Bug#1071293: ddcci-dkms: Fails to build on linux-image-6.8.9-amd64

Package: ddcci-dkms Version: 0.4.4-1 Severity: grave Justification: renders package unusable Dear Maintainer, Although upstream has not yet bumped the version number, I believe they have committed changes that fix this to their GitLab repo. *** /var/lib/dkms/ddcci/0.4.4/build/make.log DKMS

Bug#1071066: gpodder: gPodder segfaults when started with appmenu-gtk-module

e, so just disabling the module globally is not a good workaround. Ben Morris -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.7.12-amd64 (SMP w/8 CPU threads; PREEMPT

Bug#1069726: gophernicus: Default documentroot in man page does not match default config file

Package: gophernicus Version: 3.1.1-3 Severity: normal X-Debbugs-Cc: w...@unux.org Dear Maintainer, When installing Gophernicus, the man page states that the -r option specifies the documentroot of the server, and the default is /var/gopher The file /etc/default/gophernicus contains one line:

Bug#1055991: /usr/share/autofs/conffiles/auto.net: /etc/auto.net comments for nfsv4 are unclear

Package: autofs Version: 5.1.8-2+deb12u2 Severity: minor File: /usr/share/autofs/conffiles/auto.net Upstream /etc/auto.net looks like this: # add "nosymlink" here if you want to suppress symlinking local filesystems # add "nonstrict" to make it OK for some filesystems to not mount

Bug#1052392: libpam-sss: Please ship a PAM config file for pam_sss_gss.so

Package: libpam-sss Version: 2.8.2-4 Severity: wishlist Here's the config file I am using: $ cat /usr/share/pam-configs/sss-gss Name: Authenticate if the user can obtain a valid Kerberos ticket for the local host Default: yes Priority: 512 Auth-Type: Primary Auth:

Bug#1050346: gnome-control-center: Segfault when editing properties of Wi-Fi connection

Package: gnome-control-center Version: 1:43.6-2~deb12u1 Severity: normal X-Debbugs-Cc: s...@robots.org.uk When I try to edit a particular Wi-Fi connection I get a segfault. (gdb) r Starting program: /usr/bin/gnome-control-center [Thread debugging using libthread_db enabled] Using host

Bug#984879: podman does not work on Debian with selinux loaded

On Wed, Jun 21, 2023 at 06:04:14PM +0100, Sam Morris wrote: > On Wed, Jun 21, 2023 at 05:28:48PM +0100, Sam Morris wrote: > > refpolicy has a 'container' module that appears to work, it's just not > > built by default. > > BTW, the existance of /etc/selinux/default/contexts

Bug#704180: p11-kit: provide package that diverts libnssckbi.so and replaces it with p11-kit-trust.so

On Tue, Jun 27, 2023 at 04:33:06PM +0100, Sam Morris wrote: > On Fri, Mar 03, 2023 at 02:43:48PM +, Sam Morris wrote: > > Commands to divert the original file and replace it with a symlink: > > > > # dpkg-divert --add --rename /usr/lib/x86_64-linux-gnu/libnssckbi.so &g

Bug#704180: p11-kit: provide package that diverts libnssckbi.so and replaces it with p11-kit-trust.so

On Fri, Mar 03, 2023 at 02:43:48PM +, Sam Morris wrote: > Commands to divert the original file and replace it with a symlink: > > # dpkg-divert --add --rename /usr/lib/x86_64-linux-gnu/libnssckbi.so > # ln -sr /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so > /usr/lib/x

Bug#1039571: gnome-software: "Loading application details" displayed forever

Package: gnome-software Version: 43.4-1 Severity: important X-Debbugs-Cc: s...@robots.org.uk When I click on any application from the default screen, information never loads. The "Loading application details" mesasge is displayed forever. If I click on a category instead of an application, the

Bug#1039570: flatpak: 'flatpak upgrade' repeatedly installs, removes, installs some obsolete runtimes

Package: flatpak Version: 1.14.4-1 Severity: normal X-Debbugs-Cc: s...@robots.org.uk Each time I run 'flatpak uprade' it installs and removes a couple of obsolete runtimes, over and over. According to 'flatpak list' the following flatpaks are installed: root@fragarach:~# flatpak list

Bug#984879: podman does not work on Debian with selinux loaded

On Wed, Jun 21, 2023 at 05:28:48PM +0100, Sam Morris wrote: > refpolicy has a 'container' module that appears to work, it's just not > built by default. BTW, the existance of /etc/selinux/default/contexts/lxc_contexts is what causes Podman to try to label containers. Which prevents it from

Bug#984879: podman does not work on Debian with selinux loaded

module -i debian/build-default/container.pp' 4. Start a container with 'podman run --rm -it docker.io/library/debian:11 sleep inf' 5. Check the context of the sleep process with 'ps -Z ' Any chance that module could be built by default? -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CA

Bug#1038164: RFP: container-selinux -- SELinux policy module for containers

Package: wnpp Severity: wishlist -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Package name: container-selinux URL : https://github.com/containers/container-selinux License : GPL Description : SELinux policy confinement of containers This package is needed

Bug#926388: let Firefox trust /etc/ssl/certs/ca-certificates.crt

of Debian 12 ("bookworm"), firefox-esr and thunderbird no longer ship their own libnssckbi.so files: <https://packages.debian.org/search?searchon=contents=libnssckbi.so> So I thing this bug can be resolved as a duplicate of <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=

Bug#704180: p11-kit: provide package that diverts libnssckbi.so and replaces it with p11-kit-trust.so

On Fri, Mar 03, 2023 at 02:43:48PM +, Sam Morris wrote: > FYI, the file paths in the original bug report are no longer accurate > for Debian 12 ("bookworm"). > > Old path: /usr/lib/x86_64-linux-gnu/nss/libnssckbi.so > New path: /usr/lib/x86_64-linux-gnu/li

Bug#1036947: whipper: Whipper does not work when syncthing-gtk is also installed

Package: whipper Version: 0.10.0-2+b3 Severity: important Dear Maintainer, Whipper exits with the following messages: Traceback (most recent call last): File "/usr/bin/whipper", line 33, in sys.exit(load_entry_point('whipper==0.10.0', 'console_scripts', 'whipper')())

Bug#905745: util-linux: tty hijacking possible in "su" via TIOCSTI ioctl

Package: util-linux Followup-For: Bug #905745 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Linux 6.2 introduces a sysctl dev.tty.legacy_tiocsti sysctl which can be used to disable TIOCSTI. The default value of the sysctl is set at build time with CONFIG_LEGACY_TIOCSTI.

Bug#628843: login: tty hijacking possible in "su" via TIOCSTI ioctl

Source: shadow Followup-For: Bug #628843 -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 su/runuser are provided by util-linux these days. Can this bug be closed? - -- System Information: Debian Release: 12.0 APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (500,

Bug#1034002: ldapvi: Chase referrals option [-C, --chase] not documented

Package: ldapvi Version: 1.7-10+b6 Severity: minor There is a rather useful -C option which can be used to disable referral chasing: $ ldapvi -C no $ ldapvi --chase=no It's not in the --help output nor the man page. -- System Information: Debian Release: 12.0 APT prefers testing APT

Bug#1033673: buildah: Not build with libsubid

Package: buildah Followup-For: Bug #1033673 Here's a merge request: https://salsa.debian.org/go-team/packages/golang-github-containers-buildah/-/merge_requests/2/ -- System Information: Debian Release: 12.0 APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (500,

Bug#1033673: buildah: Not build with libsubid

Package: buildah Version: 1.28.2+ds1-1+b2 Severity: normal Tags: patch Similar to podman's #1019929, buildah is not built with libsubid support. So users with subordinate UID/GIDs stored in an LDAP directory can't use buildah without being root. Merge request with patch on the way... -- System

Bug#1032515: libsoup-3.0-0: Can't download from https://www.bing.com - connection reset by peer

Package: libsoup-3.0-0 Version: 3.2.2-2 Severity: normal X-Debbugs-Cc: s...@robots.org.uk With the following python script I get: $ python3 bing.py Traceback (most recent call last): File "/tmp/bing.py", line 7, in ses.send_and_read(mes) gi.repository.GLib.GError:

Bug#984705: kamoso: Missing dependency

Package: kamoso Version: 22.12.3-1 Followup-For: Bug #984705 Dear Maintainer, I believe kamoso should depend on gstreamer1.0-plugins-bad. Installing that package fixes this problem. -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture:

Bug#1030391: debdelta: Please include the non-free-firmware component for Bookworm/Sid

configuration or whether an update to the client is needed. Regards, Ben Morris -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-3-amd64 (SMP w/4 CPU threads

Bug#1030310: python3-poetry: 'poetry check' requires python3-trove-classifiers

Package: python3-poetry Version: 1.3.2+dfsg-3 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There's a missing dependency on python3-trove-classifiers in order for 'poetry check' to work. $ poetry check No module named 'trove_classifiers' - -- System Information:

Bug#1029070: /usr/lib/python3/dist-packages/ipalib/x509.py: Broken by python3-cryptography API break in 38.0.1

Package: python3-ipalib Followup-For: Bug #1029070 Control: forwarded -1 https://pagure.io/freeipa/issue/9160 Control: tags -1 + fixed-upstream patch Seems this is fixed in 4.9 and later versions. There's a patch for 4.9 at

Bug#1029070: /usr/lib/python3/dist-packages/ipalib/x509.py: Broken by python3-cryptography API break in 38.0.1

Package: python3-ipalib Version: 4.9.8-1 Severity: important File: /usr/lib/python3/dist-packages/ipalib/x509.py $ ipa vault-find Traceback (most recent call last): File "/usr/bin/ipa", line 27, in from ipaclient.__main__ import main File

Bug#1027105: gpodder: Missing '/' in .desktop file

Package: gpodder Version: 3.11.0-4 Severity: normal Dear Maintainer, /usr/share/applications/gpodder.desktop contains the following line: Exec=usr/bin/gpodder /usr/share/applications/gpodder-url-handler.desktop has a similar problem: Exec=usr/bin/gpodder -s %u Note that both paths start with

Bug#1001894: ITP spacecadet pinball

I've been away from this for a while so I haven't had much time to look at it, sorry. I know they've put a flatpak version together though so that may make it easier to install On Fri, 23 Dec 2022, 10:45 , wrote: > Hi, > > did you have time to look into this? I'd be also interested in have a >

Bug#389183: passwd: 'passwd -l/-u' should edit the shadow account expiry field *in addition* to editing the password field as they do know

Package: shadow,libpam-modules Followup-For: Bug #389183 A note to software archeologists: this was reverted in June 2007 by shadow 1:4.1.1-3, with the following remarks in the changelog: * debian/patches/494_passwd_lock-no_account_lock: Restore the previous behavior of passwd -l (which

Bug#1024657: nvidia-libopencl1: Inconsistency between changelog and package description regarding supported OpenCL versions

unable to check what actually works, but nvidia's website seems to suggest that the changelog is correct. The description for nvidia-opencl-icd may have a similar problem. Ben Morris -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable'

Bug#1014463: podman-toolbox: Toolbox only works with fedora-toolbox:34

Package: podman-toolbox Version: 0.0.99.3-1 Followup-For: Bug #1014463 X-Debbugs-Cc: s...@robots.org.uk I think the log messages are a red herring and the underlying issue is that the toolbox binary is not able to run inside the container. Toolbox appears to work by bind-mounting

Bug#1023393: policykit-1: Not prompted to authenticate with my own identity any more

On 03/11/2022 15:17, Sam Morris wrote: But I suppose this should become a bug against polkitd-pkla since in practice its 49-polkit-pkla-compat.rules will never be called since 40-debian-sudo.rules is called first. Perhaps one solution would be to renumber to << 40, an

Bug#1023393: policykit-1: Not prompted to authenticate with my own identity any more

On 03/11/2022 13:39, Simon McVittie wrote: On Thu, 03 Nov 2022 at 11:51:52 +, Sam Morris wrote: Here's my configuration: # cat /etc/polkit-1/localauthority.conf.d/60-sam.conf [Configuration] AdminIdentities=unix-user:sam.mor...@domain.example.com Is that really your Unix

Bug#1023393: policykit-1: Not prompted to authenticate with my own identity any more

Package: polkitd Version: 122-1 Severity: important X-Debbugs-Cc: s...@robots.org.uk Since updating to 122, polkit authentication prompts ask me to authenticate as "Administrator" (root?) rather than my own user. Here's my configuration: # cat /etc/polkit-1/localauthority.conf.d/60-sam.conf

Bug#1023254: easyeffects: Missing dependencies: mda-lv2, zam-plugins

Available > ZamAudio Is Not Installed On The System `apt install mda-lv2 zam-plugins` fixes it. I believe these packages should be added to Recommends, or at least Suggests. Thanks for reading, Ben Morris -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (50

Bug#1022956: jmeter: fails to start: Unable to make field private static java.lang.String sun.awt.X11.XToolkit.awtAppClassName accessible: module java.desktop does not "opens sun.awt.X11" to unnamed m

Package: jmeter Version: 2.13-5 Severity: important X-Debbugs-Cc: s...@robots.org.uk jmeter fails to start: $ jmeter An error occurred: Unable to make field private static java.lang.String sun.awt.X11.XToolkit.awtAppClassName accessible: module java.desktop does not "opens sun.awt.X11" to

Bug#1021530: wireplumber: No sound after upgrade to 0.4.12-1

$ journalctl --user -u pipewire --user -u wireplumber --user -u pipewire-pulse -b-1 Oct 10 09:25:54 serenity systemd[1737]: Started PipeWire Multimedia Service. Oct 10 09:25:54 serenity systemd[1737]: Started Multimedia Service Session Manager. Oct 10 09:25:55 serenity pipewire[2635]: mod.rt:

Bug#1021530: wireplumber: No sound after upgrade to 0.4.12-1

Package: wireplumber Version: 0.4.12-1 Severity: important Dear Maintainer, I have no sound at all on my system. Both my sound devices (the Intel sound built in to my motherboard and the HDMI out on my Radeon) show up as expected in Plasma, pavucontrol, etc., but nothing seems to be able to play

Bug#1019929: podman: Subordinate UID/GID ranges not fetched from libsubid

Control: tag -1 + patch On Fri, Sep 16, 2022 at 12:10:43PM +0100, Sam Morris wrote: > ... but it looks like podman doesn't use this library yet: I've prepared a patch that builds libpod against libsubid: <https://salsa.debian.org/debian/libpod/-/merge_requests/6> Regards, -- S

Bug#1020683: usbutils: Please include lsusbs.py

ge for your consideration. I've not renamed the command, but if the above doesn't convince you, how about /usr/bin/lsusb-py? (of course, the man page also has to be renamed, which makes it harder to send upstream...) Cheers, -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A C

Bug#1020683: usbutils: Please include lsusbs.py

Package: usbutils Version: 1:014-1 Severity: wishlist usbutils includes a lsusbs.py command which gives much more readable output than lsusb. Looks like only 'usr/bin/lsusb.py' has to be added to debian/install to get it included in the binary package. -- System Information: Debian Release:

Bug#1020424: krb5: Versioned dependencies are needed in order to avoid version skew

Source: krb5 Version: 1.20-1 Severity: normal X-Debbugs-Cc: s...@robots.org.uk When using a container image that has an older version of some of the binary packages from krb5 in it, installing krb5-user results in binary packages being installed that are a mix of the newer and older version. The

Bug#1019929: podman: Subordinate UID/GID ranges not fetched from libsubid

Package: podman Version: 4.2.0+ds1-3 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I've not got anything in /etc/subuid or /etc/subgid because subordinate id range info is stored in LDAP. $ grep ^subid: /etc/nsswitch.conf subid: sss This is transparent to clients using

Bug#1019917: /usr/bin/getsubids: Segfaults when nsswitch.conf refers to a libsubid_*.so library that does not exist

Package: uidmap Version: 1:4.11.1+dfsg1-2 Severity: normal File: /usr/bin/getsubids -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 With: $ grep ^subid: /etc/nsswitch.conf subid: sss I get: $ getsubids sam Segmentation fault (core dumped) GDB reveals that this is happening

Bug#958805: onedrive: SEGV and core dump on error (401)

Package: onedrive Version: 2.4.18-0.1+b1 Followup-For: Bug #958805 X-Debbugs-Cc: s...@robots.org.uk According to , > This issue is caused by the way the 'onedrive'

Bug#1019263: Audio capture (e.g., in MS Teams) doesn't work

It turns out this was caused by the audio_capture_enable setting which made its way into my profile. -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9

Bug#1019263: chromium: Audio capture (e.g., in MS Teams) doesn't work

Package: chromium Version: 105.0.5195.102-1 Severity: normal X-Debbugs-Cc: s...@robots.org.uk When I try to join a Teams meeting, I get the mesasge Are you sure you don't want audio or video? If you change your mind, select the camera icon by your address bar and then _Always allow_.

Bug#1015317: /lib/systemd/system/podman-auto-update.service: podman-auto-update.service broken - can't find /bin/podman

Package: podman Version: 4.1.1+ds1-2 Severity: normal File: /lib/systemd/system/podman-auto-update.service Jul 18 00:15:01 systemd[1]: Starting Podman auto-update service... Jul 18 00:15:01 systemd[3185620]: podman-auto-update.service: Failed to locate executable /bin/podman: No such file or

Bug#668462: network-manager: Wrong default for IPv6 Privacy Extensions

s this still the case? NetworkManager.conf(5) says: ipv6.ip6-privacy If ipv6.ip6-privacy is unset, use the content of "/proc/sys/net/ipv6/conf/default/use_tempaddr" as last fallback. -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9

Bug#1010889: network-manager: Please ship additional NM config examples found in examples/nm-conf.d/

Package: network-manager Version: 1.37.92-1 Severity: wishlist examples/nm-conf.d has a couple of drop-in example config files that it would be nie to find in /usr/share/doc/network-manager/examples. In particular, 30-anon.conf shows how to configure NM so that it won't leak information to the

Bug#1001644: [Pkg-sssd-devel] Bug#1001644: libpam-sss: OTP-enabled users do not recieve OTP prompts from pam_sss.so

On Wed, Dec 15, 2021 at 11:19:23AM +0200, Timo Aaltonen wrote: > On 13.12.2021 19.39, Sam Morris wrote: > > Package: libpam-sss > > Version: 2.6.1-1 > > Severity: normal > > > > In the default configuration, /etc/pam.d/common-auth contains: > > &g

Bug#656339: From: Felix Geyer

On Fri, Mar 23, 2012 at 01:24:03PM +, Sam Morris wrote: > > Could you please test if this is still a problem with version 4.1.8-dfsg-2? > > > > mesa didn't load the dri module as it wasn't installed into the multiarch > > directory. > > Sadly this is still the

Bug#1001644: libpam-sss: OTP-enabled users do not recieve OTP prompts from pam_sss.so

Package: libpam-sss Version: 2.6.1-1 Severity: normal -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 In the default configuration, /etc/pam.d/common-auth contains: auth [success=2 default=ignore] pam_unix.so nullok auth [success=1 default=ignore] pam_sss.so use_first_pass

Bug#1000357: Module build is still failing

The module is still failing to build on my machine. I believe the problem is that ddcci_device_remove() returns in two different places. The new patch wraps the return at the end of the function in an #if, but does not fix the mid-function `return -EINVAL;`. (In case it is useful: there is a

Bug#997022: kwin-x11: Black screen after attempting to enable compositing

Package: kwin-x11 Version: 4:5.23.0-2 Severity: important When starting compositing in kwin (either by starting kwin with compositing enabled, or by pressing Ctrl-Alt-F12 while kwin is running), the whole screen goes black apart from the mouse cursor. When this happens, kwin prints `kwin_core:

Bug#995730: [Pkg-sssd-devel] Bug#995730: libnss-sss: sssd protocol is not stable; libnss-sss and so on need stricter dependencies

able sssd' in order to upgrade just sssd so I could drop my patch for pam_sss_gss.so which was included in 2.5.2. Sometimes I do run into the odd dependency issue like this as a result... :) -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9

Bug#995730: libnss-sss: sssd protocol is not stable; libnss-sss and so on need stricter dependencies

Package: libnss-sss Version: 2.5.2-3 Severity: normal I upgraded sssd today, and found that netgroup lookups no longer worked. See for the details. The underlying reason was that I had not upgraded libnss-sss, and the older libnss_sss.so.2 was unable to

Bug#927786: Patch for #927786

The upstream source checks for the ability to build against libfuse by searching hard-coded locations for fuse.h. In the interest of multiarch support, the Debian package instead uses the compiler to locate the header. However, this compiler-based check was failing, not because fuse is not

Bug#989986: network-manager: NetworkManager exited and now I have no networking

Package: network-manager Version: 1.30.0-2 Severity: important X-Debbugs-Cc: s...@robots.org.uk NetworkManager.service has Restart=on-failure, but if something sends SIGTERM to NetworkManager then it exits with status 0. Anyway, this user expects NetworkManager expects NM to be up & the network

Bug#988178: Newer ypbind-mt package also affected

From: Francesco P. Lovergine Sent: Friday, May 7, 2021 02:02 To: Brian Morris; 988...@bugs.debian.org Subject: Re: Bug#988178: Newer ypbind-mt package also affected *** EXTERNAL E-MAIL *** On Fri, May 07, 2021 at 12:28:24AM +, Brian Morris wrote: >I also looked at the sou

Bug#988178: Newer ypbind-mt package also affected

I also looked at the source of the newer ypbind-mt package in the Testing branch and it appears to have the same issue.

Bug#988178: nis: ypbind fails to start when already running in a container

Package: nis Version: 3.17.1-3+b1 Severity: important Tags: patch Dear Maintainer, * What led up to the situation? System has several lxd containers that run ypbind. When the system was restarted (or even ran dist-upgrade just prior to restart), pybind failed to start. I have

Bug#922945: [Pkg-shadow-devel] Bug#922945: /var/log/lastlog is a 110 TByte sparse file, seriously affecting backup

On Fri, Apr 16, 2021 at 01:30:36PM +0200, Bálint Réczey wrote: > Control: severity -1 wishlist > Control: tags -1 confirmed upstream > > Hi Sam, > > Sam Morris ezt írta (időpont: 2021. ápr. 13., K, 19:45): > > > > On Tue, 2021-04-13 at 15:26 +

Bug#922945: [Pkg-shadow-devel] Bug#922945: /var/log/lastlog is a 110 TByte sparse file, seriously affecting backup

in any case changing login.defs wouldn't be sufficient. -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B  1855 D20B 4202 5CDA 27B9 signature.asc Description: This is a digitally signed message part

Bug#922945: /var/log/lastlog is a 110 TByte sparse file, seriously affecting backup

Package: login Followup-For: Bug #922945 X-Debbugs-Cc: s...@robots.org.uk Control: affects -1 libpam-modules Control: tag -1 patch There is a hint as to what's going on in login.defs(5). LASTLOG_UID_MAX (number) Highest user ID number for which the lastlog entries should be

Bug#966198: gdm3: Defunct gdm-session-worker processes occationally remains unhandled.

Package: gdm3 Version: 3.38.2.1-1 Followup-For: Bug #966198 X-Debbugs-Cc: s...@robots.org.uk I've noticed quite a few of these processes hanging around: $ pgrep gdm-session-worker -f | xargs ps -o pid,ppid,user,unit,uunit,args PIDPPID USER UNIT

Bug#982288: podman: Can't run caontainers - failed to connect to container's attach socket - fixed!

--the wonders of large enterprises... :) -- Sam Morris <https://robots.org.uk/> PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9 signature.asc Description: This is a digitally signed message part

Bug#982288: podman: Can't run caontainers - failed to connect to container's attach socket

Package: podman Version: 3.0.0~rc2+dfsg1-2+b1 Severity: grave Justification: renders package unusable X-Debbugs-Cc: s...@robots.org.uk After upgrading to podman 3, I can't run any containers any more. $ podman run --rm -it docker.io/library/debian:10 Error: failed to connect to

Bug#980167: /usr/lib/python3/dist-packages/syncthing_gtk/nautilusplugin.py: Errors from nautilus extension: AttributeError: 'str' object has no attribute 'decode'

Package: syncthing-gtk Version: 0.9.4.4+ds+git20201209+c46fbd8-1 Severity: normal File: /usr/lib/python3/dist-packages/syncthing_gtk/nautilusplugin.py With the extension enabled, nautilus outputs the following repeatedly: Traceback (most recent call last): File

Bug#962994: pcp: cron jobs launch pcp in cron's cgroup

Package: pcp Version: 5.2.3-1 Followup-For: Bug #962994 This doesn't appear to be fixed. I can see init scripts & cron job definitions but not systemd units present in the pcp package: $ dpkg -L pcp | grep systemd /usr/lib/pcp/pmdas/systemd /usr/lib/pcp/pmdas/systemd/Install

Bug#971424: gsd-usb-protection fails to add rule to allow USB devices

Package: gnome-settings-daemon Version: 3.38.1-2 Followup-For: Bug #971424 I'm still seeing this. The workaround is to stop (remove) usbguard, then disable usb protection on any newly-attached devices: for x in /sys/bus/usb/devices/usb*/authorized_default; do echo 1 > $x; done and then

Bug#970230: freeipa FTBFS on non-nodejs architectures

Package: src:freeipa Followup-For: Bug #970230 Control: tag -1 + patch This should let freeipa build on armel again: $ diff -u debian/rules.old debian/rules --- debian/rules.old2020-11-11 13:26:32.112603329 + +++ debian/rules2020-11-11 13:26:37.020620794 + @@ -99,7 +99,7 @@

Bug#971424: gsd-usb-protection fails to add rule to allow USB devices

Source: gnome-settings-daemon Version: 3.38.0-2 Severity: normal As I understand it, gsd-usb-protection adds a rule to allow any USB device but only while the system is not locked. On my system, gsd-usb-protection is unable to add the rule. $ /usr/libexec/gsd-usb-protection -v

Bug#967946: gnome-settings-daemon: pulls in usbguard, even though GNOME has no GUI for it and silently blocks devices

Source: gnome-settings-daemon Followup-For: Bug #967946 gnome-settings-daemon only Suggests: usbguard - so it's not pulled in by default (unless apt is configured to install suggested packages by default)? -- System Information: Debian Release: 10.6 APT prefers stable-updates APT policy:

Bug#968390: virtualbox-guest-x11: VBoxDRMClient missing

Package: virtualbox-guest-x11 Version: 6.1.12-dfsg-9 Severity: important -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 VirtualBox guest additions now includes a VBoxDRMClient program that is missing from the Debian package. I believe this is used for 3d acceleration under Wayland. I've not

Bug#874191: gdm3 started users start in wrong context

On Wed, Apr 01, 2020 at 11:48:29AM +0100, Sam Morris wrote: > Patches available: > > https://salsa.debian.org/selinux-team/libselinux/-/merge_requests/2 This one isn't needed now that libselinux 3.1 is in unstable. > https://salsa.debian.org/selinux-team/refpolicy/-/merge_requests/

Bug#965143: sssd: SSSD 2.3 won't let log in or use sudo

Source: sssd Followup-For: Bug #965143 Control: -1 + fixed-upstream patch Upstream things this is https://github.com/SSSD/sssd/pull/5222 which has been fixed upstream. https://patch-diff.githubusercontent.com/raw/SSSD/sssd/pull/5222.patch -- System Information: Debian Release: 10.4 APT

Bug#965143: sssd: SSSD 2.3 won't let log in or use sudo

Package: sssd Version: 2.3.0-2 Severity: grave Justification: renders package unusable This locks me out of my systems. $ sudo -l [sudo] password for sam.morris@ad.domain.example: Sorry, try again. [sudo] password for sam.morris@ad.domain.example: Sorry, try again.

Bug#965059: Syntax warnings with Python 3.8

Package: python3-yubico Version: 1.3.3-0.3 Severity: normal $ ipa user-find sam /usr/lib/python3/dist-packages/netaddr/strategy/__init__.py:189: SyntaxWarning: "is not" with a literal. Did you mean "!="? if word_sep is not '': /usr/lib/python3/dist-packages/yubico/yubikey_usb_hid.py:288:

Bug#964388: 'replicated server' entries with CIFS don't work

Source: autofs Version: 5.1.6-2 Severity: normal I'm trying to make DFS-replicated CIFS file shares available. In auto.master I have: /dfsfile:/etc/auto.dfs browse and in auto.dfs I have: /dfs/HD-fstype=cifs,sec=krb5i,cruid=$UID,multiuser ://server1.domain.example/HD

Bug#964245: beets: Crashes on launch after upgrading to python 3.8.4~rc1-1

Package: beets Version: 1.4.9-4 Severity: grave Justification: renders package unusable Since the upgrade to Python 3.8.4rc1, Beets crashes on launch with the following output: $ beet Traceback (most recent call last): File "/usr/bin/beet", line 11, in load_entry_point('beets==1.4.9',

Bug#963975: blender: Blender crashes on launch (failed assert)

Package: blender Version: 2.83.1+dfsg-1 Severity: grave Justification: renders package unusable Blender 2.83.1+dfsg-1 is crashing on launch with the output shown below. I have tested this with and without an existing ~/.config/blender/ directory. $ blender blf_load_font_default: 'fonts' data

Bug#795281: autofs: Please provide a mechanism to make automount root mount points shared

fs/blob/master/f/autofs-5.1.6-make-bind-mounts-propagation-slave-by-default.patch In addition to making 'slave' the default, it also adds a 'shared' mount option. -- Sam Morris <https://robots.org.uk/> CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9

Bug#693782: auto.master.d documentation

e of file to be included must be ended with ".autofs". A file will be ignored if its name is not ended with the suffix. In addition a dot file, a file which name is started with "." is also ignored. -- Sam Morris <https://robots.org.uk/> CAAA AA1A

Bug#963899: Build smbclient against MIT krb5

Package: smbclient Version: 2:4.9.5+dfsg-1 Severity: wishlist I don't know how sane this might be, but you don't find out of if you don't ask, right? I run into lots of problems trying to use smbclient in my workplace. They boil down to the fact that Samba's bundled Heimdal library has a number

Bug#860151: keepalived: System loses virtual ip address after each systemd-networkd restart

Package: keepalived Followup-For: Bug #860151 I think this is no longer an issue since systemd 243, which adds the KeepConfiguration= network option. If set to 'yes' then networkd won't remove VIPS and such from managed interfaces when it (re)starts. -- System Information: Debian Release: 10.4

Bug#963692: /usr/share/info/gnupg.info.gz: Documentation regarding default RSA key size is out of date

Package: gnupg Version: 2.2.20-1 Severity: minor File: /usr/share/info/gnupg.info.gz The documentation for ---default-new-key-algo says that the default is rsa2048/cert,sign+rsa2048/encr but gpg-default-to-3072-bit-RSA-keys.patch changes this to rsa3072/cert,sign+rsa3072/encr. I suggest

Bug#962994: [pcp] Bug#962994: pcp: cron jobs launch pcp in cron's cgroup

still runnable in order to handle the case where the package has been removed (which removes the program) but not purged. In this case, conffiles such as cron jobs will still be present, and root will receive lots of mail from cron about the missing program. :) -- Sam Morris <https://robots.org.uk/> CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9

Bug#962994: pcp: cron jobs launch pcp in cron's cgroup

Package: pcp Version: 5.1.1-1 Severity: normal $ systemctl status cron ● cron.service - Regular background program processing daemon Loaded: loaded (/lib/systemd/system/cron.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2020-06-17 09:03:18 BST; 2min 5s

Bug#668538: RFP: vdsm -- Virtual Desktop and Server Manager

Followup-For: Bug #668538 Updated URL about building VDSM on Debian: https://www.ovirt.org/develop/developer-guide/vdsm/on-debian.html The changeset for debian packaging is here: https://gerrit.ovirt.org/#/c/49257/ This was merged, but the debian packaging was removed from vdsm Git in April

Bug#960947: sensors-applet: Please switch from libpanel-applet to libgnome-panel

Thank you for taking care of this! Sam

Bug#446036: exim4: please compile against openssl instead of gnutls

elicensing makes the political reason to stay with GnuTLS less important (I'll of course defer to the opinions of the maintainers here!) Anyway, if the maintainers would reconsider switching to OpenSSL once 3.0 enters Debian then I'd like to help! -- Sam Morris <https://robots.org.uk/>

Bug#733094: uvcdynctrl still filling the disk

implementation. -- Sam Morris

Bug#958025: gnome-shell: Wayland session never starts

On Fri, 2020-04-17 at 17:08 +0100, Sam Morris wrote: > Anyway... I'll keep upgrading things and follow up if I figure out > which package fixes things... Upgrading libatspi2.0-0 improved things. Although gnome-shell still hangs, the backtrace is now: #0 0x7ff4b79b8b4f in __GI___pol

Bug#958025: gnome-shell: Wayland session never starts

irly rare) occasions where problems are caused by version skew accross a source package I upgrade packages that apt missed by hand. > On Fri, 17 Apr 2020 at 15:48:51 +0100, Sam Morris wrote: > > Apr 17 15:16:09 gnome-session-binary[26371]: WARNING: Error > > creating FIFO: File ex

Bug#958025: gnome-shell: Wayland session never starts

Package: gnome-shell Version: 3.36.1-5 Severity: important Since upgrading to 3.36, once GDM starts the login screen does not for 90 seconds. During this time trying to switch to a different VTY with Ctrl+Alt+F5 etc. doesn't work. With 'journalctl _UID=$(id -u Debian-gdm)' I see: Apr 17

Bug#958017: libpango-1.0-0: Crash in pango_font_get_hb_font

Package: libpango-1.0-0 Version: 1.44.7-3 Followup-For: Bug #958017 Control: -1 severity minor After upgrading libpangocairo-1.0-0 to the version in unstable, pango-view gives some more useful messages: (pango-view:303404): GLib-GObject-WARNING **: 13:40:03.869: specified class size for

Bug#958017: libpango-1.0-0: Crash in pango_font_get_hb_font

Package: libpango-1.0-0 Version: 1.44.7-3 Severity: grave Justification: renders package unusable After upgrading libpango-1.0-0 from version 1.42.4-7~deb10u1 to version 1.44.7, gnome-terminal-server will no longer start. It crashes with: #0 0x in ?? () #1

  1   2   3   4   5   6   7   8   9   10   >