Re: Debian should not modify the kernels!

On Mon, Sep 22, 2003 at 08:03:50PM +0200, martin f krafft wrote: > also sprach Martin Pitt <[EMAIL PROTECTED]> [2003.09.22.1343 +0200]: > > However, they might be useful to people using make-kpkg and patch > > packages to get the right dependencies and ease the download. Thus > > I would not vote

Re: Horrific new levels of changelog abuse

On Tue, Sep 23, 2003 at 07:20:59AM +1000, Herbert Xu wrote: > Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > Both should record the change in the package which caused the bug to be > > closed. The change may be described at a high level (fixed the problem > > which cau

Re: To what extent should Debian modify the kernel? (Re: Debian should not modify the kernels!)

On Tue, Sep 23, 2003 at 08:08:07AM +1000, Herbert Xu wrote: > Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > I currently patch my kernels with device-mapper, a few evms-related patches > > and skas3. It would be very convenient if device-mapper and the evms > > patch

Re: Maintaining kernel source in sarge

On Sun, Sep 21, 2003 at 08:27:49PM -0500, Manoj Srivastava wrote: > I am always willing to improve my packages; the constraints > are ability (I would need to grok the details of the current > implementation), time, and collaboration (I would need to find out > how to get a hook into the

Re: The size of debian packages

On Tue, Sep 23, 2003 at 10:34:31PM +0100, Andrew Lyon wrote: > Since installing Debian in May the amount of disk space required for my OS > has risen from 1.5GB to 3GB and has reached the limit of the partition. > I don't really want to allocate any more space to the OS as I'm sure there > must

Re: To what extent should Debian modify the kernel? (Re: Debian should not modify the kernels!)

On Fri, Sep 26, 2003 at 08:08:39AM +1000, Herbert Xu wrote: > Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > > > I ran it through diffstat, and removed the files which are created entirely > > by > > the patch, so these are the changes to common code: > &g

Re: Debian should not modify the kernels!

On Sun, Sep 28, 2003 at 06:08:45PM +0200, Marco d'Itri wrote: > On Sep 28, Greg Folkert <[EMAIL PROTECTED]> wrote: > > >Yes but those criterion fail to mention why it is required in the Debian > >Kernel Source. I understand it should be in the default Binary images... > >but as for inclusion i

Re: Reformatted Ubuntu Patches Repository

On Tue, Jul 19, 2005 at 09:57:34PM +0200, Josselin Mouette wrote: > Le dimanche 17 juillet 2005 à 15:51 +0300, Joachim Breitner a écrit : > > This is meant as a more convenient way for Debian maintainers to look > > for possible useful patches from Ubuntu. > > This is a good idea, but it is based

Re: Reformatted Ubuntu Patches Repository

On Wed, Jul 20, 2005 at 07:29:00PM +0200, Josselin Mouette wrote: > Le mercredi 20 juillet 2005 à 10:21 -0700, Matt Zimmerman a écrit : > > On Tue, Jul 19, 2005 at 09:57:34PM +0200, Josselin Mouette wrote: > > > Le dimanche 17 juillet 2005 à 15:51 +0300, Joachim Breitner a écrit

Re: Reformatted Ubuntu Patches Repository

On Wed, Jul 20, 2005 at 08:22:25PM +0200, Josselin Mouette wrote: > Le mercredi 20 juillet 2005 à 10:48 -0700, Matt Zimmerman a écrit : > > What you have is a 3-way merge of (1.4-1)->(1.4-1 + Ubuntu changes) against > > 1.5-1. > > Sorry, but no. > http://utnubu

Re: debian mentors & ubuntu

On Tue, Jul 19, 2005 at 02:48:51PM +0200, Julien BLACHE wrote: > martin f krafft <[EMAIL PROTECTED]> wrote: > > > a new debian maintainer is also a ubuntu maintainer in some sense. > > Great news! Where's my paycheck? > > (both of the above "arguments" have already been raised long ago, yes.) A

Re: mass bug filing on packages that are blocking use of cdebconf

On Tue, Aug 02, 2005 at 06:46:20PM -0400, Joey Hess wrote: > Matt Zimmerman <[EMAIL PROTECTED]> >apt-listchanges >cricket >flac I have no idea how or why flac ended up with a debconf dependency; it doesn't use it. I've removed it in CVS for my next

Re: Snapshot/Rollback using LVM/EVMS

On Mon, Aug 22, 2005 at 11:28:46PM -0700, [EMAIL PROTECTED] wrote: > Thanks Goswin, this is what I thought. > Now I need someone help me with EVMS steps. > How to make a snapshot and rollback. This mailing list is for development-related discussion; please use debian-user@lists.debian.org for tech

Re: Build packages for Debian on Ubuntu

On Tue, Oct 04, 2005 at 07:16:17PM +1000, Hamish Moffatt wrote: > On Tue, Oct 04, 2005 at 09:50:33AM +0200, Mikael Olenfalk wrote: > > I have built ubuntu-hoary packages for anjuta 2.0.1 for amd64, which I > > have made available in my repository at: http://mikael.is-a-geek.org/. > > > > I want to

Re: How to maintain packaging files for multiple distributions in the same tree?

On Mon, Jan 29, 2007 at 10:20:23AM +0100, Goswin von Brederlow wrote: > In stable/testing/unstable you have releases with a fixed version that > can only split of from the main trunk. Any change to stable/testing > MUST be made special for the old version in stable/testing and forks > off the main

Re: How to maintain packaging files for multiple distributions in the same tree?

On Tue, Jan 30, 2007 at 03:07:27PM +0100, Goswin von Brederlow wrote: > Matt Zimmerman <[EMAIL PROTECTED]> writes: > > > On Mon, Jan 29, 2007 at 10:20:23AM +0100, Goswin von Brederlow wrote: > >> In Ubuntu you have a parallel version. You split of from the main > &g

Re: patches.ubuntu.com and the Debian PTS derivatives

On Sun, Apr 22, 2007 at 11:30:32PM -0300, Gustavo Franco wrote: > On 4/2/07, Scott James Remnant <[EMAIL PROTECTED]> wrote: > >As some of you may have noticed, the patches.ubuntu.com website and > >equivalent mailing of changes to the Debian PTS and ubuntu-patches > >mailing list has been offline,

Re: packages newer in Ubuntu than in Debian (reduced false positives)

On Tue, May 01, 2007 at 02:39:27PM +0200, Eric Lavarde wrote: > Hello Bart, > > is there some kind of agreement between Debian and Ubuntu concerning the > distribution part of the version? The scheme is described here: https://wiki.ubuntu.com/UbuntuDevelopment#UbuntuPackages which is linked, al

Re: A sane guess at default Debian mirror for pbuilder

On Mon, May 28, 2007 at 12:25:50AM +0900, Junichi Uekawa wrote: > After 6 years or so of setting ftp.jp.debian.org as default for > pbuilder, I'm finally determined that it shouldn't stay like this. So > I'd like to have some default guessing to happen. Preferably I don't > want to ask via debcon

Re: APT 0.7 for sid

On Sun, Jun 17, 2007 at 03:51:15PM -0400, Joe Smith wrote: > "Michael Vogt" <[EMAIL PROTECTED]> wrote in message > news:[EMAIL PROTECTED] >> - automatic removal of unused dependencies moved into libapt so that >> applications like synaptic, python-apt, update-manger etc directly >> benefit from

Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()

On Fri, Dec 07, 2007 at 07:18:11PM +0100, Martin Pitt wrote: > What do you think about this approach? I'm well aware that this alone > won't rescue desktop security (getting there is looots of more work), > but one has to start somewhere. I'm not particularly fussed about the race conditions invol

Re: Please write useful changelogs

On Wed, Jan 16, 2008 at 10:26:00AM +0100, Thijs Kinkhorst wrote: > On Wed, January 16, 2008 10:13, Peter Palfrader wrote: > > Hi Anibal, > > > > > > please write what actually changed, what the issue was about. > > > > | bzip2 (1.0.4-1) unstable; urgency=low > > | > > | * Synchronise with Ubuntu.

Re: on the role of debian among its derivatives

On Fri, Aug 27, 2010 at 10:43:44AM +0200, Stefano Zacchiroli wrote: > At the same time, In doing all that we should not consider Ubuntu as a > special case, as that would be a mistake. Ubuntu is currently one of a > kind in term of users, but assuming it will be the case forever is > risky. After a

Re: Debian should not modify the kernels!

On Sun, Oct 05, 2003 at 03:18:53PM +0200, Tollef Fog Heen wrote: > * Herbert Xu > > | Very few people really need cramfs if they're building custom kernels. > | This is because initrd only makes sense when you're building for a > | large number of machines. If you're building a custom kernel, j

Re: Debian should not modify the kernels!

On Mon, Oct 06, 2003 at 10:20:57PM +0200, martin f krafft wrote: > also sprach Matt Zimmerman <[EMAIL PROTECTED]> [2003.09.29.0232 +0200]: > > Hear, hear. IPsec in particular is long overdue in the Linux > > kernel and I am glad to see it. > > It has existed in the

Re: APT: Errors when replacing syslog by syslog-ng

On Sun, Oct 12, 2003 at 04:54:07PM +0200, Frans Pop wrote: > I just got the following messages replacing syslog by syslog-ng from dselect > (Woody). > Should this be reported as a bug? Against which package (syslog, syslog-ng, > apt)? Definitely not apt. > The problems are: > - - messages rega

Re: 2.5 IPsec kernel patch: orphaning the grsecurity patch

On Wed, Oct 08, 2003 at 09:45:53PM +0200, martin f krafft wrote: > It's amazing how problem solving here is equated with "actively > waiting for problems to go away". > > I wanted to improve Debian, but apparently there is no interest. > Herbert gets to pollute the kernel-source all he wants beca

Re: Quote: Debian and Democracy at Advocato.org

On Wed, Oct 08, 2003 at 04:25:17PM -0300, Daniel Ruoso wrote: > > Debian and Democracy > Posted 7 Oct 2003 by exa (Master) Ha. Hahahaa. Ha, ha, ha... -- - mdz

Re: Debian should not modify the kernels!

On Fri, Oct 10, 2003 at 09:30:06PM +0200, martin f krafft wrote: > also sprach Matt Zimmerman <[EMAIL PROTECTED]> [2003.10.10.0223 +0200]: > > ...and the freeswan patch is not in the Linux kernel (and as I understand > > it, it never will be). > > The IPsec patch is n

Re: Which packages will hold up the release?

On Wed, Oct 08, 2003 at 10:04:38PM -0500, Steve Langasek wrote: > Note that the testing scripts themselves do not examine Build-Depends > today; such problems are only identified through manually filed RC bug > reports. Which is not to say that we shouldn't be tracking such > problems -- just tha

Re: Annoyances of aptitude (Was: Where are we now?) (Was: Bits from the RM)

On Thu, Oct 02, 2003 at 07:43:37PM -0400, Nathanael Nerode wrote: > Eventually I found aptitude's "Dselect" theme, which helped some. > > I guess aptitude could be made the recommended default package manager, > but I would hope that: > 1. Something more closely approximating the Dselect theme i

Re: Package verification and "/usr/bin/install" tool replacements

On Sat, Oct 04, 2003 at 04:39:49AM +1000, Kim Lester wrote: > Some of the ideas I have implemented include a "pkg info" file in each > package > containing the > pathname > uid, gid (numeric) > md5sum, > size (useful to humans) > mode > symlink target (for syml

Re: How tightly should main be self-contained?

On Fri, Oct 03, 2003 at 09:40:27AM -0400, Simon Law wrote: > I would be glad to change it if there were a fair number of > developers who think that suggesting contrib software is fine. Suggesting contrib software is fine. -- - mdz

Re: Which packages will hold up the release?

On Thu, Oct 02, 2003 at 12:38:57PM +0200, Peter Makholm wrote: > /* > > You might ignore this comment... > > Looking at the list of RC bugs the packages seems to fall in two > categories. Packages I don't use and packages I don't feel comfortable > in touching (glibc being an example of the

Re: Where are we now? (Was: Bits from the RM)

On Thu, Oct 02, 2003 at 03:13:23AM -0500, Chris Cheney wrote: > I still need to get KDE 3.1.4 into sid and stablized. I hope for it to > be ready to migrate into sarge by Oct 20 (including the 10 day wait > time). From what Colin Watson mentioned to me earlier today there are > some other packages

Re: Debian should not modify the kernels!

On Thu, Oct 16, 2003 at 07:04:27PM +0200, martin f krafft wrote: > also sprach Matt Zimmerman <[EMAIL PROTECTED]> [2003.10.10.2333 +0200]: > > It is in 2.5 and 2.6. It is in Linux henceforth. FreeSWAN, on top of > > its other issues, is not, has never been, and never

Re: 2.5 IPsec kernel patch: orphaning the grsecurity patch

On Thu, Oct 16, 2003 at 07:05:56PM +0200, martin f krafft wrote: > also sprach Matt Zimmerman <[EMAIL PROTECTED]> [2003.10.11.0554 +0200]: > > People care more about some things than others. Given a choice between > > IPsec in Debian kernels by default and being able t

Re: search-citeseer_0.1-1_i386.changes REJECTED

On Thu, Oct 16, 2003 at 08:44:01PM -0300, Otavio Salvador wrote: > Yes. This way to show issues is the right one but the James way is > not. He doesn't do a suggestion but an exigency. This is wrong. He did the right thing. > Yes. The reson of my first mail is exactly this. I want make some trou

Re: search-citeseer_0.1-1_i386.changes REJECTED

On Thu, Oct 16, 2003 at 05:32:11PM -0300, Otavio Salvador wrote: > Joerg Jaspert <[EMAIL PROTECTED]> writes: > > Policy is not everything that counts. Just because policy doesnt say > > something it means it is good to do it. > > Of course but I think if the developper did something is because he

Re: Pre-Depends for postgresql

On Fri, Oct 17, 2003 at 08:27:17PM +0100, Oliver Elphick wrote: > If any package that needs to add a user should always use adduser, > should that not be a required package rather than just important? The priority has nothing to do with how many packages use it; there is an explicit definition in

Re: nethack popularity contest - number_pad?

On Thu, Oct 16, 2003 at 06:30:26PM -0700, Joshua Kwan wrote: > Searching for a general consensus here... > > These days Debian's nethack packages contain default nethackrcs which > enable number_pad style controls (instead of hjkl keys) by default, due > to a bug filed on the packages a long time

Re: netkit-inetd in sarge

On Sat, Oct 18, 2003 at 11:04:31AM +1000, Andrew Pollock wrote: > To cap it off, the discard service seems to be enabled out of the box. So > is daytime. Daytime's not too bad, but discard? I personally believe we > should be shipping sarge such that it installs offering the smallest > number of n

Re: netkit-inetd in sarge

On Sun, Oct 19, 2003 at 10:48:47AM +1000, Andrew Pollock wrote: > On Sat, Oct 18, 2003 at 01:40:51AM -0400, Matt Zimmerman wrote: > > I would like to see inetd leave the base system as well, but what problem > > could you possibly have with the discard service? > > Well it

Re: netkit-inetd in sarge

On Sun, Oct 19, 2003 at 01:53:15PM +1000, Andrew Pollock wrote: > On Sat, Oct 18, 2003 at 01:40:51AM -0400, Matt Zimmerman wrote: > > On Sat, Oct 18, 2003 at 11:04:31AM +1000, Andrew Pollock wrote: > > > > It's pretty trivial with netkit-inetd as well; you edit /etc/

Re: netkit-inetd in sarge

On Sun, Oct 19, 2003 at 01:37:58PM +1000, Andrew Pollock wrote: > On Sat, Oct 18, 2003 at 09:32:54PM -0400, Matt Zimmerman wrote: > > Yes, it receives data from the network and throws it away. But I don't see > > how this figures into your example. If you can give me an sce

Re: udev 0.3 package

On Mon, Oct 20, 2003 at 12:40:25PM +0200, Marco d'Itri wrote: > On Oct 19, Norbert Tretkowski <[EMAIL PROTECTED]> wrote: > > >> http://www.bofh.it/~md/debian/ > >Any plans for an upload to unstable? > I'd like to know first if it works or not and how much useful it is in > its current form, as

Re: Source only uploads?

On Mon, Oct 20, 2003 at 10:51:20AM +0200, Matthias Urlichs wrote: > c) The package is uploaded from the real-world environment where it works, > built on the architecture 99% of the users have. The breakage in the > other architectures' autobuilt packages is not noticed until after Sarge, > and/or

Re: ttf Depends ??

On Mon, Oct 20, 2003 at 07:15:47PM +0200, Alexander Sack wrote: > what Depends are best to guarantee that after package installation at > least one True Type font package is installed?? > Should I add a best guess font package or is there a kind of meta > package available for ttf packages? What

Re: ttf Depends ??

On Mon, Oct 20, 2003 at 03:06:14PM -0500, Steve Greenland wrote: > On 20-Oct-03, 13:22 (CDT), Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > What font does the program use by default? I would Depend on that one. > > If it's an X program, then it shouldn't Depend o

Re: Source only uploads?

On Tue, Oct 21, 2003 at 09:52:14AM +1000, Brian May wrote: > On Mon, Oct 20, 2003 at 02:17:40PM -0400, Matt Zimmerman wrote: > > If a broken package is not noticed in unstable, the package must not be > > particularly important to anyone. > > I disagree. > > 1. A pack

Re: faster boot

On Tue, Oct 21, 2003 at 05:08:11AM +0200, Thomas Hood wrote: > System V initscripts must not return until the services they start are > ready to use. Otherwise running initscript Y after initscript X from > /etc/rc?.d/ doesn't guarantee that Y can make use of X. Providing such > guarantees is th

Re: apcupsd && apcupsd-devel

On Mon, Nov 03, 2003 at 11:39:20PM +0100, Samuele Giovanni Tonon wrote: > apcupsd was uploaded on 28 of October. > It has been divided in two packages: the main and the doc. > The doc is new so it should be added to the override file but > apcupsd (which suggest but doesn't depend on apcupsd-doc)

Re: A case study of a new user turned off debian

On Tue, Nov 04, 2003 at 12:47:30AM -0500, Greg Stark wrote: > So all it would take to make the tools handle this would be to somehow > make apt aware of more revisions of packages. They're all in the pool > after all. Short of making some king of humongous mega-Packages file with > every revision

Re: A case study of a new user turned off debian

On Tue, Nov 04, 2003 at 01:11:43AM -0500, Joey Hess wrote: > Suggested project: Create a package that, a-l-apt-move, pulls packages > out of the apt cache and creates apt repositories from them. But make it > create a new repository after every upgrade, by hooking into apt. And > auto-add these re

Re: A case study of a new user turned off debian

On Wed, Nov 05, 2003 at 05:20:18PM +, Darren Salt wrote: > I keep some around. I'd prefer better management of this, though: ATM all > that I can do (with apt-get/aptitude) is remove all older versions or > purge the cache. I use a dead simple cron.daily script which prunes packages with an a

Re: binary patch

On Wed, Nov 05, 2003 at 09:52:53PM +, Anthraxz __ wrote: > When doing a package upgrade, I wondy if it should be possible to > implement a mecanism for patching binaries instead of replacing the new > one ? This could be usefull for use on a slow network connection. This would require calcula

Re: binary patch

On Thu, Nov 06, 2003 at 12:50:03AM +0100, Martin Pitt wrote: > On 2003-11-05 17:37 -0500, Matt Zimmerman wrote: > > It has been suggested many times in the past to apply a similar idea to > > the .debs themselves, rather than their contents. > > But isn't rsync suppose

Re: Looking for apt-get internals guide

On Thu, Nov 06, 2003 at 06:31:44PM -0500, Stephen Gran wrote: > > On Thu, Nov 06, 2003 at 04:46:39PM -0500, Stephen Gran wrote: > > But, I don't see why you should need to hook into apt at all in order to do > > what you want. If the files you change are conffiles, your changes should > > be pres

Re: problems with dpkg, apt, perl etc. ( wait/waitpid)

On Mon, Nov 10, 2003 at 09:56:04AM +0200, Cristian Rauta wrote: > I know, maybe -devel is inappropriate list for my problems, but i don`t > know another list for that. > I think that problem was some time ago with woody ( see bug # 206187) > > btw my debian version is sid Yes, see bug #206187

Re: Why you are wrong [Was: On linux kernel packaging issue]

On Tue, Nov 11, 2003 at 08:46:50AM +1100, Glenn McGrath wrote: > A program that is CPU bound will benefit from compiler optimisations. It is not wise to make generalizations about the effects of compiler optimizations, because they vary widely from one chunk of code to the next. > Other than exp

Re: Problem with libc6 and 'chgrp / chown' remains ...

On Mon, Nov 10, 2003 at 10:18:46PM -0600, Jesse Yurkovich wrote: > With the recent libc6 bugs closed, I tried upgrading both a testing and > an unstable machine to the latest deb. You failed to specify which version exhibited the problem, and which version you upgraded to. If you are still

Re: Problem with libc6 and 'chgrp / chown' remains ...

On Tue, Nov 11, 2003 at 12:09:42PM -0500, Daniel Jacobowitz wrote: > On Mon, Nov 10, 2003 at 11:49:42PM -0500, Matt Zimmerman wrote: > > On Mon, Nov 10, 2003 at 10:18:46PM -0600, Jesse Yurkovich wrote: > > > > > With the recent libc6 bugs closed, I tried upgrading b

Re: ftpmaster accepts packages that have been rejected a few days ago

On Tue, Nov 11, 2003 at 08:18:51AM +0100, Marc Haber wrote: > In early November, people asked me to package br2684ctl, a new program > that has not been officially released by the linux-atm upstream. So I > would have to pull br2684ctl from upstream CVS and include it in my > package that contains

Re: radiusd-freeradius history and future

On Tue, Nov 11, 2003 at 11:52:00AM -0600, Steve Langasek wrote: > The packages at will be sponsored into > the archive as soon as I've had a chance to review them (this week). This thing is packed full of strcpy() and strcat(), which is the sort of sloppiness th

Re: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 08:03:28AM +1100, Paul Hampson wrote: > On Tue, Nov 11, 2003 at 02:02:49PM -0500, Matt Zimmerman wrote: > > This thing is packed full of strcpy() and strcat(), which is the sort of > > sloppiness that I don't like to see in a network server. It was a g

Security liabilities (Re: radiusd-freeradius history and future)

On Wed, Nov 12, 2003 at 09:18:38AM +1100, Paul Hampson wrote: > On Tue, Nov 11, 2003 at 04:30:50PM -0500, Matt Zimmerman wrote: > > CAN-2001-1376 and CAN-2001-1377 made the rounds last Spring, with advisories > > from Red Hat, FreeBSD, SuSE, Conectiva, CERT, etc. These af

Re: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 02:07:27AM +0100, Javier Fernández-Sanguino Peña wrote: > Also, just another question. Is there any reason why it needs to run as > root? (as I believe it does in the current Debian package) Would it be > unreasonable to ask it to run as a 'radiusd' user? I can almost gua

Re: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 01:23:02PM +1100, Russell Coker wrote: > Allowing a RADIUS server to authenticate local users against /etc/shadow > is standard and expected functionality IMHO. I consider any RADIUS server > which can't authenticate against the local accounts database to be > severely bro

Re: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 04:11:38AM +0100, Javier Fernández-Sanguino Peña wrote: > On Wed, Nov 12, 2003 at 01:23:02PM +1100, Russell Coker wrote: > > Allowing a RADIUS server to authenticate local users against /etc/shadow > > is standard and expected functionality IMHO. I consider any RADIUS > >

Re: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 03:36:40PM +1100, Russell Coker wrote: > On Wed, 12 Nov 2003 13:47, Matt Zimmerman wrote: > > We already have such a group, named "shadow". In fact, I don't know why > > unix_chkpwd is setuid root rather than setgid shadow. > > Bug rep

Re: gimp1.2: gimp package suggest non-free software

On Wed, Nov 12, 2003 at 09:25:23AM +0100, Mathieu Roy wrote: > Do you really think that I'm the only person to find UNACCEPTABLE that > a package in mail suggests packages in non-free, which ARE NOT PART OF > DEBIAN? Packages are free to suggest whatever the maintainer wishes; I wouldn't even con

Re: gimp1.2: gimp package suggest non-free software

On Wed, Nov 12, 2003 at 07:37:58PM +0200, Riku Voipio wrote: > 4) Patch apt-listchanges so that id doesn't mail about suggestions >on packages that are not available. apt-listchanges neither knows nor cares about suggests or recommends. -- - mdz

Re: gimp1.2: gimp package suggest non-free software

On Thu, Nov 13, 2003 at 11:19:54AM -0600, Gunnar Wolf wrote: > But our users should not be expected to look at control files in order > to know what to install, should they? Users do this all the time, with tools like aptitude, apt-cache and dpkg which display [information from] the control file.

Re: gimp1.2: gimp package suggest non-free software

On Thu, Nov 13, 2003 at 08:32:21AM +0100, Mathieu Roy wrote: > Adam Heath <[EMAIL PROTECTED]> a tapoté : > > > On Wed, 12 Nov 2003, Mathieu Roy wrote: > > > >> I think this is a serious bug: the functionality of the free version > >> has been lowered to promote patent emcumbered package. > > > >

Re: apt-get problems

On Thu, Nov 13, 2003 at 10:25:13AM +1100, Russell Coker wrote: > Below are the errors I am getting from apt-get on some machines running > recent unstable. Is this a known bug or have I screwed up something? http://bugs.debian.org/199653 It would be greatly appreciated if you could track this d

Re: radiusd-freeradius history and future

On Thu, Nov 13, 2003 at 05:52:13PM +1100, Russell Coker wrote: > On Thu, 13 Nov 2003 12:54, Steve Langasek <[EMAIL PROTECTED]> wrote: > > > This is so ugly. > > > > Last I looked, there wasn't much in NIS that wasn't.  I think the amount > > of pain we should put other users through on account of

Re: Bug#155583: radiusd-freeradius history and future

On Wed, Nov 12, 2003 at 05:59:09PM +0100, Andreas Metzler wrote: > You are wrong, unix_chkpwd does NIS (at least in the szenario I just > tested). After changing unix_chkpwd from 4755 root:root to 2755 > root:shadow a NIS user can not unlock the terminal he has just locked > himself with vlock any

Re: Bug#155583: radiusd-freeradius history and future

On Thu, Nov 13, 2003 at 09:26:09PM +0100, Andreas Metzler wrote: > Matt Zimmerman <[EMAIL PROTECTED]> wrote: > > On Wed, Nov 12, 2003 at 05:59:09PM +0100, Andreas Metzler wrote: > > The code does this: > > > if (strcmp(pwd->pw_pa

Re: Bug#155583: radiusd-freeradius history and future

On Thu, Nov 13, 2003 at 11:16:59PM -0500, Sam Hartman wrote: > >>>>> "Matt" == Matt Zimmerman <[EMAIL PROTECTED]> writes: > > Matt> I think a single "Will you be using NIS?" question would be > Matt> justified; this could p

Re: ftpmaster accepts packages that have been rejected a few days ago

On Fri, Nov 14, 2003 at 08:28:16AM +0100, Marc Haber wrote: > How long did Eray wait for formal rejection? Did he receive regular > updates about the state of affairs? I don't know what Eray received via private mail, but he certainly kept the rest of debian-devel up-to-date on the process by com

Re: Some observations regardig the progress towards Debian 3.1

On Sat, Nov 15, 2003 at 05:42:20PM +0100, Adrian Bunk wrote: > Today, it's only 17 days until the officially announced "aggressive goal" > for the release of Debian 3.1 [1]. That's a date many users know about, > but I don't see any real progress towards Debian 3.1 during the last > months. I sup

Re: Debian Enterprise?

On Mon, Nov 17, 2003 at 01:45:05AM -0500, Andres Salomon wrote: > I can think of a few ways to offer the above. The first is a standalone > distribution, based on debian but with various enhancements (not a novel > idea, by any means). We could either base this on testing, doing snapshot > relea

Re: Some observations regardig the progress towards Debian 3.1

(trimming -release) On Tue, Nov 18, 2003 at 02:14:49AM +0100, Adrian Bunk wrote: > On Sun, Nov 16, 2003 at 11:53:36PM -0500, Matt Zimmerman wrote: > > So instead, we have a system where people take individual (or small > > group) responsibility for a particular piece of softwar

emacs20 obsolete? (Re: How to find all reverse depends of a package?)

On Mon, Nov 17, 2003 at 06:33:52PM -0500, Nathanael Nerode wrote: > I'm curious, for instance, as to why emacs20 hasn't managed to be removed > yet. Perhaps the maintainer hasn't requested its removal? I don't see a bug report open against ftp.debian.org. -- - mdz

Re: keysigning at SCALE 2X?

On Tue, Nov 18, 2003 at 01:14:26AM -0800, Eric Wong wrote: > I'll be attending SCALE 2X in Los > Angeles and I'm wondering if I could meet some Debian developers to get > my GPG key signed and get myself going along the New Maintainer process. Southern California D

Re: Some observations regardig the progress towards Debian 3.1

On Tue, Nov 18, 2003 at 06:06:08PM +0100, Adrian Bunk wrote: > This might work on pure servers, but how do you manage to run XFree86 > 4.1.0 on brand-new graphics cards (e.g. integrated graphics of brand-new > Intel systems) in non-Vesa resolutions? I don't, because I don't buy motherboards with

Re: MIPS port backlog, autobuilder machines and some arrogance

On Mon, Nov 17, 2003 at 03:56:44PM +0100, Goswin von Brederlow wrote: > DDs have to sign and upload a package with a backdoor. > > On the buildd I can install a gcc or other tool that will silently add > a backdoor to anything getting compiled and the buildd admin will sign > and upload the packa

Re: MIPS port backlog, autobuilder machines and some arrogance

On Thu, Nov 20, 2003 at 12:54:07AM +0100, Goswin von Brederlow wrote: > Matt Zimmerman <[EMAIL PROTECTED]> writes: > > The whole point of signing packages is that it is not anonymous at all, but > > traceable back to the signer. Assuming the keyholder protects his key >

Re: apt-rpm article -- the features we don't have

On Mon, Dec 01, 2003 at 07:06:41PM -0500, Joey Hess wrote: > Interesting article on LWN: http://lwn.net/Articles/60650/ (subscription > required) In summary, apparently apt-rpm users can now do some things > with apt that we cannot. This has been true for some time; merging the applicable parts o

Re: [debian enterprise] sub-project planning

On Mon, Dec 01, 2003 at 01:12:52PM -0500, Andres Salomon wrote: > For packages, we may want to focus on apt-secure > (http://monk.debian.net/apt-secure/); I'm not sure the status of it, [...] You could easily find out here: http://bugs.debian.org/203741 -- - mdz

Re: Revival of the signed debs discussion

On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote: > But this kind of tampering _can_ be checked by apt before installing > the deb simply by adding a signature verifyer into the > DPkg::Pre-Install-Pkgs config option, the same mechanism > apt-listchanges already uses to display

Re: more details on the recent compromise of debian.org machines

On Fri, Nov 28, 2003 at 10:08:45AM +0100, Bernd Eckenfels wrote: > In the final announcement I would add also a statement about reducing the > number of trust relations between the machines and perhaps limiting shell > access. It seems fairly clear that this was not an issue because the compromis

Re: [RFC] adding system users: which is the best way??

On Sun, Nov 30, 2003 at 01:47:29PM +0100, Bernhard R. Link wrote: > * Russell Coker <[EMAIL PROTECTED]> [031130 05:53]: > > Some daemons such as cups are written in a way that requires that they be > > able to write to their own configuration files. If such a daemon is run as > > non-root then

Re: Revival of the signed debs discussion

On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote: > Matt Zimmerman <[EMAIL PROTECTED]> writes: > > > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote: > > > > > But this kind of tampering _can_ be checked by apt before i

Re: Revival of the signed debs discussion

On Thu, Dec 04, 2003 at 03:03:39AM +0100, Goswin von Brederlow wrote: > Signed debs establish a trust chain from the buildd to the user and > from the buildd-admin/maintainer to the user as well as copy the > existing trust chain from ftp-master to the user into the deb itself. > > The Release.gp

Re: Backport of the integer overflow in the brk system call

On Tue, Dec 02, 2003 at 05:19:22PM -0800, Tom wrote: > Smartcards would have avoided the Debian compromise: merely having a > compromised DD box would have prevented bad guy from getting on the box. > > It's all about layers of defense. > > I think the DD's should seriously think about requirin

Re: Revival of the signed debs discussion

On Thu, Dec 04, 2003 at 12:28:41PM -0600, Manoj Srivastava wrote: > On Thu, 4 Dec 2003 11:47:50 -0500, Matt Zimmerman <[EMAIL PROTECTED]> said: > > > What kind of real world attacks do signed debs prevent? Not a > > compromised buildd, or a compromised maintainer'

Re: apt-rpm article -- the features we don't have

Just making another pass over this to associate the bug numbers for those who are interested (especially in helping with the merge effort). On Mon, Dec 01, 2003 at 07:06:41PM -0500, Joey Hess wrote: > To install a package directly, with apt downloading any necessary > dependencies: > apt-get in

Re: Revival of the signed debs discussion

On Thu, Dec 04, 2003 at 03:58:38PM -0500, Daniel Jacobowitz wrote: > On Thu, Dec 04, 2003 at 02:41:43PM -0500, Matt Zimmerman wrote: > > What kind of real world attacks do signed debs prevent? > > > > The only one which comes to mind is a rogue Debian developer that you do

Re: Revival of the signed debs discussion

On Wed, Dec 03, 2003 at 08:07:53AM +0100, Goswin von Brederlow wrote: > I wrote a little script that checks what apt things its installing > against what the control files of the debs say. I will test it with > some more fakes and then file it in the BTS. Why would you do this with a script rathe

<    1   2   3   4   5   6   7   8   9   >