On Fri, 23 Nov 2018 at 19:12:30 +0100, Mikhail Morfikov wrote:
>> cryptsetup-initramfs' ‘cryptroot’ is run (last) is local-top, so before
>> your own script. So ‘cryptroot’ is bound to fail after trying to open
>> the device a couple of times. Please move your script to local-top, and
>> maybe ad
On Fri, 23 Nov 2018 at 21:41:42 +0100, Mikhail Morfikov wrote:
> On 23/11/2018 20:37, Guilhem Moulin wrote:
>> Did you also add a loop to wait for the block device holding the LUKS
>> header? Since the device is discovered asynchronously you need to wait
>> for it in order
Control: tag -1 moreinfo unreproducible
Hi,
On Thu, 18 Oct 2018 at 12:24:41 -0500, bkw+1539883...@70mpg.org wrote:
> If I then click on the button that reads "Display images", next to the
> text "To protect your privacy, remote images are blocked in this
> message", the pink boxes go away, but th
Control: severity -1 wishlist
Control: retitle -1 roundcube: database table `session` is never cleaned and
grows without limit on nginx
Hi,
On Sat, 25 Aug 2018 at 16:19:06 +0200, Symphorien Gibol wrote:
> Debian disables it by setting session.gc_probability to 0
Upstream's ‘.htaccess’ file sets
Hi Chris,
On Sun, 23 Sep 2018 at 06:10:52 +0200, Guilhem Moulin wrote:
> Fortunately I did have some quiet evenings last week, and finally
> pushed a new branch derived from Peter and Erik's work:
>
> https://salsa.debian.org/cryptsetup-team/cryptsetup/tree/openpgp-smartcard
On Sun, 04 Nov 2018 at 05:35:44 -0500, Chris Lamb wrote:
>>> https://salsa.debian.org/cryptsetup-team/cryptsetup/tree/openpgp-smartcard
>>
>> Did you have time to look at this branch yet? (Just rebased it on top
>> of ‘debian/2%2.0.5-1’ and applied a couple of changes.)
>
> Oh dear, I was not aw
On Tue, 06 Nov 2018 at 11:15:57 -0800, Kyle Rankin wrote:
> On Sun, Nov 04, 2018 at 02:38:29PM +0100, Guilhem Moulin wrote:
>> On Sun, 04 Nov 2018 at 05:35:44 -0500, Chris Lamb wrote:
>>>>> https://salsa.debian.org/cryptsetup-team/cryptsetup/tree/openpgp-smartcard
>>
On Wed, 07 Nov 2018 at 13:05:17 -0800, Kyle Rankin wrote:
> I've tested these debs and can confirm everything works.
Awesome, thanks for the feedback!
> I was also able to add this support to an existing LUKS root partition
> by just using luksAddKey and making sure the crypttab was updated and
>
Hi,
On Thu, 08 Nov 2018 at 19:52:01 -0500, Moshe Piekarski wrote:
> The function udptest() reports a successfull connection even when my
> machine is not connected to anything.
> The same thing happens if the server is configured not to return
> connection refused (try nc -vu google.com 6789)
FWI
On Fri, 09 Nov 2018 at 13:28:09 -0500, Moshe Piekarski wrote:
> Of course there's no way to do a real test, but is it possible to
> chaeck for any other errors?
Which error(s) do you have in mind?
--
Guilhem.
signature.asc
Description: PGP signature
On Fri, 09 Nov 2018 at 13:17:11 -0500, Moshe Piekarski wrote:
> Performing this test with blank packets still works without the server seeing
> anything.
> […]
> - if ((write(s, "X", 1) != 1) && (errno == ECONNREFUSED))
> + if ((write(s, "", 1) != 1) && (errno == ECONNREFUS
On Fri, 09 Nov 2018 at 19:16:39 +, Mendelmunkis wrote:
>> Which error(s) do you have in mind?
>
> “destination unreachable” comes to mind.
> Right now it only checks for connection refused
I'm confused, if write(2) returns -1 and sets errno to ‘ECONNREFUSED’,
it might be *because* an ICMP “De
By the way, on new systems formatting encrypted volumes is done by
partman_crypto, which is outside src:cryptsetup. It's been proposed [0]
to pass `--type=luks2` to `luksFormat` there, but I'd much rather stick
to the upstream format version there too and wait for a version of the
cryptsetup binar
Hi Peter,
On Wed, 01 Aug 2018 at 17:51:43 +0200, Peter Lebbing wrote:
> On Mon, 30 Jul 2018 04:16:23 +0800 Guilhem Moulin wrote:
>> * Copying not only the (encrypted) key file and the public keyring,
>> but also the private-keys-v1.d directory, sounds very odd to me.
>> What
On Wed, 01 Aug 2018 at 19:05:20 +0200, Peter Lebbing wrote:
> By the way, I think it would be much cooler if GnuPG used
> pinentry-curses or pinentry-tty, rather than the current
> /lib/cryptsetup/askpass and --pinentry-mode loopback. That would also
> gracefully ask for the smartcard to be inserte
Hi Chris,
On Fri, 14 Sep 2018 at 11:46:26 +0100, Chris Lamb wrote:
>> Sorry, I've been rather short on time lately; will try to take another
>> stab at this the week after next.
>
> Sure thing. Do let me know whether it would help if you had specific
> hardware or things like that; I can get them
On Sat, 22 Sep 2018 at 09:04:49 +0100, Chris Lamb wrote:
>> Sorry, I've been rather short on time lately; will try to take another
>> stab at this the week after next.
>
> No worries at all; how you getting on?
Thanks for the poke :-) Fortunately I did have some quiet evenings last
week, and fin
Hi,
On Sun, 23 Sep 2018 at 13:32:44 +0200, Peter Lebbing wrote:
> --8<---cut here---start->8---
> #!/bin/sh
>
> UNSAFEKEYS=$(gpg --batch --with-colons --homedir /etc/keys --list-secret-keys
> | \
> gawk -F: '$1=="sec" || $1=="ssb" \
> { if
On Sun, 23 Sep 2018 at 16:00:30 +0200, Peter Lebbing wrote:
> I'm not really happy with the "wait for a random smartcard to be
> available and import that as stubs" solution,
Note that in principle we can wait for a smartcard with a given serial
number to be inserted, with `gpg-connect-agent 'SCD
Hi,
On Mon, 06 Aug 2018 at 13:09:13 +0200, Jonas Meurer wrote:
> Am 23.07.2018 um 14:42 schrieb Chris Lamb:
> Still, if we would split the gnupg smartcard keyscript into an own
> binary package, we would have to do the same for decrypt_gnupg,
> decrypt_opensc and decrypt_ssl. Which would mean four
On Sun, 23 Sep 2018 at 17:59:20 +0200, Peter Lebbing wrote:
>> I'm reluctant to do that since there are plenty of options that would
>> break the setup: ‘no-autostart’, ‘keyring’, ‘pinentry-program
>> /path/to/custom/wrapper’, ‘pinentry-program /usr/bin/pinentry-gtk’,
>> etc., and (beside ‘trusted-
On Mon, 24 Sep 2018 at 14:11:02 +0200, Peter Lebbing wrote:
> Well, the ultimate fail-safe migration mechanism is very
> straight-forward. Export to /etc/cryptsetup-initramfs/pubkey.gpg, and in
> the decrypt script, --import that first. I see you already use a
> default, empty homedir anyway, might
Control: tag -1 pending
Control: severity -1 minor
On Sun, 13 May 2018 at 01:06:56 +0200, Stefan Tauner wrote:
> I guess the best would be to refactor the function and use the generic
> copy_file() function of the hook-functions library that prints a
> suitable message?
Good idea indeed, just app
Control: retitle -1 Unify cryptsetup's crypttab(5) and systemd's
Hi,
On Mon, 01 Jan 2018 at 06:01:33 -0800, Harrison wrote:
> The "plain," is undocumented but REQUIRED or the unlock fails during boot.
> […]
> Init: systemd (via /run/systemd/system)
This partition isn't unlocked at initramfs stag
Hi Chris,
On Sat, 12 May 2018 at 19:10:43 +0100, Chris Lamb wrote:
> It would be nice if the sleep-on-failure time was configurable, just
> like tries=N, etc.
>
> Patch attached.
Thanks for the patch! (We discussed about this bug IRL but let me
follow up here for the sake of transparency.) The
Control: tag -1 pending
Hi,
On Tue, 22 May 2018 at 21:56:36 +0200, Stephan Gerth wrote:
> Enabling roundcube: ok
> Enabling fastcgi: ok
> Met dependency: fastcgi
> Enabling fastcgi-php: ok
> already enabled
> Run "service lighttpd force-reload" to enable changes
I'm able to reproduce this in a c
On Fri, 06 Jul 2018 at 00:51:02 +0200, Korbinian Demmel wrote:
> I played around with the 'lvm2' script. Support to get the mangled
> source device (LG/LV) for an given LV UUID is quite simple to add.
It's not the LV UUID that we need here, but the LUKS UUID. And the
script doesn't know which dev
Hi,
In the upcoming 2:2.0.3-5 I refactored the crypttab(5) parsing logic [0].
Would the following interface suit your needs?
crypttab_find_entry([--quiet], $target)
Search the crypttab(5) for the given $target and set
CRYPTTAB_NAME, CRYPTTAB_SOURCE, CRYPTTAB_KEY, and
Control: fixed -1 2:2.0.3-2
On Sat, 04 Jun 2011 at 19:06:33 +0200, user wrote:
> it would be nice if the cryptroot hook supports the following setup:
>
> partition - luks device - mdadm - lvm
Since 2:2.0.3-2 our hook script recursively traverses the block device
hierarchy in sysfs(5), and the abo
On Sat, 07 Jul 2018 at 01:52:46 +0200, Christoph Anton Mitterer wrote:
> So the use case is, that people may also wish to modify parts of the
> ../cryptroot/crypttab file from their hook scripts... and that it
> could be nice to have an interface for that as well.
That adds too much complexity fo
Hi Chris,
On Sat, 07 Jul 2018 at 12:05:13 +0100, Chris Lamb wrote:
> Programming Lang: Shell
> Description : Encrypt root volumes with an OpenPGP smartcard
Since it's just a standalone shell script it might make sense to ship it
with ‘cryptsetup-initramfs’ instead :-) See also #888916 (we di
On Sat, 07 Jul 2018 at 17:08:59 +0200, Guilhem Moulin wrote:
> (And 3rd-party hooks using our previous — internal — interface are
> most likely all broken right now.)
I mean the ones trying to read and parse our internal cryptroot
configuration file (the crypttab(5)-like file stored
On Fri, 22 Jun 2018 at 17:40:34 +0200, Guilhem Moulin wrote:
> This was not the only thing need to fix the cryptsetup initramfs
> There was also an issue with our hook script; I pushed a fix but it's
> not released yet.
The fix is in cryptsetup-initramfs ≥2:2.0.3-4 though. Ju
Control: tag -1 moreinfo
On Sun, 08 Jul 2018 at 18:53:07 +1000, Ian Tester wrote:
> Upon further exploration, it appears the problem is that /dev/block is not
> being created and populated on this system. I'll have to figure out why
> that is.
Do you have udev installed and running? It should ta
Control: retitle -1 crypttab source specifications shouldn't be converted to
/dev/block/$maj:$min
Control: severity -1 important
Control: tag -1 pending
On Sun, 08 Jul 2018 at 18:53:07 +1000, Ian Tester wrote:
> Upon further exploration, it appears the problem is that /dev/block is not
> being cr
Control: severity -1 minor
Hi Raphael,
On Mon, 09 Jul 2018 at 16:27:53 +0200, Raphael Hertzog wrote:
> For a concrete instance of this problem, see the "Remote Unlocking"
> section in this tutorial:
> https://paxswill.com/blog/2013/11/04/encrypted-raspberry-pi/
I don't mind the patch but FWIW,
On Mon, 09 Jul 2018 at 10:14:50 -0700, Kyle Rankin wrote:
> Given it is just a shell script, I would vote for incorporating OpenPGP
> smartcard support directly into cryptsetup-initramfs so it's available for
> users who want encrypted storage without having to know about a standalone
> package.
W
Control: reassign -1 cryptsetup-initramfs
Control: retitle -1 opensc: can't use smartcard after pivot_root because pcscd
isn't killed at local-bottom stage
Control: tag -1 pending
Hi,
On Wed, 11 Jul 2018 at 15:05:47 +0200, Pascal Vibet - ADACIS wrote:
> In /usr/share/initramfs-tools/scripts/loca
Control: severity -1 minor
Hi,
On Thu, 12 Jul 2018 at 15:02:20 +0200, Pascal Vibet - ADACIS wrote:
> So, i apply modifications like this:
> in /usr/share/initramfs-tools/hooks/cryptopensc:
> […]
> in /usr/share/initramfs-tools/scripts/local-top/cryptopensc:
Why only in cryptopensc and not in cry
Control: severity -1 wishlist
Control: reassign -1 initramfs-tools-core
Control: retitle -1 initramfs-tools-core: 'keymap' scripts don't preserve
numlock state
On Thu, 12 Jul 2018 at 19:46:02 +0200, Pascal Vibet - ADACIS wrote:
> Le 12/07/2018 à 15:48, Guilhem Moulin a écri
On Fri, 16 Sep 2016 at 20:41:29 +0200, Guilhem Moulin wrote:
> On Tue, 29 Oct 2013 at 13:09:08 +0100, Milan Kral wrote
>> The problem is that in /etc/rcS.d the scripts S07cryptdisks-early,
>> S09cryptdisks are run before S13urandom. We are trying to read from
>> /dev/ura
Hi Chris,
On Mon, 16 Jul 2018 at 10:15:47 +0100, Chris Lamb wrote:
>> Back to https://github.com/eriknellessen/gpg-encrypted-root, I see the
>> hook is copying private key material to the initramfs, but […]
>
> My gut tells me we should incoropate OpenPGP support directly into
I assume you mean
On Mon, 16 Jul 2018 at 18:39:59 +0100, Chris Lamb wrote:
> So, whilst I will be at DebCamp too (yay) I unfortunately won't have
> any hardware to test with and for various reasons I should keep
> commitments low at this point.
Sure thing! I was planning to do some triaging anyway :-) (#888916 ha
Control: tag -1 - moreinfo
Control: reassign -1 udev
Control: forcemerge 791944 -1
On Wed, 18 Jul 2018 at 16:49:36 +0200, Genomian wrote:
> If you want you can add them as fix for crypttab but idk if the latest
> udev update solves this issue
#791944 is still open, at least. (And the shutdown pr
Hi,
On Sat, 21 Jul 2018 at 19:27:54 +0200, Michal Humpula wrote:
> Since the ZFS is not strictly speaking alien in Debian (it's in
> contrib, though), it would be nice if cryptsetup-initramfs would
> support it.
Just to be clear, it's only *auto-detection* that's not supported. It's
still possib
Control: severity -1 wishlist
Hi,
On Sun, 22 Jul 2018 at 18:00:27 +0800, Chris Hofstaedtler wrote:
> for this years DebConf KSP, I had to apply the attached patch to
> make gpgsigs understand the incoming text file format. I imagine
> this is due to a change in the output of current gpg.
gpgsigs
Hi,
On Sun, 25 Feb at 2018 12:01:02 +0100, Christoph Biedl wrote:
> Now I'm somewhat stuck. If people with knowledge in initramfs and
> especially the unlocking process there using cryptsetup could provide
> some input, I'd be glad.
Given that cryptsetup's initramfs integration is not authored by
On Mon, 23 Jul 2018 at 18:32:44 +0200, Guilhem Moulin wrote:
> * /scripts/local-top/clevis: some bits look quite brittle, for
> instance
>
> psinfo=$(ps) # Doing this so I don't end up matching myself
> echo "$psinfo" | awk "/$cryptkeyscript/ { print
Control: tag -1 - moreinfo
On Thu, 22 Feb 2018 at 17:16:34 +0100, Mikhail Morfikov wrote:
> I just converted LUKS1 to LUKS2 and added another keyslot with Argon2i. I
> tested the new keyslot, and it looks like it works without any issues now. I
> also wiped the previous keyslot to be sure. I don't
Control: tag -1 upstream
Hi,
On Sun, 19 Jan 2020 at 23:41:15 +, n...@waifu.club wrote:
> clarification: I am testing it with a volume I created and used with
> cryptsetup 2:2.0. With 2:2.1 and 2:2.2 integritysetup-open seems to succeed,
> but the embedded ext4 filesystem cannot be used. Attem
On Mon, 20 Jan 2020 at 07:12:37 -0600, Mario Limonciello wrote:
> FYI, the newly released version 12 has initramfs support.
Hmm. I guess I'm part of the problem since I haven't found time to help
with this unfortunately, but on a quick look it appears that my comments
from msg#27 and msg#32 still
Control: tag -1 + moreinfo
On Mon, 20 Jan 2020 at 21:25:56 +0100, Milan Broz wrote:
> but I definitely need a clear reproducer (with the latest stable - 2.2.2 or
> 2.3.0-rc0) - ideally with attached debug and system log.
> (Debug log will provide all versions I need - kernel and dm targets versio
Control: tag -1 moreinfo
On Wed, 22 Jan 2020 at 22:31:49 +0100, Christoph Anton Mitterer wrote:
> Instead of possible device target names it just completes to
> the files of the local directories.
Works fine here, also as non-root. In a sid chroot:
~$ dd if=/dev/zero of=/tmp/disk.img bs=1M
Control: tag -1 moreinfo
Control: severity -1 minor
On Wed, 22 Jan 2020 at 23:08:32 +0100, Christoph Anton Mitterer wrote:
> in .bashrc, and that's enough for all other completions... e.g. the one
> for cryptsetup work (more or less).
~$ foo looks for /usr/share/bash-completion/completions/foo (a
Control: found -1 2:1.7.0-1
On Wed, 22 Jan 2020 at 23:28:37 +0100, Guilhem Moulin wrote:
> If that's a regression it's older than 2:2.0.3-1, AFAICT stretch has
> the same problem.
Before 2:1.7.0-1 the completion file was copied into
/etc/bash_completion.d, which AFAICT bash trave
On Wed, 22 Jan 2020 at 14:37:54 -0600, Mario Limonciello wrote:
> Would you mind suggesting something upstream with the relevant changes
> that make sense?
As written earlier in this bug our public interface for this kind of
things is to use keyscripts. See crypttab(5) for the few environment
var
Hi,
On Sat, 25 Jan 2020 at 02:16:01 +0100, mar...@mitzlaff.eu wrote:
> I just faced a similar problem. I tried to install the roundcube 1.4.2 from
> Sid into my Buster system.
Doesn't seem to match Marc's environment.
> I think roundcube 1.4.2 needs a dependency to libjs-bootstrap4 (>=4.4.1).
S
On Thu, 26 May 2022 at 12:39:51 +0200, Sebastian Ramacher wrote:
> interimap's autopkgtests fail with openssl 3:
I believe this is due to #1011038 and/or #1011051. AFAICT nothing needs
doing on the interimap side while these are open. Leaving -1 open
though so no one files a duplicate.
--
Guil
Source: dropbear
Version: 2011.54-1
Severity: important
Tags: security
Control: found -1 2016.74-5+deb9u1
Control: found -1 2018.76-5
Control: fixed -1 2019.78-1
CVE-2019-12953: Dropbear 2011.54 through 2018.76 has an inconsistent
failure delay that may lead to revealing valid usernames. This is
The fix limits password length to
+100 bytes. (Closes: #1009062.)
+Cherry-picked from https://hg.ucc.asn.au/dropbear/rev/228b086794b7 .
+ * d/gbp.conf: Set debian-branch = debian/buster.
+
+ -- Guilhem Moulin Wed, 06 Apr 2022 20:54:24 +0200
+
dropbear (2018.76-5) unstable; urgency=medium
Package: git-buildpackage
Version: 0.9.25
Severity: wishlist
Dear Maintainer,
`gpg import-orig --upstream-vcs-tag=%(version)s` is great, however the
substitution doesn't work well will repack suffixes such as +dfsg or
+ds. Perhaps ‘%(version)s’ shouldn't unconditionally strip repack
suffixes, bu
Control: tag -1 + moreinfo
Hi,
On Mon, 01 Aug 2022 at 12:27:39 +0200, Wojciech Zabołotny wrote:
> That configuration generally works, but if a massive write operations
> are performed, the syste, practically freezes.
What makes you think that is a src:cryptsetup issue? Nothing in this
package i
On Mon, 01 Aug 2022 at 14:10:26 +0200, Wojciech Zabołotny wrote:
> Modifying the mapping parameters with:
> # cryptsetup --perf-no_write_workqueue refresh name_of_the_mapping
>
> indeed eliminates the problem.
> Isn't it then the problem with default mapping parameters used in
> cryptsetup?
IMH
On Mon, 01 Aug 2022 at 15:32:19 +0200, Wojciech Zabołotny wrote:
> BTW. I'm really amused that no one else complained about that issue.
> The problem exists for at least a few years.
Not claiming that no one would benefit from --perf-*, but as the link
from the cloudflare blog suggests it appears
Control: severity -1 minor
On Sat, 07 May 2022 at 17:40:34 -0400, Andres Salomon wrote:
> Calling the init script with 'force-start' was how I used to start the
> volume and get prompted for a password, but on a newer system with
> systemd, that doesn't _appear_ to work any more:
The init scripts
Hi Sean,
On Sun, 31 Jul 2022 at 13:45:29 -0700, Sean Whitton wrote:
> So, the PARTUUID= source is being mapped to a /dev/mapper source, which
> I think is the work of the fix for #902943. It's the same for UUID=.
>
> The problem is that /dev/mapper/loop0p2 is valid only on the
> image-building h
Control: tag -1 patch
The trivial patch attached fixes the exception. Seems it was a
regression caused by the fix for #960267.
cheers
--
Guilhem.
diff --git a/lib/testdesc.py b/lib/testdesc.py
index 3e696a2..39e1ecb 100644
--- a/lib/testdesc.py
+++ b/lib/testdesc.py
@@ -678,7 +678,7 @@ def pars
Hi Guido,
On Tue, 09 Aug 2022 at 10:54:54 +0200, Guido Günther wrote:
> We could fix the replacement to be empty:
>
> https://github.com/agx/git-buildpackage/compare/master...ds
>
> This causes trouble for people though that need this *and* to mangle the
> version by other means.
That'd work fo
Control: tag -1 moreinfo
Hi Jonas!
On Tue, 16 Nov 2021 at 17:22:54 +0100, Jonas Smedegaard wrote:
> Quoting Jonas Smedegaard (2021-11-15 18:06:57)
>> cryptsetup-suspend looks promising, but unfortunately failed for me so
>> far on my ARM-based laptop - TERES-I - running an up-to-date bookwork
>
On Wed, 17 Aug 2022 at 19:01:38 +0200, Jonas Smedegaard wrote:
> - it seems related to Wayland
It does work with GNOME and Wayland though.
--
Guilhem.
signature.asc
Description: PGP signature
Control: tag -1 pending
Hi Steve,
On Sun, 21 Aug 2022 at 16:09:24 -0700, Steve Langasek wrote:
> The dropbear autopkgtest has been failing on all architectures in Ubuntu,
> because it tries to mkdir ~/.ssh and fails if this directory already exists.
>
> The attached patch calls mkdir with -p, so
Package: lintian
Version: 2.115.1
Severity: normal
Dear Maintainer,
roundcube-core's postinst contains
chown --reference="$CONFFILE" "$CONFFILE.ucftmp"
which triggers a false positive with tag chown-with-dot. Indeed
"chown --reference=foo bar.baz" matches
m{ \b chown \s+ (?: -\S+ \s+
Package: debhelper
Version: 13.7.1
Severity: wishlist
Dear Maintainer,
The roundcube packages ships a temporary directory which is cleaned via
cronjobs and which I'd like to define via tmpfiles.d(5) instead.
debhelper 13.7.1 adds the following snippet to the postinst script:
# Automatically
Package: autopkgtest
Version: 5.22
Severity: important
Dear Maintainer,
While running two tests with autopkgtest-build-qemu I was surprised to
see the database created from the first one not being wiped before
running the other test.
$ cat debian/tests/control
Test-Command: date -R | tee
Control: tag -1 moreinfo
On Sat, 05 Mar 2022 at 13:13:57 +0100, Guenther Brunthaler wrote:
> When creating nested dmcrypt mappings in /etc/crtypttab,
> cryptdisks_start processes them from top to bottom.
I believe cryptdisks_start(8) and cryptdisks_stop(8) processes mappings
in the order given on
Control: retitle -1 `/etc/init.d/cryptdisks stop` should safely traverse nested
block device stacks
Control: tag -1 - moreinfo
On Sat, 05 Mar 2022 at 16:54:07 +0100, Guenther Brunthaler wrote:
> which is exactly the same as do_start() does. And hence the entries are
> processed in the same order
Control: tag -1 pending
On Sat, 05 Mar 2022 at 17:17:07 +0100, Guilhem Moulin wrote:
> For do_start() we're reading crypttab(5) sequentially as we don't have
> enough information about nesting, however for do_stop() we have that
> information in the mapping table, so no need to
Package: php-symfony-polyfill-mbstring
Version: 1.25.0-1
Severity: normal
Dear Maintainer,
$ apt show php-symfony-polyfill-mbstring
Package: php-symfony-polyfill-mbstring
Version: 1.25.0-1
[…]
Provides: php-mbstring
[…]
Description: Symfony polyfill for the Mbstring ex
On Mon, 14 Mar 2022 at 12:05:20 +0100, David Prévot wrote:
>> That Provides: causes roundcube 1.6~beta+dfsg-1 to FTBFS on the buildds [0].
>
> I had the same problem with two other packages (in experimental only). I’m
> pretty busy currently, but feel free to push a fix via a team upload or an
> N
Package: release-notes
Severity: wishlist
Hi there,
netcat-openbsd 1.218-5 adds support for abstract sockets (on Linux),
which is a breaking change with possible security implications:
https://sources.debian.org/src/netcat-openbsd/1.218-5/debian/NEWS/ .
elbrus suggested to mention that in the Boo
Package: piuparts
Version: 1.1.5
Severity: normal
File: /etc/piuparts/scripts/pre_install_database-server
Tags: patch
Dear Maintainer,
Piuparts scripts in /etc/piuparts/scripts/* case match over
${PIUPARTS_OBJECTS%%=*}, which
works on piuparts.d.o (which calls piuparts with `--apt ${PKGNAME}=${V
Package: autopkgtest
Version: 5.22
Followup-For: Bug #1010338
Unfortunately the exception is also triggered for non-fatal errors:
$ cat debian/tests/control.crash
Test-Command: /bin/true
Depends: coreutils
Restrictions: isolation-machine
Test-Command: /bin/true
Depends: c
Control: reassign -1 initramfs-tools-core
On Mon, 18 Jul 2022 at 22:17:09 +0100, Graham Cobb wrote:
> I have it working on one system but when I try to use it on a second system
> it doesn't work.
> This second system is a server which is connected directly to a VLAN trunk,
> so the IP config
>
On Wed, 20 Jul 2022 at 15:57:08 -0400, Philippe Clérié wrote:
> Ok. That looks like it works.
>
> It simply would never have occurred to me to add php to php-fpm.
Fair enough, it's arguably an issue in APT's dependency resolver:
$ apt show roundcube-core
[…]
Depends: […], libapache2-
On Thu, 21 Jul 2022 at 07:10:27 -0400, Philippe Clérié wrote:
> I would like to test that.
Well you can build the package from git and try to install the .deb :-)
FWIW the aforementioned patch also removes ‘Depends: php’ from the
‘lighttpd’ and ‘hardening-dedicated-user’ DEP-8 tests, and neither
Package: autopkgtest
Version: 5.22
Severity: wishlist
Dear Maintainer,
It appears that when one passes the ‘--test-name=’ option several times
only the last specified test is run. It would be nice if the option was
repeatable, so ‘--test-name=a --test-name=b ‘--test-name=c’ would run
all 3 tests
Package: initramfs-tools-core
Version: 0.142
Severity: normal
Tags: patch
File: /usr/bin/unmkinitramfs
Dear Maintainer,
With the default COMPRESS=zstd lsmkinitramfs fails on unsplit
/initrd.img:
$ lsmkinitramfs /initrd.img
cpio: premature end of archive
$ unmkinitramfs /initrd.img /t
Package: debci
Severity: wishlist
Dear Maintainer,
In order to test behavior at early boot stage we have autopkgtests in
src:cryptsetup (resp. src:dropbear) that launch a virtual machine and
mock user interaction through the serial console (resp. SSH) to unlock
the disks and check that boot event
Control: tag -1 pending
Hi Johannes,
On Tue, 31 Dec 2019 at 09:19:29 +0100, Johannes Schauer wrote:
> thanks again for all your very helpful comments! I think I now implemented
> everything that you suggested. I created a merge request on salsa containing
> what I think is ready to be merged:
>
On Wed, 17 Jun 2020 at 17:09:01 +0200, Mirko Vogt wrote:
> However above report was closed in Feb 2020 with a comment that bug was
> believed to be fixed. If that's the case, the fix apparently didn't make
> it back to stable/buster, though.
Right, as written on the list:
| I believe is a duplica
Control: tag -1 + unreproducible
On Fri, 29 May 2020 at 11:38:31 +1000, Russell Coker via
Pkg-roundcube-maintainers wrote:
> specifying sqlite. As sqlite is simpler it should be able to configure all
> sqlite stuff if the user selects sqlite as database type.
> […]
> Next when you go to the web
Control: tag -1 fixed-upstream
On Thu, 31 Mar 2022 at 21:12:30 +0200, Diederik de Haas wrote:
> https://github.com/mkj/dropbear/commit/3189d12c9fd166ff6ece57b3d847af9d99d8b813
> seems to indicate that the issue was fixed a couple of days ago.
> There are other commits that are related and document
Hi,
On Thu, 09 Jul 2020 at 16:53:03 +0200, Mirko Vogt wrote:
> Can I do anything to push this being fixed or workaround this myself
> without weakening my setup security wise? Thanks!
The bug metadata say:
Found in versions roundcube-core/1.2.3+dfsg.1-4+deb9u3,
roundcube-core/1.3.13+dfsg.1-1~
Control: retitle -1 upgrades overwrites local style customization
Control: severity -1 wishlist
On Thu, 09 Jul 2020 at 06:09:02 -0500, Bryan Walton (Debian) via
Pkg-roundcube-maintainers wrote:
> _styles.less, located in /usr/share/roundcube/skins/elastic/styles, is a
> file that exists for local
Package: lintian-brush
Version: 0.72
Severity: wishlist
Tags: patch
Hi there,
While it's difficult to change the default value for Rules-Requires-Root:
in dpkg-buildpackage, it's arguably less intrusive to do it in lintian-brush
(at least in opinionated mode) as the maintainer has a chance to rev
Hi Salvatore!
On Wed, 22 Jul 2020 at 15:00:58 +0200, Salvatore Bonaccorso wrote:
> I have not looked in detail, but there seem to be at least one rework
> of sig2dot rewritten which seem to cover this.
>
> It is https://github.com/bmhm/sig2dot2
Thanks for the pointer, I was not aware of this pro
Control: tag -1 - moreinfo
Control: reassign -1 initramfs-tools-core 0.137
Control: retitle -1 configure_networking(): race condition with RockPro64:
calls ipconfig before NIC is detected
On Tue, 18 Aug 2020 at 23:27:42 -0700, Forest wrote:
> On Sun, 16 Aug 2020 23:10:34 +0200, Guilhem Mou
Control: -1 severity -1 serious
Hi Jochen,
On Sat, 29 Aug 2020 at 18:24:44 +0200, Jochen Sprickerhof wrote:
> Severity: grave
> Justification: renders package unusable
> […r
> /lib/systemd/system/systemd-suspend.service.d/systemd_cryptsetup-suspend.conf
> tries to call /bin/openvt which is in the
Hi Birger,
On Sun, 30 Aug 2020 at 13:45:51 +, Birger Schacht wrote:
> thanks for working on cryptsetup-suspend. I installed the package, but
> now executing systemctl suspend does not suspend anymore.
> The system switches to tty for a short moment and I can see an error
> message saying:
>> c
On Sun, 30 Aug 2020 at 16:28:41 +0200, Guilhem Moulin wrote:
> Does the attached patch help?
Seems a slash got lost, patch updated.
--
Guilhem.
--- a/debian/scripts/suspend/cryptsetup-suspend-wrapper
+++ b/debian/scripts/suspend/cryptsetup-suspend-wrapper
@@ -69,8 +69,12 @@
# copy
901 - 1000 of 1122 matches
Mail list logo
