Re: drbd package

2004-05-18 Thread David Krovich 
Andreas Metzler <[EMAIL PROTECTED]> writes:

> How about uploading 0.7 to experimental now, and once it has stabilized
> (and sarge has been released) put it in sid?

Sounds like a good plan...  I'll use that approach.  Thanks.

RFS: libxp-java : XML 1.0 parser for Java

2004-05-18 Thread Nicolas Duboc 
   Hi,

 I have packaged James Clark's XP library. This is a light Java XML parser.
ITP: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=249159
I'm working on another package (Winie) which needs this library, so I have
decided to package it also.

 This is a simple Java package, so this should be an easy job for a DD
with Java on Debian knowledge.

 I'm in the NM queue and waiting for DAM approval
(http://nm.debian.org/nmstatus.php?email=nicolas%40duboc.net).

 So I send this "Request for Sponsor".

 My work is available here :
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5-1.dsc
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5-1.diff.gz
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5.orig.tar.gz

 Feel free to send feedback, even if you can't sponsor the package.

-- 
Nicolas Duboc <[EMAIL PROTECTED]>

Re: dh_installinit...

2004-05-18 Thread Matt Zimmerman 
On Mon, May 10, 2004 at 04:20:18PM +0200, Thomas -Balu- Walter wrote:

> I'm not sure what would be best practice to avoid those errors, because
> the admin might have to configure the video device first anyway (though
> the default /dev/video0 is usually a nice guess).
> 
> Have an /etc/default/camsource where the admin has to enable the daemon
> setting $START_CAMSOURCE?
> The init script could display something like 
> "Please configure camsource using /etc/camsource.conf and enable it in
> /etc/default/camsource if you want to use init to start it." 
> if not enabled...
> 
> Use --no-start with dh_installinit and stop the daemon manually on
> uninstall in prerm?
> 
> Other?

Let it fail to start; simply don't allow this to break the postinst.

-- 
 - mdz

Re: Secure temporary fifo creation

2004-05-18 Thread Matt Zimmerman 
On Sun, May 16, 2004 at 09:30:10PM -0500, Greg Deitrick wrote:

> What is the recommended method for securely creating a temporary named pipe 
> in 
> C code?
> 
> Looking at the man pages for various library calls it appears that tmpfile(3) 
> is probably an acceptable means of creating a temporary file, but this 
> returns a FILE *.  The upstram source I'm packaging needs to make a temporary 
> fifo.  It uses tempnam(3) to get a temporary file name as a char *, and then 
> mkfifo(3) to make the fifo named pipe from the file name.  Is this 
> sufficiently secure?  Should I post this to debian-security?

That method has exactly the same risks as taking no precautions at all,
since tmpfile(3) deletes the file after opening it.

Use mkdtemp(3) followed by mknod(2).

-- 
 - mdz

tinsel

2004-05-18 Thread Daly 
Gilmore,(

 _95%0ff for 

all-Vi-a-g-ra ,C-ia--l-is ,-- L-evitra--.


http://www.fewnwe.info/ES001/?affiliate_id=233635&campaign_id=404

barrel,emptied suitcase went,needy,ivan learned from,cast,when the 
fourth,nave,at the words.

Re: drbd package

2004-05-18 Thread David Krovich 
Andreas Metzler <[EMAIL PROTECTED]> writes:

> How about uploading 0.7 to experimental now, and once it has stabilized
> (and sarge has been released) put it in sid?

Sounds like a good plan...  I'll use that approach.  Thanks.




-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

RFS: libxp-java : XML 1.0 parser for Java

2004-05-18 Thread Nicolas Duboc 
   Hi,

 I have packaged James Clark's XP library. This is a light Java XML parser.
ITP: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=249159
I'm working on another package (Winie) which needs this library, so I have
decided to package it also.

 This is a simple Java package, so this should be an easy job for a DD
with Java on Debian knowledge.

 I'm in the NM queue and waiting for DAM approval
(http://nm.debian.org/nmstatus.php?email=nicolas%40duboc.net).

 So I send this "Request for Sponsor".

 My work is available here :
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5-1.dsc
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5-1.diff.gz
http://www.duboc.net/nicolas/debian/packages/libxp-java_0.5.orig.tar.gz

 Feel free to send feedback, even if you can't sponsor the package.

-- 
Nicolas Duboc <[EMAIL PROTECTED]>


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: dh_installinit...

2004-05-18 Thread Matt Zimmerman 
On Mon, May 10, 2004 at 04:20:18PM +0200, Thomas -Balu- Walter wrote:

> I'm not sure what would be best practice to avoid those errors, because
> the admin might have to configure the video device first anyway (though
> the default /dev/video0 is usually a nice guess).
> 
> Have an /etc/default/camsource where the admin has to enable the daemon
> setting $START_CAMSOURCE?
> The init script could display something like 
> "Please configure camsource using /etc/camsource.conf and enable it in
> /etc/default/camsource if you want to use init to start it." 
> if not enabled...
> 
> Use --no-start with dh_installinit and stop the daemon manually on
> uninstall in prerm?
> 
> Other?

Let it fail to start; simply don't allow this to break the postinst.

-- 
 - mdz


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Secure temporary fifo creation

2004-05-18 Thread Matt Zimmerman 
On Sun, May 16, 2004 at 09:30:10PM -0500, Greg Deitrick wrote:

> What is the recommended method for securely creating a temporary named pipe in 
> C code?
> 
> Looking at the man pages for various library calls it appears that tmpfile(3) 
> is probably an acceptable means of creating a temporary file, but this 
> returns a FILE *.  The upstram source I'm packaging needs to make a temporary 
> fifo.  It uses tempnam(3) to get a temporary file name as a char *, and then 
> mkfifo(3) to make the fifo named pipe from the file name.  Is this 
> sufficiently secure?  Should I post this to debian-security?

That method has exactly the same risks as taking no precautions at all,
since tmpfile(3) deletes the file after opening it.

Use mkdtemp(3) followed by mknod(2).

-- 
 - mdz


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

tinsel

2004-05-18 Thread Daly 
Gilmore,(

 _95%0ff for 

all-Vi-a-g-ra ,C-ia--l-is ,-- L-evitra--.


http://www.fewnwe.info/ES001/?affiliate_id=233635&campaign_id=404

barrel,emptied suitcase went,needy,ivan learned from,cast,when the fourth,nave,at the 
words.

release as a package or add to APT's file list?

2004-05-18 Thread Martin-Éric Racine 
Greetings,

I have a package that I have made a while back, which a lot of friends really
find usefull.  Essentially, it's a script that calls combinations of APT options
and deborphan, to keep a system running Testing up-to-date, but cruft-free.

Given the great feedback I've received from people who have my personal
repository in their sources.list, I was thinking of submitting this package to
the Debian project itself.  My sponsor thinks that perhaps such a trivial script
would be better released as a part of APT or deborphan, so he prompted me to ask
for advice here.

Personally, I foresee difficulties in doing this, since APT and deborphan tend
to be packages with very utilitarian purposes; one would not include something
that might be construed as a trivial demo of either one.  Besides, my package
comes with 2 man pages of its own and a config file in /etc as well, so I think
that it has reached the stage where it is no longer a trivial demo, even though
the APT and deborphan tricks it does are simple. Anyhow, I would prefer keeping
it a separate package.

What do the mentors of the list think?

-- 
Martin-Éric Racine, ICT Consultant
http://www.pp.fishpool.fi/~q-funk/

Upload of a new package

2004-05-18 Thread Fabio Tranchitella 
Hi,
   I'm the mantainer of phpldapadmin, a web-based tool for managing ldap
servers. I'm not (yet!) an official Debian developer, so I asked for a
sponsor. He checked my package and uploaded in the unstable debian
archive about ten days ago...

Here my questions: 
- how long takes the verification process and when will be the package
  available in unstable? How can I monitor the state of the package?

- A new minor upstream version is available for the package, my sponsor
  told me it is better to wait the package enters in unstable before
  send the new version, because every upload before this happens "reset
  the timer" and I have to wait more time to see my package in unstable.

I'm not in this list, so if you answer please CC me.

Thanks a lot,
Fabio.

-- 
 
Fabio Tranchitella
 
 kobold.it, Turin, Italy  - Free is better!
 
---
 , <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
---
GPG Key fingerprint: 5465 6E69 E559 6466 BF3D  9F01 2BF8 EE2B 7F96 1564



signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata