Hi Enrico,
Enrico Weigelt wrote:
> > Upstream tarballs are preferable because:
> >
> > * It's use is recommended in the Developer Reference
>
> recommended essentially means optional.
Optional, yes, but still a recommendation, not just a suggestion.
> > * Distributions which build the software
* Axel Beckert schrieb:
> Upstream tarballs are preferable because:
>
> * It's use is recommended in the Developer Reference
recommended essentially means optional.
> * It's clear how the tarball was generated -- built by upstream and
> downloaded
> * Distributions which build the software o
* Tanguy Ortolo schrieb:
> Enrico Weigelt, 2011-12-31 03:55+0100:
> > IMHO this is completely wrong, those files should be under
> > /usr/lib/... or maybe even /usr/share/... as they're not
> > dynamic data.
>
> Well, when people install new plugins or new themes, they get installed
> on the same
* Russ Allbery schrieb:
> That experience aside, we're not talking about patches here, assuming
> Marco's description of the situation is correct. We're talking about a
> full-blown fork and a need for a new udev upstream.
Maybe a downstream-branch is enough.
cu
--
* Fernando Lemos schrieb:
> Are you guys applying for maintainership for this huge delta
> you want to introduce between upstream and us?
Actually, yes.
cu
--
--
Enrico Weigelt, metux IT service -- http://www.metux.de/
pho
Package: wnpp
Owner: Rupert Swarbrick
Severity: wishlist
* Package name: luasseq
Version : 2.1
Upstream Author : Tilman Bauer
* URL or Web page : http://www.few.vu.nl/~tilman/tex.html
* License : LaTeX Project Public License (LPPL)
Description : LuaLaTeX package for
On Wed, Jan 04, 2012 at 01:12:00AM +0800, Thomas Goirand wrote:
> Let's say you're doing an Ubuntu package. In this case, you'd be
> using upstart, and not an insserv scripts, and you wouldn't need to
> depend on lsb-base for example. Or logrotate restarting of daemons
> in Ubuntu would use "restar
Hi Corentin,
According to website, YASAT doesn't look to provide any new feature
than lynis or tiger.
What are the advantages or differences with Lynis?.
Regards,
El jue, 29-12-2011 a las 14:21 +, Corentin LABBE escribió:
> Package: wnpp
> Severity: wishlist
> Owner: Corentin LABBE
>
>
>
On Wed, 04 Jan 2012 at 01:12:00 +0800, Thomas Goirand wrote:
> Let's say you're doing an Ubuntu package. In this case, you'd be
> using upstart, and not an insserv scripts, and you wouldn't need to
> depend on lsb-base for example. Or logrotate restarting of daemons
> in Ubuntu would use "restart"
On Tue, Jan 3, 2012 at 18:05:22 +0100, Romain Francoise wrote:
> Jakub Wilk writes:
>
> > Also, you just introduced a security hole: every user can DoS other one
> > (including root) my mkdiring /tmp/tmux-${VICTIM_UID}.
>
> See #620304 (and CVE-2011-1496) for more context about this.
>
That d
Package: wnpp
Severity: wishlist
Owner: Ritesh Raj Sarraf
* Package name: gimx
Version : 0.25
Upstream Author : Mathieu Laurendeau
* URL : http://blog.gimx.fr/
* License : GPLv3
Programming Lang: C++
Description : game input multiplexer for ps3
GIMX s
Axel Beckert writes:
> And I can't really execute it, neither as the user owning the screen
> session nor as root:
> ~ # /proc/32039/exe -ls
> zsh: permission denied: /proc/32039/exe
Yes, /proc is mounted noexec so you need to use the ld-linux.so trick.
But now that I actually try it, I realiz
On 01/03/2012 11:37 PM, Jonathan Wiltshire wrote:
> On 2012-01-03 15:16, Thomas Goirand wrote:
>> I agree with you, also, and also would like to highlight that native
>> packages are a pain for derivatives!
>
> Can you expand on that point please? What are the particular problems
> in this scenario
Hi,
Romain Francoise wrote:
> > Thank you Axel for your detailed response and IMHO this is indeed close
> > to an ideal (lightweight, self-cleaning, etc) resolution for this
> > scenario.
>
> Of course the real lightweight, self-cleaning solution is to not do
> anything special as the old binary
Jakub Wilk writes:
> Also, you just introduced a security hole: every user can DoS other one
> (including root) my mkdiring /tmp/tmux-${VICTIM_UID}.
See #620304 (and CVE-2011-1496) for more context about this.
--
Romain Francoise
http://people.debian.org/~rfrancoise/
--
To UNSUBSCRIBE, ema
Package: wnpp
Severity: wishlist
Owner: Steffen Moeller
* Package name: linoccult
Version : 2.1.1
* URL : http://andyplekhanov.narod.ru/occult/occult.htm
* License : GPL2
Programming Lang: C
Description : prediction and visualisation of asteroidal occulta
* Romain Francoise , 2012-01-02, 09:28:
3) Tell people via the release notes that they should not run the
dist-upgrade inside screen, but inside tmux instead.
Unfortunately tmux has an issue of its own for squeeze → wheezy
upgrades, the socket path was changed from /var/run/tmux to /tmp in
or
Yaroslav Halchenko writes:
> Thank you Axel for your detailed response and IMHO this is indeed close
> to an ideal (lightweight, self-cleaning, etc) resolution for this
> scenario.
Of course the real lightweight, self-cleaning solution is to not do
anything special as the old binary will be kept
On Jan 03, Didier Raboud wrote:
> 3) In a "screen-cleanup init script", test the inexistance of the flag and
> the
> existance of /usr/bin/screen-old; in that case, `rm` it.
> (+ appropriate version and sanity checks, + idempotency)
This is bad, because to solve a possible 30 minutes issu
Le mardi, 3 janvier 2012 16.58:08, Axel Beckert a écrit :
> Hi,
>
> Marco d'Itri wrote:
> > If /tmp is noexec then the administrator mounted it this way and knows
> > about it.
Another idea would be to use /usr/bin as temporary place for the old screen.
That would be a Policy violation but not a
Package: wnpp
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org
--- Please fill out the fields below. ---
Package name: eclipse-cdt-qt
Version: 1.6.1
Upstream Author: Nokia
URL: http://qt.nokia.com/products/eclipse-integration/
License: LGPL-2.1
De
Hi,
Marco d'Itri wrote:
> If /tmp is noexec then the administrator mounted it this way and knows
> about it.
Yeah, but that is possibly such a long time ago that it's not the
first thought. So a small hint to fresh up the memory can't be bad.
> So if he is smart enought to mount /tmp noexec then
Package: wnpp
Severity: wishlist
Owner: Philipp Hagemeister
* Package name: mocksmtp
Version : 1.0
Upstream Author : Philipp Hagemeister
* URL : https://github.com/phihag/mocksmtp
* License : GPL
Programming Lang: Python
Description : email test server
On Jan 03, Edward Allcutt wrote:
> On Tue, 3 Jan 2012, Marco d'Itri wrote:
> >It does not matter, this is needed strictly for the time of the upgrade
> >process.
> Just how short do you expect this to be? I'm sure many of us
> dist-upgrade daily and (shock! horror!) don't reboot after each
> upgr
On Jan 03, Axel Beckert wrote:
> Thanks for the comment. Cc'ing the relevant bug again, as this is
> crucial information when I work on fixing the bug.
If /tmp is noexec then the administrator mounted it this way and knows
about it. So if he is smart enought to mount /tmp noexec then he can
proba
On Tue, 3 Jan 2012, Marco d'Itri wrote:
It does not matter, this is needed strictly for the time of the upgrade
process.
Just how short do you expect this to be? I'm sure many of us dist-upgrade
daily and (shock! horror!) don't reboot after each upgrade. We also don't
expect existing processe
On 2012-01-03 15:16, Thomas Goirand wrote:
I agree with you, also, and also would like to highlight that native
packages are a pain for derivatives!
Can you expand on that point please? What are the particular problems
in this scenario?
Thanks,
--
Jonathan Wiltshire
On 01/03/2012 10:47 PM, Holger Levsen wrote:
> Hi,
>
> On Dienstag, 3. Januar 2012, Stefano Canepa wrote:
>
>> I would like to know if it is worth to
>> switch this package to native. If yes where is it better to keep all
>> sources? At present they are on github.
>>
> In my experience nati
Hi,
Roger Leigh wrote:
[/tmp mounted noexec]
> > /run/shm (IIRC formerly /dev/shm) likely would be an
> > alternative option, too.
>
> No, it would not. This directory is reserved for the eglibc
> POSIX SHM/SEM interfaces.
Thanks for this explanation. It's the first time I read or hear about
th
Hi,
On Dienstag, 3. Januar 2012, Stefano Canepa wrote:
> I would like to know if it is worth to
> switch this package to native. If yes where is it better to keep all
> sources? At present they are on github.
In my experience native packages are rather annoying as they will create a
full orig.ta
Hi all,
I'm working, at the end someone could note [1], on apt-spy and while asking
for a sponsor to upload my new package, I received an interesting review
by Paul Wise who spotted many errors in my package. I'm in the process
of correcting all errors and I would like to know if it is worth to
swi
On Jan 03, Yaroslav Halchenko wrote:
> just thought of it: another possible complication of this approach (mv
> /usr/bin/screen /tmp/screen-4.0) might be -- tools depending on
> screen (e.g. byobu) might be in the cold water if the default screen in
> the PATH cannot do its duties.
It does not ma
just thought of it: another possible complication of this approach (mv
/usr/bin/screen /tmp/screen-4.0) might be -- tools depending on
screen (e.g. byobu) might be in the cold water if the default screen in
the PATH cannot do its duties.
FWIW:
$> apt-cache rdepends screen
screen
Reverse Depends:
On Jan 03, Russ Allbery wrote:
> Yes. But it needs to actually be a co-maintainer, or it needs to be
> someone who's offering to be a new upstream, not someone who is willing to
> produce a one-time fix to the problem.
And we are not discussing a missing "fix", but radically modifying its
seman
Package: wnpp
Severity: wishlist
Owner: Florent Angly
* Package name: grinder
Version : 0.4.2
Upstream Author : Florent Angly
* URL : http://sourceforge.net/projects/biogrinder/
* License : GPL
Programming Lang: Perl
Description : A bioinformatic tool
On Tue, Jan 03, 2012 at 10:05:46AM +, Roger Leigh wrote:
> If you really need to use a filesystem mounted noexec, just run
> the binary via /lib/ld.so (you'll need to get the real location
> from e.g. ldd). Something like:
The kernel does not allow executable mappings from noexec filesystems,
Package: wnpp
Severity: wishlist
Owner: Alessandro Ghedini
* Package name: libtext-markdown-discount-perl
Version : 0.02
Upstream Author : Masayoshi Sekimura
* URL : http://search.cpan.org/dist/Text-Markdown-Discount/
* License : Artistic or GPL-1+
Programmi
On Tue, Jan 03, 2012 at 07:17:04AM +0100, Axel Beckert wrote:
> Hi Yaroslav!
>
> Yaroslav Halchenko wrote:
> > > > I strongly recommend this solution, along with a proper debconf notice.
> > > [...]
> > > > /tmp is a good choice because the next reboot will automatically clean
> > > > up everythi
38 matches
Mail list logo
