On Wed, Aug 09, 2017 at 06:07:23AM +0900, Mike Hommey wrote:
> One would argue this should be a feature of apt. In Fedora land, you use
And apt developers would argue back that apt could indeed do it if
someone would write a patch – which isn't a new idea, the ddeb
granddaddy of what we have now a
Hi intrigeri,
> tl;dr: I hereby propose we enable AppArmor by default in testing/sid,
> and decide one year later if we want to keep it this way in the
> Buster release.
Thanks for such a comprehensive and compelling write-up :)
> * Enable AppArmor on your Debian systems:
>https://wiki.debi
Hello,
On Fri, 04 Aug 2017, Ansgar Burchardt wrote:
> So I have been wondering several times whether we should move the
> maintainer information elsewhere. For example, tracker.d.o could be
> extended to record maintainer information. It could also understand
> the concept of "teams" listing tea
Package: wnpp
Severity: wishlist
Owner: Kartik Mistry
* Package name: mediawiki-extensions-translate
Version :
Upstream Author : Niklas Laxström et al.
* URL : https://www.mediawiki.org/wiki/Extension:Translate
* License : GPL
Programming Lang: PHP
Descript
Package: wnpp
Severity: wishlist
Owner: Kartik Mistry
* Package name: mediawiki-extensions-universallanguageselector
Version :
Upstream Author : Wikimedia Language Team
* URL :
https://www.mediawiki.org/wiki/Extension:UniversalLanguageSelector
* License : GPL
Marco d'Itri wrote:
> On Aug 07, Joerg Jaspert wrote:
>> Thats nice for any environment where on can freely define that
>> everything works like this.
>>
>> Unfortunately real world doesnt work like it.
> Can you describe some examples of what still requires 1.0/1.1 on a
> client or a server?
Processing commands for cont...@bugs.debian.org:
> reassign 871547 cinnamon
Bug #871547 [general] general: Can't change to any other background.
Bug reassigned from package 'general' to 'cinnamon'.
Ignoring request to alter found versions of bug #871547 to the same values
previously set
Ignoring
Hi,
Chris Lamb:
> Related to this, most of my packages are 'server'-ish and it feels
> like some of the hardening features are also/already covered by my
> systemd .service files.
Quite possibly :)
> Should/could I be also reimplementing these in AppArmor for defense
> in depth or any comments i
intrigeri writes:
> You surely could, but reimplementing exactly the same protections is
> probably not the best use of your time.
> Now, each of systemd and AppArmor can do hardening stuff that the
> other doesn't support (at all or nicely), so sometimes it's good to do
> a little bit of both.
Hi,
Ritesh Raj Sarraf:
> But I see there's an apparmor-notify package.
Sadly it's not well integrated in Debian currently.
Root cause of the problem:
https://bugs.launchpad.net/apparmor/+bug/1597671
Short term workaround: https://bugs.debian.org/759604
> Maybe that is the answer.
I suspect th
Christian Seiler:
> On 08/06/2017 05:32 PM, intrigeri wrote:
>> Rules that are not supported by the running kernel are silently
>> ignored, i.e. the operation is allowed.
> Is there at least a warning during the load of the profile?
There used to be a warning, but it was causing lots of confusion
On 08/09/2017 10:33 PM, intrigeri wrote:
> Christian Seiler:
>> On 08/06/2017 05:32 PM, intrigeri wrote:
>>> Rules that are not supported by the running kernel are silently
>>> ignored, i.e. the operation is allowed.
>
>> Is there at least a warning during the load of the profile?
>
> There used
On Sun, Jul 30, 2017 at 02:36:03PM +0200, Steffen Möller wrote:
>
> Users will not care if it is flatpak, singularity, conda or prefix -
> they want
> all the packages and the packages shall work. What I like about all of these
> efforts is that from what I grasped we will stop caring too much abo
Stuff like s3cmd are tools connecting to cloud services. Arguably
usable to have tools to free data from the clouds.
...but bug#856139 is, I believe, about a tool advertising a cloud
service which is *not* used by the tool. Instead that cloud service is
advertised as an option *instead* of in
Hi,
[John, there's a question for you at the bottom, but you probably have
useful input about the first part of the discussion below too.]
Moritz Mühlenhoff:
> Christian Seiler schrieb:
>> Another thing to consider: if a profile is too restrictive, but the
>> part that is too restrictive isn't i
Let me just mention in this thread the volk package. Vector Optimized Library
of Kernels implements a high level set of DSP operations, with fast
implementations chosen at runtime depending on available CPU SIMD instructions.
There is always a generic fallback implementation that runs on any CPU
On Wed, Aug 09, 2017 at 05:31:08PM -0400, A. Maitland Bottoms wrote:
> Let me just mention in this thread the volk package. Vector Optimized
> Library of Kernels implements a high level set of DSP operations, with
> fast implementations chosen at runtime depending on available CPU SIMD
> instructi
On 08/09/2017 02:31 PM, intrigeri wrote:
> Hi,
>
> [John, there's a question for you at the bottom, but you probably have
> useful input about the first part of the discussion below too.]
>
> Moritz Mühlenhoff:
>> Christian Seiler schrieb:
>>> Another thing to consider: if a profile is too restr
Package: wnpp
Severity: wishlist
Owner: =?utf-8?q?Guido_G=C3=BCnther?=
* Package name: virt-bootstrap
Upstream Author : Cédric Bosdonnat
* URL : https://github.com/virt-manager/virt-bootstrap/
* License : GPL-v3
Programming Lang: Python3
Description : Tool to se
19 matches
Mail list logo
