from:"Fabian Rodriguez"

Re: Software Inclusion

2008-02-13 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Jon wrote:
| On Feb 13, 2008 1:40 PM, Josh Flechtner <[EMAIL PROTECTED] 
> wrote:
|
| I work for a software firm that develops web-based accounting 
software that
| is Linux compatible. I would like to know how to go about 
including our
| software with future Ubuntu releases. Is there a submission site for
| software requests and review? Any help in this matter would be greatly
| appreciated. Thank you.
|
|
| Just curious how a web-based app is any-OS compatible?
Looking at their site (http://www.nolapro.com/linux.html) , and the list 
of required packages, it's a server app which makes available via web 
the accounting functionality:

*Required Packages*

• Apache Webserver
• MySQL 4* Database
• PHP 4*
• Zend Optimizer
• Dialog (Linux standard)

Doesn't look GPLed to me, still interesting.

Fabian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHs0W5fUcTXFrypNURA4aeAJ0eA8S71AMY+XkyUAbKXz4vufh6+wCffp1Y
1n7TRFhFHvLhQK1Sv5AyIjM=
=gyrU
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Main inclusion report for apt-cacher

2008-02-12 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Hi,

I've just filed a MIR for apt-cacher here:
https://wiki.ubuntu.com/MainInclusionReportApt-cacher

I am still missing some checks, I'd particularly appreciate any help 
with the packaging guidelines check as I don't know much about packaging.

Cheers,

Fabian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHshikfUcTXFrypNURA4gpAKDvnsrZrFeXMknAJvwmzZ8sJaeBpACg/s1k
8GlK3lZoEfP3Yblj8d/NDgI=
=ZHV3
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Apt-Cacher again, sorta

2008-02-12 Thread Fabian Rodriguez

It's been a while since you wrote this, but I was just checking those
threads and they all refer to apt, not apt-cacher.

Cheers,

Fabian

On Jan 11, 2008 9:04 AM, Kevin Fries <[EMAIL PROTECTED]> wrote:

>
> On Fri, 2008-01-11 at 01:23 -0500, Fabian Rodriguez wrote:
> > Kevin, can you provide any URLs to those forum posts ? I can look into
> > it over the next few days. I originally was interested in writin a MIR
> > about apt-cacher, just haven' t gotten around writing it yet. At the
> > time I searched for a good time for reports about any issues with
> > apt-cacher and couldn' t find any, not bug reports.
>
> Remember, Apt-Cacher was just the catalus of a bigger problem.  But here
> are three threads of people complaining about what looks like a crash in
> the install:
>
> http://ubuntuforums.org/showthread.php?t=219861
> http://ubuntuforums.org/showthread.php?t=628945
> http://ubuntuforums.org/showthread.php?t=580590
>
> --
> Kevin Fries
> Senior Linux Engineer
> Computer and Communications Technology, Inc
> A Division of Japan Communications Inc.
>
> --
> Ubuntu-devel-discuss mailing list
> Ubuntu-devel-discuss@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
>



-- 
http://www.fabianrodriguez.com
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Securely downloading Ubuntu

2008-01-28 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Neal McBurnett wrote:
|
| That ftpmaster key is already on installed systems, right?  I would
| think we could preinstall system keyrings and give instructions that
| would be based on that.  Do we not ship the <[EMAIL PROTECTED]> key?
GnuPG's local keyrings are created when it's first invoked, so they 
should actually be empty. I personally overwrite the local keyrings or 
use an external USB key on my laptop, depending on the kind of install 
I've had in the past. Adding that key to a default install would 
probably require setting up an additional keyring with it and changing 
the default gpg.conf accordingly.

Another problem is the download page should actually link to:
https://help.ubuntu.com/community/VerifyIsoHowto

I checked that page and added a few links about the web of trust and the 
warning you mention.

Although the [EMAIL PROTECTED] (0xFBB75451) key is not in the "strong 
set" and does not show up in the Keyanalyze reports, Colin Watson's and 
Martin Pool's (which both sign it) do. In my personal case it's enough 
to trust that key:

http://webware.lysator.liu.se/jc/wotsap/wots/latest/paths/0x5AF2A4D5-0x10FA4CD1.png
http://webware.lysator.liu.se/jc/wotsap/wots/latest/paths/0x5AF2A4D5-0xA0B3E88B.png

Both Colin and Martin are Ubuntu core developers:
https://edge.launchpad.net/~ubuntu-core-dev/+members

Cheers,

Fabian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHnqLRfUcTXFrypNURA8K0AKC9eI4IuMAcJQwApye9x4HcGf78RgCgh/nY
MEIHD2cUdpuZuhTQqB+dGfY=
=FetT
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Apt-Cacher again, sorta

2008-01-10 Thread Fabian Rodriguez

Kevin Fries wrote:
> At the risk of picking at old wounds...
>
> I noticed a behavior this week that probably should be addressed.  I
> fell into it by relying on Apt-Cacher, but a quick search on the forums
> shows lots of others having issues based upon other types of
> connectivity problems...
[...]

Kevin, can you provide any URLs to those forum posts ? I can look into
it over the next few days. I originally was interested in writin a MIR
about apt-cacher, just haven' t gotten around writing it yet. At the
time I searched for a good time for reports about any issues with
apt-cacher and couldn' t find any, not bug reports.

Tx,

Fabian

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Encrypted volume interaction with Windows...

2007-12-17 Thread Fabian Rodriguez



John Richard Moser wrote:
> In Gutsy, the alternate installer can now create encrypted LVM layouts 
> (but with no fancy manipulation tools...).  I am now curious about 
> interoperability with Windows for encrypted external drives.
> 
> External hard disks and flash drives using NTFS or FAT32 work in Linux 
> or Windows now.  The FreeOTFE program allows Windows to access a LUKS 
> partition (NOT LVM) as well.  Logically, it would help users with 
> encryption needs to have a tool in GNOME to create LUKS-encrypted USB 
> flash or hard drives, and request/change the key (file?  Or just 
> password?) when gnome-volume-manager detects them.
> 
> I think this would be very interesting to users sharing private data 
> between Windows and Linux.  Truecrypt is a pain (all command line 
> stuff), and Linux supports LUKS anyway.  With LUKS on Linux and FreeOTFE 
> accessing the LUKS partitions on Windows, users can easily share data 
> via removable drives.
> 
Accoding to their website, Explore2fs supports LVM2:
http://www.chrysocome.net/explore2fs

Once LVM2 is accessible/readable, then you need to setup the additional 
layer of tool(s) for enc/decryption of the volume. I am not familiar 
with the newer encrypted LVM layouts but I thought this may be the right 
path to follow.

Let us know what you find out.

Cheers,

Fabian



-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main

2007-11-18 Thread Fabian Rodriguez

Reinhard Tartler wrote:

> 
> http://packages.debian.org/sid/apt-cacher-ng
> 
> But I have not tried it yet.

It will be interesting to follow its progress. apt-cacher-ng (presumably 
"next generation") "is more than  simple rewrite of Apt-Cacher. It was 
redesigned from scratch and is  written in C++ with main focus on 
maximizing throughput with low  requirements on system resources."

It is going to be in hardy, in universe. Chnagelog is here:
http://changelogs.ubuntu.com/changelogs/pool/universe/a/apt-cacher-ng/apt-cacher-ng_0.1.1-1/changelog

I will be going forward with proposing apt-cacher for main in Hardy as 
its a LTS release. I'll be writing up the MIR this week.

Cheers,

Fabian

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main

2007-11-15 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Kevin Fries wrote:
> I am not sure it needs to be moved. But, what would be totally cool
> is if the installer scanned the local network on install and
> configured apt-cacher in sources.list instead of the normal repos
> by default when if finds a server.  That would be a terrific
> usability upgrade.
I believe this blueprint addresses that:
https://blueprints.edge.launchpad.net/ubuntu/+spec/apt-service-discovery
>
> But, since only one server needs it, is there an advantage to
> moving it from Universe?  It not like its in Multiverse which is
> turned off by default.  If I remember correctly, isn't Universe
> turned on by default on initial install?

Moving this to main would also open the door to possible inclusion in
the LiveCD or Server install CD. Actually, DVD images will make better
use of this.

In low bandwidth environments the "server" may be another neighboring
laptop or desktop. Even if universe is on by default, this single
package would mean much faster mass installs when you have a DVD
image, for example.

Cheers,

Fabian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPF9ffUcTXFrypNURA+G1AJ4vOC1WfijLnMUNMaZsx0iAHa834gCeJF+y
XB7WhI+CDdggxDlu8Bn5rQ8=
=PajS
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main + apt-zeroconf

2007-11-15 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Sam Tygier wrote:
> it looks like they have got the security side covered.
>
> "Now, one might think this could potentially pose a security threat
>  as everyone can offer and distribute debs without any
> authentication whatsoever. This is not the case as we are not yet
> caching the package lists or pdiffs, which are PGP-signed and
> contain MD5, SHA1 and SHA256 checksums of the packages. But due to
> the trusted PGP signatures, caching package lists shouldn't be an
> issue."
>
> Is there any reason this would not be sufficient?
I see many ways to trick someone into installing newer versions of
existing common packages that include malicious files, using
apt-zeroconf. You'd be surprised how many people will click through
any amount of security warnings if approached with authority by a
neighbor. An Internet cafe comes to mind, but many other public places
would also serve this purpose. You'd guess I love being paranoid about
this.

> The only thing I can imagine is some sort of DOS attack by sending
> a large number of requests to one machine. Maybe checking for
> shared packages on the network could be enabled by default, but
> sharing disabled. The option to enable sharing could be in System
> -> Administration -> Software Sources
If this was actually checked against a local web of trust (like
OpenPGP or Gaim-OTR keys or else) it may become interesting. But who
uses that "safely" ? :)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPIeHfUcTXFrypNURAw11AJ4imDZOFur2KkChrkwSuIevF0PH7gCeMMkd
ukGYlyYrvzBkDMbdp+1e6F4=
=tLrv
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main

2007-11-15 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Kevin Fries wrote:
> [...] Without apt-cacher you either need to allow that machine
> access to the Internet, or do without updates.
+1 for that, I haven't used apt-cacher in that context but it's an
important use case. I'll make sure it makes it in the eventual MIR.
>
> But I still think it would be cool if the install process scanned
> the local net looking for any machine with port 3142 open, and
> reconfigured apt to use the cache by default.
I don't feel comfortable having "auto-scan" + "auto-reconfiguration"
in that same sentence... Some sort of handshaking would need to
happen. It makes me think of printers auto-discovery / config. I need
more coffee today.

Fabian


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPGdzfUcTXFrypNURA1f6AKDiutYsYltlTxMzdcM3lxNIeNgAHgCgi5UX
5Fg8AV6YIXbA7Hsxakmq1Os=
=OFf7
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main + apt-zeroconf

2007-11-15 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Sam Tygier wrote:
>
> could apt-zeroconf[0] be installed and enabled by default.
>
> "distributed apt-cacher for local networks implemented in Python.
> It's called apt-zeroconf since we use avahi for automatically
> finding other apt-zeroconf instances on the LAN, similar to Apple's
> Rendezvous/Bonjour/Zeroconf technology."
>
> sam
>
> [0] http://trac.phidev.info/trac/wiki/AptZeroconf
apt-zeroconf is actually a replacement for apt-cacher, not a
complement to it, according to its site. I think we already know the
answer to "enabled by default" autodiscovery / other networking
services. I would have some trust issues using apt-zeroconf, but
that's just me :)

F.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPGV7fUcTXFrypNURAyKIAKDAiNhUX+hwGxKCkdUDxshGlt1SLACgjSv7
cbjKhyraSQNd9pTqwYSqGmE=
=nafO
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: apt-cacher in main

2007-11-15 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Scott Abbey wrote:
> [...]
>
> I think the point of moving it is so that it receives official
> support from Canonical. That way those on paid support contracts
> can still expect assistance from Canonical when using the package.
> Canonical only provides paid support for packages in main and
> restricted. Universe and multiverse receive community support only.
>
Because this is in universe and I use it regularly and also have
advised some customers about its use (with usual warnings), I think it
would be important it gets regular security reviews.

Canonical commercial support customers will benefit from that just as
much as anyone else using the package for free.

If you ask any Canonical customer, you will find we sometimes provide
support for much more than that (main) and sometimes we can't help
much with restricted.

Cheers,

Fabian

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHPFyNfUcTXFrypNURA1DaAKCdAZAtu+7LAVZjxGZ7C0tS5aDtfACdHwrO
9s4Yo1QmKWYlAs2GGFgArwE=
=A983
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

apt-cacher in main

2007-11-14 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

(not sure if this made it so re-sending)

Hi,

I'd like to propose moving apt-cacher to main. I haven't done main
inclusion reports before so bear with me while I dive into this :)

Description: caching proxy system for Debian package and source files

 Apt-cacher performs caching of .deb and source packages which have been
 downloaded by local users. It is most useful for local area networks
with slow
 internet uplink.

I have used apt-cacher in many different scenarios and I believe it is
a good candidate for inclusion in main. During my work at Canonical as
a systems support analyst there have been a few occasions when
customer would have benefited of having official support for this too.

I checked security vulnerabilities and it seems there is only one back
in 2005, fixed within hours of being reported:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-1854

The package seems well maintained, see:
http://changelogs.ubuntu.com/changelogs/pool/universe/a/apt-cacher/apt-cacher_1.5.5/changelog

I also think this would be a good candidate to have on the LiveCD
installer and/or the Server CD installer images, as in many scenarios
CDs are used for a first install and then other PCs in the same LAN
could use that first install apt-cacher to save tremendously on
bandwidth - a common situation outside high-bandwidth areas.

I'd like to hear opinions on this, I already put the unedited main
inclusion report template in but I wanted to start the discussion here
before going any further. I also aim to get apt-cacher approved in the
server package review: https://wiki.ubuntu.com/ServerPackageReview .

Thank you,

Fabián Rodríguez - Ubuntu Quebec Local Community team contact
https://wiki.ubuntu.com/QuebecTeam
Montreal, QC, Canada

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHOySdfUcTXFrypNURA16kAKDshQjt9MPRi8OXCau9e+NiTNTiUQCg1bs7
/Hy59wl9sg6zE/8pkkBQksk=
=Iuj+
-END PGP SIGNATURE-

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

apt-cacher in main

2007-11-14 Thread Fabian Rodriguez

-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160

Hi,

I'd like to propose moving apt-cacher to main. I haven't done main
inclusion reports before so bear with me while I dive into this :)

Description: caching proxy system for Debian package and source files

 Apt-cacher performs caching of .deb and source packages which have been
 downloaded by local users. It is most useful for local area networks
with slow
 internet uplink.

I have used apt-cacher in many different scenarios and I believe it is
a good candidate for inclusion in main. During my work at Canonical as
a systems support analyst there have been a few occasions when
customer would have benefited of having official support for this too.

I checked security vulnerabilities and it seems there is only one back
in 2005, fixed within hours of being reported:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-1854

The package seems well maintained, see:
http://changelogs.ubuntu.com/changelogs/pool/universe/a/apt-cacher/apt-cacher_1.5.5/changelog

I also think this would be a good candidate to have on the LiveCD
installer and/or the Server CD installer images, as in many scenarios
CDs are used for a first install and then other PCs in the same LAN
could use that first install apt-cacher to save tremendously on
bandwidth - a common situation outside high-bandwidth areas.

I'd like to hear opinions on this, I already put the unedited main
inclusion report template in but I wanted to start the discussion here
before going any further. I also aim to get apt-cacher approved in the
server package review: https://wiki.ubuntu.com/ServerPackageReview .

Thank you,

Fabián Rodríguez - Ubuntu Quebec Local Community team contact
https://wiki.ubuntu.com/QuebecTeam
Montreal, QC, Canada

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: PGP/Mime available upon request
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHOxiifUcTXFrypNURA9aIAJ4rKgzYx7qD9BQ5O09cOsy0XJVSNACfZOdZ
DxW91nq1GQsFxiH13eZz+rI=
=+XlE
-END PGP SIGNATURE-


-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Re: Software Inclusion

Main inclusion report for apt-cacher

Re: Apt-Cacher again, sorta

Re: Securely downloading Ubuntu

Re: Apt-Cacher again, sorta

Re: Encrypted volume interaction with Windows...

Re: apt-cacher in main

Re: apt-cacher in main

Re: apt-cacher in main + apt-zeroconf

Re: apt-cacher in main

Re: apt-cacher in main + apt-zeroconf

Re: apt-cacher in main

apt-cacher in main

apt-cacher in main

14 matches

Site Navigation

Mail list logo

Footer information