y if the attacker was really clever there is almost zero
probability the backdoor can be spotted during a casual review of the
code. So it would be found only by pure chance.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
package was not
touched by the maintainer during recent x months and at least one bug is
opened not closed in the bugzilla on the package.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel
On Mon, 2010-01-18 at 14:04 -0500, Seth Vidal wrote:
>
> On Mon, 18 Jan 2010, Tomas Mraz wrote:
>
> > I think there should be at least two conditions which would have to be
> > fulfilled for the nagging bug to be created - the package was not
> > touched by the mainta
packages are going to get hidden behind the mass rebuilder.
But these rebuilds are mostly automated ones by Fedora releng and as
such not countable against the nag bug report.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
86_64
>
> Could somebody provide some insight what these files are (I guess some
> checksums) and why they are being installed to /usr/bin?
These are checksums required by FIPS-140-2 integrity verification checks
of the fipscheck and ssh binaries.
--
Tomas Mraz
No matter how far
es not prevent malicious attacker from subverting the
executable. The integrity check prevents just inadvertent modification
of the executables/libraries which contain the certified code.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
On Fri, 2010-01-22 at 17:08 +0100, Martin Langhoff wrote:
> On Fri, Jan 22, 2010 at 5:04 PM, Tomas Mraz wrote:
> > No, it does not prevent malicious attacker from subverting the
> > executable. The integrity check prevents just inadvertent modification
> > of the execut
dden file in /%{_lib} violates FHS - in my
opinion it does not as this is still non-executable arch-dependent file
or whether we need to create a fipscheck subdirectory in /%{_lib} as
well.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
be used to tunnel all traffic through a rogue VPN server
thus enabling attacker to monitor all the network traffic. The same
holds for enabling WLAN interfaces if they are currently disabled.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
On Tue, 2010-02-02 at 21:04 +0100, Björn Persson wrote:
> Tomas Mraz wrote:
> > There is still a slight problem with the library checksums especially
> > for the libgcrypt library which currently resides in /%{_lib}. This
> > means that if it looks for the checksum in %{_
On Tue, 2010-02-02 at 20:13 +0100, Till Maas wrote:
> On Tue, Feb 02, 2010 at 10:28:11AM +0100, Tomas Mraz wrote:
>
> > I am sorry, but I do not see a real need for special guideline for the
> > fipscheck checksums. The policy where these checksums should/will be
> > pla
ems and
> will be playing catch-up on features for a while. CRLs or OCSP, anyone?
>
> A thread from 2002 with some frank discussion that is still valid now:
>
> http://marc.info/?t=10117975211&r=1&w=2
The PKI is unfortunately hopelessly broken deep in its concepts.
Se
tually with the 'conservative update' policy once something
like KDE-4.0 is in the _final_ release of a Fedora, it will have to stay
there till the EOL of the release.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
yout changes. This
would be a judgement call based on how intrusive the changes are
(removing the File menu would be rude, but moving the plugin
configuration menu item would be acceptable).
In this case even major changes in user experience are justified -
knowingly insecure web browser just should
On Wed, 2010-09-22 at 12:48 +0200, drago01 wrote:
> On Wed, Sep 22, 2010 at 12:35 PM, Tomas Mraz wrote:
> > On Tue, 2010-09-21 at 15:47 -0600, Kevin Fenzi wrote:
> >> Greetings.
> >>
> >> I'd like to ask for feedback and helping cleaning up an update
On Wed, 2010-09-22 at 16:09 +0200, drago01 wrote:
> On Wed, Sep 22, 2010 at 3:34 PM, Tomas Mraz wrote:
>
> >> > This example is IMO wrong:
> >> > - WebKit requires an update to solve a security problem. This requires
> >> > updating Midori to a version
On Wed, 2010-09-22 at 10:04 -0500, Bruno Wolff III wrote:
> On Wed, Sep 22, 2010 at 17:01:02 +0200,
> Tomas Mraz wrote:
> > I say that the example of Webkit should be removed because if it is not
> > possible to backport the security patch and due to the version update
&g
nges in user experience
and minor updates from upstream in released Fedoras is unreasonably
strict.
Also when getting back to the infamous KDE 4.0 in Fedora 9 - when the
decision was made to ship KDE 4.0 (regardless of whether it was bad or
not) in the final release - it would be really st
troversial. The
problem here really is that some "not so important?" projects are forced
to accept all the restrictions and requirements and other "more
important?" projects get a free pass from them. This is unfortunate and
it does not improve the spirit of the p
session (setuid helper would be needed instead of using system service
to mount the volume).
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
you can easily
instruct the backend to authenticate against a network service that will
give you root user with no password. So we would have to trust the user
X session that is the authconfig frontend running in anyway.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
* create 20 empty folders
> * every of this gets a bind-mount to the users webspaces
>
> having 100 user with 5 subfolders in F15 means you
> see a list with 500 entries calling "df" in F15
>
> is this funny?
> no it is not!
But it still does just mean that df must
-2.fc16.x86_64
> # repoquery rpm
> rpm-0:4.9.0-10.fc16.x86_64
>
> Was this intentional?
Yes, rpm-4.9.1 has seriously broken rpmbuild process.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish p
e for rawhide - it depended on various
things whether it was needed or not.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
t; > time where the default was only ~/bin
>
> Can someone explain (or point to) the rationale appending these to PATH
> rather than prepending them? I would have expected user binaries to
> supersede system ones.
Although there is probably only a small number of sec
uot;a package getting untagged because it breaks koji
> buildroot and with the plan to go forward in EVR as soon as the bug is
> found and fixed".
>
> In this case, the bad rpm-build broke koji builds, and since Rawhide
> may eat babies, it can happen that Rawhide users need
en by the rpm build.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
he NSS OpenSSL compatibility support library and
patching PokerTH to use it instead of the GnuTLS.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
it for the SSL support. Either rewrite the SSL support to use
the native GNUTLS API, or use the NSS OpenSSL compatibility layer which
is written in such way that it does not conflict with the native OpenSSL
libraries.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
. Between beta to pre
release I'd require just 1 karma from non-proventester for critical
path.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
meeting.
Tomas Mraz
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
ay
17:57:04 sgallagh: great, so you can create provenpackagers request
;-)
17:57:19 Will do
17:59:19 * nirik nods. Sounds good. Anything more?
17:59:20 sgallagh, as for a special mass-rebuild branch - I do not think
it is necessary in this case
18:00:31 https://fedorahosted.org/fesco/ticket/660
18:01:16 If there is nothing else to discuss I'll close the meeting in 2
minutes.
18:03:26 #endmeeting
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
id file in (and patch the config file
> to use this directory for pid files)?
It is generally insecure to share groups/uids between different system
daemons.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
till
> configures and starts dnsmasq (at least on F14 using virt-manager)
> (eg I have a /28 bridges to eth1 with static IPs, I don't want it)
On a non-bridged setup it listens just on the virbr private interface
address so at l
On Tue, 2011-08-30 at 13:41 +0100, Matthew Garrett wrote:
> On Tue, Aug 30, 2011 at 06:50:11AM -0500, Bruno Wolff III wrote:
> > On Tue, Aug 30, 2011 at 03:33:04 +0200,
> > Kevin Kofler wrote:
> > >
> > > No, it means that (unless this was recently fixed) you have to modprobe
> > > it
> > >
On Tue, 2011-08-30 at 17:11 +0100, Matthew Garrett wrote:
> On Tue, Aug 30, 2011 at 11:49:37AM -0400, Bill Nottingham wrote:
> > Matthew Garrett (mj...@srcf.ucam.org) said:
> > > On Tue, Aug 30, 2011 at 02:50:10PM +0100, Tom Hughes wrote:
> > > > Or modules-load.d if you want to force load a modu
idated by dnssec. Simply if a
domain is marked as dnssec enabled in the parent record then it must
have correct dnssec entries or it should not be accepted. Domains that
are not marked as dnssec enabled (that should be the default for admins
that are unable or unwilling to use
, during
the open floor topic. Note that added topics may be deferred until
the following meeting.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
===
#fedora-meeting: FESCO (2011-10-10)
===
Meeting started by t8m at 17:01:11 UTC. The full logs are available at
http://meetbot.fedoraproject.org/fedora-meeting/2011-10-10/fesco.2011-10-10-17.01.log.html
Meeting summary
--
say that.
>
> Storing a public key is not an issue, so the fact I use my key with
> different projects has absolutely no bearing on my exposure, zero,
> zilch. Unless I store my *private* keys on non-personal machines.
>
> The problem is that blindly changing keys if a c
quot; but from the fact
that they are misused much harder than the passwords. And Fedora account
policy should reflect that and not blindly request changing SSH keys
from people who keep them safe.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
fyHostKeyDNS yes ultimately sets you to depend
on the DNSSEC security for your SSH connection security and that is
something we will never make default if upstream does not.
Setting it to 'VerifyHostKeyDNS ask' by default is another matter and I
am OK with th
aren't highly technical.
> Some don't even know what a private key is. They just follow the docs on
> the website and get access to contribute. Not everyone is a packager.
OK, but then you should not penalize also the people who keep their SS
On Wed, 2011-10-12 at 15:22 -0500, Mike McGrath wrote:
> On Wed, 12 Oct 2011, Tomas Mraz wrote:
>
> > On Wed, 2011-10-12 at 14:59 -0500, Mike McGrath wrote:
> > > On Wed, 12 Oct 2011, Henrik Nordström wrote:
> > >
> > > > ons 2011-10
On Wed, 2011-10-12 at 22:50 +0200, Pierre-Yves Chibon wrote:
> On Wed, 2011-10-12 at 16:27 -0400, Simo Sorce wrote:
> > On Wed, 2011-10-12 at 12:55 -0700, Adam Williamson wrote:
> > > On Wed, 2011-10-12 at 21:45 +0200, Tomas Mraz wrote:
> > >
> > > > That
quot;abcdefghijklmnopqrstuvwxyz".
>
> It meets the new criteria.
This is much easier to type and also passes:
12qwertyuiop
:)
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
On Wed, 2011-10-12 at 18:17 -0400, Paul Wouters wrote:
> On Wed, 12 Oct 2011, Tomas Mraz wrote:
>
> > Except nobody says or said that DNS without DNSSEC leads to the
> > automatic connection with such setting.
>
> I answered that multiple times, including today with
ically blocked though) under
the current update rules to give your own update a +1 karma. I at least
partially tried to change this rule but I did not get enough votes from
other FESCo members for this change.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
On Thu, 2011-10-13 at 10:29 +0200, Benny Amorsen wrote:
> Tomas Mraz writes:
>
> > And if this malicious DNS administrator controls the caching
> > nameserver you're using for DNS queries, he can present you ANY data
> > even 'valid' fake DNSSEC data.
&g
of the compromised systems we've heard so much
> > about.
>
> 4) There are indications for keys being shared between indivuals.
Which you dreamed up and made false accusations of. But let's suppose
that anyone really shares th
the open floor topic. Note that added topics may be deferred until
the following meeting.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
===
#fedora-meeting: FESCO (2011-10-24)
===
Meeting started by t8m at 17:00:16 UTC. The full logs are available at
http://meetbot.fedoraproject.org/fedora-meeting/2011-10-24/fesco.2011-10-24-17.00.log.html
.
Meeting summary
annot have any use of.
>
> > We already have it in $PATH for the normal user.
> Right, Fedora made the mistake to do so.
Exactly. This was not a good move at all. If there were any commands in
sbin that are usable also for regular users then they should have been
moved to bin.
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
t the
transaction depsolver in rpm, but the depsolver solving which packages
to put into the transaction), then zif would be allowed as the default
backend for PackageKit. There were some proposals/ideas by the rpm
developers to implement this depsolver in librpm although I do not know
whe
respond if there's additional information needed that the
> impacted user doesn't know how to provide. But at the end of the day,
> I feel its most important to have upstream talking directly with the
> person who can reproduce the problem. If I can't, I'm just a lossy
&
for
> the issue promptly. But it may be the case that we want to broaden it
> out to also cover issues that can be exploited from a default DVD
> install, if we consider the window between install and first update (if
> updates repos aren't used during installation) to be unaccepta
te that targeting the heaps of poor users that are eager to try
the newly shipped Fedora release would be probably much more easy and
efficient than targeting one user installing the Fedora here or there a
few months later. So yes, definitely remote root and user exploits in
the installer, Live CD
rd
http://benchmarkreviews.com/index.php?option=com_content&task=view&id=376&Itemid=65&limit=1&limitstart=4
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
kgdb until Thursday so you need
> a cvsadmin to reassign ownership for now).
>
>
> http://toshio.fedorapeople.org/fpca/packages_losing_owners.txt:
I'll take the following two:
> ctapi-common
> pyOpenSSL
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
. There exists hardware that does not require any binary blobs to be
downloaded or distributed within Fedora.
2. The feature does not have any substantial negative impact on the rest
of the distribution (apart from requiring some integration work from
grubby and anaconda maintainers).
3
to detect dupes?).
>
> I need to see why F15 has started doing this too.
> For example on my system there are 2 _identical_ entries
> for /home in /proc/mounts.
If you have the sandbox package installed, that is the reason.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
re conforms to Fedora legal requirements and the developers
of the affected packages are OK with integrating necessary patches, it
should be allowed.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
d
On Fri, 2011-06-24 at 09:43 -0400, Gregory Maxwell wrote:
> 2011/6/24 Tomas Mraz :
> > On Fri, 2011-06-24 at 11:10 +0200, Miloslav Trmač wrote:
> >> On Fri, Jun 24, 2011 at 10:24 AM, Gregory Maxwell
> >> wrote:
> >> > If trusted boot in fedora is w
ode.net.
>
> I thought the decision at last meeting was 1700 UTC/1pm EDT?
+1
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
.x86_64
gnome-mud-0:0.11.2-7.fc15.x86_64
gurlchecker-0:0.10.1-14.fc16.x86_64
odccm-0:0.11.1-4.fc15.x86_64
synce-hal-0:0.15-2.fc15.x86_64
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing
On Tue, 2010-02-02 at 21:54 +0100, Till Maas wrote:
> On Tue, Feb 02, 2010 at 09:30:44PM +0100, Tomas Mraz wrote:
> > On Tue, 2010-02-02 at 20:13 +0100, Till Maas wrote:
> > > On Tue, Feb 02, 2010 at 10:28:11AM +0100, Tomas Mraz wrote:
> > >
> > > > I am
On Tue, 2010-02-02 at 22:56 +0100, Björn Persson wrote:
> Tomas Mraz wrote:
> > The library will work fine and it will not compute the checksum at all
> > if the FIPS mode is not enabled which is the normal situation.
>
> Then perhaps FIPS mode can be left disabled until
ight be to allow the manual push to stable
after a week or so of the package living in the testing repository.
Somehow speeding up the process of getting the package to the hands of
users once it is entered into bodhi would be also appreciable.
--
Tomas Mraz
No matter how far down the wrong road yo
udying the Nix concepts in depth, but can you please
answer me just a simple question how security or other critical bugfixes
_in libraries_ are handled under this "RPATH for everything" paradigm?
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
.
> """
>
> https://fedoraproject.org/wiki/Packaging:UsersAndGroups
>
> I've updated bugzilla with this information as well.
Someone should perhaps correct the
http://fedoraproject.org/wiki/PackageUserCreation then.
Or add some rules on how to resolve conflicts among the
some leftover, but it appears the user/group isn't used
> for anything. So the package functions, but there are still some
> packaging bugs.
It is the user which can be used if the admin uncomments the appropriate
line in /etc/sysconfig/saslauthd.
--
Tomas Mraz
No matter
The NuFW changed its license to GPLv3 from GPLv2. This applies also to
the libnuclient library as NuFW subpackage.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
as I am afraid
of regressions. Do you think this change could break things in F13?
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://fedoraproject.org/wiki/Packaging:Systemd#Unit_Files
Eventual blocking of the packages that violate this Fedora packaging
rule was not yet definitively decided upon, but we agreed that the
Fedora package maintainers should be warned that such blocking might
happen before the Fedora 17 Alpha release.
--
On Mon, 2011-11-07 at 10:35 -0900, Jef Spaleta wrote:
> On Mon, Nov 7, 2011 at 10:28 AM, Tomas Mraz wrote:
> > Eventual blocking of the packages that violate this Fedora packaging
> > rule was not yet definitively decided upon, but we agreed that the
> > Fedora package
is still very preferable to keep having
separate /etc/sysconfig/$foo.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
s specifically
> requested but under the current circumstances it would gain nothing
> and just add an extra package to the repos.
Exactly. In case the binaries shipped along with the library do not pull
any additional dependencies and they are reasonably small, there is n
a, you can reply to
this e-mail, file a new ticket at https://fedorahosted.org/fesco,
e-mail me directly, or bring it up at the end of the meeting, during
the open floor topic. Note that added topics may be deferred until
the following meeting.
--
Tomas Mraz
No matter how far down the wrong road y
dy volunteers to be next week chair?
19:29:52 can't do next week .can do two weeks from now
19:30:22 * mmaslano is not sure wheter it's the first meeting of new fesco or
not
19:30:40 Oh yeah
19:30:42 oh, yeah, 2011-12-05 is the end of elections.
19:30:43 People should go and vote
19:30:44 I could do it if i'm still member ;-)
19:31:07 yeah, it would be the current fesco again next week...
19:31:11 then the next folks the week after.
19:31:20 i could do one last time i suppose
19:31:52 ajax: it's yours ;-)
19:32:14 #action ajax is the next week chair as it will be his last time
in FESCo :)
19:32:24 suitable punishment ;)
19:32:24 (for now)
19:32:44 #topic Open Floor
19:33:09 I have one announcement/reminder:
19:33:36 #info REMINDER: Please change your password and upload a new
ssh key if you have not already. Deadline is 2011-11-30!
19:33:39
http://lists.fedoraproject.org/pipermail/announce/2011-October/003005.html
19:34:32 * nirik has nothing else.
19:35:37 I will end the meeting if nobody speaks up in a minute.
19:36:12 * shaiton will start in 2 minutes then ^^
19:36:48 #endmeeting
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
to the https://fedoraproject.org/wiki/Updates_Policy wiki
page for further details.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
___
devel-announce mailing
if we go that
> route.
>
>
> Of course, a whitelist might be a better idea. Maybe we only
> allow .tar.gz, .tar.bz2 and .zip to be uploaded this way and make
> additional exceptions as they arise.
What about running a 'file' command on the stuff and if the output
c
On Mon, 2011-12-12 at 22:52 +0200, Jussi Lehtola wrote:
> On Mon, 12 Dec 2011 21:34:12 +0100
> Tomas Mraz wrote:
> > On Mon, 2011-12-12 at 15:21 -0500, Stephen Gallagher wrote:
> > > On Mon, 2011-12-12 at 13:16 -0700, Ken Dreyer wrote:
> > > > On Mon, Dec 12, 20
On Mon, 2011-12-12 at 22:06 +0100, Tomas Mraz wrote:
> On Mon, 2011-12-12 at 22:52 +0200, Jussi Lehtola wrote:
> > On Mon, 12 Dec 2011 21:34:12 +0100
> > Tomas Mraz wrote:
> > > On Mon, 2011-12-12 at 15:21 -0500, Stephen Gallagher wrote:
> > > > On Mon, 2
t completely theoretical situation nobody is arguing
on. It is theoretical because there is still not _perfect and complete
form_ of the UsrMove feature. Yes, most of the objections to it were
eventually fixed/workarounded/rebutted but I'm sure not all of them.
--
Tomas Mraz
No
On Thu, 2012-02-09 at 10:06 +0100, drago01 wrote:
> On Thu, Feb 9, 2012 at 8:57 AM, Tomas Mraz wrote:
> > On Thu, 2012-02-09 at 04:24 +, Matthew Garrett wrote:
> >> On Thu, Feb 09, 2012 at 02:14:53AM +0100, Kevin Kofler wrote:
> >>
> >> > IMHO, FESCo n
comparison to the break of expectations of
existing users and developers of 3rd party software. So if you mainly
ignore the existing expectations you might come to a conclusion that
this feature is a net gain however this is by no means certain thing and
undisputable.
--
Tomas Mraz
No matter how f
a bug report if that's the case.
>
> /bin and /sbin paths were already removed in latest setup package - as
> you no longer need them... so no need for bugzilla and report...
I'm not sure, but I think bash has hardcoded PATH for /bin and /usr/bin
as well.
--
Tomas Mraz
perly applied to some of the
recent disruptive changes. Particularly the very recent unnamed
disruptive change in Fedora 17.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel
een daemons/services that are not shareable with
the stock SELinux policy as that means you need to start to add policy
modules to allow the access.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Following is the list of topics that will be discussed in the FESCo
meeting today at 18:00UTC (1:00pm EST, 2:00pm EDT) in #fedora-meeting on
irc.freenode.net.
Links to all tickets below can be found at:
https://fedorahosted.org/fesco/report/9
= Followups =
#topic #699 Proposal to remove the pa
===
#fedora-meeting: FESCO (2012-03-12)
===
Meeting started by t8m at 18:02:05 UTC. The full logs are available at
http://meetbot.fedoraproject.org/fedora-meeting/2012-03-12/fesco.2012-03-12-18.02.log.html
.
Meeting summary
--
On the FESCo meeting today the deprecated package policy was adjusted.
We agreed on the following proposal:
Packages may be unretired without review up to 2 weeks after
retirement providing that the package has ever previously been
reviewed.
--
Tomas Mraz
No matter how far down the wrong road
n imagine situation when
sysadmin wants his own package to do it. I have to second the request to
be the default /etc/sysctl.conf empty and moving the Fedora defaults to
sysctl.d/00-systemdefault.conf.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
to start the ball rolling and collect feedback from
> everyone. No need to feel bad about not being there to give feedback at
> this first meeting.
+1, I do not see any harm in starting the discussion on the yesterday
meeting as well.
--
Tomas Mraz
No matter how far down t
the general requirement that builds on the architecture to be
promoted must not take much longer time than builds on the current
primary architectures still stays.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turki
ur .path unit you'd write something like this:
>
> [Path]
> PathExists=/etc/crontab
> DirectoryNotEmpty=/etc/cron.d
> DirectoryNotEmpty=/var/spool/cron
>
> And the moment where /etc/crontab starts to exist, or somebody drops a
> file into /etc/cron.d or /var/spool/cron
On Thu, 2010-11-25 at 09:31 +0100, Michał Piotrowski wrote:
> 2010/11/25 Tomas Mraz :
> > On Wed, 2010-11-24 at 21:56 +0100, Lennart Poettering wrote:
> >> That's the point of the .path unit. i.e. you can list dirs to watch. If
> >> a user then drop a file
On Thu, 2010-11-25 at 09:31 +0100, Michał Piotrowski wrote:
> 2010/11/25 Tomas Mraz :
> > On Wed, 2010-11-24 at 21:56 +0100, Lennart Poettering wrote:
> >> That's the point of the .path unit. i.e. you can list dirs to watch. If
> >> a user then drop a file
On Fri, 2010-11-26 at 02:07 +0100, Miloslav Trmač wrote:
> Lennart Poettering píše v Pá 26. 11. 2010 v 01:27 +0100:
> > On Thu, 25.11.10 17:33, Tomas Mraz (tm...@redhat.com) wrote:
> > And also, cron does a couple of really nasty things. For example it
> > wakes up in regul
On Fri, 2010-11-26 at 03:05 +0100, Lennart Poettering wrote:
> On Fri, 26.11.10 02:07, Miloslav Trmač (m...@volny.cz) wrote:
>
> > Lennart Poettering píše v Pá 26. 11. 2010 v 01:27 +0100:
> > > On Thu, 25.11.10 17:33, Tomas Mraz (tm...@redhat.com) wrote:
> > > A
1 - 100 of 300 matches
Mail list logo
