gnupg2 2.0.26-3 has been packaged today, and includes a fix for #751266.
Setting $CONFIG{'gpg'} to be 'gpg2' in the .caffrc is working again.
--
Guilhem.
signature.asc
Description: Digital signature
Control: severity -1 wishlist
Hi Matthijs,
If no UID(s) is (are) selected, gpg wants to make sure you really intend
to sign all UIDs. So a workaround is to preselect all UIDs; with gpg2
it's can be done in one go with a single command in the prompt: ‘uid *’
(OTOH if you use the 1.4 branch, as of
Hej Nelson,
On Mon, 17 Nov 2014 at 19:15:58 -0200, Nelson A. de Oliveira wrote:
> Couldn't gpg-key2* support a "homedir" option like gpg?
In indeed, and so could caff, gpglist, gpgsigs and probably other tools
in the signing-party package ;-) But is there really a use case that's
not covered alr
On Fri, 12 Feb 2016 at 15:34:27 +0100, Lachlan Gunn wrote:
> I am interested in using CAFF on an airgapped machine, which at the
> moment is somewhat non-obvious. If I can find the time, I would like to
> develop some kind of CSR-like workflow, would others be interested in this?
> The kind of wo
On Fri, 12 Feb 2016 at 23:08:12 +0100, Guilhem Moulin wrote:
> How about an option ‘--signed-key-file’ (and ‘--lsigned-key-file’ for
> local sigs)? Caff would export all signed keys in the specified file.
By the way, this is essentially
gpg --homedir ~/.caff/gnupghome --export
--
G
On Mon, 15 Feb 2016 at 13:19:55 +0100, Lachlan Gunn wrote:
>> The gzipped tarball format looks really overkill. How about an OpenPGP
>> keyring (possibly armored)? No need for caff here, gpg(1) can do this
>> alone:
>>
>> gpg --export >/tmp/keyring.gpg
>>
>> (you could also add ‘--export-optio
Control: tag -1 pending
Hi James,
On Wed, 24 Feb 2016 at 01:55:04 +, James Cowgill wrote:
> This seems to be related to my expired subkey since it works on "normal" keys.
In fact the master key's fingerprint was overridden with each unusable
(eg, expired or revoked) subkey fingerprint. I ju
Control: severity -1 wishlist
Control: merge-1 644472
On Thu, 25 Feb 2016 at 00:39:33 +0900, Roger Shimizu wrote:
> I think this can be improved by using git-send-email, which is popular
> at least for kernel developer.
> git-send-email can request the password in command line, when you
> requ
Hi,
On Wed, 27 Jan 2016 at 17:21:39 +1300, martin f krafft wrote:
> I had a look around, and I think the problem is simply that
> /etc/passwd defines /root as root's homedir, whereas initramfs
> mounts the target system there at some stage! Changing the homedir
> to /root/root enables logging in,
Control: tag -1 pending
On Fri, 08 Jan 2016 at 19:39:19 -0500, Frédéric Brière wrote:
> Here's a quick fix for both issues.
Thanks, I pushed something similar (with a timeout) in r1070.
--
Guilhem.
signature.asc
Description: PGP signature
I'm able to reproduce the problem in fresh install (automatically installed
VM). AFAICT this is due to the fact that udev is not longer running at this
point. I applied the following patch:
--8<>8--
--- /lib/cryptsetup/cryptdisks.fu
On Sun, 10 Jan 2016 at 16:57:43 +0100, Guilhem Moulin wrote:
> I'm able to reproduce the problem in fresh install (automatically installed
> VM). AFAICT this is due to the fact that udev is not longer running at this
> point. I applied the following patch:
> […]
> Adding ‘/e
On Mon, 11 Jan 2016 at 00:06:25 +0100, Dirk Griesbach wrote:
> It's still not working for me with cryptsetup (2:1.7.0-2): encrypted home as
> LUKS and swap as plain device in crypttab. I will have a deeper look into
> the issue as soon as possible.
If you're using SysV init, this might be due to #
Control: tag -1 moreinfo
Hi Hans,
What's your init system? Could you also attach your /etc/fstab? I'm
unable to reproduce this in a fresh install (automated from the lastest
daily CD image [0]) using systemd the attached partitioning script.
Cheers,
--
Guilhem.
[0]
http://cdimage.debian.org
Control: tag 800147 - moreinfo
Control: merge -1 800147
Hi,
On Mon, 07 Mar 2016 at 11:46:29 +0100, Christian Pernegger wrote:
> Apparently this is because systemd doesn't support keyscripts and
> upstream are unwilling to add support because it only ever was a
> Debian extension. Regardless, ther
to GPL2+ to match other
parts of the package; and
- add a lintian override regarding the “unusual shell interpreter”
Cheers,
--
Guilhem.
From f6f78b1cfd42d18d878c72b594e5474460f888a6 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin
Date: Thu, 24 Dec 2015 20:30:58 +0100
Subject: [PATCH] cryptroot-unl
Control: retitle -1 Please document address1,+address2 notations for IPv6
Hi Cord,
(Here is upstream's (CC'ed) response.)
On Mon, 28 Dec 2015 at 12:22:11 -0800, Robert Stone wrote:
> On Mon, 28 Dec 2015 at 17:04:37 +0100, Cord Beermann wrote:
>> $ netmask 192.168.0.0:+1
>> 192.168.0.0/31
>> $ ne
Source: dovecot
Severity: normal
Hi there,
Upstream has released 2.2.21 last month; changelogs since the version
found in sid show quite a few bug fixes and new features [0,1,2].
Furthermore the repository has moved to Github, so d/{control,watch}
should be updated accordingly.
Thanks,
cheers,
Source: linux
Version: 4.3.0-1-amd64
Severity: wishlist
Tags: d-i
Hi there,
9p remote filesystem modules are currently not packaged by the d-i
4.3.0-1 kernel. It would be useful to provide a package with these
modules, since one would then be able to use 9pvirtio devices to test
installation set
Package: base-installer
Version: 1.160
Severity: normal
Tags: d-i
Hi there,
The following snippet can be found in library.sh:
# Assumes the file protocol is only used for CD (image) installs
configure_apt () {
if [ "$PROTOCOL" = file ]; then
[…]
if
On Sun, 17 Jan 2016 at 13:45:26 +0100, Geert Stappers wrote:
> P.S.
> I'm aware that my attempt to merge #809435 with #811198 failed.
>
> The
> Control: block -1 by 811198
> is new attempt to cross-reference both bugs at meta level.
> They are allready referenced with URLs.
Shouldn't the modul
On Sun, 17 Jan 2016 at 13:45:26 +0100, Geert Stappers wrote:
> When the bugreport, BR, came in, I had never heard of "9p" before.
As for 9pvirtio, which is what Stefanos is talking about, you can read
“Filesystem Passthrough for KVM”: this is the modern way to expose a
directory from the host to
On Sun, 17 Jan 2016 at 13:56:24 +0100, Geert Stappers wrote:
> Still feel free to describe the use case, the (wanted) setup.
AFAICT (please correct me if I'm wrong) Stefanos wants to share a host
directory with a KVM guest only to expose the preseeding file. (The
other options being either to add
: they both work fine for me,
but I've not tried other installation setups. I think it's cleaner to
set PROTOCOL="cdrom", but the other patch is less invasive.
Cheers,
--
Guilhem.
From f4b259baf5a26d0960b7295f4390b9bf9f61f755 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin
Date:
Hi Klaus,
On Tue, 19 Jan 2016 at 08:08:42 +0100, Klaus Ethgen wrote:
> This might be a regression of the earlier bugfix to not loop forever.
Of #792552 actually (my bad). (#810380, which you're referring to, was
itself a regression of #792552 but I reverted the patch and reworked it
from scratch
On Tue, 19 Jan 2016 at 20:12:10 +0100, mahashakti89 wrote:
> I tried the given command : sed -i '/#set
> -x$/s/^#//'/lib/cryptsetup/cryptdisks.functions
> but I have no output ...
You mean no additional output at shutdown? Sounds strange… But just to
be sure, this is not the command I posted:
On Tue, 19 Jan 2016 at 20:29:31 +0100, Guilhem Moulin wrote:
> What the command is supposed to do is to uncomment the line “#set -x”.
And that'll in turn make the shell interpreter print each command before
running it. But for that you need to run script; the last command being
pr
Control: tag -1 pending
On Tue, 19 Jan 2016 at 13:34:10 +0100, Klaus Ethgen wrote:
> Am Di den 19. Jan 2016 um 12:02 schrieb Guilhem Moulin:
>> On Tue, 19 Jan 2016 at 08:08:42 +0100, Klaus Ethgen wrote:
> I did expand the seq in the script for short term fix.
> […]
> Well,
On Wed, 20 Jan 2016 at 00:22:49 +, Calum Mackay wrote:
> On 20/01/2016 12:07 am, Calum Mackay wrote:
>>For me, that is:
>>
>> cryptsetup remove cswap1
>
> which looks like 791944/795871?
Yup, that's correct.
--
Guilhem.
signature.asc
Description: PGP signature
On Wed, 20 Jan 2016 at 20:42:03 +0100, mahashakti89 wrote:
> On Tue, Jan 19, 2016 at 09:08:51PM +0100, Guilhem Moulin wrote:
>> And that'll in turn make the shell interpreter print each command before
>> running it. But for that you need to run script; the last command
Control: retitle -1 /etc/init.d/sendsigs kills systemd-udevd upon shutdown,
causing dmsetup to hang
Control: reassign -1 initscripts 2.88dsf-59.3
Control: tag -1 - help moreinfo
On Sun, 10 Jan 2016 at 21:43:36 +0100, Guilhem Moulin wrote:
> On Sun, 10 Jan 2016 at 16:57:43 +0100, Guil
Hi Pali,
On Thu, 25 May 2017 at 18:23:00 +0200, Pali Rohár wrote:
> Same problem there. I have up-to-date Debian Stretch with LUKS-encrypted
> rootfs and system hangup on every shutdown or reboot.
>
> I debugged this problem and found out that after this log message
>
> [] Stopping remainin
On Sun, 28 May 2017 at 23:41:56 +0200, Pali Rohár wrote:
> On Sunday 28 May 2017 21:26:53 Guilhem Moulin wrote:
>> which as I explained in message #86 is due to /etc/init.d/sendsigs
>> killing systemd-udevd at shutdown/reboot time, thereby causing
>> dmsetup to hang.
>
On Mon, 29 May 2017 at 13:16:35 +0200, Pali Rohár wrote:
> On Monday 29 May 2017 09:31:39 Guilhem Moulin wrote:
>> On Sun, 28 May 2017 at 23:41:56 +0200, Pali Rohár wrote:
>>> On Sunday 28 May 2017 21:26:53 Guilhem Moulin wrote:
>>>> which as I explained in mes
On Mon, 29 May 2017 at 14:42:33 +0200, Michael Biebl wrote:
> tags 791944 + help
I'm afraid I can't help backporting the fix to Stretch, but as Pali
mentioned this bug causes a severe regression for sysvinit users with
encrypted disks.
If udev can't be fixed in time maybe cryptsetup could ship a
On Sat, 03 Jun 2017 at 11:24:07 -0400, Felipe Sateler wrote:
> On Sat, Jun 3, 2017 at 4:31 AM, Guilhem Moulin wrote:
>> On Mon, 29 May 2017 at 14:42:33 +0200, Michael Biebl wrote:
> This is an ugly fix.
Yes, but we're really far in the release cycle and as a cryptsetup
maintai
Control: tag -1 + moreinfo
On Fri, 18 Aug 2017 at 03:27:14 -0400, G. Branden Robinson wrote:
> The only way to get past the prompt into type Ctrl+J (yes, hold down Control
> and press J).
I'm afraid I can't reproduce this.
- How did you run caff(1)? (Could you share the command line?)
- Is
Control: retitle -1 caff: should put the TTY in a sane state before prompts
On Fri, 18 Aug 2017 at 15:16:41 -0400, G. Branden Robinson wrote:
> speed 38400 baud; rows 73; columns 191; line = 0;
> intr = ^C; quit = ^\; erase = ^?; kill = ^U; eof = ^D; eol = ; eol2 =
> ; swtch = ; start = ^Q; stop
Package: postfix
Version: 3.2.2-1
Severity: serious
Reason: Upgrade fails for non-default database types
Dear Maintainer,
Looks like I got bitten by #847242 again when upgradating from 3.1.4-7
to 3.2.2-1. Here is my original report, with the `apt install postfix`
output updated.
--8<---
Control: severity -1 important
On Mon, 19 Jun 2017 at 09:44:38 -0400, Scott Kitterman wrote:
> Thanks. I have replicated this and believe that switching file snippets
> provided in dynamicmaps.cf.d instead of having the maintainer scripts fiddle
> with dynamicmaps.cf will solve this. That was
Hi,
On Tue, 29 Aug 2017 at 20:44:41 +0200, Marc Haber wrote:
> the Wiki page on https://keyring.debian.org/creating-key.html mentions
> that some lines from ~/.gnupg/gpg.conf need to be copied to
> ~/.caff/gnupghome/gpg.conf to avoid my caff signatures being SHA-1.
(X-Debbugs-Cc'ing keyring-ma...
On Sat, 01 Jul 2017 at 14:00:19 -0400, Antoine Beaupré wrote:
> Some more information. Attached is the script I originally used.
Looks like you forgot the attachement :-P
--
Guilhem.
signature.asc
Description: PGP signature
Hi Antoine,
On Sat, 01 Jul 2017 at 13:35:20 -0400, Antoine Beaupre wrote:
> I used to have a custom initramfs script that would do that for me in
> jessie, but since the stretch upgrade, it stopped working, and I'm not
> exactly sure why: i just don't get the prompt on the SSH commandline
> at all
On Sat, 01 Jul 2017 at 16:10:01 -0400, Antoine Beaupré wrote:
> On 2017-07-01 21:10:37, Guilhem Moulin wrote:
>> Does setting “IFDOWN=none” (the option was latter renamed) in
>> /etc/dropbear-initramfs/config
>> solves your problem? Please file a bug against dropbear-ini
Control: tag -1 moreinfo
On Sat, 01 Jul 2017 at 23:16:32 +0200, Guilhem Moulin wrote:
> On Sat, 01 Jul 2017 at 16:10:01 -0400, Antoine Beaupré wrote:
>> On 2017-07-01 21:10:37, Guilhem Moulin wrote:
>>> Does setting “IFDOWN=none” (the option was latter renamed) in
>>&
Hi,
On Sun, 02 Jul 2017 at 03:08:48 +0200, M. Buecher wrote:
> when using Dropbear in an Debian 9.0 Stretch InitRAMFS for remotely unlocking
> an encrypted root file system via SSH, then the network setup via DHCP does
> provide the host name as it was with Debian 8.0 Jessie.
>
> This avoids usin
Package: initramfs-tools
Version: 0.130
Severity: wishlist
Dear Maintainer,
While the BOOT environment variable (either set to "local" or "nfs") is
currently exposed to boot scripts, it's currently not documented in the
manpage.
Knowing the boot method can be useful at init-premount and init-bot
Control: tag -1 = pending
On Sun, 02 Jul 2017 at 17:03:53 -0400, Antoine Beaupré wrote:
> Maybe what is needed then is simply a patch to the motd to warn the user
> the command may need to be called multiple times? Or just loop over the
> devices as you suggested before?
I have implemented the la
On Sun, 02 Jul 2017 at 17:33:00 -0400, Antoine Beaupré wrote:
> On 2017-07-02 23:16:22, Guilhem Moulin wrote:
>> Control: tag -1 = pending
>>
>> On Sun, 02 Jul 2017 at 17:03:53 -0400, Antoine Beaupré wrote:
>>> Maybe what is needed then is simply a patch to the
On Sun, 02 Jul 2017 at 23:16:22 +0200, Guilhem Moulin wrote:
> On Sun, 02 Jul 2017 at 17:03:53 -0400, Antoine Beaupré wrote:
>> Maybe what is needed then is simply a patch to the motd to warn the user
>> the command may need to be called multiple times? Or just loop over the
&g
On Mon, 03 Jul 2017 at 19:08:52 -0400, Antoine Beaupré wrote:
> On 2017-07-03 23:21:25, Guilhem Moulin wrote:
>> Actually I came up with a better solution that doesn't rely on the
>> behavior of dropbear. It passes my tests, but perhaps you could try it
>> as well?
On Tue, 04 Jul 2017 at 10:47:36 -0400, Antoine Beaupré wrote:
> On 2017-07-04 10:34:04, Guilhem Moulin wrote:
>> On Mon, 03 Jul 2017 at 19:08:52 -0400, Antoine Beaupré wrote:
>>> thanks, i guess this is done? or do we need to document the "initramfs"
>>> tag
Hi Ivan,
On Wed, 13 Sep 2017 at 00:28:44 +0300, Ivan Krylov wrote:
> Since my setup is going to need keyscripts, I have installed
> sysvinit-core shotrly after upgrading to Stretch.
Note that you could also add the ‘initramfs’ option to the cryptab(5)
entry of these devices so they can be unlocke
Package: openssh-client
Version: 1:7.5p1-10
Severity: wishlist
Hi there,
OpenSSH's scp(1) binary can be used in client mode in combination with
other SSH clients, or in sink mode in combination with another server.
/usr/bin/scp is only linked against libc6, but to install it along with
a more li
Control: block -1 by 875979
On Mon, 05 Sep 2016 at 15:15:46 +0300, Mert Dirik wrote:
> I know you've wanted to get some suggestions last year but this bug
> report, which is only followed by a couple users like me who were
> affected from the lack of scp, is not really the right place for
> gettin
Package: bubblewrap
Version: 0.1.8-2
Severity: normal
Dear Maintainer,
I noticed that bubblewrap refuses to create a new user namespace when
the procfs is mounted (outside the container) with hidepid≥1.
$ sudo mount -o remount,rw,nosuid,nodev,noexec,relatime,hidepid=0 /proc
$ bwrap --ro-
On Mon, 10 Jul 2017 at 09:53:39 +0100, Simon McVittie wrote:
> On Sun, 09 Jul 2017 at 22:16:06 +0200, Guilhem Moulin wrote:
> Would you mind reporting this upstream at
> <https://github.com/projectatomic/bubblewrap/issues>? I don't think I'm
> going to be able to add m
Hi,
Actually libtomcrypt 1.17 and libtommath 1.0 are both available in
Debian, so I'm tempted to add --disable-bundled-libtom to CFLAGS and
dynamically link against these libraries. Not doing so is in fact a
violation of Debian policy §4.13:
“Some software packages include in their distribut
On Tue, 08 Aug 2017 at 23:01:07 +0800, Matt Johnston wrote:
> --disable-bundled-libtom should work OK. I had assumed Debian was
> already using that.
I was not involved in dropbear maintenance during the early days, but
looking at debian/control's history it never Build-Depend'ed on
libtom*-dev.
Control: reopen -1
Control: retitle -1 cryptsetup.prerm script prints a warning when 'dm_mod'
can't be loaded
Just reopening this with severity minor as we could avoid the warning at
removal time (and assume that there are no active dm-crypt mappings if
'dm_mod' can't be loaded for some reason).
Control: tag -1 pending
Control: retitle -1 gpg-key2ps: doesn't support EC (sub)keys
Hi ben,
On Sat, 22 Jul 2017 at 20:06:39 -0600, Ben Hildred wrote:
> gpg-key2ps produces output that crashes ps2pdf. here is a session log
> and the generated postscript.
Fix pending. However you might also
Source: dropbear
Version: 2015.68-1
Severity: serious
debian/copyright suggests that all files outside the debian directory
are licensed under MIT, while upstream's LICENSE lists some files
released under OpenSSH license or BSD 2- and 3-clauses.
https://anonscm.debian.org/git/collab-maint/dro
graphs to match upstream's LICENSE file.
+(Closes: #860406.)
+
+ -- Guilhem Moulin Sun, 16 Apr 2017 12:22:56 +0200
+
dropbear (2016.74-2) unstable; urgency=low
* Tolerate lack of boot script config file /etc/dropbear-initramfs/config.
diff -Nru dropbear-2016.74/debian/copyright dro
Package: netcat-openbsd
Version: 1.105-1
Severity: important
debian/copyright suggests that all upstream files are released under
3-clause BSD, while atomicio.[ch] and socks.c are in fact released under
2-clause BSD.
--
Guilhem.
signature.asc
Description: PGP signature
On Thu, 08 Dec 2016 at 19:46:32 +0100, Reiner Buehl wrote:
> Sorry if I ask a stupid question, but do I understand correct, that if I
> have 1.1.5+dfsg.1-1~bpo8+2 installed, then the fix is applied?
That's correct, cf.
https://anonscm.debian.org/cgit/pkg-roundcube/roundcube.git/commit/?h=deb
new patch enclosed.
Cheers,
--
Guilhem.
From 5e75c353a2f2f3432eeb355940d6a1349a2c5c1d Mon Sep 17 00:00:00 2001
From: Guilhem Moulin
Date: Fri, 9 Dec 2016 22:06:12 +0100
Subject: [PATCH] Pass GPG_TTY env var to the ssh binary
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfe
On Thu, 24 Nov 2016 at 18:12:17 +0100, Guilhem Moulin wrote:
> On Fri, 25 Nov 2016 at 00:10:00 +0800, Aron Xu wrote:
>> On Mon, Nov 21, 2016 at 5:01 PM, Guilhem Moulin wrote:
> Awesome, done :-) I've not rebased against 1.150 and 1.160 yet
> (respectively found in OpenBSD 5.9
Oops sorry, I forgot to check bugs on the source package hence missed
this one before the upload :-(
In #694844 Collin Watson submitted another patch to fix cross
compilation; his patch made it to 1.130-1, could you confirm whether it
fixes #840021?
--
Guilhem.
signature.asc
Description: PGP s
Hi there,
On Thu, 16 Jun 2016 at 02:30:45 +0200, Guilhem Moulin wrote:
> I am looking for a sponsor for my package "lacme"
> […]
> Alternatively, one can download the package with dget using this command:
>
> dget -x https://mentors.debian.net/debian/pool/main/l/lacme/
Package: postfix
Version: 3.1.0-5
Severity: important
Dear Maintainer,
Since Postfix 3.0 the 'chroot' column in the master.cf defaults to 'n'
(in compatibility_level=2 at least). With a 'chroot' column initially
set to '-', the postinst script messes up and break the master.cf by
moving services
trary code as the local dbclient user if
+ particular -m or -c arguments are provided (CVE-2016-7408).
+
+ -- Guilhem Moulin Sat, 28 Jan 2017 18:23:47 +0100
+
dropbear (2014.65-1) unstable; urgency=low
[ Matt Johnston ]
only in patch2:
unchanged:
--- dropbear-2014.65.orig/debian/diff/00
On Fri, 11 Nov 2016 at 03:40:32 +0100, Guilhem Moulin wrote:
> On Thu, 10 Nov 2016 at 18:14:31 +0800, Aron Xu wrote:
>> On Thu, Nov 10, 2016 at 5:04 PM, Guilhem Moulin wrote:
>>> Right. Aron, if you need help with this package, would you be
>>> interested in co-main
On Fri, 25 Nov 2016 at 00:10:00 +0800, Aron Xu wrote:
> On Mon, Nov 21, 2016 at 5:01 PM, Guilhem Moulin wrote:
>> On Fri, 11 Nov 2016 at 03:40:32 +0100, Guilhem Moulin wrote:
>>> On Thu, 10 Nov 2016 at 18:14:31 +0800, Aron Xu wrote:
>>>> More than happy to see som
Package: sponsorship-requests
Severity: normal
Dear mentors,
I am looking for a sponsor for my package "lacme"
* Package name: lacme
Version : 0.2-1
Upstream Author : Guilhem Moulin
* URL : https://git.guilhem.org/lacme/about/
* License : GPL-3+
Source: postfix
Version: 3.1.3-5
Severity: serious
Reason: Upgrade fails for non-default database types
Dear Maintainers,
My main.cf contains
alias_maps = lmdb:/etc/aliases
alias_database = lmdb:/etc/aliases
Upgrading postfix to 3.1.3-5 fails as follows:
~$ sudo apt install po
Hi,
On Tue, 06 Dec 2016 at 23:05:59 +, Juan Rossi wrote:
> Version: 1.1.4+dfsg.1-1~bpo8+1
> […]
> So probably it is important to update to upstream version 1.2.3
Unfortunately 1.2.x has many dependencies that aren't in
jessie-backports yet. I personally don't have the time nor energy to
main
On Wed, 07 Dec 2016 at 07:46:06 +0100, Vincent Bernat wrote:
> ❦ 7 décembre 2016 00:30 +0100, Guilhem Moulin :
>
>>> Version: 1.1.4+dfsg.1-1~bpo8+1
>>> […]
>>> So probably it is important to update to upstream version 1.2.3
>>
>> Unfortunate
On Wed, 07 Dec 2016 at 11:55:50 +0100, Vincent Bernat wrote:
> ❦ 7 décembre 2016 11:27 +0100, Guilhem Moulin :
>
>>>> Unfortunately 1.2.x has many dependencies that aren't in
>>>> jessie-backports yet. I personally don't have the time nor energy to
>
Hi Claude,
On Mon, 02 Jan 2017 at 23:32:01 +0100, Claude Heiland-Allen wrote:
> Package: roundcube
> Version: 1.1.5+dfsg.1-1~bpo8+2
> Severity: grave
> Justification: renders package unusable
I believe this was fixed upstream in 1.2.0
https://github.com/roundcube/roundcubemail/commit/8447ba
On Tue, 03 Jan 2017 at 10:27:25 +0100, Vincent Bernat wrote:
> ❦ 3 janvier 2017 11:13 +0200, Guilhem Moulin :
>> If that's indeed the case, we should lower the severity as if this bug
>> doesn't apply to 1.2.3+dfsg.1-1 it shouldn't prevent its inclusion in
&g
On Tue, 03 Jan 2017 at 11:29:33 +, Claude Heiland-Allen wrote:
> $ php --version
> PHP 7.0.14-2 (cli) ( NTS )
php7.0 is not in jessie-backports, right? There is no guaranty for
systems mixing packages for testing/unstable and backports.
Anyway, the php maintainers have split php7; I believe
Package: git-buildpackage
Version: 0.8.4
Severity: wishlist
Dear Maintainer,
`gpg import-orig --upstream-vcs-tag` provides a nice way to preserve the
upstream VCS tree up to the most recent tag. However, signed upstream
tags, when present, are currently not verified. It would be nice to
provide
On Thu, 06 Oct 2016 at 19:42:55 +0200, Paride Legovini wrote:
> cryptsetup: WARNING: failed to detect canonical device of /dev/sda2
For the record, the hook script gives this warning as it doesn't know
whether the device is to be unlocked at initramfs stage or not.
(Depending on what's on the devi
On Fri, 07 Oct 2016 at 10:15:55 +0200, Paride Legovini wrote:
> $(canonical_device "$device" --no-simplify) resolves the UUID entry to
> /dev/sda2, then btrfs is asked to show the list of devices relevant for
> the filesystem contained in that device. (btrfs filesystems can span on
> several device
Hi Klaus,
On Fri, 07 Oct 2016 at 10:20:08 +0100, Klaus Ethgen wrote:
> However, it was not that easy to create the initramfs as the "most"
> setting for MODULES do not include cryptsetup stuff and "dep" setting
> does not work in a chroot.
Do you have CRYPTSETUP set in your /etc/initramfs-tools/i
On Fri, 07 Oct 2016 at 11:55:35 +0200, Paride Legovini wrote:
> but I'm not sure of what happens when several devices contain a
> filesystem with the same UUID. I guess this is the reason for using
> devids instead of the uuid. In the case of multiple devices the output
> of btrfs filesystem show i
On Fri, 07 Oct 2016 at 11:10:08 +0100, Klaus Ethgen wrote:
>> This is an undocumented way of forcing cryptsetup initramfs integration.
>> As of 2:1.7.2-1, the hook script configuration variable are to be set in
>> /etc/crytsetup-initramfs/conf-hook, cf. the following changelog entry
>>
>> * Use /e
On Thu, 06 Oct 2016 at 22:12:28 +0200, Guilhem Moulin wrote:
> Looking at the hook script's diff since 1.7.0-2 it's unclear to me
> what now causes the warning to appear.
For the record, this is because up to 2:1.7.0-1 get_fs_devices() used to
prefix the list of underlying devi
On Fri, 07 Oct 2016 at 13:56:27 +0100, Klaus Ethgen wrote:
> Am Fr den 7. Okt 2016 um 13:04 schrieb Guilhem Moulin:
>> I see. Indeed, we've unfortunately been too fast at releasing a fix for
>> #786578. That is, we documented setting KEYFILE_PATTERN
>> /etc/initramf
Hi Fabian,
On Mon, 10 Oct 2016 at 20:42:00 +0200, Fabian Grünbichler wrote:
> + [ -r /conf/conf.d/cryptroot ]
> + exit 0
Looks like /conf/conf.d/cryptroot wasn't generated by the hook script.
Try adding the option ‘initramfs’ on the 4th column of the crypttab(5)
entry for each underlying device.
On Sat, 15 Oct 2016 at 08:13:27 +0700, Theppitak Karoonboonyanan wrote:
> Reassigning the bug to udev to hear its maintainer's opinion.
I think this is a initscripts bug, not a udev bug. Both the
‘cryptdisks-early’ and ‘cryptdisks’ LSB init scripts have had a
“Should-Stop: udev” header. Shouldn'
Control: priority -1 normal
Control: title-1 roundcube-plugins: the dependencies of each plugin should
be reflected in the package's Suggests/Recommends/Depends
Hi Jan,
On Wed, 07 Sep 2016 at 08:28:21 +0200, Jan Gerber wrote:
> the managesieve plugin depends on php-net-sieve to work.
> Witho
Hi,
On Fri, 09 Sep 2016 at 10:56:39 +1200, Andrew Ruthven wrote:
> The regular expressions in sig2dot don't match the new output format
> in gpg 2.1
>
> The new output format is (using the same keys as in the script):
>
> pub dsa1024 2003-08-01 [SC]
> 75D8908EBD35E31D94D102EF10557B83807CAC
Package: sbuild
Version: 0.71.0-2
Severity: normal
Dear Maintainer,
#833547/#834898 have been fixed by adding a call to ‘gpgconf --kill
gpg-agent’. I was wondering whether access to private key material from
inside the chroot is required at all? Sbuild::ResolverBase reads
# Sign the releas
Control: severity -1 wishlist
On Sat, 10 Sep 2016 at 00:19:02 +0200, Johannes Schauer wrote:
> I do not see any bug here. You are just describing the current situation.
> Please describe the problem you are experiencing.
Fair enough, I shouldn't have rushed this due to the train arriving at
desti
Hi there,
On Mon, 18 Jan 2016 at 17:32:40 +0100, Guilhem Moulin wrote:
>> Having file:// as mirror URI looks like a reasonable/valid use case to
>> me, we should fix support for it.
>
> Great! I tried the two attached patches: they both work fine for me,
> but I've no
ceive failed: Invalid argument
~$ $ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys
39278DA8109E6244
gpg: key 39278DA8109E6244: "Guilhem Moulin" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
Maybe caff need to pass another option from ~/
9278DA8109E6244 gpg: key 39278DA8109E6244: "Guilhem
>> Moulin" not changed gpg: Total number processed: 1
>>gpg: unchanged: 1
>
> Huh? Receiving keys via hkps works as expected for me:
My bad. This seems to be due to the presence of ‘use-tor’ in my
‘~/.g
Also, does the recv-key command work when you run it manually?
~$ gpg --batch --no-tty --homedir ~/.caff/gnupghome \
--trust-model=always --no-options --use-agent \
--keyserver=hkps://hkps.pool.sks-keyservers.net \
--keyserver-options=no-honor-keyserver-url \
--
On Sun, 11 Sep 2016 at 16:37:33 +0200, Marcus Frings wrote:
> On Sun, 11 Sep 2016 15:46:58 +0200, Guilhem Moulin
> wrote:
>
>> Still, I can't reproduce this. Could you try to pass ‘--debug-level
>> basic’ to the recv-key command?
>
> I patched caff with the
201 - 300 of 1122 matches
Mail list logo
