Re: finally end single-person maintainership

On Tue, May 21, 2024 at 12:05:59PM +0200, Philip Hands wrote: > >> > All these things should make it much more easy for other people or > >> > automated tools to send merge requests or keep maintaining a > >> > package in > >> > case the original maintainer becomes MIA. > >> > >> > >> Mandating a

Re: Salsa - best thing in Debian in recent years? (Re: finally end single-person maintainership)

On Tue, May 21, 2024 at 08:45:50PM +0900, Simon Richter wrote: > Hi, > > On 5/21/24 15:54, Andrey Rakhmatullin wrote: > > > > The Debian archive itself is a VCS, so git-maintained packaging is also a > > > duplication, and keeping the official VCS and git synchroniz

Re: finally end single-person maintainership

On Wed, May 22, 2024 at 12:32:32AM +0200, Salvo Tomaselli wrote: > And what's the advantage? When an nmu happens the person doing it normally > doesn't bother to push to salsa anyway. Yes, because it's unfortunately too expensive to: - make sure the repo exists and is uptodate - somehow find out

Re: finally end single-person maintainership

On Wed, May 22, 2024 at 09:11:16PM +0200, Bernd Zeimetz wrote: > > > You can run autopkgtests locally, you do not need Salsa for that. > > > > Also, Debian runs autopkgtests on all packages that provide them, and > > makes passing them on all supported architectures a requirement for > > testing

Re: changing existing entries in debian/changelog

On Fri, May 24, 2024 at 09:30:44AM +0200, Bastian Venthur wrote: > I'm having troubles finding the relevant parts in the developers reference. > I've uploaded a version to experimental and later found out that this > version fixes several bugs. > > Can I rewrite existing changelog entries for alre

Re: DebDelta Package Broken by Python3.9

On Wed, Dec 09, 2020 at 12:52:30PM -0500, Calum McConnell wrote: > Hi all, > I just wanted to note the breakage, and ask for an NMU. I have prepared > and uploaded a patch, both to Salsa and to the BTS, and it has been a few > days without any response. The patch is very simple: just replace all

Re: Release status of i386 for Bullseye and long term support for 3 years?

On Mon, Dec 14, 2020 at 05:13:54PM -0500, Calum McConnell wrote: > Since (AFAIK) there is a substantial speed penalty to installing a non-pae > kernel on a -pae processor, The penalty is not using more than 4 Gb of RAM (the only related speed penalty I know about is using PAE vs not using it). --

Re: Disabling automatic upgrades on Sid by default?

On Mon, Dec 28, 2020 at 02:09:55PM +0200, Adrian Bunk wrote: > The internet is full of people who "envision" things, and who claim it > "would surely not be burdensome" if other people would do the actual > work for them. > > If you want this to happen, it is you who will have to implement and

Re: Network and KDE lost after testing upgrade

On Sun, Jan 10, 2021 at 01:55:53PM +0100, Xavier wrote: > Hi all, > > After a testing update and a reboot, I lost (at least) network and KDE > sessions. Is there a known issue? What do you mean? Do you mean you removed some packages or something else? -- WBR, wRAR signature.asc Description: PG

Re: Making Debian available

On Fri, Jan 15, 2021 at 12:11:06PM +0100, Emanuele Rocca wrote: > So the current situation is that we make an active effort to produce two > different types of installation media: one that works for all users, and > one broken for most laptops. (not just laptops, many other user machines as well)

Re: Making Debian available

On Fri, Jan 15, 2021 at 04:39:47PM +, Jeremy Stanley wrote: > Thanks for the insightful suggestion! Can we also just get rid of > non-free and contrib in that case and put everything in main? If > people don't want non-free software they can just not install it, > right? Problem solved apparent

Re: Making Debian available

On Fri, Jan 15, 2021 at 09:35:01AM -0800, Russ Allbery wrote: > I agree with the original proposal to make it easier to find an installer > that works (technically) on a broader range of systems, while > simultaneously being irritated that non-free nonsense is required for most > commercially-avail

Re: Making Debian available

On Fri, Jan 15, 2021 at 09:19:37PM +0100, Marc Haber wrote: > On Fri, 15 Jan 2021 21:45:35 +0500, Andrey Rahmatullin > wrote: > >We already tell people to enable non-free > >and check everything they install as that's the only option we provide. > > And those people

Re: Making Debian available

On Sat, Jan 16, 2021 at 09:27:28AM -0800, Russ Allbery wrote: > The installer with non-free firmware built in would, I think, be better. > I know it exists, but last time I wasn't able to use it because I needed a > testing installer, not a stable installer, for some hardware reason, and I > couldn

Re: Making Debian available

On Sat, Jan 16, 2021 at 06:18:07PM +, Andrew M.A. Cater wrote: > That's the trail of breadcrumbs: > * I'm not sure _even if_ you put the non-free installer up on the front page, > that it would solve wifi problems for all values of wifi firmware It won't solve wifi problems for all values of

Re: Making Debian available

On Sun, Jan 17, 2021 at 11:33:28AM +0100, Marc Haber wrote: > My workaround is to plug in a network cable for installation. But > alas, I have up to now been able to avoid hardware without built-in > Ethernet. I guess that many USB Ethernet interfaces will work out of > the box without non-free, ri

Re: Making Debian available

On Sun, Jan 17, 2021 at 06:52:11PM +0100, Marc Haber wrote: > I was not aware of that feature. It is good to have that, but I would > be embarrassed to seriously suggest this way because we can't manage > to get WLAN working in the installer for political reasons. Indeed, hence the more serious sug

Re: Making Debian available

On Mon, Jan 18, 2021 at 04:35:01PM +, Steve McIntyre wrote: > >I was not aware of that feature. It is good to have that, but I would > >be embarrassed to seriously suggest this way because we can't manage > >to get WLAN working in the installer for political reasons. > > Are we seriously just

Re: -1 (Re: Making Debian available)

On Sat, Jan 23, 2021 at 03:39:21PM +0200, Jonathan Carter wrote: > But the sentiment above and in other similar messages were that the > completely free images are broken for many users that might need some > non-free firmware. This is simply not true. The completely free images are broken for most

Re: Making Debian available

On Sat, Jan 23, 2021 at 02:32:42PM +, Jeremy Stanley wrote: > I'll join the less-vocal crowd in disagreeing that the fully free > image is especially defective (any more so than other software), and > I feel like painting it that way does harm to your argument. Yes > things could be better, on

Re: -1 (Re: Making Debian available)

On Sat, Jan 23, 2021 at 09:01:33PM +, Paul Sutton wrote: > During install, the installer asks if you have a disk with drivers on for > this closed hardware, I don't know what it wants at this point. > > If we could insert a 2nd usb disk, or anything with the correct drivers on, > it may help.

Re: Making Debian available, non-free promotor

On Thu, Jan 28, 2021 at 12:49:43AM +0100, Daniel S. wrote: > * Consider donating $25 to our __free-WiFi-fund__ to free your adapter > firmware What fund? > This gives visibility to the actual problem and the only true solution. What true solution? > It works towards a future, where the free image

Re: net-snmp: Some MIB files in upstream aren't included.

On Thu, Feb 04, 2021 at 06:29:08PM +0900, Akira Shibakawa wrote: > Hi. > Why some MIB files in upstream are not included in debian net-snmp? > For example, although v5.4.3 in upstream[1] has DISMAN-EVENT-MIB.txt, > in debian it has been removed at the revision "Imported Upstream > version 5.4.3~dfs

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 02:20:28PM +0100, Samuel Thibault wrote: > > the packages being untouched for a long time in some cases meaning there is > > no guarantee for quality. > > Sure, but if there is no serious issue left with the package, we can as > well ship it. Strictly speaking, there is a b

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 10:20:19AM -0400, David Bremner wrote: > John Paul Adrian Glaubitz writes: > > > It shouldn't be enough for a package to have its worst bugs fixed like > > FTBFS or > > crashes when it gets shipped with a release. Packages that are being > > shipped with > > a release sh

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 03:42:54PM +0100, John Paul Adrian Glaubitz wrote: > >> It shouldn't be enough for a package to have its worst bugs fixed like > >> FTBFS or > >> crashes when it gets shipped with a release. Packages that are being > >> shipped with > >> a release should also be properly m

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 01:40:39PM +0100, John Paul Adrian Glaubitz wrote: > I just noticed how maintainers are NMU'ing packages in large quantities to > get them somehow in a usable state for the release. The packages get small > patches so that they are more or less working and can get into testi

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 05:19:17PM +0100, Gard Spreemann wrote: > >> > the packages being untouched for a long time in some cases meaning there > >> > is > >> > no guarantee for quality. > >> > >> Sure, but if there is no serious issue left with the package, we can as > >> well ship it. > > Stric

Re: Fixed release dates are hurting quality

On Sun, Feb 07, 2021 at 10:25:26AM -0800, Russ Allbery wrote: > To me, the rewards of keeping the orphaned packages clearly outweigh the > risks. If the package is actually broken, presumably sooner or later > someone will notice and report that as a bug, and we can then take > appropriate action.

Re: Proposal: plocate as standard for bookworm

On Tue, Feb 09, 2021 at 03:58:39PM -0500, Marvin Renich wrote: > These have come to be expected to be on a typical Linux system by almost > every technically-knowledgeable Linux user. Locate does not satisfy > that criterion (I'm surprised by this, if this is true) -- WBR, wRAR signature.asc D

Re: freeipa is in trouble for the next release (again)

On Wed, Mar 24, 2021 at 10:02:37AM +0100, Harald Dunkel wrote: > I understand that freeipa-server has a very serious problem (#970880), > making it unfit for Bullseye. It is *highly* painful that it puts > freeipa-client at risk for the next release, too. We had something > similar for Buster about

Re: freeipa is in trouble for the next release (again)

On Wed, Mar 24, 2021 at 12:33:53PM +0100, Harald Dunkel wrote: > > > For my own part, I run freeipa-server on CentOS 7. I am not affected > > > by #970880. I would be very happy with freeipa-client in Bullseye, even > > > if freeipa-server doesn't make it. > > The deadline for adding new packages t

Re: freeipa is in trouble for the next release (again)

On Wed, Mar 24, 2021 at 04:02:17PM +0100, Harald Dunkel wrote: > > If you are still asking about getting this package into bullseye then I'm > > afraid it's not possible. Otherwise, as already suggested, it's possible > > to have it in bullseye-backports after fixing problems keeping it outside > >

Re: Debian Project's stance on Richard Stallman

On Fri, Mar 26, 2021 at 12:14:19PM -0600, jathan wrote: > I propose that in a personal way those who want to sign or not sign any > of the letters, go ahead, but that no public statement be made on behalf > of the Debian Project in an official way. Such amendment was already proposed, you can secon

Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Tue, Mar 30, 2021 at 12:35:22PM -0400, Devops PK Carlisle LLC wrote: > No big deal, not a complaint, I am PERFECTLY comfortable with compiling > and inserting a driver (compare and contrast that to Windows, where you > are SOL if there is not a driver available, I *do* get it)...more a > point i

Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Wed, Mar 31, 2021 at 10:38:11PM -0400, Michael Stone wrote: > On Tue, Mar 30, 2021 at 10:20:03PM +0500, Andrey Rahmatullin wrote: > > Not sure what hardware you are talking about but the majority of WiFI > > hardware is supported by the mainline kernels, at least after you

Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Thu, Apr 01, 2021 at 08:51:08AM +0100, Paul Sutton wrote: > > > > Not sure what hardware you are talking about but the majority of WiFI > > > > hardware is supported by the mainline kernels, at least after you load > > > > their firmware. > > > > > > I assume you haven't tried very much wifi ha

Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Sat, Apr 03, 2021 at 02:40:39PM +0200, Dominique Dumont wrote: > > Can you please list some unsupported chips in addition to these specific > > Realtek ones? > > My daughter's laptop (an HP pavilion) has a RTL8821CE wifi chip which is not > supported. That one is in the subject. -- WBR, wRAR

Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Sat, Apr 03, 2021 at 10:37:37AM -0400, Michael Stone wrote: > > > > Not sure what hardware you are talking about but the majority of WiFI > > > > hardware is supported by the mainline kernels, at least after you load > > > > their firmware. > > > > > > I assume you haven't tried very much wifi

Re: Packages in contrib solely because they allow using non-free software

On Sun, Apr 04, 2021 at 11:17:01AM +0200, Dominik George wrote: > a) They try Debian, and find out they have to learn how the different > package areas work, reconfigure their package sources (they would need that anyway as they need firmware and, very probable, nvidia-driver) > Which one do

Re: Re: Realtek RTL8723DE, RTL8821CE, RTL8822BE and RTL8822CE chipsets

On Tue, Apr 06, 2021 at 11:46:34AM +0500, Alexander E. Patrakov wrote: > Andrey Rahmatullin wrote: > > > Can you please list some unsupported chips in addition to these specific > > Realtek ones? > > Bad question. > > Recently I had to choose and buy a USB WiFi a

Re: i386 baseline issue for Go packages in Bookworm

On Sun, Apr 18, 2021 at 01:09:40AM +0800, Shengjing Zhu wrote: > Hi, > > As the release of Go 1.16, upstream no longer supports x87-only > floating-point. > > https://golang.org/doc/go1.16#386 > > > require at least SSE2 support on 386, raising Go's minimum GOARCH=386 > > requirement to the Int

Re: i386 baseline issue for Go packages in Bookworm

On Sun, Apr 18, 2021 at 01:42:51AM +0800, Shengjing Zhu wrote: > On Sun, Apr 18, 2021 at 1:32 AM Andrey Rahmatullin wrote: > > 2) decide "the i386 architecture is for the legacy software" and raise the > > baseline to match the amd64 one, > > 2a) also don

Re: please document why a package has been dropped from Testing/Bullseye

On Sun, May 09, 2021 at 07:30:04AM +0200, Harald Dunkel wrote: > Hi folks, > > https://packages.debian.org/search?keywords=rsnapshot doesn't tell, so I > wonder > what is the recommended way to find out why rsnapshot (or any other package) > has been dropped from Testing? packages.debian.org is i

Re: packages.d.o and listed suites

On Sun, May 09, 2021 at 04:54:38PM +0200, Daniel Reichelt wrote: > Hi *, > > since yesterday (roughly, probably earlier) some of my live-build images > fail due to a new and faulty version of shim-signed. > > After a quick look on packages.d.o, I was pretty confused: nothing new > listeded there

Re: bitz-server: package is not in any development repository ...

On Tue, May 18, 2021 at 05:34:02AM -0400, Albretch Mueller wrote: > On 5/18/21, Andrei POPESCU wrote: > > https://tracker.debian.org/pkg/bitz-server > > On 5/18/21, Jörg Frings-Fürst wrote: > > Hello Albretch, > > bitz-server has 4 RC-Bugs[1], which could not be fixed by me. > > No fixes came fr

Re: I need to package solanum, a new IRCD server.

On Thu, May 27, 2021 at 10:21:04AM +0200, Joaquín Rufo Gutierrez wrote: > I need to package solanum, a new IRCD server. Then do it? But see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=981009#17 -- WBR, wRAR signature.asc Description: PGP signature

Re: Planning for libidn shared library version transition

On Thu, May 27, 2021 at 10:10:15AM -0400, Marvin Renich wrote: > > The one non-cosmetic reason I can think of why transitional packages > > are potentially bad is that they aren't removed automatically, so systems > > that have been upgraded many times can end up with a lot of transitional > > pack

Re: debian 11 Bullseye RC 1

On Sat, May 29, 2021 at 12:29:48PM +, John Scott wrote: > On Sat, 2021-05-29 at 07:27 -0400, Timothy M Butterworth wrote: > > Can anyone suggest a WiFi USB adapter that works with debian? > > (Disclaimer: I'm the maintainer of the firmware-ath9k-htc package, and > ThinkPenguin, one of the vend

Re: debian 11 Bullseye RC 1

On Sat, May 29, 2021 at 07:27:48AM -0400, Timothy M Butterworth wrote: > I just successfully installed bullseye RC 1 on my Asus notebook model > X200CA. Everything is working. If you are looking for a notebook to > run Debian I highly recommend this model. > > I installed Bullseye RC 1 on my new H

Re: Figuring how to work with team-maintained packages on salsa

On Fri, Jun 04, 2021 at 07:43:59PM +0200, Florian Weimer wrote: > I want to add a few patches to this repository: > > > > Surely there must be some tool support to help with that? This doesn't seem to be related to "team-maintained" or "salsa". This

Re: ARM architectures

On Sat, Jun 05, 2021 at 04:39:08AM -0400, Polyna-Maude Racicot-Summerside wrote: > I do agree that the Raspberry is able to run up to 4 Gb, but there's > other board too. (to 8 actually) -- WBR, wRAR signature.asc Description: PGP signature

Re: ARM architectures

On Sat, Jun 05, 2021 at 01:19:10PM -0400, Polyna-Maude Racicot-Summerside wrote: > Does the RPi4 is totally 64 bit ? Does using arm64 (as described on https://wiki.debian.org/RaspberryPi and https://raspi.debian.net/) count or are you asking about something on top of that? -- WBR, wRAR signatur

Re: ARM architectures

On Sun, Jun 06, 2021 at 12:43:53PM +0200, Aaron Dewes wrote: > > I personally prefer the Raspi 4 because it can run plain Debian in a > > way supported by a Debian Developer > > I'm interested in this version, do you know how it is built (Manually, > or is there a build script to verify the images

Re: Reconsider sending ITP bugs to debian-devel: a new list?

On Fri, Jun 11, 2021 at 11:05:02AM -0500, Gunnar Wolf wrote: > But WNPP is problematic on its own: Right now, we have 1586 normal > priority open bugs, 4613 wishlist open bugs (what would the difference > be? It seems *most* normal are O and RFA, while ITPs, RFPs and such > are mostly wishlist... b

Re: Package mailutils provides mailx but do not implement command Mail

On Sun, Jun 20, 2021 at 08:12:42PM +0100, Jose M Calhariz wrote: > package amanda-server uses a command named "Mail" to send email Does it? Was the fix for https://bugs.debian.org/475771 reverted? -- WBR, wRAR signature.asc Description: PGP signature

Re: Package mailutils provides mailx but do not implement command Mail

On Sun, Jun 20, 2021 at 08:59:47PM +0100, Jose M Calhariz wrote: > On Mon, Jun 21, 2021 at 12:34:19AM +0500, Andrey Rahmatullin wrote: > > On Sun, Jun 20, 2021 at 08:12:42PM +0100, Jose M Calhariz wrote: > > > package amanda-server uses a command named "Mail" to send

Re: Package mailutils provides mailx but do not implement command Mail

On Mon, Jun 21, 2021 at 01:08:09PM +0100, Jose M Calhariz wrote: > > > > > package amanda-server uses a command named "Mail" to send email > > > > Does it? Was the fix for https://bugs.debian.org/475771 reverted? > > > I am searching in git history for the fix for that bug, as there is > > > not d

Re: Package mailutils provides mailx but do not implement command Mail

On Tue, Jun 22, 2021 at 11:46:10AM +0100, Jose M Calhariz wrote: > Does this fix qualify for bullseye? Please read https://release.debian.org/bullseye/freeze_policy.html#appropriate and decide which category this is in, if any. -- WBR, wRAR signature.asc Description: PGP signature

Re: Regarding the new "Debian User Repository"

On Fri, Jul 02, 2021 at 07:16:48PM +0200, Stephan Lachnit wrote: > Thus, I think we should discuss whether we should ask the creator to change > the name (he is open for that, I asked him). I don't think there is something to discuss here, the name should be changed. > The creator responded quite

Re: packaging python3 material generated through swig: examples

On Wed, Jul 07, 2021 at 01:33:41PM +0200, Jerome BENOIT wrote: > Hello, > > I am current packaging plfit (ITP #987559). > The main part is written in C and a python module is provided. > The python is created with swig. > Can anyone direct me to good examples of packaging which deals > with these

Re: Steam Deck: good news for Linux gaming, bad news for Debian :(

On Sat, Jul 17, 2021 at 01:48:32PM +0100, Samuel Henrique wrote: > that we don't fulfill the needs of a lot of desktop users It is known, as we don't even provide an official installer ISO that makes their hardware usable. > So here's my wish that someday we can have a Debian semi-rolling > relea

Re: merged /usr considered harmful (was Re: Bits from the Technical Committee)

On Sun, Jul 18, 2021 at 11:09:49AM +, Stephan Verbücheln wrote: > On Sun, 2021-07-18 at 11:13 +0200, Marco d'Itri wrote: > > I link /var/lib/dpkg/ to somewhere in /usr/, and I think that this is > > > > What? No matter whether we merge “/bin” or not, “/usr” should stay > read-only. On Debian

Re: merged /usr considered harmful (was Re: Bits from the Technical Committee)

On Sun, Jul 18, 2021 at 04:50:49PM +, Stephan Verbücheln wrote: > Thank you for the explanation. I think it covers most use cases. > However, it does not cover packages that do not actually install > programs but only perform changes to /etc or install something to /opt, > is that correct? Whil

Re: merged /usr considered harmful (was Re: Bits from the Technical Committee)

On Sun, Jul 18, 2021 at 10:11:22PM +0500, Andrey Rahmatullin wrote: > While, AFAIK, it's indeed only Debian Policy stopping you from not > shipping /usr/share/doc/*/copyright, and that and common sense stopping > you from not shipping /usr/share/doc/*/changelog, that's just ye

Re: merged /usr

On Tue, Jul 27, 2021 at 03:25:48PM +0200, Wouter Verhelst wrote: > I'm worried about systems being written to completely bypass the dpkg > database. Like alternatives and things that create files in postinst? -- WBR, wRAR signature.asc Description: PGP signature

Re: Steam Deck: good news for Linux gaming, bad news for Debian :(

On Tue, Aug 10, 2021 at 01:31:12PM -0400, Sandro Tosi wrote: > > I think it would be quite nice to hear from Valve or some of the Debian > > folks who work(ed) with them, about the reasons for the rebase. With no > > ill will, just to understand what the problems were and if we can learn > > someth

Re: Debian package manager privilege escalation attack

On Wed, Aug 11, 2021 at 11:30:27PM -0400, Timothy M Butterworth wrote: > I just ran across this article > https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested > the attacks on Debian 11 and they work successfully giving me a root > shell prompt. I don't think calling this "privile

Re: Debian package manager privilege escalation attack

On Wed, Aug 11, 2021 at 10:55:44PM -0500, Brian Thompson wrote: > Thank you for bringing this to everyone's attention. This are very real > vulnerabilities. How are they vulnerabilities? > NPM has similar issues with stopping malicious packages from being > published to the FTP server. That's no

Re: Debian package manager privilege escalation attack

On Thu, Aug 12, 2021 at 01:12:37AM -0500, Brian Thompson wrote: > Would you agree that there is an issue with sudo access that is enabled > by default on most Debian and Debian-based distributions? The bug may > not be in apt, but it definitely lives somewhere. Do you think "sudo access" itself is

Re: Debian package manager privilege escalation attack

On Thu, Aug 12, 2021 at 01:17:03AM -0500, Brian Thompson wrote: > > > Thank you for bringing this to everyone's attention. This are very > > > real > > > vulnerabilities. > > How are they vulnerabilities? > They are vulnerabilities because the user is susceptible to this kind of > attack by defaul

Re: Debian package manager privilege escalation attack

On Thu, Aug 12, 2021 at 08:32:14AM +0200, Vincent Bernat wrote: > >> I just ran across this article > >> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested > >> the attacks on Debian 11 and they work successfully giving me a root > >> shell prompt. > > I don't think calling this

Re: Debian package manager privilege escalation attack

On Thu, Aug 12, 2021 at 01:25:06AM -0500, Brian Thompson wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA512 > > On Thu, 2021-08-12 at 11:19 +0500, Andrey Rahmatullin wrote: > > On Thu, Aug 12, 2021 at 01:12:37AM -0500, Brian Thompson wrote: > > > Would you a

Re: Debian package manager privilege escalation attack

On Thu, Aug 12, 2021 at 08:35:42AM -0400, Kyle Edwards wrote: > > > > I just ran across this article > > > > https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested > > > > the attacks on Debian 11 and they work successfully giving me a root > > > > shell prompt. > > > I don't think

Re: Debian 11 Bullseye Setup Problems Error Report

On Wed, Aug 18, 2021 at 10:54:17AM +0200, admin4 wrote: > >> Q1: (question1): why is there nor vi nor less included in the setup? Both are included, less has Priority: standard, vim-tiny has Priority: important. > in theory yes... in reality try this: > > wget https://thesquareplanet.com/feed.xml

Re: Debian 11 Bullseye Setup Problems Error Report

On Wed, Aug 18, 2021 at 12:25:58PM +0200, admin4 wrote: > Hello all, in short, > > * is there a Debian "testing" team?, that does test setups of Debian > ISOs on a bunch of different hardware with priority on the most used > CPUs like amd64 and i386, (free and non-free versions)), > *

Re: Future of /usr/bin/which in Debian?

On Wed, Aug 18, 2021 at 12:36:43PM -0500, Gunnar Wolf wrote: > I agree with you, maintainer scripts should not rely on 'which' > anymore. However, what about users? 'which' is a standard Unix tool > since forever, and I expect many users to experience head scratching > when told it's not cool to us

Re: Proposal to create unstable-proposed-updates suite for use during freeze

On Fri, Aug 20, 2021 at 11:01:08AM +0200, Stephan Lachnit wrote: > > Problem: Currently uploading new upstream versions to unstable during > > freeze is discouraged. It means users using unstable don't get new updates > > and developers are forced to upload to experimental. Using experimental >

Re: BTS not archiving Bcc: mails? [was: Re: inconsistent mailgraph settings]

On Sun, Aug 22, 2021 at 08:25:41PM +0200, Tomas Pospisek wrote: > Wouldn't the Bcc'ed email that arrived to the BTS be visible in the bug's > log/archive (on the bug's page (https://bugs.debian.org/989734))? It's visible: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989734;msg=27 -- WBR, wRA

Re: BTS not archiving Bcc: mails? [was: Re: inconsistent mailgraph settings]

On Mon, Aug 23, 2021 at 02:21:04AM +0200, Vincent Lefevre wrote: > On 2021-08-22 23:32:15 +0500, Andrey Rahmatullin wrote: > > On Sun, Aug 22, 2021 at 08:25:41PM +0200, Tomas Pospisek wrote: > > > Wouldn't the Bcc'ed email that arrived to the BTS be visible in the bug

Re: Package name misspelled in binNMU changelogs

On Wed, Aug 25, 2021 at 09:19:34AM -0400, The Wanderer wrote: > Is there any reasonable way to get this spelling error corrected in the > changelogs across all these packages? As those are specifically binNMU changelogs, I don't think so. > Or is this too minor to be worth bothering with, and some

Re: Package name misspelled in binNMU changelogs

On Wed, Aug 25, 2021 at 04:07:02PM +0200, Tomas Pospisek wrote: > >> Is there any reasonable way to get this spelling error corrected in the > >> changelogs across all these packages? > > As those are specifically binNMU changelogs, I don't think so. > > You still can do a NMU or send a patch to t

Re: How to build circular dependant packages in debian

On Sat, Sep 18, 2021 at 02:17:59PM +0530, open infra wrote: > Hi, > > How build a package A where it has a circular dependent package B (where > package B is depend on package A). It depends. Do you have a question about specific packages? And why do you need to build them? -- WBR, wRAR signa

Re: Bug#994758: libsgutils2-2: how to prevent the share lib from changing version to impact the package?

Control: severity -1 critical Control: retitle -1 Soname change without package name change Control: found -1 1.45-1 Control: block 994521 by -1 On Mon, Sep 20, 2021 at 05:25:32PM +0200, Chris Hofstaedtler wrote: > > The ledmon package was reported by > > https://bugs.debian.org/cgi-bin/bugreport.

Re: best practice system setup and some concept ideas - /root (OS) /home (data) re-play changes and and /etc/config after re-install with new distro version?

On Wed, Oct 06, 2021 at 12:03:16PM +0200, dude wrote: > what is the best practice for easy update & dist-upgrade: > > 1. in terms of speed and easy of distro updates, it makes sense to separate > * /root (software (programs) that can be re-downloaded) (on > separate single suepr fas

Re: Question about source tarballs for packaging

On Sun, Oct 10, 2021 at 09:40:54PM +, Joshua Peisach wrote: > This doesn't really matter; the above means that we will have to build > on weekly tags rather than the current '0.2.4' tag. Here is the issue. > uscan and gbp aren't happy with the tag because by all means, it isn't a > number. Not

Re: Debian's branches and release model

On Wed, Oct 20, 2021 at 02:43:47AM +0200, Thomas Goirand wrote: > > However, the problem with freezing testing but not freezing unstable is > > that if you do that, all updates to testing during the freeze (to fix the > > release-critical bugs that stop it from already being ready for release) > >

Re: gbp import-orig upstream lz file

On Fri, Oct 22, 2021 at 08:14:34AM -0300, kretcheu wrote: > Hi, > > I`m working on one of my packages and I had problems. > > First I did run: > > gbp import-dscs --debsnap bruteforce-luks > > Everything works well. > > Now I want to import a new upstream version. > Upstream now provides a lz

Re: sbuild/schroot: need to get .deb files internally downloaded as package dependencies

On Thu, Oct 28, 2021 at 11:58:26AM +0300, Uladzimir Bely wrote: > When building a package with sbuild, some packages (dependencies of package > being built) are internally downloaded and installed by apt. After the build > finished, schroot is cleaned again (while everything is done in overlay) >

Re: Short description disapearing from package tracker

On Thu, Oct 28, 2021 at 12:50:05PM +0200, Ben Tris wrote: > Short descriptions disappeard after a package update. Do you have any specific examples? > Example, just try some. > https://www.gezapig.nl/Software/MaintGroup/Debian_Haskell_Group2021.html Both packages I tried work as expected. Note tha

Re: Short description disapearing from package tracker

On Fri, Oct 29, 2021 at 05:50:02AM +0200, Ben Tris wrote: > Sorry, for instance. > > haskell-hopenpgp-tools Sure, are you saying it had a description before? Because there is no binary package with this name. -- WBR, wRAR signature.asc Description: PGP signature

Re: pan blend lists game powder should be removed (relative: debichem science medical)

On Thu, Nov 11, 2021 at 07:47:20AM +0100, Andreas Tille wrote: > For some reason git blamed me for injecting this into the mx task and > so I removed it[1]. I'm pretty sure that I never edited the pan tasks > despite git blames me about this. No idea what's wrong here and it > would be great if s

Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?

On Thu, Nov 11, 2021 at 08:01:54AM -0800, Russ Allbery wrote: > (Didn't Red Hat attempt to standardize on NSS a while back? I feel like > that didn't work and they stopped that effort, but some quick searching > didn't uncover any support for that belief.) https://fedoraproject.org/wiki/Fedora_Cry

Re: Short description disapearing from package tracker

On Thu, Nov 11, 2021 at 07:16:50PM +0100, Ben Tris wrote: > Maybe I did make a mistake. Is the description of the first binary visible at > the source package? No, otherwise all pages would have some description. The description of the binary with the same name as the source package is displayed.

Re: Crypto Libs: Linking to OpenSSL, GnuTLS, NSS, ..?

On Fri, Nov 12, 2021 at 12:03:53PM +, Stephan Verbücheln wrote: > Then I also think that OpenSSL 0.9.x/1.x and the new OpenSSL 3.x have > to be treated like two completely different libraries. They have > different licenses and intentionally broke APIs to end the mess that > OpenSSL was. When

Re: Mapping Reproducibility Bug Reports to Commits

On Sun, Nov 14, 2021 at 05:53:24PM +, Muhammad Hassan wrote: > Hi all, > > I am a researcher at the University of Waterloo, conducting a project to > study reproducibility issues in Debian packages. > > The first step for me is to link each Reproducibility-related bug at this > link: > htt

Re: Consequences of the NEW queue's length [Was: Remove packages from NEW queue?]

On Thu, Nov 18, 2021 at 02:52:56PM +0100, Stephan Lachnit wrote: > I don't know if that has been proposed before, but how about waiving > the NEW queue requirement for experimental packages as a start? > [...] Since packages in experimental will never land in any > official release, I think droppin

Re: Consequences of the NEW queue's length [Was: Remove packages from NEW queue?]

On Thu, Nov 18, 2021 at 04:08:23PM +0100, Stephan Lachnit wrote: > > > I don't know if that has been proposed before, but how about waiving > > > the NEW queue requirement for experimental packages as a start? > > > [...] Since packages in experimental will never land in any > > > official release,

Re: How to do 32-bit build in AMD64 chroot -- problem with SSE instructions?

On Sat, Dec 11, 2021 at 05:12:50PM -0600, Steven Robbins wrote: > I've built the ITK package on my AMD64 machine without trouble, but the > 32-bit > build is failing with the error below. It's failing on buildds with the same problem so you are running the build itself correctly. > The errors s

Re: Reopen RFP Skia - Google's 2D graphic suite

On Mon, Dec 13, 2021 at 02:51:55PM +0100, maxzor wrote: > TL;DR Please consider reopening the following request for packaging : > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818180 You could that yourself. On the other hand, having an RFP doesn't mean anything so reopening it is not useful. I

<    1   2   3   4   5   6   7   8   9   10   >