Re: problems about dependency of mysql-server-5.5-dbgsym
On Tue, Sep 15, 2015 at 11:51:11AM +0800, Gareth wrote: > the same package from different (but related) repo has different > dependencies. One is '(= 5.5.35+dfsg-1ubuntu1)' and another is '(= > 5.5.44-0ubuntu0.14.04.1)'. The first on from trusty and breaks in > installation if I don't set ddebs' trust-updates in apt source. > > Is that a bug? If I understand you correctly, no, this isn't a bug. If you want debug symbols you need to have ones that were built with the package you have installed, so there must be an exact version match. If you're installing from trusty-updates from the archive, then you need ddebs from trusty-updates. If you still think this is a bug, then please can you explain your use case? Thanks, Robie -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: problems about dependency of mysql-server-5.5-dbgsym
On Tue, Sep 15, 2015 at 4:59 PM, Robie Basak wrote: > On Tue, Sep 15, 2015 at 11:51:11AM +0800, Gareth wrote: >> the same package from different (but related) repo has different >> dependencies. One is '(= 5.5.35+dfsg-1ubuntu1)' and another is '(= >> 5.5.44-0ubuntu0.14.04.1)'. The first on from trusty and breaks in >> installation if I don't set ddebs' trust-updates in apt source. >> >> Is that a bug? > > If I understand you correctly, no, this isn't a bug. If you want debug > symbols you need to have ones that were built with the package you have > installed, so there must be an exact version match. If you're installing > from trusty-updates from the archive, then you need ddebs from > trusty-updates. I know this. But at the first time I enabled ddebs' trusty only (no trusty-updates yet), I got errors from running apt-get install this package. Because the mysql-server's latest version is 5.5.44-0ubuntu0.14.04.1, and the dbgsym package from trusty repo is 5.5.35+dfsg-1ubuntu1. After enabling trusty-updates, I got what I need, the dbgsym package with 5.5.44-0ubuntu0.14.04.1 > > If you still think this is a bug, then please can you explain your use > case? > > Thanks, > > Robie -- Gareth Cloud Computing, OpenStack, Distributed Storage, Fitness, Basketball OpenStack contributor, kun_huang@freenode My promise: if you find any spelling or grammar mistakes in my email from Mar 1 2013, notify me and I'll donate $1 or ¥1 to an open organization you specify. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
[packages] python 2.7 and systemtap markers?
Hey guys Are python2.7 binaries from official packages compiled with systemtap markers? -- Gareth Cloud Computing, OpenStack, Distributed Storage, Fitness, Basketball OpenStack contributor, kun_huang@freenode My promise: if you find any spelling or grammar mistakes in my email from Mar 1 2013, notify me and I'll donate $1 or ¥1 to an open organization you specify. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: GRSecurity Closes Stable Patch of Linux Kernel, Your opinion?
Hi, there were already discussions about violations of the GPL on Linux audio lists, but I have forgotten if it's allowed to provide the source to customers only. IMO it doesn't matter what's allowed and what isn't allowed, there's an ethical commitment to keep source code open. Another issue is that companies might be unfair, common sense for civilised societies is, that if somebody is unfair or criminal, this still isn't a reason to become unfair or criminal too. It's not a daisy chain, "somebody has stolen my toy, so I'll steal the toys of other children", kindergarten teacher don't allow such a behaviour. "The test series, unfit in our view for production use, will however continue to be available to the public to avoid impact to the Gentoo Hardened and Arch Linux communities." In other words, the Linux community is still good enough to provide the base code and unpaid testers. However, I'm not surprised, social intercourse affecting refugees becomes more and more uncivilised with every hour, so I don't expect that intellectual property will be shared in a civilised manner. Humanes are degenerated, at least uncivilised, if they care more about a killed lion, than about other humans and sharing unexceptional everything. 2 Cents, Ralf PS: I'm an Arch Linux user, but there's no mailing list for such discussions. I also doubt that this list is the right place to discus it. One list for such discussions is http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >> >It is not time consuming.. just for the user experience.. >> >> IMHO for averaged users it is time consuming. Even a power users not >> necessarily deals with the right people to get a key she or he can >> trust, that can be used to verify ownership of the particular >> public Ubuntu key. >> >> I am a Linux power user and I don't own a key to verify the >> particular public key, that belongs to the key, that was used to >> sign the Ubuntu images. >> >> Please let me know, how I can get such a key, without spending much >> time ;). > >If a current method doesn't exist then maybe we can just create one? How will you make it less time consuming? You need to meet other people in the real world, in addition you need to know and trust those people and in addition they need to trust a chain of trusted keys, that confirms ownership of the public Ubuntu key in question. https://en.wikipedia.org/wiki/Web_of_trust This already is hard to realise for hardcore computer geeks and completely illusorily for those who's centre of life isn't the operating system of their computers or digital security. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: problems about dependency of mysql-server-5.5-dbgsym
On Tue, Sep 15, 2015 at 05:11:01PM +0800, Gareth wrote: > I know this. But at the first time I enabled ddebs' trusty only (no > trusty-updates yet), I got errors from running apt-get install this > package. Because the mysql-server's latest version is > 5.5.44-0ubuntu0.14.04.1, and the dbgsym package from trusty repo is > 5.5.35+dfsg-1ubuntu1. After enabling trusty-updates, I got what I > need, the dbgsym package with 5.5.44-0ubuntu0.14.04.1 Right, but the version of mysql-server-5.5 in trusty (not trusty-updates) was 5.5.35+dfsg-1ubuntu1, so this is consistent. If you're going to enable ddeb repositories, you need to enable a set of them that matches the ordinary binary repositories you're using. -- Colin Watson [cjwat...@ubuntu.com] -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: problems about dependency of mysql-server-5.5-dbgsym
Thanks Colin :) I have a better understanding for 'updates' repo now :) On Tue, Sep 15, 2015 at 8:37 PM, Colin Watson wrote: > On Tue, Sep 15, 2015 at 05:11:01PM +0800, Gareth wrote: >> I know this. But at the first time I enabled ddebs' trusty only (no >> trusty-updates yet), I got errors from running apt-get install this >> package. Because the mysql-server's latest version is >> 5.5.44-0ubuntu0.14.04.1, and the dbgsym package from trusty repo is >> 5.5.35+dfsg-1ubuntu1. After enabling trusty-updates, I got what I >> need, the dbgsym package with 5.5.44-0ubuntu0.14.04.1 > > Right, but the version of mysql-server-5.5 in trusty (not > trusty-updates) was 5.5.35+dfsg-1ubuntu1, so this is consistent. If > you're going to enable ddeb repositories, you need to enable a set of > them that matches the ordinary binary repositories you're using. > > -- > Colin Watson [cjwat...@ubuntu.com] > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Gareth Cloud Computing, OpenStack, Distributed Storage, Fitness, Basketball OpenStack contributor, kun_huang@freenode My promise: if you find any spelling or grammar mistakes in my email from Mar 1 2013, notify me and I'll donate $1 or ¥1 to an open organization you specify. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Fwd: user space probe in ubuntu 14.04
Hi Ubuntu Guys
I'm systemtap users on ubuntu. Here is an issue about mysql dbgsym
package. Below are some details
ps:
http://paste.openstack.org/show/462299/ some bash history
http://paste.openstack.org/show/462471/ the packages I have installed
-- Forwarded message --
From: Frank Ch. Eigler
Date: Tue, Sep 15, 2015 at 10:35 PM
Subject: Re: user space probe in ubuntu 14.04
To: Gareth
Cc: David Smith , system...@sourceware.org
academicgareth wrote:
> http://paste.openstack.org/show/462471/
> [...]
>>>probe process("/usr/sbin/mysqld").mark("query__start")
These ubuntu 14 builds of mysql did not include the sys/sdt.h markers
necessary for use of the .mark() probes. "readelf -n /usr/sbin/mysqld"
fails to show any NT_STAPSDT notes.
If you installed mysql-{client,server}-5.5-dbgsym, you should be
able to use .function() etc. probes ... but something's broken in the
ubuntu build system:
% dpkg -l 'mysql-server-5.5*'
ii mysql-server-5.5 5.5.44-0ubuntu0.14.04.1
amd64 MySQL database server binaries and
system database setup
ii mysql-server-5.5-dbgsym5.5.44-0ubuntu0.14.04.1
amd64 debug symbols for package
mysql-server-5.5
% stap -L 'process("/usr/sbin/mysqld").function("*")'
[empty!]
% readelf -n /usr/sbin/mysqld
[...]
Build ID: 7c5b991d6ba0d7722a41f9a39e2915f6a354a1c7
% dpkg -L mysql-server-5.5-dbgsym | grep 5b99
[empty!]
So the dbgsym package doesn't contain debuginfo for that actual build,
despite the identical version numbers. Please raise this problem with
ubuntu.
The mysql-client-5.5{-dbgsym} peers appears less broken:
% stap -L 'process("/usr/bin/mysqldump").function("*")'
[... lots of delicious stuff ...]
- FChE
--
Gareth
Cloud Computing, OpenStack, Distributed Storage, Fitness, Basketball
OpenStack contributor, kun_huang@freenode
My promise: if you find any spelling or grammar mistakes in my email
from Mar 1 2013, notify me
and I'll donate $1 or ¥1 to an open organization you specify.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Fwd: user space probe in ubuntu 14.04
On Tue, Sep 15, 2015 at 10:52:57PM +0800, Gareth wrote:
> I'm systemtap users on ubuntu. Here is an issue about mysql dbgsym
> package. Below are some details
>
> ps:
>
> http://paste.openstack.org/show/462299/ some bash history
> http://paste.openstack.org/show/462471/ the packages I have installed
>
> -- Forwarded message --
> From: Frank Ch. Eigler
> Date: Tue, Sep 15, 2015 at 10:35 PM
> Subject: Re: user space probe in ubuntu 14.04
> To: Gareth
> Cc: David Smith , system...@sourceware.org
[...]
> These ubuntu 14 builds of mysql did not include the sys/sdt.h markers
> necessary for use of the .mark() probes. "readelf -n /usr/sbin/mysqld"
> fails to show any NT_STAPSDT notes.
(Please note that "Ubuntu 14" isn't a thing; it's 14.04, and the 14 is a
truncated year not a major version. Otherwise, this is outside my
expertise.)
> If you installed mysql-{client,server}-5.5-dbgsym, you should be
> able to use .function() etc. probes ... but something's broken in the
> ubuntu build system:
>
> % dpkg -l 'mysql-server-5.5*'
> ii mysql-server-5.5 5.5.44-0ubuntu0.14.04.1
>amd64 MySQL database server binaries and
> system database setup
> ii mysql-server-5.5-dbgsym5.5.44-0ubuntu0.14.04.1
>amd64 debug symbols for package
> mysql-server-5.5
>
> % stap -L 'process("/usr/sbin/mysqld").function("*")'
> [empty!]
>
> % readelf -n /usr/sbin/mysqld
> [...]
> Build ID: 7c5b991d6ba0d7722a41f9a39e2915f6a354a1c7
>
> % dpkg -L mysql-server-5.5-dbgsym | grep 5b99
> [empty!]
>
> So the dbgsym package doesn't contain debuginfo for that actual build,
> despite the identical version numbers. Please raise this problem with
> ubuntu.
This is a mistaken analysis. /usr/sbin/mysqld is in
mysql-server-core-5.5, not mysql-server-5.5, and therefore its debugging
symbols are in mysql-server-core-5.5-dbgsym:
$ dpkg -c mysql-server-core-5.5-dbgsym_5.5.44-0ubuntu0.14.04.1_amd64.ddeb |
grep 5b99
-rwxrwxr-x root/root 48818397 2015-07-16 23:50
./usr/lib/debug/.build-id/7c/5b991d6ba0d7722a41f9a39e2915f6a354a1c7.debug
(The debugging packages are automatically generated and their
dependencies do not necessarily correspond to those of the runtime
packages, so you can't just go "oh, I installed mysql-server-5.5 and got
mysqld, mysql-server-5.5-dbgsym must be good enough", you have to check
the actual package name with "dpkg -S".)
The information that Gareth provided indicated that they already had
mysql-server-core-5.5-dbgsym installed, so perhaps this problem is
entirely explained by the NT_STAPSDT bit above.
--
Colin Watson [cjwat...@ubuntu.com]
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
You could add multiple sources that store an encrypted checksum and then reference that with an Ubuntu branded downloader. That program would be pretty easy to make and it would abstract away all requirements for anything time consuming from the user. On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf wrote: > On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: > >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: > >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: > >> >It is not time consuming.. just for the user experience.. > >> > >> IMHO for averaged users it is time consuming. Even a power users not > >> necessarily deals with the right people to get a key she or he can > >> trust, that can be used to verify ownership of the particular > >> public Ubuntu key. > >> > >> I am a Linux power user and I don't own a key to verify the > >> particular public key, that belongs to the key, that was used to > >> sign the Ubuntu images. > >> > >> Please let me know, how I can get such a key, without spending much > >> time ;). > > > >If a current method doesn't exist then maybe we can just create one? > > How will you make it less time consuming? > > You need to meet other people in the real world, in addition you > need to know and trust those people and in addition they need to trust a > chain of trusted keys, that confirms ownership of the public Ubuntu key > in question. https://en.wikipedia.org/wiki/Web_of_trust > > This already is hard to realise for hardcore computer geeks and > completely illusorily for those who's centre of life isn't the > operating system of their computers or digital security. > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
And how would you know the Ubuntu-branded downloader is secure? I think you're over-complicating things here. Anyone interested in verifying a download is correct can verify the posted SHAsum, and anyone really concerned could install from a netboot (mini.iso), check its seed file, and download all packages from a known repo. If you are concerned about an installer download becoming compromised during transport then you should also be concerned about the apt transport used - I'm assuming you set your deb sources to https? If not, then a 'secure' installer image is moot. J On 15 September 2015 at 20:10, Ryein Goddard wrote: > You could add multiple sources that store an encrypted checksum and then > reference that with an Ubuntu branded downloader. That program would be > pretty easy to make and it would abstract away all requirements for > anything time consuming from the user. > > On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf > wrote: > >> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >> >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >> >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >> >> >It is not time consuming.. just for the user experience.. >> >> >> >> IMHO for averaged users it is time consuming. Even a power users not >> >> necessarily deals with the right people to get a key she or he can >> >> trust, that can be used to verify ownership of the particular >> >> public Ubuntu key. >> >> >> >> I am a Linux power user and I don't own a key to verify the >> >> particular public key, that belongs to the key, that was used to >> >> sign the Ubuntu images. >> >> >> >> Please let me know, how I can get such a key, without spending much >> >> time ;). >> > >> >If a current method doesn't exist then maybe we can just create one? >> >> How will you make it less time consuming? >> >> You need to meet other people in the real world, in addition you >> need to know and trust those people and in addition they need to trust a >> chain of trusted keys, that confirms ownership of the public Ubuntu key >> in question. https://en.wikipedia.org/wiki/Web_of_trust >> >> This already is hard to realise for hardcore computer geeks and >> completely illusorily for those who's centre of life isn't the >> operating system of their computers or digital security. >> >> -- >> Ubuntu-devel-discuss mailing list >> Ubuntu-devel-discuss@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >> > > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
That part is easy because it could be a open script with probably less then 10 lines of code. On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough wrote: > And how would you know the Ubuntu-branded downloader is secure? > > I think you're over-complicating things here. Anyone interested in > verifying a download is correct can verify the posted SHAsum, and anyone > really concerned could install from a netboot (mini.iso), check its seed > file, and download all packages from a known repo. > > If you are concerned about an installer download becoming compromised > during transport then you should also be concerned about the apt transport > used - I'm assuming you set your deb sources to https? If not, then a > 'secure' installer image is moot. > > J > > > > On 15 September 2015 at 20:10, Ryein Goddard > wrote: > >> You could add multiple sources that store an encrypted checksum and then >> reference that with an Ubuntu branded downloader. That program would be >> pretty easy to make and it would abstract away all requirements for >> anything time consuming from the user. >> >> On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf > > wrote: >> >>> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >>> >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >>> >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >>> >> >It is not time consuming.. just for the user experience.. >>> >> >>> >> IMHO for averaged users it is time consuming. Even a power users not >>> >> necessarily deals with the right people to get a key she or he can >>> >> trust, that can be used to verify ownership of the particular >>> >> public Ubuntu key. >>> >> >>> >> I am a Linux power user and I don't own a key to verify the >>> >> particular public key, that belongs to the key, that was used to >>> >> sign the Ubuntu images. >>> >> >>> >> Please let me know, how I can get such a key, without spending much >>> >> time ;). >>> > >>> >If a current method doesn't exist then maybe we can just create one? >>> >>> How will you make it less time consuming? >>> >>> You need to meet other people in the real world, in addition you >>> need to know and trust those people and in addition they need to trust a >>> chain of trusted keys, that confirms ownership of the public Ubuntu key >>> in question. https://en.wikipedia.org/wiki/Web_of_trust >>> >>> This already is hard to realise for hardcore computer geeks and >>> completely illusorily for those who's centre of life isn't the >>> operating system of their computers or digital security. >>> >>> -- >>> Ubuntu-devel-discuss mailing list >>> Ubuntu-devel-discuss@lists.ubuntu.com >>> Modify settings or unsubscribe at: >>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >>> >> >> >> -- >> Ubuntu-devel-discuss mailing list >> Ubuntu-devel-discuss@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >> >> > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
An "open" script with an encrypted checksum? What's to stop someone compromising this script during transport? You have recreated *exactly* the same problem, just a level higher. On 15 September 2015 at 20:27, Ryein Goddard wrote: > That part is easy because it could be a open script with probably less > then 10 lines of code. > > On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough > wrote: > >> And how would you know the Ubuntu-branded downloader is secure? >> >> I think you're over-complicating things here. Anyone interested in >> verifying a download is correct can verify the posted SHAsum, and anyone >> really concerned could install from a netboot (mini.iso), check its seed >> file, and download all packages from a known repo. >> >> If you are concerned about an installer download becoming compromised >> during transport then you should also be concerned about the apt transport >> used - I'm assuming you set your deb sources to https? If not, then a >> 'secure' installer image is moot. >> >> J >> >> >> >> On 15 September 2015 at 20:10, Ryein Goddard >> wrote: >> >>> You could add multiple sources that store an encrypted checksum and then >>> reference that with an Ubuntu branded downloader. That program would be >>> pretty easy to make and it would abstract away all requirements for >>> anything time consuming from the user. >>> >>> On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < >>> ralf.mard...@alice-dsl.net> wrote: >>> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >> >It is not time consuming.. just for the user experience.. >> >> IMHO for averaged users it is time consuming. Even a power users not >> necessarily deals with the right people to get a key she or he can >> trust, that can be used to verify ownership of the particular >> public Ubuntu key. >> >> I am a Linux power user and I don't own a key to verify the >> particular public key, that belongs to the key, that was used to >> sign the Ubuntu images. >> >> Please let me know, how I can get such a key, without spending much >> time ;). > >If a current method doesn't exist then maybe we can just create one? How will you make it less time consuming? You need to meet other people in the real world, in addition you need to know and trust those people and in addition they need to trust a chain of trusted keys, that confirms ownership of the public Ubuntu key in question. https://en.wikipedia.org/wiki/Web_of_trust This already is hard to realise for hardcore computer geeks and completely illusorily for those who's centre of life isn't the operating system of their computers or digital security. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >>> >>> >>> -- >>> Ubuntu-devel-discuss mailing list >>> Ubuntu-devel-discuss@lists.ubuntu.com >>> Modify settings or unsubscribe at: >>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >>> >>> >> >> -- >> Ubuntu-devel-discuss mailing list >> Ubuntu-devel-discuss@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >> >> > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
We are talking about a more secure method with a built in way to checksum that is easy for users not the Pentagon. On Tue, Sep 15, 2015 at 12:30 PM, J Fernyhough wrote: > An "open" script with an encrypted checksum? What's to stop someone > compromising this script during transport? You have recreated *exactly* the > same problem, just a level higher. > > On 15 September 2015 at 20:27, Ryein Goddard > wrote: > >> That part is easy because it could be a open script with probably less >> then 10 lines of code. >> >> On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough >> wrote: >> >>> And how would you know the Ubuntu-branded downloader is secure? >>> >>> I think you're over-complicating things here. Anyone interested in >>> verifying a download is correct can verify the posted SHAsum, and anyone >>> really concerned could install from a netboot (mini.iso), check its seed >>> file, and download all packages from a known repo. >>> >>> If you are concerned about an installer download becoming compromised >>> during transport then you should also be concerned about the apt transport >>> used - I'm assuming you set your deb sources to https? If not, then a >>> 'secure' installer image is moot. >>> >>> J >>> >>> >>> >>> On 15 September 2015 at 20:10, Ryein Goddard >>> wrote: >>> You could add multiple sources that store an encrypted checksum and then reference that with an Ubuntu branded downloader. That program would be pretty easy to make and it would abstract away all requirements for anything time consuming from the user. On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < ralf.mard...@alice-dsl.net> wrote: > On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: > >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: > >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: > >> >It is not time consuming.. just for the user experience.. > >> > >> IMHO for averaged users it is time consuming. Even a power users not > >> necessarily deals with the right people to get a key she or he can > >> trust, that can be used to verify ownership of the particular > >> public Ubuntu key. > >> > >> I am a Linux power user and I don't own a key to verify the > >> particular public key, that belongs to the key, that was used to > >> sign the Ubuntu images. > >> > >> Please let me know, how I can get such a key, without spending much > >> time ;). > > > >If a current method doesn't exist then maybe we can just create one? > > How will you make it less time consuming? > > You need to meet other people in the real world, in addition you > need to know and trust those people and in addition they need to trust > a > chain of trusted keys, that confirms ownership of the public Ubuntu key > in question. https://en.wikipedia.org/wiki/Web_of_trust > > This already is hard to realise for hardcore computer geeks and > completely illusorily for those who's centre of life isn't the > operating system of their computers or digital security. > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >>> >>> -- >>> Ubuntu-devel-discuss mailing list >>> Ubuntu-devel-discuss@lists.ubuntu.com >>> Modify settings or unsubscribe at: >>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss >>> >>> >> > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
It's no more secure than running: sha256sum -c ubuntu-installer.iso.shasum or just: sha256sum ubuntu-installer.iso and manually checking the values match. I'd even argue a script is less secure, as the user is running an arbitrary script they've downloaded. It's also no more straightforward as the user has to download and run the script. Whatever format the script is, the user still has to set it as executable. By this point, reading a line of instruction and running a single command is pretty trivial. I understand what you're trying to do, I just think you're trying to solve a problem that doesn't exist. On 15 September 2015 at 20:40, Ryein Goddard wrote: > We are talking about a more secure method with a built in way to checksum > that is easy for users not the Pentagon. > > On Tue, Sep 15, 2015 at 12:30 PM, J Fernyhough > wrote: > >> An "open" script with an encrypted checksum? What's to stop someone >> compromising this script during transport? You have recreated *exactly* the >> same problem, just a level higher. >> >> On 15 September 2015 at 20:27, Ryein Goddard >> wrote: >> >>> That part is easy because it could be a open script with probably less >>> then 10 lines of code. >>> >>> On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough >>> wrote: >>> And how would you know the Ubuntu-branded downloader is secure? I think you're over-complicating things here. Anyone interested in verifying a download is correct can verify the posted SHAsum, and anyone really concerned could install from a netboot (mini.iso), check its seed file, and download all packages from a known repo. If you are concerned about an installer download becoming compromised during transport then you should also be concerned about the apt transport used - I'm assuming you set your deb sources to https? If not, then a 'secure' installer image is moot. J On 15 September 2015 at 20:10, Ryein Goddard wrote: > You could add multiple sources that store an encrypted checksum and > then reference that with an Ubuntu branded downloader. That program would > be pretty easy to make and it would abstract away all requirements for > anything time consuming from the user. > > On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < > ralf.mard...@alice-dsl.net> wrote: > >> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >> >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >> >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >> >> >It is not time consuming.. just for the user experience.. >> >> >> >> IMHO for averaged users it is time consuming. Even a power users >> not >> >> necessarily deals with the right people to get a key she or he can >> >> trust, that can be used to verify ownership of the particular >> >> public Ubuntu key. >> >> >> >> I am a Linux power user and I don't own a key to verify the >> >> particular public key, that belongs to the key, that was used to >> >> sign the Ubuntu images. >> >> >> >> Please let me know, how I can get such a key, without spending much >> >> time ;). >> > >> >If a current method doesn't exist then maybe we can just create one? >> >> How will you make it less time consuming? >> >> You need to meet other people in the real world, in addition you >> need to know and trust those people and in addition they need to >> trust a >> chain of trusted keys, that confirms ownership of the public Ubuntu >> key >> in question. https://en.wikipedia.org/wiki/Web_of_trust >> >> This already is hard to realise for hardcore computer geeks and >> completely illusorily for those who's centre of life isn't the >> operating system of their computers or digital security. >> >> > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
If we are trying to target newbies that don't know what a sha256sum is then I highly doubt they will be running Ubuntu in order to run that command. Personally when I make an ubuntu ISO my CD burner program checks the value for me..so it isn't an issue for me. I am also not worried that it has been modified in transit, or my DNS requests have been spoofed. I am more worried it hasn't been downloaded correctly. On Tue, Sep 15, 2015 at 12:48 PM, J Fernyhough wrote: > It's no more secure than running: > > sha256sum -c ubuntu-installer.iso.shasum > > or just: > > sha256sum ubuntu-installer.iso > > and manually checking the values match. > > I'd even argue a script is less secure, as the user is running an > arbitrary script they've downloaded. It's also no more straightforward as > the user has to download and run the script. Whatever format the script is, > the user still has to set it as executable. By this point, reading a line > of instruction and running a single command is pretty trivial. > > I understand what you're trying to do, I just think you're trying to solve > a problem that doesn't exist. > > > > On 15 September 2015 at 20:40, Ryein Goddard > wrote: > >> We are talking about a more secure method with a built in way to checksum >> that is easy for users not the Pentagon. >> >> On Tue, Sep 15, 2015 at 12:30 PM, J Fernyhough >> wrote: >> >>> An "open" script with an encrypted checksum? What's to stop someone >>> compromising this script during transport? You have recreated *exactly* the >>> same problem, just a level higher. >>> >>> On 15 September 2015 at 20:27, Ryein Goddard >>> wrote: >>> That part is easy because it could be a open script with probably less then 10 lines of code. On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough wrote: > And how would you know the Ubuntu-branded downloader is secure? > > I think you're over-complicating things here. Anyone interested in > verifying a download is correct can verify the posted SHAsum, and anyone > really concerned could install from a netboot (mini.iso), check its seed > file, and download all packages from a known repo. > > If you are concerned about an installer download becoming compromised > during transport then you should also be concerned about the apt transport > used - I'm assuming you set your deb sources to https? If not, then a > 'secure' installer image is moot. > > J > > > > On 15 September 2015 at 20:10, Ryein Goddard > wrote: > >> You could add multiple sources that store an encrypted checksum and >> then reference that with an Ubuntu branded downloader. That program >> would >> be pretty easy to make and it would abstract away all requirements for >> anything time consuming from the user. >> >> On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < >> ralf.mard...@alice-dsl.net> wrote: >> >>> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >>> >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >>> >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >>> >> >It is not time consuming.. just for the user experience.. >>> >> >>> >> IMHO for averaged users it is time consuming. Even a power users >>> not >>> >> necessarily deals with the right people to get a key she or he can >>> >> trust, that can be used to verify ownership of the particular >>> >> public Ubuntu key. >>> >> >>> >> I am a Linux power user and I don't own a key to verify the >>> >> particular public key, that belongs to the key, that was used to >>> >> sign the Ubuntu images. >>> >> >>> >> Please let me know, how I can get such a key, without spending >>> much >>> >> time ;). >>> > >>> >If a current method doesn't exist then maybe we can just create one? >>> >>> How will you make it less time consuming? >>> >>> You need to meet other people in the real world, in addition you >>> need to know and trust those people and in addition they need to >>> trust a >>> chain of trusted keys, that confirms ownership of the public Ubuntu >>> key >>> in question. https://en.wikipedia.org/wiki/Web_of_trust >>> >>> This already is hard to realise for hardcore computer geeks and >>> completely illusorily for those who's centre of life isn't the >>> operating system of their computers or digital security. >>> >>> >> > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Getting ubuntu iso securely
OK - now you've lost me. Earlier in the thread you were talking about PGP keys and web-of-trust, not about verifying the integrity of a downloaded file. You also mentioned a 10-line script to use as a downloader. Whoever is downloading the file has to use some operating system to do so, whether *nix or Windows. Any Linux or Mac install has (IIRC) sha256sum. Windows users can use a GUI checksum utility. If you're worried about users getting corrupt downloads, this is about user education, not another technology solution (to a problem that's already been solved). I wrote the Manjaro beginner's guide, and noone has complained they don't understand how to check their downloaded installer image. If there's one group who doesn't complain about documentation, it's 'newbies'. On 15 September 2015 at 20:53, Ryein Goddard wrote: > If we are trying to target newbies that don't know what a sha256sum is > then I highly doubt they will be running Ubuntu in order to run that > command. > > Personally when I make an ubuntu ISO my CD burner program checks the value > for me..so it isn't an issue for me. I am also not worried that it has > been modified in transit, or my DNS requests have been spoofed. I am more > worried it hasn't been downloaded correctly. > > > On Tue, Sep 15, 2015 at 12:48 PM, J Fernyhough > wrote: > >> It's no more secure than running: >> >> sha256sum -c ubuntu-installer.iso.shasum >> >> or just: >> >> sha256sum ubuntu-installer.iso >> >> and manually checking the values match. >> >> I'd even argue a script is less secure, as the user is running an >> arbitrary script they've downloaded. It's also no more straightforward as >> the user has to download and run the script. Whatever format the script is, >> the user still has to set it as executable. By this point, reading a line >> of instruction and running a single command is pretty trivial. >> >> I understand what you're trying to do, I just think you're trying to >> solve a problem that doesn't exist. >> >> >> >> On 15 September 2015 at 20:40, Ryein Goddard >> wrote: >> >>> We are talking about a more secure method with a built in way to >>> checksum that is easy for users not the Pentagon. >>> >>> On Tue, Sep 15, 2015 at 12:30 PM, J Fernyhough >>> wrote: >>> An "open" script with an encrypted checksum? What's to stop someone compromising this script during transport? You have recreated *exactly* the same problem, just a level higher. On 15 September 2015 at 20:27, Ryein Goddard wrote: > That part is easy because it could be a open script with probably less > then 10 lines of code. > > On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough > wrote: > >> And how would you know the Ubuntu-branded downloader is secure? >> >> I think you're over-complicating things here. Anyone interested in >> verifying a download is correct can verify the posted SHAsum, and anyone >> really concerned could install from a netboot (mini.iso), check its seed >> file, and download all packages from a known repo. >> >> If you are concerned about an installer download becoming compromised >> during transport then you should also be concerned about the apt >> transport >> used - I'm assuming you set your deb sources to https? If not, then a >> 'secure' installer image is moot. >> >> J >> >> >> >> On 15 September 2015 at 20:10, Ryein Goddard > > wrote: >> >>> You could add multiple sources that store an encrypted checksum and >>> then reference that with an Ubuntu branded downloader. That program >>> would >>> be pretty easy to make and it would abstract away all requirements for >>> anything time consuming from the user. >>> >>> On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < >>> ralf.mard...@alice-dsl.net> wrote: >>> On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: >> >It is not time consuming.. just for the user experience.. >> >> IMHO for averaged users it is time consuming. Even a power users not >> necessarily deals with the right people to get a key she or he can >> trust, that can be used to verify ownership of the particular >> public Ubuntu key. >> >> I am a Linux power user and I don't own a key to verify the >> particular public key, that belongs to the key, that was used to >> sign the Ubuntu images. >> >> Please let me know, how I can get such a key, without spending much >> time ;). > >If a current method doesn't exist then maybe we can just create one? How will you make it less time consuming? You need to meet other people
Re: Getting ubuntu iso securely
Oh that wasn't me. Having a downloader that actually checks to make sure it downloaded properly and has the correct sum is going to be more secure then not checking at all. In the off chance the script/ "program" is hacked a long with the ubuntu ISO all hope is lost, but that is two attack vectors as opposed to one. So slightly more secure having an automated downloader and checksum checker in my humble opinion, but you are right it isn't perfect and currently that way is fine for me. I was just trying to offer suggestions. On Tue, Sep 15, 2015 at 1:32 PM, J Fernyhough wrote: > OK - now you've lost me. > > Earlier in the thread you were talking about PGP keys and web-of-trust, > not about verifying the integrity of a downloaded file. > > You also mentioned a 10-line script to use as a downloader. Whoever is > downloading the file has to use some operating system to do so, whether > *nix or Windows. Any Linux or Mac install has (IIRC) sha256sum. Windows > users can use a GUI checksum utility. > > If you're worried about users getting corrupt downloads, this is about > user education, not another technology solution (to a problem that's > already been solved). I wrote the Manjaro beginner's guide, and noone has > complained they don't understand how to check their downloaded installer > image. If there's one group who doesn't complain about documentation, it's > 'newbies'. > > > > On 15 September 2015 at 20:53, Ryein Goddard > wrote: > >> If we are trying to target newbies that don't know what a sha256sum is >> then I highly doubt they will be running Ubuntu in order to run that >> command. >> >> Personally when I make an ubuntu ISO my CD burner program checks the >> value for me..so it isn't an issue for me. I am also not worried that it >> has been modified in transit, or my DNS requests have been spoofed. I am >> more worried it hasn't been downloaded correctly. >> >> >> On Tue, Sep 15, 2015 at 12:48 PM, J Fernyhough >> wrote: >> >>> It's no more secure than running: >>> >>> sha256sum -c ubuntu-installer.iso.shasum >>> >>> or just: >>> >>> sha256sum ubuntu-installer.iso >>> >>> and manually checking the values match. >>> >>> I'd even argue a script is less secure, as the user is running an >>> arbitrary script they've downloaded. It's also no more straightforward as >>> the user has to download and run the script. Whatever format the script is, >>> the user still has to set it as executable. By this point, reading a line >>> of instruction and running a single command is pretty trivial. >>> >>> I understand what you're trying to do, I just think you're trying to >>> solve a problem that doesn't exist. >>> >>> >>> >>> On 15 September 2015 at 20:40, Ryein Goddard >>> wrote: >>> We are talking about a more secure method with a built in way to checksum that is easy for users not the Pentagon. On Tue, Sep 15, 2015 at 12:30 PM, J Fernyhough wrote: > An "open" script with an encrypted checksum? What's to stop someone > compromising this script during transport? You have recreated *exactly* > the > same problem, just a level higher. > > On 15 September 2015 at 20:27, Ryein Goddard > wrote: > >> That part is easy because it could be a open script with probably >> less then 10 lines of code. >> >> On Tue, Sep 15, 2015 at 12:23 PM, J Fernyhough < >> j.fernyho...@gmail.com> wrote: >> >>> And how would you know the Ubuntu-branded downloader is secure? >>> >>> I think you're over-complicating things here. Anyone interested in >>> verifying a download is correct can verify the posted SHAsum, and anyone >>> really concerned could install from a netboot (mini.iso), check its seed >>> file, and download all packages from a known repo. >>> >>> If you are concerned about an installer download becoming >>> compromised during transport then you should also be concerned about the >>> apt transport used - I'm assuming you set your deb sources to https? If >>> not, then a 'secure' installer image is moot. >>> >>> J >>> >>> >>> >>> On 15 September 2015 at 20:10, Ryein Goddard < >>> ryein.godd...@gmail.com> wrote: >>> You could add multiple sources that store an encrypted checksum and then reference that with an Ubuntu branded downloader. That program would be pretty easy to make and it would abstract away all requirements for anything time consuming from the user. On Tue, Sep 15, 2015 at 3:53 AM, Ralf Mardorf < ralf.mard...@alice-dsl.net> wrote: > On Mon, 14 Sep 2015 15:07:02 -0700, Ryein Goddard wrote: > >On Mon, Sep 14, 2015 at 10:32 AM, Ralf Mardorf wrote: > >> On Mon, 14 Sep 2015 16:19:36 + (UTC), rajeev bhatta wrote: > >> >It is not time consuming.. just for the user experience.. > >> > >> IMHO for averaged users it is
Re: Fwd: user space probe in ubuntu 14.04
I'm not good at these really. Can I provide more information to help for tracing my problem? Btw, I could find the file /usr/lib/debug/.build-id/7c/5b991d6ba0d7722a41f9a39e2915f6a354a1c7.debug in my system. How could I check whether it works with installed mysqld? On Wed, Sep 16, 2015 at 4:06 AM, Frank Ch. Eigler wrote: > Hi, Colin - > > >> This is a mistaken analysis. /usr/sbin/mysqld is in >> mysql-server-core-5.5, not mysql-server-5.5, and therefore its debugging >> symbols are in mysql-server-core-5.5-dbgsym: > > Thank you for the correction. I must have misread the output from "dpkg -S". > >> $ dpkg -c mysql-server-core-5.5-dbgsym_5.5.44-0ubuntu0.14.04.1_amd64.ddeb >> | grep 5b99 >> -rwxrwxr-x root/root 48818397 2015-07-16 23:50 >> ./usr/lib/debug/.build-id/7c/5b991d6ba0d7722a41f9a39e2915f6a354a1c7.debug > > Indeed, and now dwarf-based function/statement probes can be resolved against > mysqld. > > >> The information that Gareth provided indicated that they already had >> mysql-server-core-5.5-dbgsym installed, so perhaps this problem is >> entirely explained by the NT_STAPSDT bit above. > > The NT_STAPSDT part is actually completely separate. It relates to > instrumentation compiled into the binary from macros, not > data from the -dbgsym files. Activating that requires mysql configury > or buildroot tweaks to ensure the systemtap-provided > /usr/include/sys/sdt.h file is available. In the Fedora .spec [1], this > is apprx. done by: > > BuildRequires: [...] systemtap-sdt-devel [...] > cmake . [...] -DENABLE_DTRACE=ON [...] > > [1] http://pkgs.fedoraproject.org/cgit/mariadb.git/plain/mariadb.spec > > > - FChE -- Gareth Cloud Computing, OpenStack, Distributed Storage, Fitness, Basketball OpenStack contributor, kun_huang@freenode My promise: if you find any spelling or grammar mistakes in my email from Mar 1 2013, notify me and I'll donate $1 or ¥1 to an open organization you specify. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Fwd: user space probe in ubuntu 14.04
Hi, Colin - > This is a mistaken analysis. /usr/sbin/mysqld is in > mysql-server-core-5.5, not mysql-server-5.5, and therefore its debugging > symbols are in mysql-server-core-5.5-dbgsym: Thank you for the correction. I must have misread the output from "dpkg -S". > $ dpkg -c mysql-server-core-5.5-dbgsym_5.5.44-0ubuntu0.14.04.1_amd64.ddeb | > grep 5b99 > -rwxrwxr-x root/root 48818397 2015-07-16 23:50 > ./usr/lib/debug/.build-id/7c/5b991d6ba0d7722a41f9a39e2915f6a354a1c7.debug Indeed, and now dwarf-based function/statement probes can be resolved against mysqld. > The information that Gareth provided indicated that they already had > mysql-server-core-5.5-dbgsym installed, so perhaps this problem is > entirely explained by the NT_STAPSDT bit above. The NT_STAPSDT part is actually completely separate. It relates to instrumentation compiled into the binary from macros, not data from the -dbgsym files. Activating that requires mysql configury or buildroot tweaks to ensure the systemtap-provided /usr/include/sys/sdt.h file is available. In the Fedora .spec [1], this is apprx. done by: BuildRequires: [...] systemtap-sdt-devel [...] cmake . [...] -DENABLE_DTRACE=ON [...] [1] http://pkgs.fedoraproject.org/cgit/mariadb.git/plain/mariadb.spec - FChE -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
