On Wed, Dec 6, 2023 at 1:19 PM Daniel P. Berrangé wrote:
>
> On Wed, Dec 06, 2023 at 11:16:44AM +0100, Ondrej Pohorelsky wrote:
> > Hi everyone,
> >
> > For F40 I would like to change file permissions of few files that are
> > provided by cronie and crontabs and swap deny list for allow list. I'm
Assuming the goal is to improve fedora, that would be pointless as
telemetry rarely produces useful results as opt-in. It makes sense to have
it opt-out, but I'd expect the telemetry output and inputs to be open and
available for fedora developers.
Regards,
Nikos
On Thu, Jul 6, 2023 at 8:19 PM V
Hi,
I've been looking at Fedora's default --after installation-- attack
surface in terms of servers running, and I see chrony, and
NetworkManager running. NetworkManager runs as root, while chrony runs
as a dedicated user. NetworkManager according to lsof listens at the
bootpc and dhcpv6-client po
On Wed, Nov 18, 2020 at 2:23 PM Alexander Bokovoy wrote:
>
> On ke, 18 marras 2020, Nikos Mavrogiannopoulos wrote:
> >Hi,
> > I realized my fedora-based containers have an /etc/resolv.conf which
> >claims it is managed by resolved, and nsswitch.conf has "resolve
On Wed, Nov 18, 2020 at 6:37 PM Paul Wouters wrote:
>
> On Wed, 18 Nov 2020, Alexander Bokovoy wrote:
>
> >> Is there a way to use systemd resolved in a container?
> >
> > I figured this out yesterday -- at least in Rawhide, dbus-daemon is now
> > replaced by dbus-broker which is not active by def
Hi,
I realized my fedora-based containers have an /etc/resolv.conf which
claims it is managed by resolved, and nsswitch.conf has "resolve" in
hosts. However, doing something like
# systemd-resolve --status
results to:
sd_bus_open_system: No such file or directory
Trying to start dbus claims tha
On Mon, Oct 12, 2020 at 3:55 PM Nikos Mavrogiannopoulos wrote:
> > Second thing to chance: just ask, if a usable hw is found. Asking
> > permission for an impossible task is the definition of madnes
> >
> > Back to your request to change the policy:
> >
> &
On Fri, Oct 9, 2020 at 4:16 PM Marius Schwarz wrote:
>
> Am 09.10.20 um 13:18 schrieb Nikos Mavrogiannopoulos:
>
> LIBCCID_ifdLogLevel=0x000F pcscd --foreground --debug --apdu
> --color | tee log.txt
>
> This the unchanged output:
> 00492770 [140407774111296] auth.
/usr/share/polkit-1/actions/org.debian.pcsc-lite.policyOn Thu, Oct 8,
2020 at 11:06 AM Marius Schwarz wrote:
>
> Hi,
>
> this is a topic since a lot of time and it's still hits the user in it's
> face for no reason.
>
> Found: while presenting Fedora 33 changes to an audience and
> screenrecording
On Tue, Sep 29, 2020 at 3:43 PM Lennart Poettering wrote:
>
> On Di, 29.09.20 04:03, John M. Harris Jr (joh...@splentity.com) wrote:
>
> > > Search domains on VPNs are an indicator that these domains are handled
> > > by the VPN, that's why we use them also as routing domains. But this
> > > doesn
On Tue, Sep 22, 2020 at 8:40 AM Pavel Raiskup wrote:
> > I hit that two week ago for bitbucket and other servers. In my case I got it
> > connecting to lyx git server. At the time I wrote about it in the
> > fedora-test
> > mailing list.
> >
> > My workaround solution was to add to ~/.ssh/config
On Thu, Jul 30, 2020 at 12:25 PM Aleksandra Fedorova wrote:
>
> Hi, all,
>
> I'd like to get some understanding on the current state of emulation
> of other architectures.
>
> In the current CI infra we have infinite(*) access to x86_64 compute
> resources, but we haven't yet got our hands on any
Hi,
I've orphaned the nuttcp component. It is long time since I last used
it, and I do not plan updating it again. If you like networking tools
this may be a package for you!
regards,
Nikos
___
devel mailing list -- devel@lists.fedoraproject.org
To unsu
On Wed, Nov 27, 2019 at 4:46 AM Sam Varshavchik wrote:
>
> Chris writes:
>
> > Hi guys,
> >
> >
> > I just wanted to poll you for some advice. My notification tool I maintain
> > supports more than 50+ services now, but the only package isolation I do
>
> You should really count the number of tex
On Wed, Aug 14, 2019 at 10:01 PM Orion Poplawski wrote:
> My zabbix40 build for epel8 failed:
>
> https://koji.fedoraproject.org/koji/taskinfo?taskID=37041678
[...]
> The other odd thing is that I cannot install libssh2-devel on my RHEL8 vm
> because it does not appear to exist:
It does not. It i
On Tue, 2019-07-16 at 06:37 -0400, Nico Kadel-Garcia wrote:
> On Tue, Jul 16, 2019 at 5:34 AM Björn 'besser82' Esser
> wrote:
> > Am Dienstag, den 16.07.2019, 00:20 +0200 schrieb Kevin Kofler:
> > > Miro Hrončok wrote:
> > > > gnutls now cannot be rebuilt:
> > > >
> > > > nothing provides libnett
Hi,
The latest nettle (3.5.1) update will break ABI on rawhide. The API
remains the same hence recompilation will be sufficient to address any
issues.
regards,
Nikos
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email t
On Mon, May 27, 2019 at 3:00 PM Tomas Mraz wrote:
>
> Anderson, FYI. Could you please answer the question below?
>
> On Fri, 2019-05-24 at 17:58 +0100, Richard W.M. Jones wrote:
> > > libnbd.x86_64: W: crypto-policy-non-compliance-gnutls-1
> > > /usr/lib64/libnbd.so.0.0.0 gnutls_priority_set_direc
On Wed, Apr 24, 2019 at 12:24 PM Lennart Poettering
wrote:
> > > But why do that in userspace at all? the "Trust CPU RNG" kernel
> > > compile time option shows that these things are trivial to solve if
> > > people just want to. Instead of involving rngd at all, why not add a
> > > similar option
On Thu, Apr 18, 2019 at 10:23 AM Lennart Poettering
wrote:
> Sure, you can invoke rngd before systemd, in which case it would have
> to be able to run as PID 1 itself pretty much and then hand over
> things.
>
> But why do that in userspace at all? the "Trust CPU RNG" kernel
> compile time option
On Fri, 2018-12-21 at 15:35 -0500, Ben Cotton wrote:
> https://fedoraproject.org/wiki/Changes/krb5_crypto_modernization
>
> krb5 will be removing support for DES, 3DES, crc-32, and MD4
> entirely;
> they will not be allowed in session keys or long-term keys.
> Additionally, RC4 and MD5 will be mar
Hi,
I'm the main contact point for vpnc-script (used by vpnc and
openconnect VPN), however I no longer spend time in maintaining it.
If someone would like to pick it up, please let me know. The main
outstanding issue on that package is:
https://bugzilla.redhat.com/show_bug.cgi?id=1648108
Upstre
On Fri, 2018-08-17 at 08:19 -0500, Michael Cronenworth wrote:
> The libssh package uses wildcards on SONAME version. The package was
> upgraded from
> 0.7.5 to 0.8.1 in Fedora 27+ that included a SONAME bump.
>
> Please remove the wildcard in libssh and begin package rebuilds.
> Stable versions o
On Thu, 2018-08-02 at 10:49 +0100, Daniel P. Berrangé wrote:
> > >
> > > Thank you Huzaifa for bringing that up. I have a talk on fedora
> > > and
> > > crypto in flock, and my recommendation will be towards having
> > > some
> > > process to remove old packages from fedora. CVEs were not the
> >
On Tue, 2018-07-31 at 09:09 +0530, Huzaifa Sidhpurwala wrote:
> Hi All,
>
> I was asked to bring this issue[1] to the developer community before
> FESCO makes a decision.
>
> In several instances[2] there exists packages in Fedora, in which
> package-maintainers did not patch security issues, for
On Wed, 2018-06-06 at 09:45 -0500, mcatanz...@gnome.org wrote:
> On Wed, Jun 6, 2018 at 4:39 AM, Nikos Mavrogiannopoulos
> wrote:
> > I am actually very curious about the results of such a move, and
> > know
> > whether it is going to have a significant impact today. Debi
On Tue, 2018-06-05 at 11:41 -0500, mcatanz...@gnome.org wrote:
> On Tue, Jun 5, 2018 at 4:14 AM, Nikos Mavrogiannopoulos
> wrote:
> > Note that this change, if applied, includes browsers shipped by
> > fedora
> > (i.e., firefox). That is pretty much all or nothing plan
On Tue, 2018-06-05 at 16:34 -0400, John Florian wrote:
> On 06/05/2018 12:25 PM, Tomas Mraz wrote:
> > On Tue, 2018-06-05 at 16:11 +, Christian Stadelmann wrote:
> > > "Fallback option" always smells like "protocol downgrade attack".
> > > This would undermine the idea of a crypto policy. Anywa
On Mon, 2018-06-04 at 11:46 -0700, Adam Williamson wrote:
> On Fri, 2018-06-01 at 13:40 +0200, Jan Kurik wrote:
> > = Proposed System Wide Change: Strong crypto settings: phase 2 =
> > https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
>
>
> How about clients for networking with other O
On Fri, 2018-06-01 at 10:25 -0500, mcatanz...@gnome.org wrote:
> On Fri, Jun 1, 2018 at 8:06 AM, Daniel P. Berrangé
> wrote:
> > What is the availibility of TLS 1.2 vs 1.1/1.0 on the internet ?
> > ie how likely is this to break the ability of users to access
> > websites
> > they care about ?
>
In [0] it was reported that after installation of pcsc-lite in Fedora,
no smart cards were functioning at the system. After rebooting Fedora
everything was functioning as expected.
The issue is that the pcsc daemon uses a socket-activated unit
which is installed by dnf, but not started (and hence
On Wed, 2017-11-08 at 18:08 +0100, Björn 'besser82' Esser wrote:
> Hello everyone,
>
> since there has been some discussion in the last time about removing
> libcrypt from glibc in some time [1,2,3,4] and splitting it out into
> a
> separate project which can evolve quicker, I'd like to hear your
On Mon, 2018-02-26 at 10:26 -0600, mcatanz...@gnome.org wrote:
> On Mon, Feb 26, 2018 at 9:37 AM, Nikos Mavrogiannopoulos
> wrote:
> > regarding the strong crypto change in Fedora28 [0], we have
> > identified
> > few (usually internal) sites which break under firefox or
Hi,
regarding the strong crypto change in Fedora28 [0], we have identified
few (usually internal) sites which break under firefox or other tools.
The main reason for this breakage is that these sites only support
Diffie-Hellman with 1024-bit parameters which are considered too weak
by this change.
Hi,
I've filled [0] against gnome-keyring, due to it registering PKCS#11
tokens system-wide, which are not generally functional. For example
they are quite limited in the algorithms they support, they pose quite
some obstacles when trying to use them as a generic software smart card
(e.g., like so
On Thu, 2017-11-16 at 09:54 +0100, Pierre-Yves Chibon wrote:
> On Thu, Nov 16, 2017 at 09:14:53AM +0100, Nikos Mavrogiannopoulos
> wrote:
> > Hi,
> > Has anyone noticed any commits disappearing from packages
> > around/after
> > August 16?
> >
>
Hi,
Has anyone noticed any commits disappearing from packages around/after
August 16?
Seeing that build for f27:
https://koji.fedoraproject.org/koji/buildinfo?buildID=956210
it contains the message:
* Wed Aug 16 2017 Nikos Mavrogiannopoulos - 20170816-
1.git2618a6c
- Updated to latest
Hi,
I have orphaned this package.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On Fri, 2017-09-08 at 10:39 -0400, Randy Barlow wrote:
> On 09/08/2017 02:40 AM, Nikos Mavrogiannopoulos wrote:
> > > The currently implementation of the Bodhi CLI subclasses
> > > fedora.client.OpenIdBaseClient, which does not support kerberos:
> > >
> > >
On Thu, 2017-09-07 at 15:25 -0400, Randy Barlow wrote:
> On 09/07/2017 09:14 AM, Nikos Mavrogiannopoulos wrote:
> > It works with the browser indeed. Would it work with command line
> > tools
> > like bodhi as well?
>
> The currently implementation
On Wed, 2017-09-06 at 09:51 -0700, Kevin Fenzi wrote:
> On 09/06/2017 05:25 AM, Nikos Mavrogiannopoulos wrote:
> > Hi,
> > What's the story between the recently introduced support of
> > kerberos
> > in koji? My understanding was that eventually all services o
Hi,
What's the story between the recently introduced support of kerberos
in koji? My understanding was that eventually all services of fedora
would switch to kerberos authentication, though information on the
following bugs for bodhi seems to contradict that:
https://bugzilla.redhat.com/show_bug.
--
Nikos Mavrogiannopoulos, PhD,
Crypto Tech. Lead,
Security Technologies,
Red Hat, Inc.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On Fri, 2017-08-25 at 08:56 -0500, Michael Catanzaro wrote:
> On Fri, Aug 25, 2017 at 1:24 AM, Jan Kurik wrote:
> > The proposed change is about deprecating libidn, which supports
> > IDNA2003, and switch all applications using libidn, to libidn2
> > 2.0.0,
> > which supports IDNA2008.
>
> Any pl
On Fri, 2017-08-25 at 14:38 +0200, Kevin Kofler wrote:
> Jan Kurik wrote:
> > * Other developers:
> > Maintainers, should
> > - Verify that their software is linked with the libidn library
> > - Update the software from upstream if it already has been
> > converted to
> > libidn2
> > - Check the li
On Fri, 2017-08-25 at 08:38 +0200, Tomasz Torcz wrote:
> On Fri, Aug 25, 2017 at 08:24:30AM +0200, Jan Kurik wrote:
> > = Proposed System Wide Change: Switch libidn-using applications to
> > IDNA2008 =
> > https://fedoraproject.org/wiki/Changes/IDNA2008
> >
>
On Fri, 2017-05-12 at 16:05 +, Zbigniew Jędrzejewski-Szmek wrote:
> Hi,
>
> has any consideration been give to the size increase required by the
> change from libidn (678k) to libidn2 + libunistring (228k + 1246k)?
> That's not *too* bad, since currently none of the things which depend
> on id
On Tue, 2017-04-04 at 08:44 +0200, Jan Kurik wrote:
> = Proposed System Wide Change: Switch libidn-using applications to
> IDNA2008 =
> https://fedoraproject.org/wiki/Changes/IDNA2008
>
> Change owner(s):
> * Nikos Mavrogiannopoulos
> * Robert Scheck
>
> T
On Mon, 2017-05-15 at 09:42 -0400, Matthew Miller wrote:
> On Fri, May 12, 2017 at 04:05:50PM +, Zbigniew Jędrzejewski-Szmek
> wrote:
> > has any consideration been give to the size increase required by
> > the
> > change from libidn (678k) to libidn2 + libunistring (228k + 1246k)?
> > That's
On Thu, 2017-03-23 at 09:54 -0700, Adam Williamson wrote:
> On Thu, 2017-03-23 at 09:20 +0100, Nikos Mavrogiannopoulos wrote:
> >
> > > FWIW, I would be *extremely* reluctant to use something that big
> > > that's
> > > a) written in shell script (ugh)
On Fri, 2017-03-24 at 08:27 +0100, Dan Horák wrote:
> On Fri, 24 Mar 2017 07:10:47 + (UTC)
> Petr Pisar wrote:
>
> > On 2017-03-23, Michael Catanzaro wrote:
> > > On Thu, 2017-03-23 at 06:32 -0500, Michael Catanzaro wrote:
> > > > That's not true, there are ABI checks in the sidebar on koji.
On Thu, 2017-03-23 at 09:35 +0100, Miroslav Suchý wrote:
> Dne 23.3.2017 v 09:23 Nikos Mavrogiannopoulos napsal(a):
> > What I was
> > interested is whether there is plan or intention of improving the
> > fedora infrastructure for packagers by making these part of our
&g
On Wed, 2017-03-22 at 11:36 +0100, Miroslav Suchý wrote:
> Dne 22.3.2017 v 11:00 Nikos Mavrogiannopoulos napsal(a):
> > Hi,
> > For several packages it is possible to automate build, test and
> > package updating on multiple fedora releases (+epel) in a single
> > key
On Wed, 2017-03-22 at 08:51 -0700, Adam Williamson wrote:
> On Wed, 2017-03-22 at 11:00 +0100, Nikos Mavrogiannopoulos wrote:
> > Hi,
> > For several packages it is possible to automate build, test and
> > package updating on multiple fedora releases (+epel) in a single
&
Hi,
For several packages it is possible to automate build, test and
package updating on multiple fedora releases (+epel) in a single
keypress using the cockpituous (sic) tools [0]. These tools hide quirks
and requirements of the fedora tooling, and allow a very efficient
orchestration of package r
Hello,
I'm orphaning the sniproxy package because I no longer use it and
haproxy seems to be quite superior in features/performance. If you are
interested please consider adopting it.
https://admin.fedoraproject.org/pkgdb/package/rpms/sniproxy/
regards,
Nikos
Any fedpkg scratch-builds or builds fail. root.log contains:
DEBUG util.py:435: Last metadata expiration check: 0:00:16 ago on Tue
Jan 17 08:06:22 2017.
DEBUG util.py:435: Error: nothing provides publicsuffix-list-dafsa
needed by libpsl-0.17.0-1.fc25.x86_64.
DEBUG util.py:435: nothing provides
On Thu, 2017-01-05 at 16:02 +0100, Tomasz Torcz wrote:
> On Thu, Jan 05, 2017 at 03:55:41PM +0100, Jan Kurik wrote:
> > = System Wide Change: Switch OpenLDAP from NSS to OpenSSL =
> > https://fedoraproject.org/wiki/Changes/OpenLDAPwithOpenSSL
> >
> > Change owner(s):
> > * Matus Honek
> >
> > Cu
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> Greetings.
>
> As previously announced, releng has made a number of changes as part
> of
> it's 2016 "flag day".
>
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be in
On Mon, 2016-12-19 at 11:07 +0100, Tomasz Torcz wrote:
> On Mon, Dec 19, 2016 at 09:35:09AM +0100, Nikos Mavrogiannopoulos
> wrote:
> > On Sat, 2016-12-17 at 16:19 +0100, Tomasz Torcz wrote:
> > > Hi,
> > >
> > > Since few release we have nifty,
On Mon, 2016-12-19 at 09:35 +0100, Nikos Mavrogiannopoulos wrote:
$ update-crypto-policies --set FUTURE
Setting system policy to FUTURE
$ wget https://github.com
Resolving github.com (github.com)... 192.30.253.112,
192.30.253.113
github.com
On Sat, 2016-12-17 at 16:19 +0100, Tomasz Torcz wrote:
> Hi,
>
> Since few release we have nifty, consolidated way to select system-
> wide crypto
> policy. It's great, but granularity of selection is little lacking.
> We have
> basically two sensible choices:
> - DEFAULT, which is, well, defau
On Wed, 2016-12-14 at 12:12 +0100, Igor Gnatenko wrote:
> On Wed, Dec 14, 2016 at 12:00 PM, Nikos Mavrogiannopoulos
> wrote:
> > Any idea on why this happens when attempting to build in rawhide?
> > Is
> > the buildroot broken?
>
> You need to update fedpkg/pyr
Any idea on why this happens when attempting to build in rawhide? Is
the buildroot broken?
$ fedpkg build
error: line 6: Illegal char '-' (0x2d) in: Release: 3.fc26-pending
error: query of specfile /home/.../fedora/gnutls/gnutls.spec failed,
can't parse
The line in question has:
Release: 3%{?dist
On Fri, 2016-12-09 at 11:17 -0500, Matthew Miller wrote:
> On Fri, Dec 09, 2016 at 11:07:32AM -0500, Colin Walters wrote:
> > > Anyways, in the big picture, while I don't speak for everyone on
> > > the Project Atomic side, I personally point users at CentOS
> > > first,
> > > unless I have some re
On Tue, 2016-12-06 at 13:44 +0100, Jakub Jelen wrote:
> > > > They don't, in fact, have different URIs. If I add a .module
> > > > file for
> > > > ykcs11.so, I get the attached output for p11tool --list-tokens.
> > >
> > > You forgot to attach it :)
> >
> > Let's try again. :)
>
> I suspect th
On Mon, 2016-12-05 at 10:23 -0500, Nathaniel McCallum wrote:
> > Indeed, in the case where one has both ykcs11 and opensc, he would
> > have
> > to supply --detailed-urls to p11tool to be able to distinguish
> > between
> > objects. That is, because they will have identical URLs except for
> > the
On Mon, 2016-12-05 at 08:41 +0100, Jakub Jelen wrote:
> On 12/03/2016 01:50 PM, Nathaniel McCallum wrote:
> > So apparently yubico-piv-tool ships $libdir/libykpkcs11.so*, but
> > this
> > doesn't get picked up by p11-kit by default. I suspect it has gone
> > unnoticed largely because for most cruci
On Mon, 2016-11-21 at 12:07 -0600, Michael Catanzaro wrote:
> On Mon, 2016-11-21 at 18:13 +0100, Jan Kurik wrote:
> >
> > As it is now, the System-wide crypto policy in F25 is enforced by
> > the
> > OpenSSL, GnuTLS and NSS TLS libraries. To harmonize crypto across
> > all
> > applications in Fedo
Hi,
In F26 with the openssl 1.1.0 rebase libp11/engine_pkcs11 will be
compiled only for openssl 1.1.0. That means that there will be no
engine_pkcs11 for the packages linking to openssl 1.0.x. For that I've
created the compat-openssl10-libp11 package which is intended to
provide just that (engine_
On Tue, 2016-10-11 at 16:46 +, Petr Pisar wrote:
> On 2016-10-11, Remi Collet wrote:
> >
> > It doesn't seem possible to use a compat library (else we will very
> > probably going to encounter issues is both library versions are
> > used in
> > the same process, because of the numerous librar
On Mon, 2016-10-03 at 06:10 +0200, Björn Esser wrote:
> Chain-build is running:
> https://koji.fedoraproject.org/koji/taskinfo?taskID=15917326
However it doesn't seem to work:
Error: nothing provides libjsoncpp.so.1()(64bit) needed by cmake-3.6.2-
4.fc26.x86_64
Also fc25 buildroot is broken for
On Wed, 2016-09-28 at 11:43 -0400, Matthew Miller wrote:
> On Wed, Sep 28, 2016 at 03:13:34PM +0100, Tomasz Kłoczko wrote:
> >
> > Is it any official Fedora policy/call to move away from openssl?
>
> As far as I know, no. There was this attempt:
> https://fedoraproject.org/wiki/FedoraCryptoConsol
Hello,
A user posted some issue on gnutls [0], and it turned out that after a
fresh install of f24 that user had two versions of the library
installed. I have no idea why this can be or whether that should be
expected from the installer/updater. Any insights?
regards,
Nikos
[0]. https://bugzilla
On Fri, 2016-09-16 at 16:13 +0200, Dan Horák wrote:
> On Fri, 16 Sep 2016 15:06:13 +0100
> David Woodhouse wrote:
>
> >
> > On Fri, 2016-09-16 at 15:39 +0200, Jan Kurik wrote:
> > >
> > > We will also
> > > add compat openssl102 package so the applications and other
> > > dependencies which are
Hi,
I've realized that the Fedora defensive guide [0] is the only guide we
have to introduce the C TLS and crypto libraries we have, as well as
provide a defensive style in using them. However, it is quite out-
dated, and misses information which may be standard requirement in the
future (e.g., su
Hi,
The upstream projects libp11 and engine_pkcs11 have been merged under
the libp11 umbrella. As such, I plan to retire engine_pkcs11, and merge
it with libp11. The only drawback that I see from that move, is that
one would not find the engine_pkcs11 package at the packagedb search
https://admin.
On Fri, 2016-07-22 at 19:11 +0200, Michael Stahl wrote:
> On 22.07.2016 16:53, Simo Sorce wrote:
> >
> > On Fri, 2016-07-22 at 16:48 +0200, Tomas Mraz wrote:
> > >
> > >
> > > 2. Add compat 1.0.2 package which would be used by 3rd party
> > > applications and also temporarily by applications tha
Hi,
Is there some notion or definition of a Fedora minimal or base image?
I couldn't find some documentation on that. I would like to modify some
script which a package on the critical path depends on, from bash to
perl and I would like to understand whether that could affect any
fedora images.
r
On Mon, 2016-07-04 at 05:40 +, Ralf Senderek wrote:
> Dear developers,
>
> for all who wish to add reliable encryption and authentication
> services to their projects with ease, I'd like to draw your
> attention to cryptlib, which is available in F23, F24, rawhide
> and EPEL 7 stable reposito
On Wed, 2016-06-15 at 12:41 -0400, Russell Doty wrote:
> > Running tracer for a while can really open your eyes to how many
> > things
> > need restarting after normal updates flow.
> >
> > One thing that might make this less annoying to people would be
> > ability
> > to schedule the reboot fo
On Wed, 2016-06-15 at 10:14 +0200, Ade wrote:
> Hi all
>
> I dont really want this to be a negative post, just want to share
> something in order to start a healthy discussion
>
> Background
> Im a Fedora desktop user, have been for many years, going all the way
> back to Fedora Core 1 - I use Fe
ontained Change: NSS enforces the system-wide
> > crypto policy =
> > https://fedoraproject.org/wiki/Changes/NSSCryptoPolicies
> >
> > Change owner(s):
> > * Nikos Mavrogiannopoulos
> >
> > As it is now, the System-wide crypto policy in F24 is only enf
On Fri, 2016-05-20 at 10:01 -0500, Michael Catanzaro wrote:
> On Fri, 2016-05-20 at 11:48 +0200, Jan Kurik wrote:
> >
> > As it is now, the System-wide crypto policy in F24 is only enforced
> > by
> > the OpenSSL and GnuTLS TLS libraries.
> Keep in mind that the system policy is still overridden b
I attempted a build at rawhide [0] but it fails with:
Error: package gettext-devel-0.19.7-4.fc24.x86_64 requires git, but
none of the providers can be installed
(try to add '--allowerasing' to command line to replace conflicting
packages)
Is that an issue at gettext-devel or rawhide building is no
Hi,
I'm orphaning freeradius-client in rawhide and epel. This is a radius
client library. I orphan it because it is not fun working with upstream
and I switched to radcli for my projects.
regards,
Nikos
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists
On Fri, 2016-04-01 at 14:32 -0600, Jerry James wrote:
> I am one of the maintainers of the ntl package, which is used by some
> numeric applications (e.g., Macaulay2 and sagemath). Upstream
> supports use of the PCLMUL instruction, the AVX instructions, and the
> FMA instructions to speed up vario
On Mon, 2016-01-18 at 12:51 +0100, Florian Weimer wrote:
> On 01/18/2016 11:02 AM, Nikos Mavrogiannopoulos wrote:
>
> > As Florian suggested it makes more sense to compartmentalize chrony
> > so
> > that only a small controlled part of it needs to run with seccomp.
>
On Wed, 2016-01-20 at 14:09 +0100, Florian Weimer wrote:
> On 01/20/2016 01:12 PM, Nikos Mavrogiannopoulos wrote:
>
> > If you have complex structures to be transfered you may want to
> > rely on
> > something automated to serialize/deserialize requests. That will
&g
On Mon, 2016-01-18 at 14:15 +0100, Miroslav Lichvar wrote:
> On Mon, Jan 18, 2016 at 11:02:44AM +0100, Nikos Mavrogiannopoulos
> wrote:
> > As Florian suggested it makes more sense to compartmentalize chrony
> > so
> > that only a small controlled part of it needs to
On Mon, 2016-01-18 at 09:51 -0600, Michael Catanzaro wrote:
> > I appreciate what you are trying to do, but those seccomp filters
> > totally break encapsulation. I have no idea how to support this
> > properly, in a sustainable way. It appears very difficult to do
> > this
> > for independently
On Mon, 2016-01-18 at 12:51 +0100, Florian Weimer wrote:
> On 01/18/2016 11:02 AM, Nikos Mavrogiannopoulos wrote:
>
> > As Florian suggested it makes more sense to compartmentalize chrony
> > so
> > that only a small controlled part of it needs to run with seccomp.
>
On Mon, 2015-10-05 at 13:58 +0200, Miroslav Lichvar wrote:
> In chrony 2.2-pre1 was added support for system call filtering with
> the kernel seccomp facility. In chrony it's mainly useful to reduce
> the damage from attackers who can execute arbitrary code, e.g.
> prevent
> gaining the root privil
Hi,
Are there users of website meta-language using fedora? I use it for
some projects and thought it would be a useful addition. If you are a
user of it please do the review for it at:
https://bugzilla.redhat.com/show_bug.cgi?id=1295710
regards,
Nikos
--
devel mailing list
devel@lists.fedoraproje
replacing it (the latter is drop in replacement).
On Thu, 2015-10-08 at 10:46 +0200, Nikos Mavrogiannopoulos wrote:
> Hello,
> I'll orphan radiusclient-ng with the purpose of dropping it from the
> next releases of Fedora. This is an old unmaintained library replaced
> by any
Hi,
I'm quite lost with the fedora notifications [0] for email. Do you
know which is the option to send me an email once a package is ready to
be pushed to stable? (i.e., when the waiting period has passed or the
feedback reached the threshold).
regards,
Nikos
[0]. https://apps.fedoraproject.org
Hello,
I'll orphan radiusclient-ng with the purpose of dropping it from the
next releases of Fedora. This is an old unmaintained library replaced
by any of the following packages (the latter has an API compatible
subpackage).
* https://admin.fedoraproject.org/pkgdb/package/freeradius-client/
* htt
On Thu, 2015-08-20 at 10:50 +0200, Miroslav Suchý wrote:
> > That said, I considering your ongoing campaign to be harmful to
> > Fedora.
>
> I'm really sad to hear this.
>
> I was just watching the ongoing reports of want-to-be-contributors
> how hard is to get sponsored; reports how Fedora
>
On Mon, 2015-07-20 at 12:49 +0200, Jan Kaluža wrote:
> Hi,
>
> I'm orphaning tremulous and tremulous-data packages. The upstream is
> dead and it fails to compile against new speex in rawhide. I think
> the package is more or less ready for retirement, but maybe someone
> else would like to fix
On Fri, 2015-06-19 at 12:13 +, build...@fedoraproject.org wrote:
>
> ocaml-config-file has broken dependencies in the rawhide tree:
> On x86_64:
> ocaml-config-file-1.2-4.fc23.x86_64 requires ocaml(runtime)
> = 0:4.02.1
> ocaml-config-file-1.2-4.fc23.x86_64 requires ocaml(Obj) =
1 - 100 of 175 matches
Mail list logo