On Thu, 7 Jan 2010, James Antill wrote:
On Thu, 2010-01-07 at 21:19 +0200, Jonathan Dieter wrote:
On Thu, 2010-01-07 at 20:44 +0200, Pekka Pietikainen wrote:
Presto is one of the best things ever, but occasionally it ends up not
finding the delta files from any of the mirrors in the mirror
On Thu, 7 Jan 2010, Tony Nelson wrote:
On 10-01-06 17:54:10, Robert Relyea wrote:
On 01/06/2010 01:43 PM, Orion Poplawski wrote:
[or...@orca fedora/devel]$ ls */dead.package | wc -l
666
We're ok. The original number may have been 616:
http://www.csad.ox.ac.uk/POxy/beast616.htm
No,
On Wed, 6 Jan 2010, Frederic Hornain wrote:
Dear *,
As I use http://fhornain.fedorapeople.org/ as repository for the packages I
create, I would need a little bit more space.
So is it possible to increase my quota ?
your quota has been increased.
-sv
On Sat, 2 Jan 2010, Jan Kratochvil wrote:
On Sat, 02 Jan 2010 13:34:47 +0100, drago01 wrote:
On Sat, Jan 2, 2010 at 1:25 PM, Jan Kratochvil
jan.kratoch...@redhat.com wrote:
On Sat, 02 Jan 2010 11:53:28 +0100, Jiri Moskovcak wrote:
the only problem I know about is when some of the enabled
On Tue, 22 Dec 2009, Jarod Wilson wrote:
On 12/22/09 2:45 AM, Kevin Kofler wrote:
Jesse Keating wrote:
Nobody should be able to create any branches that do not start with
private-.
I really don't see the point of this, why can't we just allow any branch
name that isn't a reserved name
On Wed, 16 Dec 2009, Matthew Garrett wrote:
On Wed, Dec 16, 2009 at 12:30:11AM +, Paul Jakma wrote:
On Tue, 15 Dec 2009, Matthew Garrett wrote:
And the remaining 0.1% of the work is probably the other 99.9% of the
time. I think you massively underestimate the number of corner cases
On Wed, 16 Dec 2009, Nathanael D. Noblet wrote:
So again today, I see some updates two of which require a full system reboot.
nfs-utils and ibus-rawcode. My system seriously needs to be shut down for
those to be properly updated? This is what I don't get. nfs-utils never got a
system
On Wed, 16 Dec 2009, Peter Jones wrote:
On 12/16/2009 11:43 AM, Seth Vidal wrote:
you're an experienced user? You're comfortable knowing what does and
what does not require a reboot? Then why are you using PK?
Disable pk and do the updates directly via yum.
Bam - no more requests to reboot
On Wed, 16 Dec 2009, Chris Adams wrote:
Once upon a time, Seth Vidal skvi...@fedoraproject.org said:
we're talking about the experienced user who is comfortable knowing what
does and does not need a reboot.
It seems though that there is a problem with how the needs a reboot
option is set
On Wed, 16 Dec 2009, Nathanael D. Noblet wrote:
Maybe this is a feature that needs to be addressed in the rpm layer or
something so that upgrades can have multiple effects with regards to needing
a reboot. I'm not sure how PK gets the request to reboot from a package, but
I'm wondering
On Wed, 16 Dec 2009, nodata wrote:
we're talking about the experienced user who is comfortable knowing what
does and does not need a reboot.
All I'm saying is - we've not taken away any option, the experienced
user can do what they want.
-sv
True, but the default should be sensible.
On Wed, 16 Dec 2009, Nathanael D. Noblet wrote:
seems like a package basically has complex upgrade issues, so we
reboot. Are there other tags packages can have other than reboot?
Should there be? etc etc..
No.
The reason for this is that PKs target audience is not someone like me, and
as
On Wed, 16 Dec 2009, nodata wrote:
Am 2009-12-16 18:21, schrieb Seth Vidal:
On Wed, 16 Dec 2009, nodata wrote:
we're talking about the experienced user who is comfortable knowing what
does and does not need a reboot.
All I'm saying is - we've not taken away any option, the experienced
On Wed, 16 Dec 2009, Nathanael D. Noblet wrote:
Hands are needed to help advance this. Care to lend one?
Yes. I'm attempting to become more involved. I've submitted my first package,
and am going through the review process. That doesn't help in this particular
case, but I am not
On Tue, 15 Dec 2009, Nathanael D. Noblet wrote:
Hello,
I feel like there are an increasing number of packages requiring a system
reboot. I'm wondering why. The following updates were installed today, and
required a full system reboot. I can't seem to find any package in the list
that I
On Tue, 15 Dec 2009, Nathanael D. Noblet wrote:
On 12/15/2009 09:54 AM, Seth Vidal wrote:
Does gdm entirely restart when you logout? I don't believe so. I suspect
you get the same result by killing X then going back to that runlevel
but for many many many users a reboot is going to be less
On Tue, 15 Dec 2009, Richard Hughes wrote:
2009/12/15 Seth Vidal skvi...@fedoraproject.org:
Now, having said that - how would you feel if the updater stopped you before
it ran and said you're running an app I'm trying to update, please close
the app so I can update it. Would that be a pain
On Tue, 15 Dec 2009, Stephen John Smoogen wrote:
One of the big problems with the move from PHX1 to PHX2 has been the
renaming of hosts. This was a big mistake on my part and made life
very difficult for the Fedora people who worked over the weekend to
get it working and running into constant
On Mon, 14 Dec 2009, Toshio Kuratomi wrote:
On Mon, Dec 14, 2009 at 09:27:18AM -0600, Mike McGrath wrote:
So I woke up today and we're still having dns issues on at least one of my
hosts.
Could everyone that has access please do a dig fedoraproject.org on all
their hosts and tell me if any
On Mon, 14 Dec 2009, Mike McGrath wrote:
On Mon, 14 Dec 2009, Paul W. Frields wrote:
On Mon, Dec 14, 2009 at 09:51:09AM -0500, Paul W. Frields wrote:
On Tue, Dec 15, 2009 at 12:14:46AM +1000, Nigel Jones wrote:
We had some the original DB downtime ~1-2 hours, then downtime due to
fas not
On Fri, 11 Dec 2009, Lubomir Rintel wrote:
A big -1 for this. Your A lot is in fact a tiny fraction and for
some of us an e-mail address is important mean for identifying an user
(Oh, this is John Doe of Canonical, ...).
I use mine exclusively and I think referring to the generic address
On Fri, 11 Dec 2009, Mathieu Bridon (bochecha) wrote:
On Fri, Dec 11, 2009 at 14:12, Seth Vidal skvi...@fedoraproject.org wrote:
On Fri, 11 Dec 2009, Lubomir Rintel wrote:
A big -1 for this. Your A lot is in fact a tiny fraction and for
some of us an e-mail address is important mean
good compose (from 20091203) was before this went in:
* Thu Dec 3 2009 Seth Vidal skvidal at fedoraproject.org - 3.2.25-2
- rebuild yum with latest HEAD patch
- add rpmdb caching patch james wrote to see if it breaks everyone :)
...and the rpmdb caching patch does touch the area where it's
crashing
On Thu, 10 Dec 2009, Panu Matilainen wrote:
Yup, but this isn't createrepo crashing (the earlier one was):
2009-12-09 20:11:04 mash: createrepo: finished
/mnt/koji/mash/rawhide-20091209/development/x86_64/os/
2009-12-09 20:11:05 mash: Resolving multilib for arch x86_64 using method
devel
On Thu, 10 Dec 2009, Rajeesh K Nambiar wrote:
On 12/10/09, James Antill ja...@fedoraproject.org wrote:
On Thu, 2009-12-10 at 18:00 +0530, Rajeesh K Nambiar wrote:
I changed the installonly_limit to 1 from the default value 3 in
/etc/yum.conf, and yum blows up.
# yum search boinc
Loaded
On Thu, 10 Dec 2009, Jesse Keating wrote:
I'm currently playing with a utility called parsecvs to convert our cvs
stuff into git. This utility can also translate the raw usernames that
CVS has into more useful names+email addresses that you'd typically get
out of git. But to make this
On Thu, 10 Dec 2009, Darren VanBuren wrote:
No, I mean it didn't get executed.
It's not supposed to get executed. By cutting and pasting that command you
get the output for YOUR local timezone.
-sv
___
Fedora-infrastructure-list mailing list
On Wed, 9 Dec 2009, Ralf Corsepius wrote:
On 12/09/2009 04:14 PM, James Antill wrote:
On Wed, 2009-12-09 at 15:26 +0100, Ralf Corsepius wrote:
So, yeh, if _you_ want to support slower machines
Well, I do not want to, I can't avoid to ...
... _you_ will have
to do the work, you might
On Wed, 9 Dec 2009, Richard W.M. Jones wrote:
I don't want to make unfair comparisons to the famous bug in Windows
Vista[1], but it seems as if when a yum download stalls, then the
estimates can start to look a little large:
rawhide/primar 20% [- ] 0.0 B/s | 2.5 MB
On Wed, 9 Dec 2009, Ville Skyttä wrote:
On Wednesday 09 December 2009, Ralf Corsepius wrote:
On 12/08/2009 09:26 PM, Ville Skyttä wrote:
These probably aren't things to be generally overly concerned
about though,
... try a yum update over GSM or over a modem and you'll very soon
On Wed, 9 Dec 2009, Chris Adams wrote:
Once upon a time, Ville Skyttä ville.sky...@iki.fi said:
Yeah, I've done that in some setups but I was talking about purifying the
_repos_ above; that setting doesn't affect them, e.g. it doesn't make the
metadata to be downloaded any smaller. (As
On Wed, 9 Dec 2009, Gregory Maxwell wrote:
On Wed, Dec 9, 2009 at 4:51 PM, Seth Vidal skvi...@fedoraproject.org wrote:
and then you have to do that as well for updates. :(
Not if you don't have a separate updates repo, no?
still need an updates-testing.
-sv
--
fedora-devel-list
On Thu, 3 Dec 2009, Adam Williamson wrote:
On Thu, 2009-12-03 at 00:32 -0500, Seth Vidal wrote:
We wouldn't be talking about removing the original GA set - just adding
updated pkgs into the path. So you'd still have the number of pkgs -just
all in one repo, that you have to download all
On Thu, 3 Dec 2009, Bill Nottingham wrote:
Following is the list of topics that will be discussed in the FESCo
meeting tomorrow at 17:00UTC (noon EST) in #fedora-meeting on
irc.freenode.net.
This meeting may be cancelled if we cannot reach quorum. FESCo members
who cannot make it are
On Wed, 2 Dec 2009, Paul W. Frields wrote:
On Wed, Dec 02, 2009 at 11:09:41AM -0500, Bill Nottingham wrote:
we ship. Any new solution would have to preserve this.
Might there also be export compliance implications too?
A larger isssue is constantly having the repodata for the everything
On Wed, 2 Dec 2009, Nathanael D. Noblet wrote:
Over the last few days I have been unable to install updates via the package
kit applet that pops up. I get the following output after clicking 'install
updates'.
Error Type: class 'yum.Errors.RepoError'
Error Value: Error getting repository
On Wed, 2 Dec 2009, Nicolas Mailhot wrote:
Since people are posting wishes, here is mine:
1. stop shuffling packages from directory to directory as they get
promoted/demoted from release to release
we sort of do this now with hardlinks - the problem is when we have to
resign the pkgs.
On Wed, 2 Dec 2009, Peter Jones wrote:
(on my on tangent...)
On 12/02/2009 12:48 PM, Jesse Keating wrote:
I hypothesize that we could place all rpms for a given release
in a single directory (seth will hate this as he wants to split them up
based on first letter of their name for better
On Wed, 2 Dec 2009, Peter Jones wrote:
On 12/02/2009 03:53 PM, Seth Vidal wrote:
On Wed, 2 Dec 2009, Nicolas Mailhot wrote:
3. replace static mirrors with proxy-ing of kojipkgs.fedoraproject.org
(make sure it works with web infrastructure instead of fighting it)
I don't think that would
On Wed, 2 Dec 2009, Peter Jones wrote:
On 12/02/2009 05:58 PM, Seth Vidal wrote:
On Wed, 2 Dec 2009, Peter Jones wrote:
On 12/02/2009 03:53 PM, Seth Vidal wrote:
On Wed, 2 Dec 2009, Nicolas Mailhot wrote:
3. replace static mirrors with proxy-ing of kojipkgs.fedoraproject.org
(make sure
On Wed, 2 Dec 2009, Bruno Wolff III wrote:
On Wed, Dec 02, 2009 at 17:58:24 -0500,
Seth Vidal skvi...@fedoraproject.org wrote:
I tested it on our backend to be sure. getting the complete pkglist
goes from taking 5 minutes to take 30s.
yes, I said 5 minutes.
Have you tried any
On Thu, 3 Dec 2009, Kevin Kofler wrote:
Seth Vidal wrote:
If you're looking for perfect division, sure - but the reality is this:
19K items in a single dir and ext3 and nfs and many many other things crap
themselves returning that list.
If you make 36 subdirs (26+10) performance gets
On Thu, 3 Dec 2009, Ralf Corsepius wrote:
On 12/02/2009 07:09 PM, Seth Vidal wrote:
the merger of repos is already happening at the yum layer.
On the client's side - With a combined Everything+updates, this would happen
on the server side.
It's one of the aspects which made me said
On Tue, 24 Nov 2009, James Antill wrote:
On Mon, 2009-11-23 at 22:32 +, Colin Walters wrote:
On Mon, Nov 23, 2009 at 10:02 PM, James Morris jmor...@namei.org wrote:
Possibly (it could simply be that an updated policy is weaker for some
reason) -- but it doesn't matter, there should be
On Tue, 24 Nov 2009, Matthew Miller wrote:
One of the important features of sudo is its ability to log elevated-access
actions to syslog.
Userhelper similarly logs actions, like so: userhelper[26491]: running
'/usr/share/system-config-users/system-config-users ' with root privileges
on
On Tue, 24 Nov 2009, Matthias Clasen wrote:
On Tue, 2009-11-24 at 11:26 -0500, Matthew Miller wrote:
One of the important features of sudo is its ability to log elevated-access
actions to syslog.
Userhelper similarly logs actions, like so: userhelper[26491]: running
On Tue, 24 Nov 2009, Matthias Clasen wrote:
On Tue, 2009-11-24 at 11:48 -0500, Seth Vidal wrote:
when the policies are updated it is policy kit that has to be involved.
polkitd is running, at least.
That might be ok to log, indeed. polkitd need not be running, though. It
is activated
On Tue, 24 Nov 2009, Bill Nottingham wrote:
I don't want to ship a desktop that doesn't let the user do useful
things.
And you can ship a desktop SPIN that way. But the base pkgs should
not install with an insecure set of choices.
if you want the spin to have a post-scriptlet which allows
On Tue, 24 Nov 2009, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 01:27:40PM -0500, Matthias Clasen wrote:
Like I said, this is a tangent, and I'm certainly not expecting anyone to
work on this. But it'd be cool if they did.
Just as everybody else is struggling to get away from pam's awful
On Tue, 24 Nov 2009, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 06:17:08PM -0600, Dennis Gilmore wrote:
the goal for F-13 is to have unified media, for F-14 and beyond we could look
at other options like having a 64 bit kernel and 32 bit userland. i should
have stated that a bit more
On Tue, 24 Nov 2009, Francis Earl wrote:
Would it be possible to do this similarly to Conary... only installing
the files (.so's and things in /etc and /usr/share/{icons,sounds,...}
etc) required by a given application (binary with .desktop file) ?
This would provide similar to package
On Tue, 24 Nov 2009, Jeff Garzik wrote:
On 11/24/2009 09:58 PM, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 09:19:22PM -0500, Jeff Garzik wrote:
So would this mean one disk with two repositories on it, or is
everything
mashed together all in one repository?
The current x86-64 has both
On Wed, 25 Nov 2009, Jeff Garzik wrote:
On 11/25/2009 01:32 AM, Jesse Keating wrote:
On Nov 24, 2009, at 19:30, Jeff Garzik jgar...@pobox.com wrote:
On 11/24/2009 09:58 PM, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 09:19:22PM -0500, Jeff Garzik wrote:
So would this mean one disk with
On Tue, 24 Nov 2009, Matthias Clasen wrote:
On Tue, 2009-11-24 at 11:48 -0500, Seth Vidal wrote:
when the policies are updated it is policy kit that has to be involved.
polkitd is running, at least.
That might be ok to log, indeed. polkitd need not be running, though. It
is activated
On Tue, 24 Nov 2009, Bill Nottingham wrote:
I don't want to ship a desktop that doesn't let the user do useful
things.
And you can ship a desktop SPIN that way. But the base pkgs should
not install with an insecure set of choices.
if you want the spin to have a post-scriptlet which allows
On Tue, 24 Nov 2009, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 01:27:40PM -0500, Matthias Clasen wrote:
Like I said, this is a tangent, and I'm certainly not expecting anyone to
work on this. But it'd be cool if they did.
Just as everybody else is struggling to get away from pam's awful
On Mon, 23 Nov 2009, Michael Schwendt wrote:
On Mon, 23 Nov 2009 15:04:49 +0100, Christoph wrote:
Am Montag, den 23.11.2009, 14:56 +0100 schrieb Michael Schwendt:
On Mon, 23 Nov 2009 14:39:28 +0100, Christoph wrote:
When two builds of the same version are done on the same day, the
On Mon, 23 Nov 2009, Matthias Clasen wrote:
On Mon, 2009-11-23 at 14:08 -0800, Adam Williamson wrote:
It's not QA's role to define exactly what the security policy should
look like or what it should cover, but from the point of view of
testing, what we really need are concrete requirements.
On Mon, 23 Nov 2009, Colin Walters wrote:
On Mon, Nov 23, 2009 at 10:02 PM, James Morris jmor...@namei.org wrote:
Possibly (it could simply be that an updated policy is weaker for some
reason) -- but it doesn't matter, there should be no way to change MAC
policy without MAC privilege.
On Mon, 23 Nov 2009, Matthias Clasen wrote:
On Mon, 2009-11-23 at 18:31 -0500, Seth Vidal wrote:
Otherwise we open ourselves up to a less-secure-by-default posture in an
average install.
We've been in that position in the past and it is not a favorable place to
be.
We should just avoid
On Mon, 23 Nov 2009, Matthias Clasen wrote:
I don't want to ship a desktop that doesn't let the user do useful
things.
And you can ship a desktop SPIN that way. But the base pkgs should not
install with an insecure set of choices.
if you want the spin to have a post-scriptlet which
On Mon, 23 Nov 2009, Matthias Clasen wrote:
On Mon, 2009-11-23 at 14:08 -0800, Adam Williamson wrote:
It's not QA's role to define exactly what the security policy should
look like or what it should cover, but from the point of view of
testing, what we really need are concrete requirements.
On Mon, 23 Nov 2009, Matthias Clasen wrote:
On Mon, 2009-11-23 at 18:31 -0500, Seth Vidal wrote:
Otherwise we open ourselves up to a less-secure-by-default posture in an
average install.
We've been in that position in the past and it is not a favorable place to
be.
We should just avoid
On Mon, 23 Nov 2009, Matthias Clasen wrote:
I don't want to ship a desktop that doesn't let the user do useful
things.
And you can ship a desktop SPIN that way. But the base pkgs should not
install with an insecure set of choices.
if you want the spin to have a post-scriptlet which
On Fri, 20 Nov 2009, Owen Taylor wrote:
On Fri, 2009-11-20 at 11:50 -0430, Robert Marcano wrote:
On 11/20/2009 10:04 AM, Matthew Garrett wrote:
I know basically nobody who, on a generally single user system,
explicitly switches to a console to log in as root and perform package
installs
On Fri, 20 Nov 2009, Frank Ch. Eigler wrote:
otaylor wrote:
This actually is one of the big advantages of PackageKit - because the
installation is being done by a daemon rather than a process running in
your session, if the X session dies during package installation, you
won't be left with
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to elaborate:
A local user is allowed to install
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible
On Wed, 18 Nov 2009, Dennis J. wrote:
You have PackageKit installed on servers? really?
Why shouldn't he? AFAIK there is nothing in the package warning users not to
install this on a server.
like I said in another email - I think of installing things on servers as
'barest minimal' and
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll remove it.
Maybe you and I have a different concept of 'Servers'. But I tend to
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll remove it.
Maybe
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Jon Ciesla l...@jcomserv.net:
A local user is allowed to install software on the machine without being
prompted for the root password.
This is a recipe for disaster in my opinion.
So much for granting shell access on my servers.
On Wed, 18 Nov 2009, Bruno Wolff III wrote:
On Wed, Nov 18, 2009 at 23:18:28 +0530,
Rahul Sundaram sunda...@fedoraproject.org wrote:
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 19:18, schrieb Colin Walters:
This is a major change. I vote for secure by default.
If the admin wishes this surprise-root feature to be enabled he can enable
it.
I'm not sure how this is 'surprise root'. IT will only allow installs of
On Wed, 18 Nov 2009, Simo Sorce wrote:
On Wed, 2009-11-18 at 13:10 -0500, Seth Vidal wrote:
Maybe you have a different concept of security, but I don't want any
user on
the server installing software, no matter what.
right - which is why I wouldn't install PK on a server.
yum doesn't
On Wed, 18 Nov 2009, Dennis J. wrote:
In fact I agree with you but this doesn't really address my point.
How do you make sure the packages that are part of your minimal list don't
introduce such a backdoor with the next update?
You check them.
That's the best you can do.
It's just like
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Casey Dahlin cdah...@redhat.com:
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var is low² I
can probably install enough pkgs to make logging stop.
I'm betting there's
On Wed, 18 Nov 2009, Casey Dahlin wrote:
On 11/18/2009 02:10 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Casey Dahlin cdah...@redhat.com:
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var
On Wed, 18 Nov 2009, Richard Hughes wrote:
2009/11/18 Andrew Haley a...@redhat.com:
Is there some way to disable PackageKit but keep setroubleshoot?
Just set all the policykit answers to no. You'll find more than just
setroubleshoot breaks if you do this.
How do you do this? Set the
2009/11/18 nodata l...@nodata.co.uk:
Am 2009-11-18 20:20, schrieb Richard Hughes:
2009/11/18 Casey Dahlincdah...@redhat.com:
By the admin's first opportunity to change the settings the box could
already be rooted.
I'm not sure how you can root a computer from installing signed
content
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 21:27, schrieb Seth Vidal:
2009/11/18 nodata l...@nodata.co.uk:
Am 2009-11-18 20:20, schrieb Richard Hughes:
2009/11/18 Casey Dahlincdah...@redhat.com:
By the admin's first opportunity to change the settings the box could
already
On Wed, 18 Nov 2009, Seth Vidal wrote:
2009/11/18 nodata l...@nodata.co.uk:
Am 2009-11-18 20:20, schrieb Richard Hughes:
2009/11/18 Casey Dahlincdah...@redhat.com:
By the admin's first opportunity to change the settings the box could
already be rooted.
I'm not sure how you can root
On Wed, 18 Nov 2009, Dan Williams wrote:
On Wed, 2009-11-18 at 14:29 -0500, Seth Vidal wrote:
On Wed, 18 Nov 2009, Richard Hughes wrote:
2009/11/18 Andrew Haley a...@redhat.com:
Is there some way to disable PackageKit but keep setroubleshoot?
Just set all the policykit answers
On Wed, 18 Nov 2009, Jesse Keating wrote:
On Wed, 2009-11-18 at 14:39 -0600, Chris Adams wrote:
What would be nice would be a guide of how all this fits together and
when to change what (not just documentation of individual options or
syntax), but I do also understand that developers don't
On Wed, 18 Nov 2009, Jeff Garzik wrote:
On 11/18/2009 01:04 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
You have PackageKit installed on servers? really?
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally
On Wed, 18 Nov 2009, Jeff Garzik wrote:
On 11/18/2009 01:28 PM, Seth Vidal wrote:
I didn't say it did - I said it didn't make sense to have items like PK
on servers.
Listen to yourself.
The above is a blatant admission that it is REALLY EASY for existing users to
upgrade themselves
On Wed, 18 Nov 2009, Jeff Garzik wrote:
On 11/18/2009 01:23 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 19:18, schrieb Colin Walters:
This is a major change. I vote for secure by default.
If the admin wishes this surprise-root feature to be enabled he can
On Wed, 18 Nov 2009, Jeff Garzik wrote:
On 11/18/2009 04:46 PM, Seth Vidal wrote:
Jeff, I think you're misunderstanding, a lot, here. I'm not in favor of
user-can-install-pkgs. I'm just explaining why I don't think pk should
be on servers.
PK will be on F12 servers, because of upgrades
On Wed, 18 Nov 2009, Richard Hughes wrote:
2009/11/18 Jeff Garzik jgar...@pobox.com:
And this enormous security hole of a policy change was done with next to
/zero/ communication, making it likely that many admins will not even know
they are vulnerable until their kids install a bunch of
On Wed, 18 Nov 2009, Richard Hughes wrote:
2009/11/18 Eric Christensen e...@christensenplace.us:
Has anyone drafted a notice to go out on the Announce List explaining
this vulnerability? If admins don't know to fix/remove PK then they are
putting their systems at risk.
I'm really bored of
On Wed, 18 Nov 2009, Matthew Miller wrote:
On Wed, Nov 18, 2009 at 11:45:14AM -0800, Dan Williams wrote:
But that's not right because those files aren't config files. Instead,
you drop local authority files in /var/lib/polkit-1/localauthority/
that override those permissions on a
On Tue, 17 Nov 2009, James Antill wrote:
On Tue, 2009-11-17 at 08:10 -0500, Josef Bacik wrote:
On Tue, Nov 17, 2009 at 2:48 AM, Jeff Garzik jgar...@pobox.com wrote:
As the URL notes under Detailed Description, that is not handled at all.
It wraps all file I/O, yum or not, into the
On Fri, 13 Nov 2009, Mike McGrath wrote:
On Fri, 13 Nov 2009, Stephen John Smoogen wrote:
puppet/modules/scripts/files/maps/maps.sh was not updated to f11. Is
it still being used?
I have attached a proposed patch to cover those changes. Please let me
know if I can commit them.
is this
On Fri, 13 Nov 2009, Mike McGrath wrote:
On Fri, 13 Nov 2009, Seth Vidal wrote:
Wasn't that intentionally disabled?
It was but I think only because it didn't work after some upgrades and no
one was willing to fix it.
I thought it was for political reasons having to do
On Thu, 12 Nov 2009, Neal Becker wrote:
James Laska wrote:
On Thu, 2009-11-12 at 13:00 -0700, Linuxguy123 wrote:
On Thu, 2009-11-12 at 14:56 -0500, James Laska wrote:
Greetings folks,
After careful review by Will Woods around recently discovered problems
related to preupgrading to Fedora
Hey folks,
I put together this list for things I'd like to work on for f13. It's a
list of packages with a file-requires that falls outside of *bin/* and
/etc/* and then the provider(s) for those files.
http://skvidal.fedorapeople.org/misc/non-primary-file-reqs-and-what-requires-them.txt
On Mon, 9 Nov 2009, Julian Sikorski wrote:
W dniu 09.11.2009 17:58, Seth Vidal pisze:
Hey folks,
I put together this list for things I'd like to work on for f13. It's a
list of packages with a file-requires that falls outside of *bin/* and
/etc/* and then the provider(s) for those files
On Sat, 7 Nov 2009, Rahul Sundaram wrote:
Hi,
yum repolist on the latest rawhide shows fedora and updates repo as
having the exact same number of packages which is rather confusing but I
suppose it is because they get redirected by mirror manager to point to
the same repo. Can we just show
On Wed, 4 Nov 2009, Richard W.M. Jones wrote:
Newly installed Ubuntu 9.10, when you log in over ssh you may see:
34 packages can be updated.
10 updates are security updates.
I think this is a nice feature, because many administrators will log
in to servers remotely over ssh and never see
On Wed, 4 Nov 2009, Kevin Kofler wrote:
Richard June wrote:
It's a good idea for one off jobs where the primary user is also the
admin, but not so good for shared systems. Personally I think a better
plan would be to display that information *only* if the user is
flagged as an administrator,
1 - 100 of 535 matches
Mail list logo