Re: Is Fedora Have Backdoor ?!

On Mon, Feb 23, 2015 at 08:44:28AM +0800, Christopher Meng wrote: > On 2/23/15, مصعب الزعبي wrote: > > Even it just a Meta headers , the user approve must be taken. May at Fedora > > installation , and a way to stop must be available , too. > > > > These issues must be in control by user . > > An

Re: Easiest way to debug build failures on rawhide?

On Sun, Feb 22, 2015 at 4:52 PM, Orion Poplawski wrote: > On 02/21/2015 08:07 PM, Dave Johansen wrote: > >> >> I'm looking into another issue on F22 but there's no .cfg for that. Is >> that still just coming down the pipeline since the branch just recently >> happened? Or is there a way I can man

Re: orphaning wiiuse

On Mon, 2015-02-23 at 00:11 -0500, Simo Sorce wrote: > I'm orphaning the wiiuse package (for f22+), the last release was almost Correction I orphaned for all but f20. > 2 years ago and I have no time to care for it. > > Feel free to grab it if you use it, maintenance burden has not been high > s

orphaning wiiuse

I'm orphaning the wiiuse package (for f22+), the last release was almost 2 years ago and I have no time to care for it. Feel free to grab it if you use it, maintenance burden has not been high so far. Simo. -- Simo Sorce * Red Hat, Inc * New York -- devel mailing list devel@lists.fedoraprojec

RE: Is Fedora Have Backdoor ?!

On Sun, Feb 22, 2015 at 5:15 PM, مصعب الزعبي wrote: Even it just a Meta headers , the user approve must be taken. May at Fedora installation , and a way to stop must be available , too. These issues must be in control by user . Kind Regards Mosaab Hi, You can disable this by running the fo

Re: amending the new package process

On 01/25/2015 08:19 AM, Zbigniew Jędrzejewski-Szmek wrote: On Sat, Jan 24, 2015 at 12:32:55AM +0100, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a re

Re: amending the new package process

On 01/23/2015 04:32 PM, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understandi

Re: Is Fedora Have Backdoor ?!

On 02/22/2015 01:14 PM, Florian Weimer wrote: * Reindl Harald: "He got a two domains without any control of him" makes no sense Come on, Harald, please try to be a little bit more constructive. Mosaab's question is pretty easy to understand, and his concerns are shared by some Fedora contribu

Re: service accepting commands from the network by default

Elasticsearch was never safe: http://www.elasticsearch.org/community/security/ https://bugzilla.redhat.com/show_bug.cgi?id=1124252 So it shouldn't go ahead in current status. -- Yours sincerely, Christopher Meng http://cicku.me -- devel mailing list devel@lists.fedoraproject.org https://admi

Re: Is Fedora Have Backdoor ?!

On 2/23/15, مصعب الزعبي wrote: > Even it just a Meta headers , the user approve must be taken. May at Fedora > installation , and a way to stop must be available , too. > > These issues must be in control by user . And your friend can freely switch to other distributions as well if he really want

Re: Easiest way to debug build failures on rawhide?

On 02/21/2015 08:07 PM, Dave Johansen wrote: I'm looking into another issue on F22 but there's no .cfg for that. Is that still just coming down the pipeline since the branch just recently happened? Or is there a way I can manually create the .cfg file? Thanks, Dave The just released 1.2.7-1 ha

RE: Is Fedora Have Backdoor ?!

Even it just a Meta headers , the user approve must be taken. May at Fedora installation , and a way to stop must be available , too. These issues must be in control by user . Kind Regards Mosaab > Date: Sun, 22 Feb 2015 17:44:59 -0500 > From: mat...@fedoraproject.org > To: devel@lists.fedorapr

Re: Is Fedora Have Backdoor ?!

On Mon, Feb 23, 2015 at 12:37:44AM +0200, مصعب الزعبي wrote: > My friend didn't have enabled auto-update. There was an earlier discussion here. Even without updates automatically applied, metadata about potential updates is downloaded automatically. > He completely Surprised of un-human-authoriz

Re: Is Fedora Have Backdoor ?!

* مصعب الزعبي: > Thank You for Care .. from everybody for this case .. > > I know that talking about Fedora as a backdoor container makes us angry .. > But we must be careful about these sensitive issues. > > As a reply : > > My friend didn't have enabled auto-update. The archive meta-data can

RE: Is Fedora Have Backdoor ?!

Thank You for Care .. from everybody for this case .. I know that talking about Fedora as a backdoor container makes us angry .. But we must be careful about these sensitive issues. As a reply : My friend didn't have enabled auto-update. He completely Surprised of un-human-authorized connectio

Re: Note for packages linking against GSL [ACTION NEEDED]

On Sat, Feb 21, 2015 at 03:50:16PM -0800, Susi Lehtola wrote: > Hi, > > the GNU Scientific Library (GSL) contains some linear algebra > routines that need a CBLAS library to work. > > GSL contains a compatibility CBLAS library (gslcblas) that provides > a version of these routines. In 2010, we st

Re: Is Fedora Have Backdoor ?!

* Reindl Harald: > that has some meaning and in case of taking strong words like > "backdoor" in my mouth and accuse the distribution that way i expect Please read the Fesco ticket I referenced. Such concerns are far from isolated. (I think they are unwarranted, but they neverless exist.) As t

Re: Is Fedora Have Backdoor ?!

Am 22.02.2015 um 22:20 schrieb Florian Weimer: * Reindl Harald: sorry *but* "He got a two domains without any control of him" does not make any sense to me, it still does not The two host names he mentioned are used to host wildcard.fedoraproject.org. His friend is concerned because he see

Re: Is Fedora Have Backdoor ?!

* Reindl Harald: > sorry *but* "He got a two domains without any control of him" does not > make any sense to me, it still does not The two host names he mentioned are used to host wildcard.fedoraproject.org. His friend is concerned because he sees connection attempts to them even though they ar

Re: Is Fedora Have Backdoor ?!

Am 22.02.2015 um 22:14 schrieb Florian Weimer: * Reindl Harald: "He got a two domains without any control of him" makes no sense Come on, Harald, please try to be a little bit more constructive. Mosaab's question is pretty easy to understand, and his concerns are shared by some Fedora contr

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 01:55:31PM -0700, Kevin Fenzi wrote: > On Sun, 22 Feb 2015 21:25:01 +0100 > Zbigniew Jędrzejewski-Szmek wrote: > > > So, my problem is whether the package should go through review in > > current state. My gut feeling is that it shouldn't, but I don't want > > to overstep m

Re: Is Fedora Have Backdoor ?!

* Reindl Harald: > "He got a two domains without any control of him" makes no sense Come on, Harald, please try to be a little bit more constructive. Mosaab's question is pretty easy to understand, and his concerns are shared by some Fedora contributors:

Re: Is Fedora Have Backdoor ?!

* مصعب الزعبي: > Hi , I got a message from my friend a programmer. > > And he asked me , Is Fedora have a backdoor !!! > > He got a two domains without any control of him and without updates enabled > and controlled by NetworkManager , domains are : > > vm3.fedora.ibiblio.org > > proxy3.fedorapro

Re: Is Fedora Have Backdoor ?!

Am 22.02.2015 um 21:59 schrieb مصعب الزعبي: No it's a real problem .. What the information by 443 port that shared by NetworkManager !!! to un-local servers . the problem is that *nobody* knows what you are talking about THIS IS THE DEFINITION OF BACKDOOR !!! you first need to define the "

Re: Is Fedora Have Backdoor ?!

On Sun, Feb 22, 2015 at 10:59:06PM +0200, مصعب الزعبي wrote: > No it's a real problem .. What the information by 443 port that shared by > NetworkManager !!! to un-local servers . > > THIS IS THE DEFINITION OF BACKDOOR !!! What you probably see is network connectivity check, done by NetworkMa

Re: Is Fedora Have Backdoor ?!

On Sun, 22 Feb 2015 22:59:06 +0200 مصعب الزعبي wrote: > No it's a real problem .. What the information by 443 port that > shared by NetworkManager !!! to un-local servers . > > THIS IS THE DEFINITION OF BACKDOOR !!! It's hard to say what you are talking about here, but I suspect it may be the N

RE: Is Fedora Have Backdoor ?!

No it's a real problem .. What the information by 443 port that shared by NetworkManager !!! to un-local servers . THIS IS THE DEFINITION OF BACKDOOR !!! Regards Mosaab Date: Sun, 22 Feb 2015 21:48:57 +0100 From: h.rei...@thelounge.net To: devel@lists.fedoraproject.org Subject: Re: Is Fedora Ha

Re: service accepting commands from the network by default

On Sun, 22 Feb 2015 21:25:01 +0100 Zbigniew Jędrzejewski-Szmek wrote: > So, my problem is whether the package should go through review in > current state. My gut feeling is that it shouldn't, but I don't want > to overstep my role as a reviewer. I'd personally agree. Can they not at least make i

Re: Is Fedora Have Backdoor ?!

Am 22.02.2015 um 21:41 schrieb مصعب الزعبي: Hi , I got a message from my friend a programmer. And he asked me , Is Fedora have a backdoor !!! He got a two domains without any control of him and without updates enabled and controlled by NetworkManager , domains are : vm3.fedora.ibiblio.org prox

Is Fedora Have Backdoor ?!

Hi , I got a message from my friend a programmer. And he asked me , Is Fedora have a backdoor !!! He got a two domains without any control of him and without updates enabled and controlled by NetworkManager , domains are : vm3.fedora.ibiblio.org proxy3.fedoraproject.org And both directed to h

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 01:08:34PM -0700, Kevin Fenzi wrote: > On Sun, 22 Feb 2015 15:04:18 +0100 > Zbigniew Jędrzejewski-Szmek wrote: > > > Are Fedora packages allowed to have a default configuration in which > > the service accepts commands from the network in the default > > configuration? >

Re: service accepting commands from the network by default

On Sun, Feb 22, 2015 at 07:51:06PM +0100, Reindl Harald wrote: > and then comes the default firewall on F21 workstation with all > ports > 1024 open because things "have to work out of the box" Yes, this is the reason why I'm asking. If there was a restrictive firewall by default, this would not be

Re: service accepting commands from the network by default

On Sun, 22 Feb 2015 15:04:18 +0100 Zbigniew Jędrzejewski-Szmek wrote: > Are Fedora packages allowed to have a default configuration in which > the service accepts commands from the network in the default > configuration? Commands from the network what sort of commands? Perhaps you had an exampl

Re: Idea: Apache configuration snippets

On Sun, 2015-02-22 at 18:51 +0100, Remi Collet wrote: > Le 22/02/2015 07:21, Adam Williamson a écrit : > > Working on the ownCloud package today, it occurred to me that we > > probably have quite a lot of packages carrying Apache access > > control snippets around, like these: > > This configura

Re: service accepting commands from the network by default

Am 22.02.2015 um 19:46 schrieb M. Edward (Ed) Borasky: Yes, I would think: a) all services should be disabled and their ports closed by default, and b) the documentation should describe how to enable the service and open the ports and then comes the default firewall on F21 workstation with a

Re: service accepting commands from the network by default

Yes, I would think: a) all services should be disabled and their ports closed by default, and b) the documentation should describe how to enable the service and open the ports On Sun, Feb 22, 2015 at 6:04 AM, Zbigniew Jędrzejewski-Szmek wrote: > Are Fedora packages allowed to have a default conf

Re: Idea: Apache configuration snippets

Le 22/02/2015 07:21, Adam Williamson a écrit : > Working on the ownCloud package today, it occurred to me that we > probably have quite a lot of packages carrying Apache access control > snippets around, like these: This configuration have a big advantage, it can be upstream ;) Remi. -- deve

Re: Idea: Apache configuration snippets

Am 22.02.2015 um 18:45 schrieb Adam Williamson: On Sun, 2015-02-22 at 18:28 +0100, Reindl Harald wrote: Am 22.02.2015 um 18:17 schrieb Adam Williamson: In fact, if we put the snippets in the Apache package or some package which is tied to Apache versioning, we can drop all the stuff - Apache

Re: Idea: Apache configuration snippets

On Sun, 2015-02-22 at 18:28 +0100, Reindl Harald wrote: > Am 22.02.2015 um 18:17 schrieb Adam Williamson: > > On Sat, 2015-02-21 at 22:21 -0800, Adam Williamson wrote: > > > > > > would it make sense to provide these in some common package as > > > 'snippets' that could be included into configura

Re: Idea: Apache configuration snippets

Am 22.02.2015 um 18:17 schrieb Adam Williamson: On Sat, 2015-02-21 at 22:21 -0800, Adam Williamson wrote: would it make sense to provide these in some common package as 'snippets' that could be included into configuration files? Then we could have something like: Include auth-local.inc

Re: Idea: Apache configuration snippets

On Sat, 2015-02-21 at 22:21 -0800, Adam Williamson wrote: > > would it make sense to provide these in some common package as > 'snippets' that could be included into configuration files? Then we > could have something like: > > > Include auth-local.inc > > > instead of schlepping the boi

RFC : in-development flag for packages

This has been brewing in my head for a while so I'll just spill it Introduce an "in-development" flag for packages in Fedora. What is it?: - A flag in pkgdb - boolean property for a package under the control of the primary POC for rawhide. - A rpm flag in the rpm products of a build How will

service accepting commands from the network by default

Are Fedora packages allowed to have a default configuration in which the service accepts commands from the network in the default configuration? The daemon is not enabled by default, so the administrator has to do a systemctl enable/start first. This means that just installing the package does no

Re: So everything in Rawhide must be compiled with -fPIC?

On Fri, Feb 20, 2015 at 07:28:50PM +, Peter Robinson wrote: > On Fri, Feb 20, 2015 at 6:55 PM, Till Maas wrote: > > On Fri, Feb 20, 2015 at 05:21:59PM +, Peter Robinson wrote: > >> >> I've never argumented against the goal that web browser or all network > >> >> aware > >> >> services sho