Dear Debian-devel,
The preparation for the transition are going pretty much good.
In the meantime the bugs have been filed and there are already many
fixes uploaded. MANY THANKS for all of you.
I'm also rebuilding newly uploaded packages to keep libpng.sviech.de
somehow up to date.
Of course,
Package: wnpp
Severity: wishlist
Owner: Ghislain Antony Vaillant
* Package name: field3d
Version : 1.6.1
Upstream Author : Sony Pictures Imageworks Inc
* URL : https://github.com/imageworks/Field3D
* License : BSD
Programming Lang: C++
Description : a l
On 08/01/16 03:03, Marco d'Itri wrote:
> It has been said that some have[citation needed] crappy boot loaders
> that do not support loading an initramfs, but you can still embed one in
> the kernel binary if you are building your own kernel
... and you'd need to build your own kernel on these pl
On Wed, 06 Jan 2016 00:03:31 +0100, Philipp Kern
wrote:
>On 2016-01-04 11:30, Marc Haber wrote:
>> On Sun, 3 Jan 2016 22:30:24 +0100, Eric Valette
>> wrote:
>>> System admins do like using absolute path
>>> for security reasons...
>> Please also notice that this is the only option for ExecStart i
On 01/08/2016 09:41 AM, Marc Haber wrote:
> On Wed, 06 Jan 2016 00:03:31 +0100, Philipp Kern
> wrote:
>> On 2016-01-04 11:30, Marc Haber wrote:
>>> On Sun, 3 Jan 2016 22:30:24 +0100, Eric Valette
>>> wrote:
System admins do like using absolute path
for security reasons...
>>> Please als
On Mon, 4 Jan 2016 13:51:48 +0100, Christian Seiler
wrote:
>On 01/04/2016 12:15 PM, Marc Haber wrote:
>> On Mon, 04 Jan 2016 12:01:46 +0100, Ansgar Burchardt
>>> Remember that / and /usr don't have to reside on the same partition with
>>> the usrmerge proposal: they only have to be both available
]] Christian Seiler
> On 01/08/2016 09:41 AM, Marc Haber wrote:
> > On Wed, 06 Jan 2016 00:03:31 +0100, Philipp Kern
> > wrote:
> >> On 2016-01-04 11:30, Marc Haber wrote:
> >>> On Sun, 3 Jan 2016 22:30:24 +0100, Eric Valette
> >>> wrote:
> System admins do like using absolute path
>
On Mon, 4 Jan 2016 13:38:15 +0100, Christian Seiler
wrote:
>On 01/04/2016 11:41 AM, Marc Haber wrote:
>> On Sun, 03 Jan 2016 13:28:14 -0800, Russ Allbery
>> wrote:
>>> I do understand why people working in the embedded space care about some
>>> unusual mount orderings, file system separations, an
On 8 January 2016 at 10:21, Marc Haber wrote:
>>So let's say you installed lenny and had 512 MiB for / (with separate
>>/usr) because you thought back then that it was more than enough (more
>>than double the installed size) - and upgrade to Jessie will either run
>>out of disk space or come very
On Mon, 4 Jan 2016 14:15:21 +0100, Christian Seiler
wrote:
>On 01/04/2016 11:44 AM, Marc Haber wrote:
>> On Sun, 3 Jan 2016 21:35:39 +0100, Christian Seiler
>> wrote:
>>> So that was the state in February of 2011, when the warning was added
>>> to systemd and the systemd developers recommended th
On Tue, 5 Jan 2016 02:07:35 +0100, Christian Seiler
wrote:
>On 01/05/2016 01:34 AM, Marc Haber wrote:
>> On Mon, 4 Jan 2016 22:21:06 +0100, Iustin Pop
>> wrote:
>>> On 2016-01-04 12:03:07, Marc Haber wrote:
On Sun, 3 Jan 2016 19:15:18 +0100, m...@linux.it (Marco d'Itri) wrote:
> Anyway,
On Fri, Jan 08, 2016 at 10:21:00AM +0100, Marc Haber wrote:
> The upside of this is that this will free up space in / which will be
> needed for a dedicated recovery image. Too bad that we don't have such
> a thing ourselves and have to recommend third-party products like grml
grml is packaged and
On Fri, Jan 08, 2016 at 08:16:06AM +0100, Svante Signell wrote:
> The problem is that with Debian heading down this road, the Debian GNU/Linux
> distribution will not exist in 5 years from now. You will make yourselves
> extinct due to the competition from commercial alternatives.
You greatly over
On Fri, Jan 08, 2016 at 10:11:07AM +, Jonathan Dowland wrote:
grml is packaged and is an apt-get away. It's third-party in just the
same way that the linux kernel, or exim are.
Wrong. You have a wrapper package that adds grml iso from /boot/grml to
the grub.cfg. You have to download the gr
Marc Haber writes:
> Keep support for things that used to work for, say, at least three or
> four stable releases, document that and commit to it. And, of course,
> stick to it.
So at approx 2 years per stable release, that would be around 6 to 8
years before we could get this optional change in
* Stephan Seitz [Fri Jan 08, 2016 at 11:18:41AM +0100]:
> On Fri, Jan 08, 2016 at 10:11:07AM +, Jonathan Dowland wrote:
> >grml is packaged and is an apt-get away. It's third-party in just the
> >same way that the linux kernel, or exim are.
> Wrong. You have a wrapper package that adds grml is
On Fri, 2016-01-08 at 10:11 +, Jonathan Dowland wrote:
> On Fri, Jan 08, 2016 at 10:21:00AM +0100, Marc Haber wrote:
> > The upside of this is that this will free up space in / which will be
> > needed for a dedicated recovery image. Too bad that we don't have such
> > a thing ourselves and hav
* Ian Campbell [Fri Jan 08, 2016 at 10:22:01AM +]:
> On Fri, 2016-01-08 at 10:11 +, Jonathan Dowland wrote:
> > On Fri, Jan 08, 2016 at 10:21:00AM +0100, Marc Haber wrote:
> > > The upside of this is that this will free up space in / which will be
> > > needed for a dedicated recovery imag
On Jan 08, Marc Haber wrote:
> important functionality maked as "broken", "obsolete" and eventually
> removed, just as the keyscript= feature of /etc/crypttab was lost a
> year ago (noone cared).
Let's be clear here: nobody cared enough to implement it.
It was clearly explained by the upstream ma
On Fri, Jan 08, 2016 at 11:49:48AM +0100, Michael Prokop wrote:
We've an open wishlist bug report for the "download the Grml ISO"
part (#754393) which we plan to resolve soonish, jfyi.
Ah, thank you very much. That still leaves the space problem. Only my
newer systems where I knew that I wante
On Fri, 8 Jan 2016 09:44:17 +0100, Christian Seiler
wrote:
>On 01/08/2016 09:41 AM, Marc Haber wrote:
>> On Wed, 06 Jan 2016 00:03:31 +0100, Philipp Kern
>> wrote:
>>> On 2016-01-04 11:30, Marc Haber wrote:
On Sun, 3 Jan 2016 22:30:24 +0100, Eric Valette
wrote:
> System admins do l
On Fri, 8 Jan 2016 12:53:43 +0100, m...@linux.it (Marco d'Itri) wrote:
>On Jan 08, Marc Haber wrote:
>> important functionality maked as "broken", "obsolete" and eventually
>> removed, just as the keyscript= feature of /etc/crypttab was lost a
>> year ago (noone cared).
>Let's be clear here: nobod
On Fri, 8 Jan 2016 10:32:03 +0100, Andrew Shadura
wrote:
>Marc, please re-read the whole thread from the very beginning. Nobody
>forces merged /usr on you.
Enough trust has been lost in the past years that I'd like to have a
commitment for that. Write it down, and I'm fine.
Greetings
Marc
--
--
On Fri, 08 Jan 2016 21:20:21 +1100, Brian May wrote:
>Marc Haber writes:
>> Keep support for things that used to work for, say, at least three or
>> four stable releases, document that and commit to it. And, of course,
>> stick to it.
>
>So at approx 2 years per stable release, that would be arou
On 01/08/2016 12:53 PM, Marco d'Itri wrote:
> On Jan 08, Marc Haber wrote:
>
>> important functionality maked as "broken", "obsolete" and eventually
>> removed, just as the keyscript= feature of /etc/crypttab was lost a
>> year ago (noone cared).
> Let's be clear here: nobody cared enough to impl
On Fri, Jan 08, 2016 at 09:50:56AM +0100, Marc Haber wrote:
> The loss of keyscript just broke my clients. I am really afraid of the
> first system update breaking my _servers_, causing a resinstall to be
> necessary. I know of one customer who already said that if a reinstall
> will become necessa
Riku Voipio:
> On Fri, Jan 08, 2016 at 09:50:56AM +0100, Marc Haber wrote:
>> The loss of keyscript just broke my clients. I am really afraid of the
>> first system update breaking my _servers_, causing a resinstall to be
>> necessary. I know of one customer who already said that if a reinstall
>>
On Fri, 8 Jan 2016 14:24:52 +0100, Christian Seiler
wrote:
> - Instead it was proposed to use password agents (see [1]) for this.
>
> - Problem with that is that the password agents don't support
> arbitrary binary data, which is needed for keys (they only support
> plain text).
And there is
On Fri, 8 Jan 2016 13:04:16 +, Riku Voipio
wrote:
>On Fri, Jan 08, 2016 at 09:50:56AM +0100, Marc Haber wrote:
>> The loss of keyscript just broke my clients. I am really afraid of the
>> first system update breaking my _servers_, causing a resinstall to be
>> necessary. I know of one customer
On Fri, Jan 08, 2016 at 03:13:12PM +0100, Marc Haber wrote:
> All _my_ clients run unstable anyway
I'll leave the obvious response here to others.
But, what I find odd about this is you've suggested that there should be a
*multi-release* transition for a change like this, more than once in the
th
On Fri, Jan 08, 2016 at 11:18:41AM +0100, Stephan Seitz wrote:
> Wrong. You have a wrapper package that adds grml iso from /boot/grml to the
> grub.cfg. You have to download the grml images yourself and you need the
> space to save the images in /boot/grml.
Thanks for explaining: I was under the m
I want to report a bug regarding to {anonscm,git}.debian.org, but I
don't find a pseudo package to file bugreport to, so I contacted
ad...@alioth.debian.org, but no reply yet for nearly 1 month.
I hope maybe someone here can help. Thank you!
Cheers,
Roger
-- Forwarded message --
On Sat, 09 Jan 2016, Roger Shimizu wrote:
> I want to report a bug regarding to {anonscm,git}.debian.org, but I
> don't find a pseudo package to file bugreport to, so I contacted
> ad...@alioth.debian.org, but no reply yet for nearly 1 month.
>
> I hope maybe someone here can help. Thank you!
>
On Sat, Jan 9, 2016 at 12:19 AM, Alexander Wirt wrote:
> On Sat, 09 Jan 2016, Roger Shimizu wrote:
>> https://anonscm.debian.org/git/kernel/linux.git
> All those urls work for cloning.
>
> So what exactly is your problem?
Thanks for your response!
In browser, you see an https link, click it then
Marc Haber:
> Debian has already been forked by people who found Debian's release
> cycles too long. The result is called Ubuntu, and we lost many of the
> users (and developers!) who want shorter release cycles to them.
>
> Now, we aim for shorter release cycles ourselves, which won't bring
> any
Hey devel,
We still have `git://` all over the place, for instance, on Vcs-Git on
control files. That makes me sad. Boo insecure transports.
`git://` is plaintext, and plaintext transports are bad.
I'd like to suggest we move all Vcs-Git entries to either `https` or
`ssh`.
Signing tags is a goo
> I'd like to suggest we move all Vcs-Git entries to either `https` or
> `ssh`.
>
As mapreri points out - this is for anon clone, so only https - as I
pointed out in a blog post years ago, ssh is a bad idea :)
http://blog.pault.ag/post/27268910152/usage-of-vcs-git-in-the-debian-archive
--
:wq
Good point, and I stand corrected. Thanks!
Let's beat GitHub!
Paul
On Fri, Jan 8, 2016 at 10:47 AM, Andrew Shadura wrote:
> On 08/01/16 16:43, Paul Tagliamonte wrote:
> > `git://` provides no upside and really shouldn't exist anymore. GitHub
> > has even turned it off[1]
> >
> > Are we going
Package: lintian
Severity: wishlist
Paul Tagliamonte writes:
> We still have `git://` all over the place, for instance, on Vcs-Git on
> control files. That makes me sad. Boo insecure transports.
>
> `git://` is plaintext, and plaintext transports are bad.
>
> I'd like to suggest we move all Vcs-G
On Fri, Jan 08, 2016 at 10:43:40AM -0500, Paul Tagliamonte wrote:
> Hey devel,
>
> We still have `git://` all over the place, for instance, on Vcs-Git on
> control files. That makes me sad. Boo insecure transports.
>
> `git://` is plaintext, and plaintext transports are bad.
>
> I'd like to sugg
Hi,
> http://blog.pault.ag/post/27268910152/usage-of-vcs-git-in-the-debian-archive
>
> Enter github.com/debian
>
> – IMHO, we should consider putting the repos that are already on
> GitHub under Debian namespace, so that the team of maintainers
> may be able to add new collaborators.
I'd like to
On Fri, 2016-01-08 at 10:43 -0500, Paul Tagliamonte wrote:
> I'd like to suggest we move all Vcs-Git entries to either `https` or
I doubt https will give any real hard additional security, based on the
inherent problems of the X.509 CA system.
Per default, git would take the system CA store, which
On Friday, January 08, 2016 10:43:40 AM Paul Tagliamonte wrote:
> Hey devel,
>
> We still have `git://` all over the place, for instance, on Vcs-Git on
> control files. That makes me sad. Boo insecure transports.
>
> `git://` is plaintext, and plaintext transports are bad.
>
> I'd like to sugges
On Jan 08 2016, Svante Signell wrote:
> On Thu, 2016-01-07 at 22:46 +0100, Philip Hands wrote:
>> Marc Haber writes:
>>
>> > On Tue, 5 Jan 2016 19:37:03 +0100, Marco d'Itri wrote:
>> > > On Jan 05, Ian Jackson wrote:
>> > >
>> > > > People who have been using a configuration for many years na
On 2016-01-08 16:43, Paul Tagliamonte wrote:
Hey devel,
We still have `git://` all over the place, for instance, on Vcs-Git on
control files. That makes me sad. Boo insecure transports.
`git://` is plaintext, and plaintext transports are bad.
I'd like to suggest we move all Vcs-Git entries to
Christoph Anton Mitterer writes:
> On Fri, 2016-01-08 at 10:43 -0500, Paul Tagliamonte wrote:
>> I'd like to suggest we move all Vcs-Git entries to either `https` or
> I doubt https will give any real hard additional security, based on the
> inherent problems of the X.509 CA system.
Moving the
On Fri, 8 Jan 2016 15:01:53 +, Jonathan Dowland
wrote:
>and since you are running sid anyway, it wouldn't even help you, so I'm puzzled
>why you suggested it.
You obviously don't see the difference between a customer, a client
machine and a server. This might be a matter of language, so I'll
On 01/08/2016 10:21 AM, Marc Haber wrote:
> On Mon, 4 Jan 2016 13:38:15 +0100, Christian Seiler
> wrote:
>> On 01/04/2016 11:41 AM, Marc Haber wrote:
>>> We have already shown how "much" we care about the users of non-Linux
>>> kernels in Debian ("not at all, they can happily go fishing").
>>
>> S
On Fri, 8 Jan 2016 15:42:07 +, Niels Thykier
wrote:
> Given the latter half of our
>freeze tends to involve mostly frustration, fragmentation of developers
>and very few bug fixes, I am personally one of the people, who would
>like to see Debian have shorter freezes[1].
Yes, I have heard your
On 01/08/2016 09:50 AM, Marc Haber wrote:
> The loss of keyscript just broke my clients.
I had an inspiration earlier and hacked this together:
https://gist.github.com/chris-se/9c0def7dca60d023d188
(Warning: not thoroughly tested, code is a quick hack and awful, might
do unexpected things. Also n
On Fri, Jan 08, 2016 at 06:38:05PM +0100, Marc Haber wrote:
> On Fri, 8 Jan 2016 15:01:53 +, Jonathan Dowland
> wrote:
> >and since you are running sid anyway, it wouldn't even help you, so
> >I'm puzzled why you suggested it.
>
> You obviously don't see the difference between a customer, a c
On Fri, 8 Jan 2016 17:54:49 +, Jonathan McDowell
wrote:
>You're not communicating clearly and this is indeed causing problems in
>this thread. You said "all my clients run unstable", not "all my client
>machines run unstable". You've also later said "I've not installed any
>new Debian systems
On Fri, 08 Jan 2016 09:14:45 -0800, Nikolaus Rath
wrote:
>On Jan 08 2016, Svante Signell wrote:
>> The problem is that with Debian heading down this road, the Debian GNU/Linux
>> distribution will not exist in 5 years from now.
>
>Debian is developed by its developers, not by its users. Do you ha
On Fri, 8 Jan 2016 18:51:20 +0100, Christian Seiler
wrote:
>(Warning: not thoroughly tested, code is a quick hack and awful, might
>do unexpected things. Also not documented. Quick howto: run make, copy
>systemd-keyscript-cryptsetup to /lib/cryptsetup/, copy keyscript-generator
>to /lib/systemd/sy
On Sat, 09 Jan 2016, Roger Shimizu wrote:
> On Sat, Jan 9, 2016 at 12:19 AM, Alexander Wirt wrote:
> > On Sat, 09 Jan 2016, Roger Shimizu wrote:
> >> https://anonscm.debian.org/git/kernel/linux.git
> > All those urls work for cloning.
> >
> > So what exactly is your problem?
>
> Thanks for your
On 01/08/2016 07:19 PM, Marc Haber wrote:
> On Fri, 8 Jan 2016 18:51:20 +0100, Christian Seiler
> wrote:
>> (Warning: not thoroughly tested, code is a quick hack and awful, might
>> do unexpected things. Also not documented. Quick howto: run make, copy
>> systemd-keyscript-cryptsetup to /lib/crypt
On Fri, 8 Jan 2016 18:37:11 +0100, Christian Seiler
wrote:
>On 01/08/2016 10:21 AM, Marc Haber wrote:
>> If hundreds of megabytes of software would get moved from /usr to /,
>> this would certainly overflow my root file systems.
>
>That is not what is going to happen. Nobody ever proposed that. I
On 01/08/2016 04:43 PM, Paul Tagliamonte wrote:
> We still have `git://` all over the place, for instance, on Vcs-Git on
> control files. That makes me sad. Boo insecure transports.
Ben Hutchings posted this not too long ago on Planet Debian:
http://womble.decadent.org.uk/blog/securing-debcheckout
On Fri, 2016-01-08 at 09:14 -0800, Nikolaus Rath wrote:
> On Jan 08 2016, Svante Signell wrote:
> > The problem is that with Debian heading down this road, the Debian
> > GNU/Linux distribution will not exist in 5 years from now.
>
> Debian is developed by its developers, not by its users. Do yo
On Fri, 2016-01-08 at 19:15 +0100, Marc Haber wrote:
> Quite some developers are getting paid to be Debian users or by
> Debian
> users. We participate in Debian because it makes using Debian easier
> for the people who pay us.On Fri, 08 Jan 2016 09:14:45 -0800,
> Nikolaus Rath
>
>
> If these u
Am Freitag, den 08.01.2016, 09:14 -0800 schrieb Nikolaus Rath:
>
> Debian is developed by its developers, not by its users. Do you have
> any
> evidence (other than your opinion) that loss of users would cause
> loss
> of development work?
Our priorities are our users and free software
We will
Simon McVittie wrote:
> 0m24.5s DEBUG: Starting command: ['adequate', '--root',
> '/srv/piuparts.debian.org/tmp/tmpk5ZNdX', 'iputils-ping']
> 0m24.6s DUMP:
> iputils-ping: bin-or-sbin-binary-requires-usr-lib-library /bin/ping6
> => /usr/lib/x86_64-linux-gnu/libgnutls-openssl.so.27
>
> I don't kn
Good moo,
I just uploaded APT 1.2~exp1 to experimental. This release includes
the following highlights:
* Automatic removal of debs after install for apt(8)
* LZ4 support
* Recompression of indices
* Parallel rred
* Further 15% performance gain in cache generation
It should hit the archive with
Svante Signell writes:
> No you are not. Debian following the commercial vendor track will make
> them extinguished. Technically there are no real advantages of the new
> (in many youngsters mind revolutionary) ideas. The idea of a Debian
> Universal Operating System, supporting Free Software (no
On Jan 08 2016, Tobias Frost wrote:
> Am Freitag, den 08.01.2016, 09:14 -0800 schrieb Nikolaus Rath:
>> Debian is developed by its developers, not by its users. Do you have
>> any evidence (other than your opinion) that loss of users would cause
>> loss of development work?
>
>
> Our priorities a
Le 08/01/2016 22:13, Julian Andres Klode a écrit :
> So roughly speaking, we only take 2/3 of the time now compared
> to 1.1.8 after which I started optimising the code.
>
And I wish to say to you that you made a very good job at this. On my
personal self-hosted server, the difference is huge (Inte
On Jan 08, Robert Edmonds wrote:
> If it really does need to do MD5, maybe it could use the one in libbsd0
> instead of dragging in libgnutls-openssl27 and its dependencies.
I did not notice this recent addition...
Folks, there is *a lot* of software which embeds copies of md5.c: please
try to c
On Fri, 2016-01-08 at 09:35 -0800, Russ Allbery wrote:
> Moving the goalposts from trivial MITM via a rogue AP to obtaining a
> fradulent SSL certificate is probably not "hard" security, whatever
> that
> means to you, but is a substantial increase the level of work
> required for
> the attacker.
W
Package: wnpp
Severity: wishlist
Owner: Jonathan Ulrich Horn
X-Debbugs-CC: debian-devel@lists.debian.org
* Package name: node-nodeunit
Version : 0.9.1
Upstream Author : Caolan McMahon
* URL : https://github.com/caolan/nodeunit
* License : Expat
Programming La
On Sat, Jan 9, 2016 at 3:29 AM, Alexander Wirt wrote:
> On Sat, 09 Jan 2016, Roger Shimizu wrote:
>> On Sat, Jan 9, 2016 at 12:19 AM, Alexander Wirt wrote:
>> > On Sat, 09 Jan 2016, Roger Shimizu wrote:
>> In browser, you see an https link, click it then you get an empty
>> page, which I think us
On Sat, Jan 9, 2016 at 2:29 AM, Alexander Wirt wrote:
> curl https://anonscm.debian.org/git/kernel/linux.git 2>&1 |grep -i \ kernel/linux - Debian linux repository
I wonder if a redirect would be more appropriate?
--
bye,
pabs
https://wiki.debian.org/PaulWise
On Fri, Jan 08, 2016 at 01:31:12PM -0800, Russ Allbery wrote:
> What will kill Debian faster than anything else is to have every idea for
> changing something large, interesting, or possibly revolutionary in Debian
> be met with anger, derision, and attacks.
Hear, hear. I snipped out the rest of R
72 matches
Mail list logo
