Bug#1100540: RM: node-websocket [armel] -- ICE; bus error in tests on build

Package: ftp.debian.org Severity: normal X-Debbugs-Cc: debian-...@lists.debian.org, node-websoc...@packages.debian.org User: ftp.debian@packages.debian.org Usertags: remove User: debian-...@lists.debian.org Usertags: armel node-websocket has fallen out of trixie because it bus errors on one

Bug#1100135: Conflict between Podman Profile and Pasta profile breaks rootless network shutdown

package: apparmor version: 4.1.0~beta5-3 severity: important x-debbugs-cc: pod...@packages.debian.org, pa...@packages.debian.org, golang-github-containers-com...@packages.debian.org, tim.mil...@hadronindustries.com Recently I started running into the following error shutting down containers with

Bug#1099625: krb5: machine-readable copyright

I have reviewed and this looks good. Will merge. How much work was involved in putting this together and what tools did you use?

Bug#1094730: News of this bug

A 0-day NMU would be appreciated. I am behind on Debian and will not catch up within the next week or two. > "Bastien" == Bastien Roucariès writes: Bastien> Hi, I can NMU this bug for SID if needed Bastien> Bastien

Bug#1091868: debian-policy: Document Git-Tag-Tagger and Git-Tag-Info fields

> "Sean" == Sean Whitton writes: Sean> It's from the VALIDSIG line as documented here: Sean> . Sean> The text there doesn't guarantee that the fingerprint will be Sean> the signing subkey, if there is one, but somewhat imp

Bug#1091868: debian-policy: Document Git-Tag-Tagger and Git-Tag-Info fields

> "Ian" == Ian Jackson writes: Ian> Sean Whitton writes ("Bug#1091868: debian-policy: Document Ian> Git-Tag-Tagger and Git-Tag-Info fields"): >> Package: debian-policy X-debbugs-cc: >> ijack...@chiark.greenend.org.uk >> From: Sean Whitton Ian> ... >> +.. _s-f-Git

Bug#1095194: hurd_no_setfsuid patch breaks pam_modutil_regain_priv

I'm not convinced this is critical, but it is some varient of RC. Proposed solution is to rebase the hurd patch (gbp pq import; git rebase -i; edit the commit) to modify the top level meson.build to include the header test. Then gbp pq export and commit the modified patches. If someone gets to t

Bug#799214: License review: tarsnap

> "Simon" == Simon Josefsson writes: Simon> All, Is the license below acceptable for inclusion into Simon> 'non-free'? It is claimed to cover the tarsnap software, see Simon> https://github.com/Tarsnap/tarsnap and Simon> https://www.tarsnap.com/ for background. I think Andre

Bug#1094853: pam: building with or without bison

> "Helmut" == Helmut Grohne writes: >> You also talked about adding native:true for bison. But Is that >> sufficient? Helmut> Sufficient for what? Adding it makes the non-minimal cross Helmut> build stop failing. Well, makes your particular case stop failing. I guess I was a

Bug#1095048: /usr/lib/systemd/user/podman-restart.service: user level podman-restart should not run as root

Package: podman Version: 5.3.2+ds1-1 Severity: important File: /usr/lib/systemd/user/podman-restart.service X-Debbugs-Cc: hartm...@debian.org, hartm...@debian.org I upgraded from bookworm to trixie, and discovered that several of my services were not working. I logged into the container host and

Bug#1094853: pam: building with or without bison

> "Helmut" == Helmut Grohne writes: Helmut> What is being disabled here is the generation of Helmut> /usr/share/doc/libpam-doc/txt/draft-morgan-pam-current.txt.gz. This Helmut> file is missing from the current libpam-doc package. Is that Helmut> intentional? No. I had entirel

Bug#1094145: debian-policy: Remove or significantly minimize manual page requirement

> "Jeremy" == Jeremy Bícha writes: FWIW, I think it is desirable to get as many man pages as we can. To that end, I hope policy continues to: *encourage writing man pages * Encourage maintainers to take well written man pages as patches. At the time that section of policy was last written,

Bug#1091864: tech-ctte: Avahi and systemd-resolved cannot a run mDNS responder at the same time

> "Helmut" == Helmut Grohne writes: Helmut> Thank you for giving an example. It helps better me Helmut> understand what you mean with setting policy, but I remain Helmut> unconvinced that this poses a significant enough difference Helmut> that we would not require a super maj

Bug#1091864: tech-ctte: Avahi and systemd-resolved cannot a run mDNS responder at the same time

>>>>> "Helmut" == Helmut Grohne writes: Helmut> Hi Sam and others, thanks for shifting the perspective. Helmut> On Thu, Jan 16, 2025 at 09:49:41AM -0700, Sam Hartman wrote: >> It also seems like the TC has the option of providing policy &g

Bug#1093656: libpam-modules: NEWS entry formatting and typo

> "Chris" == Chris Hofstaedtler writes: Chris> https://salsa.debian.org/vorlon/pam/-/merge_requests/23 Merged. Your MR did not mark this bug as closed. I'll try to remember to manually add to the changelog.

Bug#1066060: libpam-modules: pam_lastlog.so missing

> "Chris" == Chris Hofstaedtler writes: Chris> No, please don't. We already have a release notes draft for Chris> pam_lastlog2 and the packaging and so on. Confirmed.

Bug#1066060: libpam-modules: pam_lastlog.so missing

> "Chris" == Chris Hofstaedtler writes: Hi. I wish I had noticed this back in May, but I missed it then and only ran across it while looking at the new pam build system. It looks like pam_lastlog was deprecated in pam 1.5, but *not* removed. It's a build time option, and it looks like it is

Bug#995236: libpam-modules: pam_limits.so always overwrites rlimits, contrary to man page and upstream behaviour

>>>>> "Simon" == Simon McVittie writes: Simon> On Thu, 16 Jan 2025 at 15:12:01 -0700, Sam Hartman wrote: >> I do think it would be good if su and other privilege gates would >> consider using set_all. Simon> If so, that's surely

Bug#976373: pam_limits no longer defaults to set_all: systemd RLIM_MEMLOCK

control: severity -1 minor control: retitle -1 With set_all, pam_limits sets RLIM_MEMLOCK to 1/8 of memory Hi. Starting with pam 1.7.0, which I am working on, pam_limits will not adjust limits by default. If you do use the set_all option, and do not explicitly set RLIM_MEMLOCK, this issue still wi

Bug#995236: libpam-modules: pam_limits.so always overwrites rlimits, contrary to man page and upstream behaviour

control: tags -1 confirmed > "Simon" == Simon McVittie writes: Simon> History === Simon> This appears to have been caused by a patch submitted in Simon> 2000, originally to fix #63230 Simon> (d/patches-applied/027_pam_limits_better_init_allow_explicit_root). Simon> U

Bug#1092384: krb5: FTBFS: make[1]: *** [debian/rules:111: override_dh_install-arch] Error 1

> "Adrian" == Adrian Bunk writes: Adrian> Sam, could you make a maintainer upload with this change? Adrian> krb5 is quite central in the OpenLDAP transition that just Adrian> started. Absolutely, thanks for the ping. Will get to it now.

Bug#1093222: Minimizing build-arch for pam

>>>>> "Simon" == Simon McVittie writes: Simon> On Thu, 16 Jan 2025 at 09:38:38 -0700, Sam Hartman wrote: >> But the meson setup call is in override_dh_auto_configure. I >> don't know at that point how to figure out of I am building arch

Bug#1091864: tech-ctte: Avahi and systemd-resolved cannot a run mDNS responder at the same time

> "Michael" == Michael Biebl writes: Michael> Hi Helmut, thanks for the summary. Michael> I also want to mention [0] here. Michael> Am 16.01.25 um 09:32 schrieb Helmut Grohne: >> This gives rise possible CTTE actions. >> >> (O) The CTTE overrules the systemd mainta

Bug#1093222: Minimizing build-arch for pam

package: pam version: 1.5.3-1 severity: wishlist tags: help > "Helmut" == Helmut Grohne writes: [talking about pam manpages] Helmut> From a package building pov, I'd appreciate if you could Helmut> also move the tools for building the manual pages to Helmut> Build-Depends-Indep

Bug#1088923: Please package version 1.7.0

>>>>> "Sam" == Sam Hartman writes: Sam> I have imported the new sources locally and begun rebasing all Sam> the patches. It's proving more challenging than usual. I've pushed an initial set of rebased patches to patch-queue/experimental just

Bug#1092384: krb5: FTBFS: make[1]: *** [debian/rules:111: override_dh_install-arch] Error 1

> "Lucas" == Lucas Nussbaum writes: > install: cannot change ownership of > 'debian/krb5-admin-server/usr/sbin/krb5_newrealm': Operation not permitted It looks like this is a result of defaulting to rules-requires-root: no (was that change in your rebuild?) I think that I need to set rules-

Bug#1088923: Please package version 1.7.0

package: pam version: 1.5.3-7 severity: wishlist Version 1.7.0 has been released. This bug tracks status packaging it. I have imported the new sources locally and begun rebasing all the patches. It's proving more challenging than usual. * Pam has migrated from autotools to meson * Code around se

Bug#1077060: Regression in switch to gnutls: pkcs11 and pkcs12 no longer available

I try something like curl --cert 'pkcs11:manufacturer=piv_II' And I get an error: curl: (3) URL rejected: Port number was not a decimal number between 0 and 65535 Yet I think that's a valid pkcs11 URL.

Bug#1084924: The system-log-daemon virtual package

> "Helmut" == Helmut Grohne writes: Helmut> I see how Ian had a bad experience earlier. His refusal to Helmut> interact with opponents vaguely makes sense on those ground, Helmut> but doesn't help the matter. His refusal to interact with Helmut> CTTE members removes our abilit

Bug#1082430: krb5-kdc, krb5-keytab-backend: Permission mismatch for /etc/krb5kdc/

> "Russ" == Russ Allbery writes: Russ> I don't think there are obvious security implications (I think Russ> the permissions are more precautionary, and it's also fairly Russ> unlikely that anyone will have installed krb5-wallet before Russ> krb5-kdc), although Sam, please let m

Bug#1077060: curl: This also applies to PKCS#12

> "Samuel" == Samuel Henrique writes: Samuel> This seems to be the biggest threat to the GnuTLS switch so Samuel> far. Samuel> In the meantime, if any of you could provide an easy Samuel> reproducer, it would save us a bit of time. So, for example with a yubikey with the PIV

Bug#829444: Accepting DEP14?

> "Andreas" == Andreas Tille writes: Andreas> Are there any blockers to accept this DEP which I might Andreas> have missed? Honestly, the git-buildpackage default layout is good enough, and dep-14 involves change that doesn't feel like it brings enough value to me. I.E. I think t

Bug#1078688: Please use filecaps for /usr/sbin/unix_chkpwd instead of setgid shadow

> "Daan" == Daan De Meyer writes: Daan> Dear Maintainer, As described in Daan> https://github.com/linux-pam/linux-pam/pull/373, unix_chkpwd Daan> does not need to be setuid or setgid anymore if it is given Daan> cap_dac_override via filecaps instead. I would like debian to

Bug#1074014: Bug#1073608: Bug#1074014: Bug#1073622: Bug#1073608: mksh, pax: no move to /usr going to happen, because:

> "Helmut" == Helmut Grohne writes: Helmut> In bullseye and earlier, I guess it works. Helmut> If you start with bullseye or earlier, upgrade to bookworm Helmut> and then to trixie, it continues to work, because the dash Helmut> maintainer scripts preserve any diversion that

Bug#1077764: Ruling request on os-release specification implementation

> "Luca" == Luca Boccassi writes: Luca> On Fri, 2 Aug 2024 at 13:00, Simon McVittie wrote: >> >> On Fri, 02 Aug 2024 at 12:19:20 +0100, Luca Boccassi wrote: >> > To further clarify why the status quo with >> VERSION_CODENAME=trixie in > sid is really bad: it used to be

Bug#1074014: encode mandatory merged-/usr into policy

> "Helmut" == Helmut Grohne writes: Helmut> seconds from * Chris Hofstaedtler * Holger Levsen * Jochen Helmut> Sprickerhof * Luca Boccassi * Michael Biebl It was my intent to second as well. I like Russ's proposal too. signature.asc Description: PGP signature

Bug#1077060: Regression in switch to gnutls: pkcs11 no longer available

package: curl version: 8.8.0-2 severity: important We have been heavily using curl to make API requests using smartcard authentication. We have a private key and certificate on a Yubikey, and we use curl to perform a pkcs11-authenticated login to get an API token. Unfortunately, according to the

Bug#858970: please add /etc/krb5.conf.d

> "Andreas" == Andreas Hasenack writes: >> And what dependency should a package that wants to use included >> fragments have to ensure that those included fragments are >> loaded? I don't think you can. An administrator might remove the includedir. krb5.conf might be a symlink.

Bug#858970: please add /etc/krb5.conf.d

> "Russ" == Russ Allbery writes: Russ> Andreas Hasenack writes: >> I opened #1074775[1] to backport the heimdal patches that add >> include and includedir support, filed a couple of salsa PRs[2][3] >> with tests, and they were merged. Once there is a new upload of >> heim

Bug#1075813: Krb5: fails to pick up debian configuration

package: krb5-kdc severity: grave version: 1.21.3-2 A typo in version 1.21.3-2 incorrectly interrupts the configure args, among other things causing sysconfdir to be incorrectly set. This breaks krb5-kdc because it does not read /etc/krb5kdc/kdc.conf. Found by CI tests. signature.asc Descriptio

Bug#1063648: krb5: FTBFS on arm64, armel and ppc64el with "Can't resolve hostname" in dh_auto_test

> "Chris" == Chris Hofstaedtler writes: Chris> Adam (adsb) points out that the test code in Chris> lib/rpc/unit-test/client.c [1] uses code that does not Chris> support IPv6(-only). I.e. gethostbyname for a name that has Chris> no IPv4 address will fail. So, are the builds goi

Bug#1074014: encode mandatory merged-/usr into policy

> "Helmut" == Helmut Grohne writes: Helmut> Questions: 1. Do you agree that policy should be changed? Yes. The TC has effectively set policy here already, and while they did not use their power under 6.1.1 to actually officially set project policy, their position has bee

Bug#1072952: krb5: FTBFS: ../../src/tests/t_iprop.py - E: Build killed with signal TERM after 60 minutes of inactivity

> "Chris" == Chris Hofstaedtler writes: Chris> When building krb5 with sbuild, configured to use the unshare Chris> backend, the t_iprop.py test apparently times out without any Chris> output. I'm guessing, but have not confirmed that sbuild unshare is setting up a network namesp

Bug#1072952: krb5: FTBFS: ../../src/tests/t_iprop.py - E: Build killed with signal TERM after 60 minutes of inactivity

control: tags -1 -help +confirmed I reproduced the problem with a podman container with no network. Apparently t_iprop.py hangs if the only network interface is loopback. I'm fairly sure it would work fine only talking to itself if there was a non-127.0.0.1 address for it to use. If I can fix t

Bug#1072952: krb5: FTBFS: ../../src/tests/t_iprop.py - E: Build killed with signal TERM after 60 minutes of inactivity

control: tags -1 +help Chris> Filing with severity: serious as the buildd network has Chris> started switching to sbuild with unshare backend, and Chris> multiple people have reproduced this problem. I'm not running sbuild these days; I'm mostly moving toward containerized builds fo

Bug#1056166: systemd-homed: `passwd` fails

> "Luca" == Luca Boccassi writes: Luca> Ah thanks for the pointer to the file, I had missed that Luca> somehow in the first reply. I see it now: the pam-config for Luca> unix.so assumes that if something runs before then everything Luca> is done already. Unfortunately that as

Bug#1056166: systemd-homed: `passwd` fails

> "Luca" == Luca Boccassi writes: Luca> https://www.freedesktop.org/software/systemd/man/latest/pam_systemd_home.html It's going to be a long time (a couple of weeks) before I have cycles to actually look at systemd-home rather than to answer questions with my pam hat on without looking

Bug#1056166: systemd-homed: `passwd` fails

Hi. I'm not really swapped in on Debian this weekend; dealing with a transition for day job. But quick thoughts. I'm surprised that systemd-home is a pam auth module. That is, I wouldn't expect systemd-home to be able to decide whether you have presented valid credentials to log in. It may be t

Bug#1037084: bookworm: When using gdm3 to start non-GNOME wayland sessions, PATH may be set differently

> "Santiago" == Santiago Vila writes: Santiago> Hello. My plan for base-files is to stop overriding the Santiago> PATH in /etc/profile. Santiago> Ubuntu did that a long time ago and it's probably the Santiago> right thing to do. I'd be happy to pick up the Ubuntu patch to i

Bug#1070072: RM: moonshot-ui -- ROM; poorly maintained upstream

Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: moonshot...@packages.debian.org Control: affects -1 + src:moonshot-ui After discussing with upstream, we no longer believe it makes sense to include the moonshot suite in a stable Lin

Bug#1070071: RM: moonshot-gss-eap -- ROM; poorly maintained upstream

Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: moonshot-gss-...@packages.debian.org Control: affects -1 + src:moonshot-gss-eap After discussing with upstream, we no longer believe it makes sense to include the moonshot suite in a

Bug#1070070: RM: moonshot-trust-router -- ROM; poorly maintained upstream

Package: ftp.debian.org Severity: normal User: ftp.debian@packages.debian.org Usertags: remove X-Debbugs-Cc: moonshot-trust-rou...@packages.debian.org Control: affects -1 + src:moonshot-trust-router After discussing with upstream, we no longer believe it makes sense to include the moonshot s

Bug#1068017: Y2038-safe replacements for utmp/wtmp and lastlog

> "Chris" == Chris Hofstaedtler writes: Chris> Fellow Developers, Chris> you are probably aware of the time_t-64bit migration :-) Chris> However, this does not magically transition all data formats to 64bit Chris> times. One such instance is the set of utmp/wtmp and lastlog fi

Bug#1069858: libkrb5-3: krb5.conf seems to ignore rdns = false

> "Lukas" == Lukas Grässlin writes: Lukas> We have a scenario where we need to disable reverse lookups for Lukas> canonicalization in Kerberos as the customer's PTR records are not Lukas> consistent and lead to wrongly requested SPNs otherwise (see Lukas> https://web.mit.e

Bug#1069772: pmbootstrap: description doesn't tell me what the package does

package: pmbootstrap version: 2.2.1-1 severity: minor The description should tell the user what postmarket OS is. That is for example more important than knowing the package uses alpine chroots in determining whether this package is useful to me as a user. --Sam

Bug#1065806: fixed in pam 1.5.3-7

> "Christoph" == Christoph Anton Mitterer writes: Christoph> Hey Sam. Christoph> There's a typ in the NEWS enty: >> this user a group name that differs from the user name or add Christoph> | Christoph> should probably be "use" Thanks, fixed on salsa

Bug#1068017: [Pkg-shadow-devel] Bug#1068017: util-linux: please ship liblastlog2 packages

I've read the wiki page. I'm fine with the proposed approach. I note that by including pam_lastlog2.so in a pam-auth-update configuration, other services (gdm, for example) will include lastlog info. The fact that gdm and other display managers do not include pam_lastlog.so suggests that it's u

Bug#1065806: pam: recent upgrade changes previous default umask

control: clone -1 -2 control: retitle -2 Document pam_umask change in release notes

Bug#1065806: pam: recent upgrade changes previous default umask

> "Professor" == Professor Jeebs writes: Professor> I prefer the way it is handled per user.  There is a related, commented Professor> out, option in /etc/skel/.profile, which lands in new user directories, Professor> which I have never touched the umask part until now.  I unc

Bug#1068192: debian-policy: extended forbidden network access to contrib and non-freeo

> "Aurelien" == Aurelien Jarno writes: Aurelien> If we go that route, here is a proposed alternative patch: Aurelien> --- a/policy/ch-source.rst Aurelien> +++ b/policy/ch-source.rst Aurelien> @@ -338,7 +338,8 @@ Aurelien> For example, the build target should pass ``--di

Bug#1067079: Clarify that policy on a technology does not implicitly mandate that technology

> "Josh" == Josh Triplett writes: I tend to agree with Sean that your rationale is not convincing. It sounds like you want to use policy as a stick to hit people over the head and say "policy is not a stick." I get the impression that you are trying to shift the status quo somehow, and re

Bug#1066979: common-auth: sudo should not have incorrect password delay

> "Tim" == Tim Hutt writes: Tim> By default, on Debian and derivatives, `sudo` has a ~2 second Tim> delay for incorrect password attempts. This serves no security Tim> purpose whatsoever and merely annoys the user. It's not obvious to me that it serves no security purpose. Why can

Bug#1065702: krb5-kdc: uninstallable due to hard-coded dependency on libverto-libev1 | libverto-libevent1,

> "Steve" == Steve Langasek writes: Steve> Hi Sam, Steve> I've run into a problem with openldap not being Steve> bootstrappable for the time_t transition because it Steve> build-depends on krb5-kdc, and krb5-kdc is uninstallable on Steve> arm* because of a hard-coded dep

Bug#1065170: tech-ctte: Requesting advice on glib2.0 #1065022, file deletion by postrm during t64 transition

> "Matthew" == Matthew Garrett writes: Matthew> I agree with the conclusions drawn here, but feel that it's Matthew> possibly worth making a stronger general statement that Matthew> policy should never prevent the implementation of a Matthew> well-considered simple solution. I

Bug#1065170: tech-ctte: Requesting advice on glib2.0 #1065022, file deletion by postrm during t64 transition

Are there solutions in the space of having glib2.0-0 continue to exist as a package depended on by glib2.0-0t64 or depending on the new library allowing you to replace the postrm? That might create a space in time where glib2.0-0.so does not exist, but we probably have more flexibility there than

Bug#1065017: unuser: error while loading shared libraries: libpam.so.0

> "Christoph" == Christoph Anton Mitterer writes: Christoph> Do you happen to know whether there's anything needed in Christoph> terms of clean up for people who had already upgraded Christoph> now? Like manually doing whatever was done via the Christoph> runuser? I think that

Bug#1065088: pam 1.5.3-5 not suitable because pam_userdb is missing

package: pam version: 1.5.3-5 severity: serious This version of pam drops pam_userdb which can break systems that use pam_userdb in their configuration. Long term we do want to split it out and possibly drop. However, this change is purely for the time_t transition and will be reverted. This ve

Bug#1065064: libpam-doc: doc-base reports missing files

> "Colin" == Colin Watson writes: Colin> in those doc-base files but are in fact missing. I don't Colin> know whether this is intentional (in which case the doc-base Colin> registrations should be removed to match), or an accidental Colin> build issue that should be fixed. I

Bug#1065017: unuser: error while loading shared libraries: libpam.so.0

> "Helmut" == Helmut Grohne writes: Helmut> I believe pam will have to be reverted and implemented as Helmut> dual ABI instead. I'm not very comfortable with this approach. The tentative patch did not fill me with confidence; my gut is that it was not as robust as an approach that li

Bug#1065011: libpam0t64 competes for libpam.so.0 symlink against libpam0g (breaks debootstrap)

I wanted to briefly summarize an irc conversation we had on #debian-devel for anyone reading this bug. In general, we want to get rid of libpam0g as soon as possible, because you cannot have both libpam0g and libpam0t64 installed at the same time. Steve is working on a series of NMUs to make tha

Bug#1064454: debian-policy: Restrict deb822 field names more

> "Niels" == Niels Thykier writes: Niels> Simon Josefsson: >> Would it make sense to change this to use an inclusive list of >> permitted characters instead? How about checking the field names >> that is in use today, and construct a regexp of permitted symbols >> out of

Bug#1051582: Policy 9.3 (Starting system services) is largely obsolete

> "Sean" == Sean Whitton writes: Sean> In general, I agree with Santiago. I find Policy's current Sean> scope and working process effective, and not especially Sean> ambiguous. I think everyone should read it during the NM Sean> process, if not sooner. Sean> Russ has con

Bug#1060700: Requesting advice regarding the impact of problems caused by aliasing on declared Conflicts

> "Matthew" == Matthew Vernon writes: Matthew> This continues to make me worry we are not on the path of Matthew> robust engineering. But I appreciate I'm in a very small Matthew> minority in that regard. I want to second the above. I do still believe that the way forward is throu

Bug#1036884: 64-bit time_t: updated archive analysis, proposed transition plan with timeline

> "Ansgar" == Ansgar writes: Ansgar> As far as I understand this approach will break any consumer Ansgar> on a library whose ABI changes to to the ABI changes Ansgar> introduced here unless the consumer is built with the flags Ansgar> from `dpkg-buildflags` (which would now

Bug#1063648: krb5: FTBFS on arm64, armel and ppc64el with "Can't resolve hostname" in dh_auto_test

> "Simon" == Simon McVittie writes: Simon> It might be relevant that according to #972151, arm-conova-03 Simon> (and perhaps other *-conova-* buildds?) is IPv6-only, with no Simon> IPv4 addresses or routes other than loopback (not even via Simon> NAT). Simon> I believe th

Bug#1063329: libselinux1t64: breaks system in upgrade from unstable

> "Helmut" == Helmut Grohne writes: Helmut> pam seems difficult: | extern time_t Helmut> pam_misc_conv_warn_time; /* time that we should warn user */ Helmut> | extern time_t pam_misc_conv_die_time; /* cut-off time for Helmut> input */ Helmut> We cannot symbol-version thes

Bug#1062802: libpam0t64: file loss during upgrade due to /usr-move DEP17

> "Helmut" == Helmut Grohne writes: Helmut> pam also runs in to /usr-move breakage. This one looks FYI, I have some time scheduled to deal with this tomorrow morning US/Mountain (late in the day for Europe).

Bug#1062210: libpam-runtime: pam-auth-update doesn't allow user-ordering of modules

control: severity -1 wishlist control: tags -1 help > "Philip" == Philip Prindeville writes: Philip> Package: libpam-runtime Version: 1.4.0-11ubuntu2.3 Severity: Philip> important Philip> Dear Maintainer, Philip> We were trying to configure PAM authentication to use LDAP,

Bug#1061280: sysvinit crashes podman container on install

package: sysvinit-core: version: 3.08-5 severity: important justification: breaks unrelated software in uncommon environment I was curious about a discussion on debian-devel, so I tried to install sysvinit and wdm at the same time. I tried: podman run --rm -ti debian:unstable apt update apt insta

Bug#1060700: Requesting advice regarding the impact of problems caused by aliasing on declared Conflicts

> "Helmut" == Helmut Grohne writes: Helmut> Package: tech-ctte Given our discussion at the last CTTE Helmut> meeting, I am turning my request for advice into a formal Helmut> one. Helmut> Most of the /usr-move that is happening via DEP17 seems to Helmut> be working out, b

Bug#1057775: [INTL:sv] Swedish strings for pam debconf

> "Anders" == Anders Jonsson writes: Anders> Hi Martin, one change in this one (fixed spelling of Anders> "användare"). I don't think you attached a .po file.

Bug#1060034: ITP: python-openai -- OpenAI Python API library

> "Mo" == Mo Zhou writes: Mo> On 1/5/24 11:45, Ansgar wrote: >> Then the package should be in main. >> >> We do not require external software to be free as well, be that >> Web APIs provided by Github, Twitter, or the NVidia firmware >> required for Nouveau, microcode

Bug#1057199: debian-policy: express more clearly that Conflicts to not reliably prevent concurrent unpacks

> "Guillem" == Guillem Jover writes: Guillem> At least the dpkg behavior seems entirely Guillem> correct to me and required for safe upgrades ( Can you help me understand the sentence above? Where is the case where this behavior is needed for safe upgrades? (I am asking out of cu

Bug#1058779: libk5crypto3 fails to install via apt (dpkg error) triggers ci file contains unknown directive 'set'

control: severity -1 normal control: tags -1 help > "Fernando" == Fernando Toledo writes: Fernando> as workarount i do apt-mark hold libk5crypto3 until Fernando> problem fixes I don't think this problem is likely to be in libkrb5crypto3. I don't have enough experience with the dpkg

Bug#1057729: pam FTCBFS: passes host flags to build compiler

> "Helmut" == Helmut Grohne writes: Helmut> Can I leave this up to you? To verify the cross build Helmut> failure, please use amd64 or arm64 as host Helmut> architecture. These are the only ones with Helmut> architecture-specific compiler flags. Up to who? Andreas? If so, I

Bug#1032207: libpam-modules: Drop pam_userdb

Bastian> Your suggestion splitting out and removing after one Bastian> release would be fine for me. Helmut, I was hoping for a sanity check. Bastian wants to split out some code from pam. He wants to move pam_userdb.so into its own package to remove db5.3 from the pseudo-essential set.

Bug#1032207: libpam-modules: Drop pam_userdb

> "Bastian" == Bastian Germann writes: Bastian> X-Debbugs-Cc: vor...@debian.org Hi Sam and Steve, Bastian> On Wed, 1 Mar 2023 18:34:50 +0100 Bastian Germann wrote: Bastian> I would volunteer to provide a patch for this but only if Bastian> it will be considered. The patch is

Bug#915583: debian sphinx styling: second attempt

>>>>> "Stéphane" == Stéphane Blondon writes: Stéphane> Le ven. 3 nov. 2023 à 15:43, Sam Hartman Stéphane> a écrit : >> >>>>> "Sean" == Sean Whitton writes: >> >> I'm happy

Bug#915583: debian sphinx styling: second attempt

> "Sean" == Sean Whitton writes: Sean> - it would be good to do some accessibility testing of some Sean> kind, at least with screenreaders. But maybe the fact that Sean> you've based your theme on an existing, popular Sphinx theme Sean> means this is covered? I'm happy to te

Bug#1052863: krb5: FTBFS: dh_auto_test: error: cd build && make -j1 check "TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit code 2

>>>>> "Lucas" == Lucas Nussbaum writes: Lucas> On 26/10/23 at 07:45 -0600, Sam Hartman wrote: >> >>>>> "Lucas" == Lucas Nussbaum writes: Lucas> Hi, >> Lucas> As an additional data point, I can still re

Bug#1052863: krb5: FTBFS: dh_auto_test: error: cd build && make -j1 check "TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit code 2

> "Lucas" == Lucas Nussbaum writes: Lucas> Hi, Lucas> As an additional data point, I can still reproduce this Lucas> failure. So, my understanding is that so far for you it always fails, and the evidence so far suggests that it generally (or always, but I am not sure we have long

Bug#1054228: pam FTBFS: No series file found

> "Helmut" == Helmut Grohne writes: Helmut> pam fails to build from source in unstable, because quilt no Helmut> longer recognizes the QUILT_PATCHES_DIR variable and Helmut> therefore does not find a series file. Renaming it to Helmut> QUILT_PATCHES fixes the build. I applied

Bug#1052863: krb5: FTBFS: dh_auto_test: error: cd build && make -j1 check "TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit code 2

> "Santiago" == Santiago Vila writes: Santiago> This could be simply a race condition. Santiago> I've seen many packages to fail their tests randomly Santiago> because of that. It could be a race, but given what I know of the tests, I doubt it is. Take a look at util/k5test.py

Bug#1052863: krb5: FTBFS: dh_auto_test: error: cd build && make -j1 check "TESTSUITEFLAGS=-j1 --verbose" VERBOSE=1 returned exit code 2

control: severity -1 normal > "Lucas" == Lucas Nussbaum writes: Lucas> Hi, Lucas> During a rebuild of all packages in sid, your package failed Lucas> to build on amd64. Lucas> Relevant part (hopefully): So, according to the build log, the make check failed because it coul

Bug#1052433: bookworm-pu: package pam/1.5.2-6+deb12u1

: #1029002 + + -- Sam Hartman Thu, 21 Sep 2023 14:55:12 -0600 + pam (1.5.2-6) unstable; urgency=medium * Update debian/copyright, Thanks Bastian Germann, Closes: #460232 diff --git a/debian/control b/debian/control index 4b685f16..9cdc3f81 100644 --- a/debian/control +++ b/debian/control @@

Bug#945269: debian-policy: packages should use tmpfiles.d(5) to create directories below /var

> "Luca" == Luca Boccassi writes: Luca> Aside from more practical considerations, shipping /var Luca> content in packages is problematic because it's supposed to be Luca> local variable data, I agree with the above. Luca> that can be removed without breaking a Luca> syst

Bug#1051371: Post-/usr-merge paths for script interpreters

> "Luca" == Luca Boccassi writes: Luca> On Wed, 13 Sept 2023 at 04:48, Russ Allbery wrote: >> >> Control: retitle -1 Post-/usr-merge paths for script interpreters >> >> Simon pointed out that this bug is not yet ready to act on, which >> was very helpful. Thank you

Bug#1039873: fixed in pam 1.5.2-7

> "Guido" == Guido Berhoerster writes: Guido> Are there plans to get this into stable-updates? No, not currently. But if you would agree to test in testing/unstable now, and test again once it gets into stable-proposed, I'd be happy to raise the severity to important so that it is eligib

Bug#1051371: Post-/usr-merge paths for script interpreters

> "Russ" == Russ Allbery writes: Russ> with a narrower issue). Several other people were, I think, Russ> arguing for (a), but I'm not sure if they would continue to do Russ> so when it's put in these terms. It's hard for me to express what I was advocating for in the terms you ha

Bug#945269: debian-policy: packages should use tmpfiles.d(5) to create directories below /var

> "Russ" == Russ Allbery writes: I don't know if this needs seconds, but I reviewed all the text and it looks good. If seconds are required, I second. signature.asc Description: PGP signature

  1   2   3   4   5   6   7   8   9   10   >