Re: [Fink-devel] fink-cvs
Hi Dan, Trying a bit more : fink list -o Information about 3532 packages read in 15 seconds. Use of uninitialized value in exists at /sw/lib/perl5/Fink/Status.pm line 153. Use of uninitialized value in exists at /sw/lib/perl5/Fink/VirtPackage.pm line 472. ... repeats I omit the non-interesting ones below : (i) gal199 1.99.11-6The GNOME Accessibility Library (i) gal199-dev 1.99.11-6The GNOME Accessibility Library (i) gtkhtml3 3.0.10-9 HTML rendering/printing/editing engine (i) gtkhtml3-dev 3.0.10-9 HTML rendering/printing/editing engine (i) libsoup-ssl1.99.28-3SOAP implementation in C, with SSL support (i) libsoup-ssl-dev1.99.28-3SOAP implementation in C, with SSL support (i) openafs1.2.8-4 The AFS distributed client/server filesystem (i) openafs-dbserver 1.2.8-4 The AFS distributed filesystem- database server (i) openafs-dev1.2.8-4 The AFS distributed filesystem- static libraries (i) openafs-fileserver 1.2.8-4 The AFS distributed filesystem- file server (i) openafs-kpasswd1.2.8-4 The AFS distributed filesystem- old password changing (i) openssl097 0.9.7d-1 Secure Sockets Layer and general crypto library (i) openssl097-dev 0.9.7d-1 Secure Sockets Layer and general crypto library Each time the missing splitoff is the first _ the non-numbered one. JF --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink-cvs
On Thu, Mar 18, 2004 at 02:31:42PM +0100, jfm wrote: Hi Dan, Since today's update to fink, I also get msgs : Failed: Can't resolve dependency libsoup-ssl-shlibs (= 1.99.28-3) for package libsoup-ssl-1.99.28-3 (no matching packages/versions found) Failed: Can't resolve dependency gal199-shlibs (= 1.99.11-6) for package gal199-1.99.11-6 (no matching packages/versions found) Failed: Can't resolve dependency gtkhtml3-shlibs (= 3.0.10-9) for package gtkhtml3-3.0.10-9 (no matching packages/versions found) This looks suspicious, no ? Yes. Man, what a rough night of hacking I had. This is now fixed. dan -- Daniel Macks [EMAIL PROTECTED] http://www.netspace.org/~dmacks --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink CVS does not install/selfupdate as well.
And on a personal note. I am really not happya bout this new mirror.info. Personally i think that was a premature deicsion, because it introduces rather serious security problems. It was bad enough how we had it, but having it in a seperate info file without _any_ validation is even worse imho. I'm not sure if you realize this, but all of the mirrors you have recruited recently were not being used by anyone (other than a few Fink developers who use CVS), because the list of mirrors is only updated when the package manager is updated. The security of the current system is no different than the security of the previous system. The list of mirrors is kept in CVS, and released as a fink package with an MD5 sum for the tarball. I'll look into the the @INC problem you had. Which version of fink did you have installed when you tried to inject? -- Dave --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink CVS does not install/selfupdate as well.
-BEGIN PGP SIGNED MESSAGE- Hash: RIPEMD160 David R. Morrison wrote: I'm not sure if you realize this, but all of the mirrors you have recruited recently were not being used by anyone (other than a few Fink developers who use CVS), because the list of mirrors is only updated when the package manager is updated. I know and I addressed this several times in Channel. Justin has the mirror module which adresses this issue on a more global scale as far as I understood. He was going to update it to HEAD as soon as his SHLIBS stuff is in. The security of the current system is no different than the security of the previous system. The list of mirrors is kept in CVS, and released as a fink package with an MD5 sum for the tarball. My concern still remains. As I pointed out, I never thought the system to be secure in the first place, thus it wasn't too bad that not many were relying on it yet. Wew should have solved the security issues before making this accessable to the broad public and thuis increasing the risk involved with this system. I'll see to it, that I get GnuPG signing operational as soon as possible I'll look into the the @INC problem you had. Which version of fink did you have installed when you tried to inject? 0.17.1.cvs - -d -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iD8DBQE/7uf1PMoaMn4kKR4RA60kAJ4ufFYK7mhzPrZW9egJx5yFzjDlxACfVmU0 ecXQl6ETfH3A1vmfTq52qjE= =jUzD -END PGP SIGNATURE- --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink CVS does not install/selfupdate as well.
I'll look into the the @INC problem you had. Which version of fink did you have installed when you tried to inject? 0.17.1.cvs OK, the inject will only work if you have at least fink 0.17.2 installed. This inject method is *not* intended as the way most users will get updated lists of fink mirrors, by the way. They'll get them through selfupdate when the fink-mirrors package is updated. And the fink-mirrors package explicitly depends on fink = 0.17.2. -- Dave --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink CVS does not install/selfupdate as well.
Darian Lanx [EMAIL PROTECTED] wrote: David R. Morrison wrote: I'm not sure if you realize this, but all of the mirrors you have recruited recently were not being used by anyone (other than a few Fink developers who use CVS), because the list of mirrors is only updated when the package manager is updated. I know and I addressed this several times in Channel. Justin has the mirror module which adresses this issue on a more global scale as far as I understood. He was going to update it to HEAD as soon as his SHLIBS stuff is in. I didn't realize that Justin intended to work on this more. The CVS module he was using had been inactive for almost a year. I'm not sure in what sense Justin's implementation was more global than mine. Anyway, I saw a need, and I implmeneted it. It's done now. The security of the current system is no different than the security of the previous system. The list of mirrors is kept in CVS, and released as a fink package with an MD5 sum for the tarball. My concern still remains. As I pointed out, I never thought the system to be secure in the first place, thus it wasn't too bad that not many were relying on it yet. Wew should have solved the security issues before making this accessable to the broad public and thuis increasing the risk involved with this system. I'll see to it, that I get GnuPG signing operational as soon as possible I'm not sure I understand your security concern here. The only people who can change the mirror lists that the average fink user gets are the people who can release source files using the SF file release system. That list consists of the fink core developers and one or two others. Could you please summarize the security of fink as you see it, and explain where we need improvement? I'd be happy to help improve things. -- Dave --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
Re: [Fink-devel] fink CVS does not install/selfupdate as well.
David R. Morrison wrote: [] I'll look into the the @INC problem you had. It seems that PostInstScripts are executed in whatever environment the shell had from which fink install was started. So if you don't have PERL5LIB set correctly, this particular script will crash. -- Martin --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click ___ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
