached another run of my sources/patches url checker. > > bruno:BADURL:glest_data_3.2.1.zip:glest-data I took over glest recently and hadn't had to worry about where the sources had come from yet. The next time I make a change I'll be sure to make sure that the source URLs are accurate. P.S. If the audiance for this report is developers, I think it would make more sense to sort on the FAS name and then on package name. -- fedora-devel-list mailing list fedora-devel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-devel-list
