updated debian development diagram -- comments?

[Kevin Mark]

Hi Folks,
I have updated my diagram on the debian developement model. Any comments
appreciated! 

Also, the source is *.fig. Can anyone point to a similar
.deb of a graphic document so that I can see what documents a graphics
file needs so that I can make a GPL & DFSG compliant package. I exported
it to png from fig. So the binary file (png) is derived from a source
file(fig). Would it be differnt to make a .deb of the png vs the fig?
Or would I be expected to include the binary image and source in a
single package?

The new pic: http://kmark.home.pipeline.com/debian.png
The old pic: http://kmark.home.pipeline.com/debian.1.png

-Kev
-- 
counter.li.org #238656 -- goto counter.li.org and be counted!

(__)
(oo)
  /--\/
 / |||
*  /\---/\
   ~~   ~~
"Have you mooed today?"...


signature.asc
Description: Digital signature

Richard Stallman on radioActive sanDiego

[mbc]

This week on Resistance Remixed, DJ lotus will be interviewing Richard 
Stallman. They will be talking about the intersection of free software 
and politics, the free software movement as a radical social movement, 
software patents and the rise of information warfare and information 
control technologies and policies.

For more information on Richard Stallman, see http://www.stallman.org/
For more information on free software, see http://www.gnu.org
For a previous indymedia interview with Richard Stallman, see
http://www.scotland.indymedia.org/newswire/display/266/index.php
http://www.livejournal.com/users/dj_lotus/
Listen online at http://radioActiveradio.org on Thursday, January 6th @ 
7pm, PST

///
Resitance, Remixed is an experiment in tactical audio production where 
DJ Lotus creates audio which is in itself an act of resistance. 
Resistance, remixed also looks for new forms of resistance all over the 
world in an effort to find new, effective ways of combating 
neo-liberalism and the religious right, while creating direct 
democracy.

///
radioActive SanDiego is a collective, non-hierarchical organization 
formed to pioneer a new internet radio station. We plan to build a 
model for the post-corporate, autonomous, community media of the future 
by offering revolutionary media production and distribution that 
creates positive social and economic change. RASD rejects the narrow 
formats of corporate-owned media and seeks to offer listeners a wide 
variety of styles and genres of media programming. We don't just report 
events, we participate in them!

///
radioActive sanDiego
love / solidarity / revolution // positive social change
http://radioActiveradio.org

Re: murphy is listed on spamcop

[Anthony DeRobertis]

Thomas Bushnell BSG wrote:
What is this, "you go to war with the army you have, not the army you
want"?
Consider the full context of the quote[0], yes.

[0]
  http://www.defenselink.mil/transcripts/2004/tr20041208-secdef1761.html

Re: Print Alternative

[Anthony DeRobertis]

Fernanda Giroleti Weiden wrote:
That would ease porting this application to run on Debian. This
application would add a great facility for our users since it is
impossible to know what command must be used to print a document on a
Debian system.
Which ones don't support 'lpr' ? The LPR varients obviously do, and CUPS 
certainly does.

My suggestion to the name of this alternative is "print" which should
point to the command used to print (ex.: /usr/bin/lpr)
That name won't work. We already have a "print" command, part of the 
mime-support package.

Re: updated debian development diagram -- comments?

[Ralf Hildebrandt]

* Kevin Mark <[EMAIL PROTECTED]>:

> Hi Folks,
> I have updated my diagram on the debian developement model. Any comments
> appreciated! 

It's "volatile", not "volitile"
-- 
Ralf Hildebrandt (i.A. des IT-Zentrum)  [EMAIL PROTECTED]
Charite - Universitätsmedizin BerlinTel.  +49 (0)30-450 570-155
Gemeinsame Einrichtung von FU- und HU-BerlinFax.  +49 (0)30-450 570-962
IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]


signature.asc
Description: Digital signature

Re: GtkMozEmbed with Firefox not Mozilla

[Norbert Tretkowski]

* William Ballard wrote:
> On Sun, Jan 02, 2005 at 09:55:42PM -0500, Eric Dorland wrote:
> > And what would the advantage be over using mozilla? The gecko
> > engine is the same, in fact mozilla tends to have a newer gecko
> > engine than firefox. I mean this could be done, but if it doesn't
> > actually confer any advantages why bother? And I can't think of
> > any. 
> 
> Why should I install an email client and web page editor, the bloat
> that is Mozilla, just to get GtkMozEmbed?

mozilla-dev depends on mozilla-browser, but not mozilla.

Norbert

Re: updated debian development diagram -- comments?

[Kevin Mark]

On Mon, Jan 03, 2005 at 08:47:02AM +0100, Ralf Hildebrandt wrote:
> * Kevin Mark <[EMAIL PROTECTED]>:
> 
> > Hi Folks,
> > I have updated my diagram on the debian developement model. Any comments
> > appreciated! 
> 
> It's "volatile", not "volitile"
> -- 
> Ralf Hildebrandt (i.A. des IT-Zentrum)  [EMAIL PROTECTED]
> Charite - Universitätsmedizin BerlinTel.  +49 (0)30-450 570-155
> Gemeinsame Einrichtung von FU- und HU-BerlinFax.  +49 (0)30-450 570-962
> IT-Zentrum Standort CBF send no mail to [EMAIL PROTECTED]
Hi Ralf,
thanks. forgot that non-binary file formats allow you to use ispell!
-Kev


-- 
counter.li.org #238656 -- goto counter.li.org and be counted!

(__)
(oo)
  /--\/
 / |||
*  /\---/\
   ~~   ~~
"Have you mooed today?"...


signature.asc
Description: Digital signature

Re: logcheck: adduser in preinst?

[Todd Troxell]

On Thu, Dec 30, 2004 at 10:21:57PM -0800, Don Armstrong wrote:
> Why not just touch the crontab right after creating the user if

This works, Thanks.  I am just wondering if this is a policy violation.
10.7.3 says preserve local changes, and I would not consider the file
preserved if the mtime is changed.  This does seem like the best
solution, however I thought I'd see what you [-devel] think about modifying
timestamps.


-- 
[   Todd J. Troxell ,''`.
  Student, Debian GNU/Linux Developer, SysAdmin, Geek  : :' :
  http://debian.org || http://rapidpacket.com/~xtat`. `' 
 `- ]


signature.asc
Description: Digital signature

Re: Status of Kernel 2.4.28 packages?

[Stephan Niemz]

On Sun, Jan 02, 2005 at 20:02:25 -0600, Steve Greenland wrote:
> Converting to udev is an additional step, and caused me a lot more
> work than the basic 2.6 upgrade (mostly getting my head around it, and
> converting from usbmgr).

Yes, converting from devfs to udev is one thing that doesn't seem
to be easy.  Another one is the ISDN support.  Hasn't that changed
significantly, too?  And what's going to happen with /etc/modutils/*,
how much manual tweaking would be needed there?  And I'm sure there is
more.

- Stephan.


signature.asc
Description: Digital signature

Re: murphy is listed on spamcop

[Russell Coker]

On Monday 03 January 2005 09:22, Thomas Bushnell BSG <[EMAIL PROTECTED]> wrote:
> Russell Coker <[EMAIL PROTECTED]> writes:
> > On Monday 03 January 2005 07:25, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
wrote:
> > > This is true whether the bad things are false positives in email or
> > > the deaths of hundreds of people.  Certainly deaths are worse, but I
> > > wasn't comparing false positives to deaths.
> > >
> > > I was explaining why your style of excuse is never acceptible.  If
> > > false positives are bad (and they are), they do not become less bad
> > > because you cannot figure out how to avoid them and still achieve your
> > > goals.
> >
> > There is no comparison between killing people and bouncing email.
>
> I agree completely.  It is for this reason I did not compare killing
> people and bouncing email.
>
> But there *is* a comparison between your excuse and Rumsfeld's excuse
> for inadequately equipping his soldiers.

No there is no comparison.

Human lives are much more important than email.  The discussion is over.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Re: How to ensure packages generated from -source are installable?

[Thomas Hood]

On Sun, 02 Jan 2005 04:20:04 +0100, William Ballard wrote:
> Kernel module source packages generated Debian packages which may not be 
> installable.  For instance, alsa-source does not depend on alsa-base, 
> but the generated alsa-modules does.  ndiswrapper-source does the same 
> with ndiswrapper-utils.


Right.  Do you regard this as a problem?


> Is there a flag to dpkg to refuse to install unless dependencies are 
> met?


I am not sure what you mean.  That is dpkg's default behavior.


> What ends up happening now is the package ends up installing broken.


I am not sure what you mean by this.  Here is what happens when I install
an alsa-modules package in the absence of alsa-base:

[EMAIL PROTECTED]:/usr/src$ sudo dpkg -i 
alsa-modules-2.4.27-1-686_1.0.7-3~unreleased1+10.00.Custom_i386.deb
Selecting previously deselected package alsa-modules-2.4.27-1-686.
(Reading database ... 192428 files and directories currently installed.)
Unpacking alsa-modules-2.4.27-1-686 (from 
alsa-modules-2.4.27-1-686_1.0.7-3~unreleased1+10.00.Custom_i386.deb) ...
dpkg: dependency problems prevent configuration of alsa-modules-2.4.27-1-686:
 alsa-modules-2.4.27-1-686 depends on alsa-base (>= 1.0.1-1); however:
  Package alsa-base is not installed.
dpkg: error processing alsa-modules-2.4.27-1-686 (--install):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 alsa-modules-2.4.27-1-686


If you are complaining about the fact that dpkg leaves behind unpacked
files when it aborts then I suggest you file a bug report against dpkg. 
This can then be merged with #15162 and the twelve reports already merged
with it which complain about dpkg leaving behind unpacked files in various
other circumstances.


> The generalized form of this question is how does one deal with 
> missing dependencies when using dpkg and not apt.


One downloads the missing packages and dpkg --install's them.

BTW have you tried module-assistant?

-- 
Thomas Hood

Re: Status of Kernel 2.4.28 packages?

[Christoph Hellwig]

> By the way, is there a guide somewhere telling how to switch an
> "unstable" system from 2.4 to 2.6?

An install of the appropinquate kernel-image package should do it.  At
least it did for me on various ppc and an x86_64 installed as i386
system.

Re: Status of Kernel 2.4.28 packages?

[Christoph Hellwig]

On Mon, Jan 03, 2005 at 10:19:57AM +0100, Stephan Niemz wrote:
> Yes, converting from devfs to udev is one thing that doesn't seem
> to be easy.  Another one is the ISDN support.  Hasn't that changed
> significantly, too?  And what's going to happen with /etc/modutils/*,
> how much manual tweaking would be needed there?  And I'm sure there is
> more.

I haven't used either devfs nor udev so I can't comment on that.  ISDN
should be fine nowdays - while there's been quite a lot of ISDN changes
there's nothing that's different from the usersland POV.

Re: Bug#287839: ITP: mxml -- small XML parsing library

[Eduardo Marcel Macan]

Sorry, I quoted the upstream description, I have a preliminary package 
ready and it will be
uploaded as soon as I make it clean. The upstream author provides only a 
static version of
the library, so I'm having to check lots of things I never had to deal 
with in order to do it
right (It seems I'll have to take care of sonames and the like myself 
and that's something
I'd prefer to avoid, but anyway...) I know the basics of XML and don't 
really have
any experience using XML libraries myself,  I'm packaging it  because 
zynaddsubfx
uses it to implement an "xml-like" instrument definition, and zyn is one 
of my main
interests.

I think that I'd be a better "comaintainer" of this package than the 
only one
responsible. The ITP seems to have attracted attention, I won't mind if 
someone
offers his help to maintain, or even adopt it. Really :)

Up to now, thank you guys for the comments on the description I attached 
to the
ITP,  they'll be incorporated into my package description.

Roger Leigh wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Henning Makholm <[EMAIL PROTECTED]> writes:
 

Scripsit Roger Leigh <[EMAIL PROTECTED]>
   

"Marcelo E. Magallon" <[EMAIL PROTECTED]> writes:
 

After reading your post I wonder if "without requiring large
non-standard libraries" actually was meant to be read as "without
requiring libxml2" (i.e. the "large non-standard library" meant here is
libxml2).
   

Yes, you would be correct.  It was explicitly intended as a drop-in
replacement.  All it required was a few regexes to change the prefix
on the function and datatype names.
 

If the rationale for the package is to avoid having libxml2 on the
system, and it is a a partial drop-in replacement, wouldn't it make
sense to let the package
 1. provide libxml.so.2 with the *same* function names as the real thing
 2. conflict with libxml2
 3. contain a shlibdeps file that make client packages depend on
libmxml2 | libxml2
(Predicted response: Of course not. That would lead to madness).
   

:-)
Any program that used the full features of libxml2 would break.  They
are not so similar as to be binary-compatible; they just have a
similar API for the libxml2 "tree" interface.
- -- 
Roger Leigh
   Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
   Debian GNU/Linuxhttp://www.debian.org/
   GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 

iD8DBQFB1c56VcFcaSW/uEgRAssgAKDBRVb7zkhIbINxwcYxOx+GzaOL/QCg48We
lkhJGZkSj6D2b4D1ntF3ecE=
=P/qA
-END PGP SIGNATURE-
 

Re: LCC and blobs

[Henning Makholm]

Scripsit Thomas Bushnell BSG <[EMAIL PROTECTED]>
> Matthew Garrett <[EMAIL PROTECTED]> writes:

>> The obvious thing to do here is not to attempt to find a way that
>> we can interpret the SC that makes sense - the obvious thing to do
>> here is to decide what we want the SC to say and then change it so
>> that it matches that desire.

> We already did that.

The editorial changes to the SC did/will change "depend on" to
"require the use of", but that's as open to interpretation as the old
wording. The problem has just shifted from the meaning of "depend" to
the meaning of "require" and "use" - in either case one can imagine
cases where there are two different but internally consistent and
more-or-less reasonable views on whether the "use" of a non-free
component is "required".

Some people, for example, would probably argue that one does not "use"
firmware when it does not execute on the main CPU, or that a driver
that is able to function if the firmware is already loaded by some
other means does not itself "require" the firmware. I know what I
think about such opinions, but the fact is that they are held by some,
and in at least some cases probably sincerely.

-- 
Henning Makholm   "Der er ingen der sigter på slottet. D'herrer konger agter
 at triumfere fra balkonen når de har slået hinanden ihjel."

Re: Updated SELinux Release

[Russell Coker]

On Saturday 06 November 2004 02:57, Luke Kenneth Casson Leighton 
<[EMAIL PROTECTED]> wrote:
>  debian doesn't GIVE users that choice [remember the adamantix
>  bun-fight, anyone?] and instead settles for about the lowest possible
>  common denominator - no consideration to modern security AT ALL!

Doing the things that Adamantix does takes some work.  The Adamantix people 
are doing their own distribution and are not contributing to Debian.  There 
are many Debian developers who want to see the same stuff included in Debian 
(including me), but no-one with the right combination of interest, time, and 
skills.

If someone is looking for things to work on then it would be a good place to 
start.

>  maybe it's just me with my weird setup [very likely], but
>  running mozilla under KDE 3.3.0 with selinux 2.6.8.1-selinux1
>  on a 256mb system P4 2.4Ghz) is a 10-11 second startup,
>  whereas if i set selinux=0 i've seen as fast as a THREE second
>  startup time.

That sounds bizarre.  What does "enforcing=0" give?  What if you kill klogd 
before starting it?

>  i've put KDE_IS_PRELINKED=1, KDE_FORK_SLAVES=1 into the
>  /usr/bin/startkde

/usr/bin/startkde in Debian sources *.sh from directories 
~/.kde/env, /usr/local/env, and /usr/env.  I think that
"kde-config --path exe" is not giving the most desirable results in this 
regard, and maybe we should have some other way of determining the path.

Something like /etc/kde/env would be a good directory for such things.  Then 
one of the SE Linux packages could drop a little script in that exports those 
variables.

Luke, could you please file appropriate bug reports about this

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Re: murphy is listed on spamcop

[paddy]

On Sun, Jan 02, 2005 at 03:25:11PM -0800, Steve Langasek wrote:
> On Mon, Jan 03, 2005 at 09:17:43AM +1100, Russell Coker wrote:
> > On Monday 03 January 2005 07:25, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
> > wrote:
> > > This is true whether the bad things are false positives in email or
> > > the deaths of hundreds of people.  Certainly deaths are worse, but I
> > > wasn't comparing false positives to deaths.
> 
> > > I was explaining why your style of excuse is never acceptible.  If
> > > false positives are bad (and they are), they do not become less bad
> > > because you cannot figure out how to avoid them and still achieve your
> > > goals.
> 
> > There is no comparison between killing people and bouncing email.  Whatever 
> > point you were trying to make is lost.  The thread is over.
> 
> Maybe the real point here is that no one has come up with a spam control
> solution yet that involves killing spammers.

At least, I can't see one on sourceforge ... :)

Regards,
Paddy
-- 
Perl 6 will give you the big knob. -- Larry Wall

Re: murphy is listed on spamcop

[Jose Carlos Garcia Sogo]

El lun, 03-01-2005 a las 21:35 +1100, Russell Coker escribiÃ:
> On Monday 03 January 2005 09:22, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
> wrote:
> > Russell Coker <[EMAIL PROTECTED]> writes:
> > > On Monday 03 January 2005 07:25, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
> wrote:
> > > > This is true whether the bad things are false positives in email or
> > > > the deaths of hundreds of people.  Certainly deaths are worse, but I
> > > > wasn't comparing false positives to deaths.
> > > >
> > > > I was explaining why your style of excuse is never acceptible.  If
> > > > false positives are bad (and they are), they do not become less bad
> > > > because you cannot figure out how to avoid them and still achieve your
> > > > goals.
> > >
> > > There is no comparison between killing people and bouncing email.
> >
> > I agree completely.  It is for this reason I did not compare killing
> > people and bouncing email.
> >
> > But there *is* a comparison between your excuse and Rumsfeld's excuse
> > for inadequately equipping his soldiers.
> 
> No there is no comparison.
 
 Yes, it is.

> 
> Human lives are much more important than email.  The discussion is over.

 Of course, but in each field, a bad equipped army is as bad as a bad
equipped mail server. Thus, Rumsfeld's words are applicable here, as
Thomas want to do.

 With your criteria that you cannot use phrases said by other people in
a military context in a "civil" one, you will lost a lot of ways of
speaking... I guess you won't be using DMZ, firewall or another concepts
usually employed in military jargon (including black copters).

 If you consider the thread over, do it. But don't try to justify that
in people using words others did.

 Cheers,

-- 
Jose Carlos Garcia Sogo
   [EMAIL PROTECTED]


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Re: How to ensure packages generated from -source are installable?

[Jose Carlos Garcia Sogo]

El lun, 03-01-2005 a las 11:33 +0100, Thomas Hood escribiÃ:
[...]
> > What ends up happening now is the package ends up installing broken.
> 
> 
> I am not sure what you mean by this.  Here is what happens when I install
> an alsa-modules package in the absence of alsa-base:
> 
> [EMAIL PROTECTED]:/usr/src$ sudo dpkg -i 
> alsa-modules-2.4.27-1-686_1.0.7-3~unreleased1+10.00.Custom_i386.deb
> Selecting previously deselected package alsa-modules-2.4.27-1-686.
> (Reading database ... 192428 files and directories currently installed.)
> Unpacking alsa-modules-2.4.27-1-686 (from 
> alsa-modules-2.4.27-1-686_1.0.7-3~unreleased1+10.00.Custom_i386.deb) ...
> dpkg: dependency problems prevent configuration of alsa-modules-2.4.27-1-686:
>  alsa-modules-2.4.27-1-686 depends on alsa-base (>= 1.0.1-1); however:
>   Package alsa-base is not installed.
> dpkg: error processing alsa-modules-2.4.27-1-686 (--install):
>  dependency problems - leaving unconfigured
> Errors were encountered while processing:
>  alsa-modules-2.4.27-1-686
> 
> 
> If you are complaining about the fact that dpkg leaves behind unpacked
> files when it aborts then I suggest you file a bug report against dpkg. 
> This can then be merged with #15162 and the twelve reports already merged
> with it which complain about dpkg leaving behind unpacked files in various
> other circumstances.
> 
> 
> > The generalized form of this question is how does one deal with 
> > missing dependencies when using dpkg and not apt.
> 
> 
> One downloads the missing packages and dpkg --install's them.

 There is an easier way. Once you install that package by hand, execute
'apt-get install -f'

 This will usually fix these situations by downloading the needed
packages and installing them. Of course, you have to check that apt is
not trying other approaches to solve the problem, as removing every
related package.

> 
> BTW have you tried module-assistant?

 I also recommend this. It was a great discovery. But I think that this
tool is not very known yet. Perhaps you (as alsa maintainer) could add a
note to README.Debian in modules-source, explaining how to compile them
using module-assistant. (I don't know if it is already there, I'm
writing this offline and I don't have the package at hand right now)
 
 Cheers,


> 
> -- 
> Thomas Hood
> 
> 
-- 
Jose Carlos Garcia Sogo
   [EMAIL PROTECTED]


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Re: GtkMozEmbed with Firefox not Mozilla

[William Ballard]

On Mon, Jan 03, 2005 at 08:44:05AM +0100, Norbert Tretkowski wrote:
> mozilla-dev depends on mozilla-browser, but not mozilla.

mozilla-browser is 30 megabytes and duplicates the vast majority of 
firefox

as my link suggest apparently there exists an rpm for 
gtkmozembed-firefox so somebody else at least is doing it

Re: How to ensure packages generated from -source are installable?

[William Ballard]

On Mon, Jan 03, 2005 at 11:33:21AM +0100, Thomas Hood wrote:
> Right.  Do you regard this as a problem?

It would be a lot smarter to check if the install would succeed
before unpacking it.  If you were replacing a previous alsa-modules 
package, the old one will be uninstalled and non-functional (please 
correct me me if I'm wrong) and you won't have any sound until you get 
around to fixing it.  If you were replacing a previous 
ndiswrapper-modules, now your network card is hosed and you *can't* use 
apt -f to fix the problem unless you connect to the network the other 
way.

Transactions should be atomic, consistent, isolated, and durable.  This 
fails the "atomic" and "isolated" tests.

Don't sweat it, I can very easily write my own wrapper around dpkg -i 
that first dumps the depends and refuses to install if they aren't met.

Re: Updated SELinux Release

[Lorenzo Hernández García-Hierro]

Hi Russell,

El lun, 03-01-2005 a las 23:53 +1100, Russell Coker escribió:
> On Saturday 06 November 2004 02:57, Luke Kenneth Casson Leighton 
> <[EMAIL PROTECTED]> wrote:
> >  debian doesn't GIVE users that choice [remember the adamantix
> >  bun-fight, anyone?] and instead settles for about the lowest possible
> >  common denominator - no consideration to modern security AT ALL!
> 
> Doing the things that Adamantix does takes some work.  The Adamantix people 
> are doing their own distribution and are not contributing to Debian.  There 
> are many Debian developers who want to see the same stuff included in Debian 
> (including me), but no-one with the right combination of interest, time, and 
> skills.
> 
> If someone is looking for things to work on then it would be a good place to 
> start.

I think that Hardened Debian is putting many efforts in terms of
security technologies deployment.
We are now working on the deployment in Ubuntu Linux as a first move
before the possible deployment in Debian.

I'm now interested in making SELinux a really reliable solution thus i
have the other things almost done, and some kernel work is already done.

The debian policies should be improved and creation of a work team would
be great.

I have a blank page at the wiki
(http://wiki.debian-hardened.org/SELinux_on_Debian) which could be a
start point.

As i'm new and even i don't know what's the current state of SELinux
Debian deployment, i would appreciate any information.

I've set up a site (BTW, running on a hardened debian powered "box")
where i'm maintaining patches and other stuff i worked on related with
SELinux, it's at http://selinux.tuxedo-es.org .

Cheers,
-- 
Lorenzo Hernández García-Hierro <[EMAIL PROTECTED]> [1024D/6F2B2DEC]
[2048g/9AE91A22] Hardened Debian head developer & project manager


signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada	digitalmente

Processed: reassign 88340 to lintian

[Debian Bug Tracking System]

Processing commands for [EMAIL PROTECTED]:

> # Automatically generated email from bts, devscripts version 2.8.5
> reassign 88340 lintian
Bug#88340: Use "chown user:group", not "chown user.group"
Bug reassigned from package `general' to `lintian'.

>
End of message, stopping processing here.

Please contact me if you need assistance.

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Bug#60810: contents.gz package

[Justin Pryzby]

Could we have a package which provides /usr/share/.../Contents.gz?
Not sure that share/ is the right place.  And as Matt said, versioning
is a potential problem.  But lintian (and others: apt-file) could
depend on this package (say, debian-dist-contents).

Justin

Re: Bug#287839: ITP: mxml -- small XML parsing library

[Roger Leigh]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Eduardo Marcel Macan <[EMAIL PROTECTED]> writes:

> Sorry, I quoted the upstream description, I have a preliminary package
> ready and it will be uploaded as soon as I make it clean.

If you would like someone to check it, I would be happy to review it.

> The upstream author provides only a static version of the library,
> so I'm having to check lots of things I never had to deal with in
> order to do it right (It seems I'll have to take care of sonames and
> the like myself and that's something I'd prefer to avoid, but
> anyway...)

If upstream do not version it, it may cause future problems if you do
Debian-specific soname versioning (consider what happens if upstream
enable versioning in 6 months).  If you require shared libraries, I'm
sure Mike Sweet would consider adding support (have you asked?).
Otherwise, perhaps static only would be safest for now.

> I know the basics of XML and don't really have any experience using
> XML libraries myself, I'm packaging it because zynaddsubfx uses it
> to implement an "xml-like" instrument definition, and zyn is one of
> my main interests.

It looks quite cool.

> I think that I'd be a better "comaintainer" of this package than the
> only one responsible. The ITP seems to have attracted attention, I
> won't mind if someone offers his help to maintain, or even adopt
> it. Really :)

I would certainly be interested.  I may even be able to get
libgimpprint using it (instead of the customised form we have embedded
currently).  I also have uses for it in other projects, where libxml2
is not suitable.


Regards,
Roger

- -- 
Roger Leigh
Printing on GNU/Linux?  http://gimp-print.sourceforge.net/
Debian GNU/Linuxhttp://www.debian.org/
GPG Public Key: 0x25BFB848.  Please sign and encrypt your mail.
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 

iD8DBQFB2XCjVcFcaSW/uEgRAt5gAKDfl/4eqq7UZtHusSU1XnCBHzquTwCgoR/j
/G1/zzwxq1PfIfOqw+5zA2Y=
=cOMo
-END PGP SIGNATURE-

Re: GtkMozEmbed with Firefox not Mozilla

[Eric Dorland]

* William Ballard ([EMAIL PROTECTED]) wrote:
> On Mon, Jan 03, 2005 at 08:44:05AM +0100, Norbert Tretkowski wrote:
> > mozilla-dev depends on mozilla-browser, but not mozilla.
> 
> mozilla-browser is 30 megabytes and duplicates the vast majority of 
> firefox

So every program that uses MozEmbed needs two versions, one compiled
against mozilla and one compiled against firefox? Come on, that's
silly. The solution is to ask the mozilla maintainer (Takuo KITAME
<[EMAIL PROTECTED]>) to separate out the libraries you need from the
rest of the package. 

 
> as my link suggest apparently there exists an rpm for 
> gtkmozembed-firefox so somebody else at least is doing it
> 
> 

-- 
Eric Dorland <[EMAIL PROTECTED]>
ICQ: #61138586, Jabber: [EMAIL PROTECTED]
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
--END GEEK CODE BLOCK--


signature.asc
Description: Digital signature

Re: murphy is listed on spamcop

[Thomas Bushnell BSG]

Russell Coker <[EMAIL PROTECTED]> writes:

> On Monday 03 January 2005 09:22, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
> wrote:
> > Russell Coker <[EMAIL PROTECTED]> writes:
> > > On Monday 03 January 2005 07:25, Thomas Bushnell BSG <[EMAIL PROTECTED]> 
> wrote:
> > > > This is true whether the bad things are false positives in email or
> > > > the deaths of hundreds of people.  Certainly deaths are worse, but I
> > > > wasn't comparing false positives to deaths.
> > > >
> > > > I was explaining why your style of excuse is never acceptible.  If
> > > > false positives are bad (and they are), they do not become less bad
> > > > because you cannot figure out how to avoid them and still achieve your
> > > > goals.
> > >
> > > There is no comparison between killing people and bouncing email.
> >
> > I agree completely.  It is for this reason I did not compare killing
> > people and bouncing email.
> >
> > But there *is* a comparison between your excuse and Rumsfeld's excuse
> > for inadequately equipping his soldiers.
> 
> No there is no comparison.
> 
> Human lives are much more important than email.  The discussion is over.

Yes, human lives are much more important than email.

There is indeed no comparison between them.

But I was not comparing them.

Thomas

Re: LCC and blobs

[Darren Salt]

I demand that Josh Triplett may or may not have written...

[snip]
> This criteria covers

"These criteria cover", surely - unless you mean "criterion" :-\

-- 
| Darren Salt   | linux (or ds) at | nr. Ashington,
| woody, sarge, | youmustbejoking  | Northumberland
| RISC OS   | demon co uk  | Toon Army
|   http://www.youmustbejoking.demon.co.uk/> (PGP 2.6, GPG keys)

It is better to have men ask why you have no statue than why you have one.

Re: LCC and blobs

[Darren Salt]

I demand that Måns Rullgård may or may not have written...

> Anthony DeRobertis <[EMAIL PROTECTED]> writes:
>> Henning Makholm wrote:
>>> Scripsit Anthony DeRobertis <[EMAIL PROTECTED]>
 That would, however, cover firmware and wind up sending X to contrib. So
 maybe: ... iff it is stored on the local machine's file system.
>>> That would be my *intuitive* understanding of how the mail/contrib
>>> difference works.
>> So would a web-based firmware loader, that never saved the firmware to
>> disk allow the drivers to be in main?

> This could be as simple as mounting a tmpfs on /lib/firmware, and wgetting
> some firmware files before loading any modules that might need them.  The
> slightly more complicated solution would be to modify the hotplug scripts
> to fetch the files automatically.

Problems:

  * no network connection
- perhaps the hardware requires a firmware upload?
- usually resolvable with a cheap (<=£10) card

  * part-time network connection
- machine may be a laptop
- connection may be time-limited in some way, e.g. to avoid per-call or
  time-based charges on a dial-up account

I'd say that a local cache is needed, though whether it's used should be up
to the local admin.

-- 
| Darren Salt   | nr. Ashington, | linux (or ds) at
| woody, sarge, | Northumberland | youmustbejoking
| RISC OS   | Toon Army  | demon co uk
|   We've got Shearer, you haven't

Since you're going to die anyway, can we use you as a shield?

Re: Bug#287839: ITP: mxml -- small XML parsing library

[Pierre Machard]

Hello,

On Thu, Dec 30, 2004 at 10:58:08PM +, Roger Leigh wrote:
> "Marcelo E. Magallon" <[EMAIL PROTECTED]> writes:
> 
> > On Fri, Dec 31, 2021 at 10:38:46AM -0300, Eduardo Marcel Macan wrote:
> >
> >  > Mini-XML is a small XML parsing library that you can use to
> >  > read XML and XML-like data files in your application without
> >  > requiring large non-standard libraries.  Mini-XML only
> >  > requires an ANSI C compatible compiler (GCC works, as do
> >  > most vendors' ANSI C compilers) and a "make" program.
> >
> >  You mean unlike libxml2?
> >
> > Package: libxml2
> > Depends: libc6 (>= 2.3.2.ds1-4), zlib1g (>= 1:1.2.1)
> >
> >  I wonder at which other library is upstream taking shots... not Xerces
> >  and not libxmlparse.
> >
> >  You might want to include relevant information, like (lack of)
> >  validation, external loading, UTF-8, namespaces and the like.
> 
> mxml is intended to be minimal, as a counter to libxml2 bloat (and it
> *is* a bloated monster).

If you are looking for a tiny tool to handle xml within C programs I
suggest that you take a look at flexml.

It is based on flex. Unfortunately it works with the old-flex. I had not
the time to help patching it so that is works with flex. I am sure
that the upstream author will accept to recieve patches.

Cheers,
-- 
Pierre Machard
<[EMAIL PROTECTED]> http://debian.org
GPG: 1024D/23706F87 : B906 A53F 84E0 49B6 6CF7 82C2 B3A0 2D66 2370 6F87



signature.asc
Description: Digital signature

Re: GtkMozEmbed with Firefox not Mozilla

[William Ballard]

On Mon, Jan 03, 2005 at 12:08:03PM -0500, Eric Dorland wrote:
> * William Ballard ([EMAIL PROTECTED]) wrote:
> > On Mon, Jan 03, 2005 at 08:44:05AM +0100, Norbert Tretkowski wrote:
> > > mozilla-dev depends on mozilla-browser, but not mozilla.
> > 
> > mozilla-browser is 30 megabytes and duplicates the vast majority of 
> > firefox
> 
> So every program that uses MozEmbed needs two versions, one compiled
> against mozilla and one compiled against firefox?

No.  That's why you have virtual packages.  Just like every program
that depends on a java2-runtime doesn't have multiple versions.

I think that a very large part of mozilla is probably just the
"libraries" and you'd still have a great deal of duplication.
The mozilla or firefox binary is probably only a very thin wrapper
around the libraries; that's what iexplore.exe is.

Re: GtkMozEmbed with Firefox not Mozilla

[Eric Dorland]

* William Ballard ([EMAIL PROTECTED]) wrote:
> On Mon, Jan 03, 2005 at 12:08:03PM -0500, Eric Dorland wrote:
> > * William Ballard ([EMAIL PROTECTED]) wrote:
> > > On Mon, Jan 03, 2005 at 08:44:05AM +0100, Norbert Tretkowski wrote:
> > > > mozilla-dev depends on mozilla-browser, but not mozilla.
> > > 
> > > mozilla-browser is 30 megabytes and duplicates the vast majority of 
> > > firefox
> > 
> > So every program that uses MozEmbed needs two versions, one compiled
> > against mozilla and one compiled against firefox?
> 
> No.  That's why you have virtual packages.  Just like every program
> that depends on a java2-runtime doesn't have multiple versions.
> 
> I think that a very large part of mozilla is probably just the
> "libraries" and you'd still have a great deal of duplication.
> The mozilla or firefox binary is probably only a very thin wrapper
> around the libraries; that's what iexplore.exe is.

Unfortunately they're not just libraries. They're mostly just dynamic
code blobs. They don't have sonames or published APIs. Firefox now
tends to fork from the mainline mozilla tree, so the code can be quite
different, or at least different enough to make having firefox load
the mozilla components quite impossible. 

So yes there is duplication. Yes, it is unfortunate. Go tell mozilla
fellas to make their stuff more modular. 

-- 
Eric Dorland <[EMAIL PROTECTED]>
ICQ: #61138586, Jabber: [EMAIL PROTECTED]
1024D/16D970C6 097C 4861 9934 27A0 8E1C  2B0A 61E9 8ECF 16D9 70C6

-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCS d- s++: a-- C+++ UL+++ P++ L++ E++ W++ N+ o K- w+ 
O? M++ V-- PS+ PE Y+ PGP++ t++ 5++ X+ R tv++ b+++ DI+ D+ 
G e h! r- y+ 
--END GEEK CODE BLOCK--


signature.asc
Description: Digital signature

h00k-up-in-here

[borateButler]

The stingy acquiescent. Shebloodstream airway. He attentive polarimeter tulle 
doubt calvary



These wicked-hot fillies are on the lookout for a good lay soon :


http://prevenientlymeds.com/sse/














get-me-0ff : prevenientlymeds.com/yik/


The sago greenery orpheus edifice gatlinburg .
She walcott jehovah intellect aquinas conspirator .
impersonal desperado grenade classification comfort .
pamphlet abominable curl .
The cringe y cling alleviate gallium .
She babcock insult rumble . And
dignify directorate pollock rotarian renaissance burt .
She meteorite directrix progression .and
mastic edmondson lap trollop tragedy .
The vigil koenigsberg biharmonic regressive epigrammatic gsa .
enzymology libretto anterior assassin fire contraption .and
abet dolomitic scream lilly propionate .
basemen emily propos acidulous intendant allied .
The prism yeshiva error .
She deformation economist hayes angelfish cockeye .
The resemblant raven burtt .
mcgovern felicia wither bylaw heritage .

debian-boot@lists.debian.org

Re: GtkMozEmbed with Firefox not Mozilla

[Billy Biggs]

Eric Dorland ([EMAIL PROTECTED]):

> [...] Firefox now tends to fork from the mainline mozilla tree, so the
> code can be quite different, or at least different enough to make
> having firefox load the mozilla components quite impossible. 

  FWIW, I was also under the impression that the official word is that
Firefox is not meant to be used for emebdding and does not ship in a way
that allows this.  For example:

  https://bugzilla.mozilla.org/show_bug.cgi?id=262453

  -Billy

Bug#288486: ITP: liblingua-pt-stemmer-perl -- Portuguese language stemming

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: liblingua-pt-stemmer-perl
  Version : 0.01
  Upstream Author : xern <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Lingua-PT-Stemmer/
* License : Dual GPL/Artistic
  Description : Portuguese language stemming

 This module implements a Portuguese stemming algorithm proposed in the
 paper A Stemming Algorithm for the Portuguese Language by Moreira, V.
 and Huyck, C.
 

Bug#288487: ITP: liblingua-stem-fr-perl -- Perl French Stemming

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: liblingua-stem-fr-perl
  Version : 0.02
  Upstream Author : Sébastien Darribere-Pleyt, <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Lingua-Stem-Fr/
* License : Dual GPL/Artistic
  Description : Perl French Stemming

 This module use the a modified version of the Porter Stemming Algorithm to
 return a stemmed words.
 .
 The algorithm is implemented as described in:
 .
 http://snowball.tartarus.org/french/stemmer.html
 .
 with some improvement.
 .
 The code is carefully crafted to work in conjunction with the Lingua::Stem
 module by Benjamin Franz.
 This French version is based too, on the work of Aldo Calpini (Italian Version)

Re: LCC and blobs

[Glenn Maynard]

On Mon, Jan 03, 2005 at 05:42:07PM +, Darren Salt wrote:
> > Anthony DeRobertis <[EMAIL PROTECTED]> writes:
> >>> Scripsit Anthony DeRobertis <[EMAIL PROTECTED]>
>  That would, however, cover firmware and wind up sending X to contrib. So
>  maybe: ... iff it is stored on the local machine's file system.

> >> So would a web-based firmware loader, that never saved the firmware to
> >> disk allow the drivers to be in main?

I read this as a theoretical case to claim that the "local filesystem" metric
was incorrect (at least in some cases)--since I thought it was obvious that
pushing non-free stuff to a remote server and wgetting it is no different
than moving it into non-free (a "remote server", as far as main is
concerned) and Depend:ing on it--which means contrib, at best.

> > This could be as simple as mounting a tmpfs on /lib/firmware, and wgetting

> I'd say that a local cache is needed, though whether it's used should be up
> to the local admin.

... so I don't know why we're talking about implementation details.  :)

-- 
Glenn Maynard

Bug#288491: ITP: liblingua-stem-it-perl -- Porter's stemming algorithm for Italian

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: liblingua-stem-it-perl
  Version : 0.01
  Upstream Author : Aldo Calpini <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Lingua-Stem-It/
* License : Dual GPL/Artistic
  Description : Porter's stemming algorithm for Italian

 This module applies the Porter Stemming Algorithm to its parameters,
 returning the stemmed words.
 .
 The algorithm is implemented exactly (I hope :-) as described in:
 .
 http://snowball.tartarus.org/italian/stemmer.html
 .
 The code is carefully crafted to work in conjunction with the Lingua::Stem
 module by Benjamin Franz, from which I've also borrowed some functionalities
 (caching and exception list).

Bug#288492: ITP: liblingua-stem-ru-perl -- Porter's stemming algorithm for Russian (KOI8-R only)

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: liblingua-stem-ru-perl
  Version : 0.01
  Upstream Author : Aleksandr Guidrevitch <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Lingua-Stem-Ru/
* License : Dual GPL/Artistic
  Description : Porter's stemming algorithm for Russian (KOI8-R only)

 This module applies the Porter Stemming Algorithm to its parameters,
 returning the stemmed words.
 .
 The algorithm is implemented exactly as described in:
 .
 http://snowball.tartarus.org/russian/stemmer.html
 .
 The code is carefully crafted to work in conjunction with the Lingua::Stem
 module by Benjamin Franz. This stemmer is also based
 on the work of Aldo Capini, see Lingua::Stem::It.

Bug#288493: ITP: liblingua-stem-snowball-da-perl -- Porters stemming algorithm for Denmark

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: liblingua-stem-snowball-da-perl
  Version : 1.01
  Upstream Author : Dennis Haney <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Lingua-Stem-Snowball-Da/
* License : Dual GPL/Artistic
  Description : Porters stemming algorithm for Denmark

 The stem function takes a scalar as a parameter and stems the word
 according to Martin Porters Danish stemming algorithm,
 which can be found at the Snowball website: http://snowball.tartarus.org/.
 .
 It also supports caching if you pass the use_cache option when constructing
 a new L:S:S:D object.

Bug#288495: ITP: libsnowball-norwegian-perl -- Stemming algorithm for Norwegian

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: libsnowball-norwegian-perl
  Version : 1.0
  Upstream Author : Ask Solem Hoel <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Snowball-Norwegian/
* License : Dual GPL/Artistic
  Description : Stemming algorithm for Norwegian

 The stem function takes a scalar as a parameter and stems the word
 according to Martin Porters Norwegian stemming algorithm,
 which can be found at the Snowball website: http://snowball.tartarus.org/.
 .
 It also supports caching if you pass the use_cache option when constructing
 a new L:S:S:N object.

Bug#288497: ITP: libsnowball-swedish-perl -- Stemming algorithm for Swedish

[Dominic Hargreaves]

Package: wnpp
Severity: wishlist

* Package name: libsnowball-swedish-perl
  Version : 1.01
  Upstream Author : Ask Solem Hoel <[EMAIL PROTECTED]>
* URL : http://search.cpan.org/dist/Snowball-Swedish/
* License : Dual GPL/Artistic
  Description : Stemming algorithm for Swedish

 The stem function takes a scalar as a parameter and stems the word
 according to Martin Porters Swedish stemming algorithm,
 which can be found at the Snowball website: http://snowball.tartarus.org/.
 .
 It also supports caching if you pass the use_cache option when constructing
 a new L:S:S:S object.

Re: LCC and blobs

[Darren Salt]

I demand that Glenn Maynard may or may not have written...

> On Mon, Jan 03, 2005 at 05:42:07PM +, Darren Salt wrote:
>>> Anthony DeRobertis <[EMAIL PROTECTED]> writes:
> Scripsit Anthony DeRobertis <[EMAIL PROTECTED]>
>> That would, however, cover firmware and wind up sending X to contrib.
>> So maybe: ... iff it is stored on the local machine's file system.
 So would a web-based firmware loader, that never saved the firmware to
 disk allow the drivers to be in main?

> I read this as a theoretical case to claim that the "local filesystem"
> metric was incorrect (at least in some cases)--since I thought it was
> obvious that pushing non-free stuff to a remote server and wgetting it is
> no different than moving it into non-free (a "remote server", as far as
> main is concerned) and Depend:ing on it--which means contrib, at best.

Fetch every time and fetch once. That looks like a difference to me...

>>> This could be as simple as mounting a tmpfs on /lib/firmware, and
>>> wgetting

[my comments about network availability removed - RELEVANT CONTEXT]

>> I'd say that a local cache is needed, though whether it's used should be
>> up to the local admin.

> ... so I don't know why we're talking about implementation details.  :)

I was pointing out that wget can theoretically fail to retrieve the binary.
;-)

-- 
| Darren Salt   | nr. Ashington, | linux (or ds) at
| woody, sarge, | Northumberland | youmustbejoking
| RISC OS   | Toon Army  | demon co uk
|   Oh, sarge too...

A violent man will die a violent death.

Re: LCC and blobs

[Glenn Maynard]

On Tue, Jan 04, 2005 at 01:48:12AM +, Darren Salt wrote:
> Fetch every time and fetch once. That looks like a difference to me...

How could "fetch every time" possibly be acceptable to the SC when
"fetch once" is not?  Are you saying that the "rancid-installer" package
could go in main, if it re-downloaded and reinstalled the program every
time it was used?  Of course not--there is no difference to the SC.

> >>> This could be as simple as mounting a tmpfs on /lib/firmware, and
> >>> wgetting
> 
> [my comments about network availability removed - RELEVANT CONTEXT]

The removed quotes were superfluous to my response, so no, they weren't
relevant.  Stop yelling.

-- 
Glenn Maynard