Re: Firmware - what are we going to do about it?

On Tue, 19 Apr 2022, Andrey Rahmatullin wrote: On Tue, Apr 19, 2022 at 04:30:44PM +0100, Tim Woodall wrote: On Tue, Apr 19, 2022 at 02:38:03PM +0200, Jonas Smedegaard wrote: When I install systems, I consider non-free blobs more risky than other code. Do you consider loadable non-free blobs

Re: Firmware - what are we going to do about it?

On Tue, 19 Apr 2022, Andrey Rahmatullin wrote: On Tue, Apr 19, 2022 at 02:38:03PM +0200, Jonas Smedegaard wrote: When I install systems, I consider non-free blobs more risky than other code. Do you consider loadable non-free blobs more risky than their older versions soldered onto the hardware

Re: users not reading manpages annoyance [was: apt annoyance]

On Sat, 30 Oct 2021, David Kalnischkies wrote: On Sat, Oct 30, 2021 at 10:14:15AM +0100, Tim Woodall wrote: When doing apt-get download -o RootDir=. apt once it's downloaded the package it effectively tries to move it to ./$( pwd )/ (the prefix is whatever RootDir points to) instead of m

apt annoyance

When doing apt-get download -o RootDir=. apt once it's downloaded the package it effectively tries to move it to ./$( pwd )/ (the prefix is whatever RootDir points to) instead of moving to $( pwd )/ This causes it to fail unless you do a mkdir -p ./$( readlink -f $( pwd ) ) Is this a bug or a

Re: Bug#992692: general: Use https for {deb,security}.debian.org by default

On Wed, 8 Sep 2021, Helmut Grohne wrote: I do see the advantages of using https. I do not see how to not make it happen without breaking relevant use cases. Same with the /usr-merge. I do see the advantages. I've stopped counting the things that broke. Most recent one is the uucp FTBFS. Change h

Re: BTS not archiving Bcc: mails? [was: Re: inconsistent mailgraph settings]G

On Mon, 23 Aug 2021, Holger Wansing wrote: Am 23. August 2021 07:19:26 MESZ schrieb Tomas Pospisek : The thing is, if you close a bug report via `Bcc: -cl...@bugs.debian.org` then the mail that arrives at the BTS does *not* have the -cl...@bugs.debian.org address in t

Re: Q: Use https for {deb,security}.debian.org by default

On Sat, 21 Aug 2021, Vincent Lefevre wrote: On 2021-08-20 12:11:30 -0700, Russ Allbery wrote: The most naive attempt to mess with the update channel (intercepting the http connection and replacing a package with a malicious one) will fail immediately with both http or https. The primary differ

Re: Q: Use https for {deb,security}.debian.org by default

Is there any way to estimate what proportion of clients are behind a proxy? security.debian.org in particular could possibly see a lot more traffic when there are things like kernel updates. (Clearly it's not possible to determine how many clients a caching proxy might be serving) Are there any p

Re: A summary of where I think we are on the technical side of the merged /usr discussion

On Tue, 17 Aug 2021, Sam Hartman wrote: "Luca" == Luca Boccassi writes: Luca> Wouldn't a pre-depends solve the ordering problem in this Luca> case? No. At least it's really hard to prove that it does, we have a bad track record of getting it wrong, and if it were to work in a specific

Changing how you do things: Was Re: merged /usr

On Mon, 16 Aug 2021, David Kalnischkies wrote: /usr/bin/apt exists for 8 years now and the release notes advice using it in every section. So, how come people are still typing apt-get interactively to upgrade? Best regards David Kalnischkies P.S.: For the avoidance of doubt: apt-get is of cou

Re: Tips for debugging/testing debian/control Depends/Breaks etc changes?

On Wed, 24 Mar 2021, Otto Kek?l?inen wrote: Hello! I've noticed I've spent quite a lot of time debugging various situations where the debian/control definitions for depends/breaks/replaces/conflicts/provides are not optimal. The waste of time is two-fold: 1) apt is not verbose enough 2) the c

Re: base-passwd marked as Essential: yes but other packages depend on it being configured.

On Sun, 21 Feb 2021, Johannes Schauer Marin Rodrigues wrote: Quoting Tim Woodall (2021-02-21 22:32:16) Are you by any chance trying to do the same as: mmdebstrap --variant=apt --mode=fakechroot unstable /path/to/chroot Yes, that looks very similar indeed. Thanks. Does it do anything

Re: base-passwd marked as Essential: yes but other packages depend on it being configured.

On Sun, 21 Feb 2021, Johannes Schauer Marin Rodrigues wrote: Quoting Tim Woodall (2021-02-21 20:07:17) What I'm trying to do is build in a fakechroot. My idea was to unpack the core packages, fakeroot fakechroot chroot image apt-get install apt and have a base system to install build-dep

Re: base-passwd marked as Essential: yes but other packages depend on it being configured.

On Sun, 21 Feb 2021, Johannes Schauer Marin Rodrigues wrote: Hi, Quoting Tim Woodall (2021-02-21 18:22:19) base-passwd is marked as Essential: yes However, it actually creates the initial passwd and group files in the preinst script. this reminds me of: https://bugs.debian.org/cgi-bin

base-passwd marked as Essential: yes but other packages depend on it being configured.

Hi, base-passwd is marked as Essential: yes However, it actually creates the initial passwd and group files in the preinst script. At least two other packages depend on this initial passwd file but do not explicitly state a dependency on this package (because it's marked essential) passwd.post