On Sun, Nov 13, 2022 at 02:01:50PM +, Reuben Thomas wrote:
> I am the upstream maintainer of libpaper (which used to be a pure-Debian
> project), and also a Debian Maintainer trying to get a new version of
> libpaper into Debian. (It involves an API/ABI transition, from the current
> libpaper1
Hi,
在 2022-11-13星期日的 14:01 +,Reuben Thomas写道:
> I am the upstream maintainer of libpaper (which used to be a pure-Debian
> project), and also a Debian Maintainer trying to get a new version of
> libpaper into Debian. (It involves an API/ABI transition, from the current
> libpaper1 to libpaper2
> "Reuben" == Reuben Thomas writes:
Reuben> I am a bit torn here: with my DM hat on, stripping out
Reuben> gnulib sources where possible and using Debian's gnulib
Reuben> package seems the right thing to do. With my upstream hat
Reuben> on it leads potentially to bug reports
> "Otto" == Otto Kekäläinen writes:
Otto> Instead of manually trying to manage TMPDIR env variable in
Otto> various places, we should have a standardized way to run
Otto> maintainer scripts in clean shell sessions that have all env
Otto> variables set automatically correctly.
Robie Basak writes:
> This seems inconsistent to me. Where is the expectation that TMPDIR must
> be unset if dropping privileges coming from? Obviously for users of
> libpam-tmpdir that's a problem. But in the default case, it's something
> that would be entirely reasonable to inherit through a
On Sun, Nov 13, 2022 at 05:46:00PM +0100, Marco d'Itri wrote:
> On Nov 13, Robie Basak wrote:
>
> > This seems inconsistent to me. Where is the expectation that TMPDIR must
> > be unset if dropping privileges coming from? Obviously for users of
> Where is the expectation that $TMPDIR is writable
On Sun, Nov 13, 2022 at 03:55:45PM +0100, Micha Lenk wrote:
> Am 13. November 2022 04:56:14 MEZ schrieb Hideki Yamane
> :
> >Hi lintian maintainers,
> >
> > I'm thinking about uploading new unidic-mecab package, but when I ran
> > lintian for it, lintian ate all of my PC's memory (32GB!) since its
On Nov 13, Robie Basak wrote:
> This seems inconsistent to me. Where is the expectation that TMPDIR must
> be unset if dropping privileges coming from? Obviously for users of
Where is the expectation that $TMPDIR is writable by any user but the
current one?
I do not believe that it is expected t
On Sun, Nov 13, 2022 at 04:16:29PM +0100, Marco d'Itri wrote:
> And I think that it would be wrong to have dpkg generally unset $TMPDIR,
> because if root sets it then it would be reasonable to expect that also
> dpkg and the maintainer scripts use it (as long as they are not dropping
> privilege
On Sun, Nov 13, 2022 at 02:58:47PM +, Simon McVittie wrote:
> If the maintainer script is *dropping* privileges from root down to a
> system user, then I think the maintainer script is/should be responsible
> for doing that privilege drop in a way that works...
Agreed, but amongst various othe
]] Sunil Mohan Adapa
> During today's FreedomBox meet, we have discussed that systemd'd
> PrivateTmp= is a better solution than libpam-tmpdir for FreedomBox at
> least as systemd makes a cleaner mount isolation between processes
> instead of managing directories and permissions.
>
> For this re
]] Daniel Black
> How User= systemd directives work with lbpam-tmpdir I'm not sure,
> however without a setuid there shouldn't be an invalid TMPDIR env
> variable there.
systemd doesn't start a new PAM session for services, so there's no
interaction there.
--
Tollef Fog Heen
UNIX is user frien
]] Robie Basak
> On Thu, Nov 10, 2022 at 05:37:53PM +0100, Tollef Fog Heen wrote:
> > I think it's more wide than that: If you change UID, you need to
> > sanitise the environment. Your HOME is likely to be wrong. PATH might
> > very well be pointing at directories which are not appropriate for
Hi,
On So 13 Nov 2022 15:01:50 CET, Reuben Thomas wrote:
I am a bit torn here: with my DM hat on, stripping out gnulib sources where
possible and using Debian's gnulib package seems the right thing to do.
With my upstream hat on it leads potentially to bug reports that don't
correspond to an u
On Sun, 13 Nov 2022 at 14:01:50 +, Reuben Thomas wrote:
> I just got a rejection for libpaper_2.0.3-1 from ftp-master (in this case,
> Thorsten Alteholz), who said "I didn't find any explanation why you embedded a
> copy of gnulib in your source tarball. Do you really need that?"
I think the l
The dbus package in bookworm has been broken up into several smaller
packages, so that people who want to use a non-reference implementation
of the D-Bus message buses (like dbus-broker) can do so. Various packages
should ideally change their dependencies.
The dbus package in Debian 11 already had
On Nov 13, Simon McVittie wrote:
> I think you can both be right. The symptom here is a maintainer script
> failing, but if I'm understanding Marco's argument correctly, he's
> saying that the root cause is that when you switch between execution
> environments, not all of the environment variable
On Sun, 13 Nov 2022 at 11:38:08 +, Robie Basak wrote:
> On Sun, Nov 13, 2022 at 02:21:58AM +0100, Marco d'Itri wrote:
> > On Nov 12, Otto Kekäläinen wrote:
> > > Instead of manually trying to manage TMPDIR env variable in various
> > > places, we should have a standardized way to run maintaine
Just looking at the size this doesn't look like a regular package you are
talking about. So I'm sorry but I would need more context on that before I can
say why I have a concern. Why would you want to do that?
Regards,
Micha
Am 13. November 2022 04:56:14 MEZ schrieb Hideki Yamane
:
>Hi lintian
I am the upstream maintainer of libpaper (which used to be a pure-Debian
project), and also a Debian Maintainer trying to get a new version of
libpaper into Debian. (It involves an API/ABI transition, from the current
libpaper1 to libpaper2.)
Bastian Germann (b...@debian.org) is kindly helping wit
Package: wnpp
Severity: wishlist
Owner: Jonathan Carter
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name: python3-simpleobsws
Version : 1.3.1
Upstream Author : IRLToolkit Inc.
* URL : https://github.com/IRLToolkit/simpleobsws
* License : Expat
Pro
On Sun, Nov 13, 2022 at 02:21:58AM +0100, Marco d'Itri wrote:
> On Nov 12, Otto Kekäläinen wrote:
>
> > Instead of manually trying to manage TMPDIR env variable in various
> > places, we should have a standardized way to run maintainer scripts in
> > clean shell sessions that have all env variabl
On Thu, Nov 10, 2022 at 10:46:55PM +, brian m. carlson wrote:
> > I think it's more wide than that: If you change UID, you need to
> > sanitise the environment. Your HOME is likely to be wrong. PATH might
> > very well be pointing at directories which are not appropriate for the
> > user you'
On Thu, Nov 10, 2022 at 05:37:53PM +0100, Tollef Fog Heen wrote:
> I think it's more wide than that: If you change UID, you need to
> sanitise the environment. Your HOME is likely to be wrong. PATH might
> very well be pointing at directories which are not appropriate for the
> user you're changi
On Thu, Nov 10, 2022 at 12:08:55PM +0100, Marco d'Itri wrote:
> > But are you in essence saying that libpam-tmpdir requires that *every
> > maintainer script* that runs things as non-root, or starts processes
> > that do that, unset TMPDIR first?
> This would not be right, because it is totally val
25 matches
Mail list logo
