Re: Please respect Freeze Policy

Le jeudi, 4 décembre 2014, 07.46:25 Bart Martens a écrit : > On Wed, Dec 03, 2014 at 10:42:54AM +0100, Didier 'OdyX' Raboud wrote: > > Le mercredi, 3 décembre 2014, 10.20:32 W. Martin Borgert a écrit : > > > Would it be OK to abuse experimental for new upstreams during > > > freeze? > > > > during

Re: Please respect Freeze Policy

On Thu, Dec 04, 2014 at 10:00:38AM +0100, Didier 'OdyX' Raboud wrote: > Le jeudi, 4 décembre 2014, 07.46:25 Bart Martens a écrit : > > On Wed, Dec 03, 2014 at 10:42:54AM +0100, Didier 'OdyX' Raboud wrote: > > > Le mercredi, 3 décembre 2014, 10.20:32 W. Martin Borgert a écrit : > > > > Would it be O

Re: Bug#772001: ITP: ruby-rails-assets-perfect-scrollbar -- Tiny but perfect jQuery scrollbar plugin

Control: reassign -1 wnpp On Jo, 04 dec 14, 15:16:30, Syam G Krishnan wrote: > package: perfect-scrollbar > Severity: wishlist > Owner: 'syam' > > *Package Name : perfect-scrollbar > Version : 2.1.2 > Upstream Author : Hyunje Alex Jun (Author name/s of the Gem). > *URL : https://github.com/no

Bug#772011: ITP: kafkacat -- generic producer and consumer for Apache Kafka

Package: wnpp Severity: wishlist Owner: Vincent Bernat -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 * Package name: kafkacat Version : 1.0.0 Upstream Author : Magnus Edenhill * URL : https://github.com/edenhill/kafkacat * License : BSD Programming Lang:

Re: Summary:Re: Bug#762194: Proposal for upgrades to jessie

On Fri, 2014-11-28 at 12:56 +0100, Svante Signell wrote: > Hello, > In summary: > a) Upgrades should _not_ change init: whatever is installed should be > kept. > b) New installs should get systemd-sysv as default init with a debconf > message about alternative init systems. > > More detailed: > 1

Bug#772019: ITP: python-proliantutils -- client lib interfacing various devices in HP Proliant Servers

Package: wnpp Severity: wishlist Owner: Thomas Goirand * Package name: python-proliantutils Version : 0.1.1 Upstream Author : Nisha Agarwal * URL : https://github.com/hpproliant/proliantutils * License : Apache-2.0 Programming Lang: Python Description

Re: delete my resume in your web site

On another note, is it just me or the links in the following line of the bug report are wrong? *Bug reassigned from package 'listarchives ' to 'lists.debian.org

Bug#772027: ITP: blogliterately -- Tool for posting Haskelly articles to blogs

Package: wnpp Severity: wishlist Owner: Dmitry Bogatov * Package name: blogliterately Version : 0.7.1.7 Upstream Author : Brent Yorgey * URL : http://byorgey.wordpress.com/blogliterately/ * License : GPL3+ Programming Lang: Haskell Description : Tool f

Announcing a Debian Hamradio Blend

Ian R Leamonth, In Debian GNU/linux they NEVER discussed to port other packages, infact in different situations i discuss this on debian-hamradio and on #fsf where they said that there was not any necessity to port the packages, and that is left to the user the freedom, to take the packages in sou

Re: Technical committee acting in gross violation of the Debian constitution

On 29.11.2014 20:43, Svante Signell wrote: > The best for kFreeBSD and Hurd would be to abandoning the Debian ship. > It is sinking :( (just let the devuan people get things in order first) Well, I'll also put my projecsts on getting rid of polkit into that direction. Why ? Because I've got the i

Re: Technical committee acting in gross violation of the Debian constitution

On 29.11.2014 20:45, Ivan Shmakov wrote: > As for Systemd being the default (on Debian GNU/Linux, > specifically), – I guess I shouldn’t bother. GNOME is also the > default, but I cannot readily recall ever having it running on > my Debian installs. > By the way: didn't

Re: curl and certificate verification in jessie

Firstly, I should say that I agree with Peter and Tollef's objectives. I'm not an expert on TLS but I was under the impression that this behaviour - requiring that TLS authentication be done by a nontrivial certificate chain - was specified by the standards (presumably X.509 rather than TLS). I c

Re: Technical committee acting in gross violation of the Debian constitution

On 28.11.2014 19:09, Christoph Anton Mitterer wrote: > For many things, CGI is actually the only way to run them securely, > since it's the only way to run foreign processes in a container > environment (chroots, etc.) or with user privilege separation. Not entirely true. About a decade ago, I've

Re: Announcing a Debian Hamradio Blend

Hi Paolo, (Removing debian-blends@lists.d.o from CC as this topic is not relevant there.) On Thu, Dec 04, 2014 at 02:40:06PM -, iw0...@riseup.net wrote: > here i upload as attachment the file hamradio Thanks for this list of software. Looking through the list I can see a lot of good candidat

Re: DE features dependent on Systemd

* Matthias Urlichs [141130 09:22]: > But on a multi-user system, we can't depend on the first user being any > sort of special owner; it might just as well be the person whose desk > the machine is hidden under I strongly disagree with this. The person performing the installation clearly has roo

Re: Technical committee acting in gross violation of the Debian constitution

Hi, Christoph Anton Mitterer: > For many things, CGI is actually the only way to run them securely, > since it's the only way to run foreign processes in a container > environment (chroots, etc.) or with user privilege separation. ? If you can run a CGI inside a chroot/container/whatever, you ca

Re: curl and certificate verification in jessie

]] Ian Jackson > Tollef Fog Heen writes ("Re: curl and certificate verification in jessie"): > > No, it doesn't necessarily. As dkg points out, I can no longer say > > «this service should have this particular cert». This makes us > > vulnerable to compromises of the CA that provides the cert f

Re: curl and certificate verification in jessie

Tollef Fog Heen writes ("Re: curl and certificate verification in jessie"): > Ian Jackson: > > Each time you generate an EE key which you intend to use this way, > > also create an ad-hoc single-shot CA. Generate one EE certificate > > using the CA, on the EE public key, and then throw the CA priv

Re: curl and certificate verification in jessie

On 12/04/2014 10:41 AM, Ian Jackson wrote: > I'm not an expert on TLS but I was under the impression that this > behaviour - requiring that TLS authentication be done by a nontrivial > certificate chain - was specified by the standards (presumably X.509 > rather than TLS). I could be wrong. FWIW

Re: delete my resume in your web site

Nikos Andrikos wrote: > On another note, is it just me or the links in the following line of the > bug report are wrong? > > *Bug reassigned from package 'listarchives > ' > to 'lists.debia

Bug#772047: RFH: pgpool2 -- connection pool server and replication proxy for PostgreSQL

Package: wnpp Severity: normal I request assistance with maintaining the pgpool2 package in the PostgreSQL team. I'm not using the package myself - someone with more experience in actually running pgpool2 would be welcome to take care of getting the more advanced features (e.g. memcached support)

Re: delete my resume in your web site

On Thu, 04 Dec 2014, Nikos Andrikos wrote: > On another note, is it just me or the links in the following line of > the bug report are wrong? Yeah, this is a bug which I've actually fixed in my code branch, and will need to update shortly. [Basically, the precise html escape used changed, and the

Re: curl and certificate verification in jessie

Daniel Kahn Gillmor writes ("Re: curl and certificate verification in jessie"): > So, the idea is that when you "accept" an EE cert, you need to do it > with an explicit associate to a specific peer's name, not just the cert > itself. newer versions of GnuTLS provide this facility, but it's not >

Re: curl and certificate verification in jessie

On 12/04/2014 01:48 PM, Ian Jackson wrote: > Daniel Kahn Gillmor writes ("Re: curl and certificate verification in > jessie"): >> So, the idea is that when you "accept" an EE cert, you need to do it >> with an explicit associate to a specific peer's name, not just the cert >> itself. newer versio

Re: curl and certificate verification in jessie

Daniel Kahn Gillmor writes ("Re: curl and certificate verification in jessie"): > It seems to narrowly solve the case in question, but possibly at the > risk of making the semantics of the API even more confusing than it > already is. If they didn't want the API to be full of confusing backward-co

Re: curl and certificate verification in jessie

Ian Jackson writes ("Re: curl and certificate verification in jessie"): > Daniel Kahn Gillmor writes ("Re: curl and certificate verification in > jessie"): > > It seems to narrowly solve the case in question, but possibly at the > > risk of making the semantics of the API even more confusing than

Re: successful upgrade to jessie - thanks!

On Thu, Nov 27, 2014 at 03:06:17PM +0100, David Kalnischkies wrote: > Hi Tomas, > > Great you like it! Many people are busy working on smoothing the edges > uncovered by all the inflowing bugreports, so the occasional "thanks!" > is a nice boost to troop morale. :) I will second the thank you.. I

Re: curl and certificate verification in jessie

]] Daniel Kahn Gillmor > On 12/04/2014 10:41 AM, Ian Jackson wrote: > > > I'm not an expert on TLS but I was under the impression that this > > behaviour - requiring that TLS authentication be done by a nontrivial > > certificate chain - was specified by the standards (presumably X.509 > > rathe

Re: successful upgrade to jessie - thanks!

On Thu, Nov 27, 2014 at 03:06:17PM +0100, David Kalnischkies wrote: > Hi Tomas, > > Great you like it! Many people are busy working on smoothing the edges > uncovered by all the inflowing bugreports, so the occasional "thanks!" > is a nice boost to troop morale. :) Btw, debian is the only complex

Re: Technical committee acting in gross violation of the Debian constitution

On Dec 04, Matthias Urlichs wrote: > If you can run a CGI inside a chroot/container/whatever, you can run a > small web server on a local port / Unix socket, and reverse-proxy it, > just as easily. While using many more times the resources. You obviously have no idea of the challenges of providi

Re: Technical committee acting in gross violation of the Debian constitution

Hi, Marco d'Itri: > On Dec 04, Matthias Urlichs wrote: > > > If you can run a CGI inside a chroot/container/whatever, you can run a > > small web server on a local port / Unix socket, and reverse-proxy it, > > just as easily. > While using many more times the resources. Which "many more" are yo

Re: Please respect Freeze Policy

On 2014-12-04 08:46, Bart Martens wrote: > On Wed, Dec 03, 2014 at 10:42:54AM +0100, Didier 'OdyX' Raboud wrote: >> Le mercredi, 3 décembre 2014, 10.20:32 W. Martin Borgert a écrit : >>> Would it be OK to abuse experimental for new upstreams during >>> freeze? >> >> during freezes, where unstable s

Re: Technical committee acting in gross violation of the Debian constitution

On Thu, 2014-12-04 at 17:03 +0100, Matthias Urlichs wrote: > If you can run a CGI inside a chroot/container/whatever, you can run a > small web server on a local port / Unix socket, and reverse-proxy it, > just as easily. Well that's probably roughly the same, although I'd still feel better if web

Re: Technical committee acting in gross violation of the Debian constitution

On Thu, 2014-12-04 at 21:14 +0100, Marco d'Itri wrote: > While using many more times the resources. You obviously have no idea of > the challenges of providing secure web hosting for non-trivial > quantities of web sites. So what do you want to imply would be secure? Apart from that, when you s

Re: Technical committee acting in gross violation of the Debian constitution

On Dec 04, Christoph Anton Mitterer wrote: > > While using many more times the resources. You obviously have no idea of > > the challenges of providing secure web hosting for non-trivial > > quantities of web sites. > So what do you want to imply would be secure? The point is not just "secure",

Re: Technical committee acting in gross violation of the Debian constitution

On Thu, 04 Dec 2014 22:23:15 +0100, Christoph Anton Mitterer wrote: >Apart from that, when you speak of "non-trivial" quantities - I'd >probably say that running gazillion websites from different entities on >one host is generally a really bad idea. Gazillions of websites are served from such set

Re: Technical committee acting in gross violation of the Debian constitution

Christoph Anton Mitterer writes: > On Thu, 2014-12-04 at 21:14 +0100, Marco d'Itri wrote: >> FastCGI is another thing that almost nobody can afford when hosting a >> significant number of web sites. > Why not? > When I've investigated in mod-php vs. cgi vs. fcgi, the fcgi turned out > to have

Work-needing packages report for Dec 5, 2014

The following is a listing of packages for which help has been requested through the WNPP (Work-Needing and Prospective Packages) system in the last week. Total number of orphaned packages: 655 (new: 10) Total number of packages offered up for adoption: 147 (new: 0) Total number of packages reques

gnome depending on apache [WAS: Technical committee acting in gross violation of the Debian constitution]

On 02.12.2014 06:01, Paul Wise wrote: >> gnome depends on apache ? > > gnome-user-share uses apache2 to share files on the local network via WebDAV. Is this an purely optional program, or does gnome itself depend on it ? >> seriously ? > > Sharing files with other computers on the local networ

mass hosting + cgi [WAS: Technical committee acting in gross violation of the Debian constitution]

On 04.12.2014 22:23, Christoph Anton Mitterer wrote: > Apart from that, when you speak of "non-trivial" quantities - I'd > probably say that running gazillion websites from different entities on > one host is generally a really bad idea. No, it's not, and it's pretty cheap, if done right. Severa

Re: Technical committee acting in gross violation of the Debian constitution

On 25.11.2014 18:30, Stephen Gran wrote: > Excellent. I'm sure that if they can create a deb, they can install > sysvinit, or runit, or some BSD, or whatever else they want. A default > is only a default, after all. Just curious about the term "default": Can I still install a system w/o system

Re: gnome depending on apache [WAS: Technical committee acting in gross violation of the Debian constitution]

On Fri, Dec 5, 2014 at 10:25 AM, Enrico Weigelt wrote: > Is this an purely optional program, or does gnome itself depend on it ? Please review the dependencies of the gnome metapackage. -- bye, pabs https://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debi

Re: Technical committee acting in gross violation of the Debian constitution

On 27.11.2014 00:29, Noel Torres wrote: > manpower required to maintain a distribution with more than one init > system widey installed, manpower to perform the required changes to > support multiple init systems in Jessie, centered about the most > important question: our users. Just curious: ho

Re: Technical committee acting in gross violation of the Debian constitution

On 27.11.2014 11:18, Martin Steigerwald wrote: >> Desktops (not only GNOME) use a very tiny bit of systemd, interfaces >> that could be provided elsewhere. The real purpose of systemd is to >> provide a modern init system. > > I still wonder why there are provided within systemd then. Same for m

Re: Technical committee acting in gross violation of the Debian constitution

On 27.11.2014 11:53, Matthias Urlichs wrote: > Yes, the logind-related parte _could_ be provided elsewhere, but part of > the features logind needs is already implemented in systemd. Can you understand, that this method is exactly one of the major reason why many people dont like the systemd fac

Re: Technical committee acting in gross violation of the Debian constitution

"Enrico Weigelt, metux IT consult" writes: > On 27.11.2014 00:29, Noel Torres wrote: > >> manpower required to maintain a distribution with more than one init >> system widey installed, manpower to perform the required changes to >> support multiple init systems in Jessie, centered about the most

Re: Technical committee acting in gross violation of the Debian constitution

On Fri, Dec 05, 2014 at 05:02:27AM +0100, Enrico Weigelt, metux IT consult wrote: > On 27.11.2014 11:53, Matthias Urlichs wrote: > > > Yes, the logind-related parte _could_ be provided elsewhere, but part of > > the features logind needs is already implemented in systemd. > > Can you understand

Re: Technical committee acting in gross violation of the Debian constitution

On Fri, Dec 05, 2014 at 03:58:53AM +0100, Enrico Weigelt, metux IT consult wrote: > On 25.11.2014 18:30, Stephen Gran wrote: > > > Excellent. I'm sure that if they can create a deb, they can install > > sysvinit, or runit, or some BSD, or whatever else they want. A default > > is only a default

Re: Please respect Freeze Policy

On Thu, Dec 04, 2014 at 10:08:38PM +0100, Niels Thykier wrote: > Unfortunately, it is equally disruptive when people (despite best > efforts) misjudge the consequences of their upload. In such a case, you > would be depriving your fellow co-Debianites from the opportunity of > getting some patches

Bug#772100: ITP: mimepull -- Java API to access attachments in a MIME message

Package: wnpp Severity: wishlist Owner: Tim Potter * Package name: mimepull Version : 1.9.4 Upstream Author : Jitendra Kotamraju and Martin Grebac * URL : https://mimepull.java.net * License : CDDL 1.1, GPL2 Programming Lang: Java Description : Java API

Re: Technical committee acting in gross violation of the Debian constitution

"Enrico Weigelt, metux IT consult" writes: > Same for me. If there really is some functionality which some DEs really > need, why not having an entirely separate tool for that ? > Anyways, I still didn't understand why udev is bundled within systemd. And I don't understand why you think your pe

Re: Technical committee acting in gross violation of the Debian constitution

This one time, at band camp, Enrico Weigelt, metux IT consult said: > On 25.11.2014 18:30, Stephen Gran wrote: > > > Excellent. I'm sure that if they can create a deb, they can install > > sysvinit, or runit, or some BSD, or whatever else they want. A default > > is only a default, after all. >