Package: wnpp
Severity: wishlist
Owner: Harlan Lieberman-Berg
X-Debbugs-Cc: debian-de...@lists.debian.org, hlieber...@debian.org
* Package name: python-pyu2f
Version : 0.1.5
Upstream Contact: Google
* URL : https://www.github.com/google/pyu2f
* License
Package: wnpp
Severity: wishlist
Owner: Harlan Lieberman-Berg
X-Debbugs-Cc: debian-de...@lists.debian.org, an...@beanfield.com,
hlieber...@debian.org
* Package name: python-command-runner
Version : 1.6.0
Upstream Contact: Orsiris de Jong
* URL : https://github.com
tag 1061692 +patch
thanks
I've tested it, and it seems that manually adding the path to
d/install fixes the problem fine. Patch attached.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
From 9d9fc8e0a1b46af0c9bf13e7ff982af1b9e15c07 Mon Sep 17 00:00:00 2001
From: Harlan Lieberman-Berg
Date
nlocked
ModuleNotFoundError: No module named 'chirp.stock_configs'
Hopefully this is an easy fix! Thanks for your help maintaining this.
73,
--
Harlan Lieberman-Berg (KC1CHE)
~hlieberman
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: am
s building packages... should we be using a specific user?
I'm not sure!)
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
f
band, since we are a bit out of date at this point.
It's definitely on my radar! Hopefully we'll cross this off the list soon.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.5.0-2-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags
ng
set), or one of detection (are smartcards a valid choice at all)?
Potentially unrelated sidenote: setting
`/org/gnome/login-screen/enable-smartcard-authentication` to `false`
has no effect on the ability to login; it still refuses to allow
password auth.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
firmware version : 0.0
serial num :
pin min/max: 4/8
```
However...
```
❯ pkcs11-tool --list-objects --type cert
Using slot 0 with a present token (0x0)
```
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
(fix-uki) with the patch fuzzed and included, plus an
entry for d/changelog.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
tag 1038920 +patch
thanks
On Fri, Jun 30, 2023 at 6:35 AM Norbert Preining wrote:
> You could still send me the code and I give it an eye ;-)
Sold! preinst file is attached.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
preinst
Description: Binary data
fixed in a
preinst, I'd like more testing (and more eyes) on it than I normally
would, just for caution's sake.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
ackported the patches that fixed reused keys in 2.1.0-3.
Have you experienced this reversion behavior yourself, or is this just
based off of the changelog notes?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
uested that feature was... me. And then I just
never followed-up and put the flag in.
Whoops!
Pending upload now. :)
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
tag 1034325 +moreinfo
thanks
On Thu, Apr 13, 2023 at 12:54 AM Blieque wrote:
> The (legacy?) Cron job (`/etc/cron.d/certbot`) for Certbot runs the
> certificate renewal program every 12 hours, and starts with a random
> 0–12-hour delay. This helps to distribute load on Let's Encrypt servers
>
tag 1028535 +pending
thanks
On Fri, Jan 13, 2023 at 12:28 PM Karl O. Pinc wrote:
> What motivated me was interest in documenting this:
>
> ${webroot-path}/.well-known/acme-challenge
>
> I did just pester the certbot people into including that
> in certbot(1). But it has been helpful in the past
On Thu, Jan 12, 2023 at 1:06 PM Karl O. Pinc wrote:
> The certbot upstream includes a certbot(7) man page. At present this
> is not included in the Debian package. It would be helpful to have it
> included.
Hi Karl,
I'm interested in what you're looking for that's in the certbot.7
manpage.
> > === 1 error in 1.43s
> ===
This error stems from the .egg-info file being shipped as part of
python3-cffi, but the python3-cryptography lib only having Depends on the
cffi backend lib.
Morph, can you take a peek at this?
Thanks!
Sincerely,
—
Harlan Lieberman-Berg
~hlieberman
> --
Harlan Lieberman-Berg
~hlieberman
Thank you for reporting the issue! I've prepared a stable upload and
have sent a request for approval to the stable release team
(#1025925).
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
. However,
considering the simplicity of the patch, I'm not concerned about testing against
a stricter endpoint.
A source debdiff is attached. I await your thumbs-up before uploading.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
diff -Nru python-acme-1.12.0/debian/changelog
python-acme-1.12.0
upload.
+ * New upstream release (Closes: #994892, #1017058)
+ * Import patch to fix FTBFS in Linux >= 6.0 from upstream
+ * Add dh-dkms to build-depends
+
+ -- Harlan Lieberman-Berg Tue, 01 Nov 2022 11:56:26
-0400
+
evdi (1.9.0+dfsg-1) unstable; urgency=medium
* new upstream release 1.
On Fri, Aug 19, 2022 at 7:51 PM Borden wrote:
> The file /usr/share/doc/certbot/README.rst.gz provides a generic overview of
> certbot and advice to refer to the official documentation at
> https://certbot.eff.org/instructions?ws=apache=debiantesting . However,
> will be confusing for new
Package: xwayland
Version: 2:22.1.1-1
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: hlieber...@debian.org
After upgrade to 2:22.1.1-1, all X applications refuse to start. strace shows
that they hang on connect(2), waiting for the /tmp/.X11-unix/X0 socket.
XWayland on my
It looks like this is due to the migration of the efi capsule out to the
virtual packages fwupd-signed and fwupd-unsigned. Installing one should fix
the problem, but this bug should remain open to fix the underlying
Recommends’ bug.--
Harlan Lieberman-Berg
~hlieberman
to an author inside pyxdg and attempt to get them to
agree to license that segment under MIT.
3. Replace the code with an equivalent clean-room implementation.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
nk you for your report. I've forwarded this upstream for their
consideration.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
On Thu, Nov 11, 2021 at 10:12 PM Harlan Lieberman-Berg
wrote:
> I received a notification from the Certbot team that they were updating the
> PGP
> keys used to sign the next release to a new key, rsa3072/0xB6029E8500F7DB16,
> fingerprint BF6B CFC8 9E90 747B 9A68 0FD7 B602 9E85 00F7
Source: python-acme
Version: 1.18.0-1
Severity: wishlist
Tags: upstream
X-Debbugs-Cc: hlieber...@debian.org
I received a notification from the Certbot team that they were updating the PGP
keys used to sign the next release to a new key, rsa3072/0xB6029E8500F7DB16,
fingerprint BF6B CFC8 9E90 747B
k care of this version for you already.
jcfp, do you want to close the loop and do the upload, since you've
been working with Linus so far? Happy either way!
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
On Sat, Sep 4, 2021 at 12:00 AM Harlan Lieberman-Berg
wrote:
> I will be making an MR in Gitlab to this effect.
This has been done as
https://salsa.debian.org/kernel-team/linux/-/merge_requests/389.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
will be making an MR in Gitlab to this effect.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
renewal has been
configured on their behalf.
This flag has been permitted since v1.9, however, it has no effect prior to
v1.16.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
A simple update to 2.4.0 fixes this FTBFS (though note, it depends on
libportal which is only available in experimental).
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
PLv2 only
/ GPLv3 only) and I was trying to figure out the packaging in
preparation.
Sorry about that!
--
Harlan Lieberman-Berg
~hlieberman
have you installed plover-common from? That's not a package I
recognize in the archive.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
in to fix this in the next certbot release, but
I'm not sure it will be backported to stable. I'll speak with some
folks to get their opinions on whether it needs a backport or not
because it's such an edge-case.
Thanks for your report!
--
Harlan Lieberman-Berg
~hlieberman
Package: pulseaudio
Version: 14.0-2
Severity: normal
Tags: upstream
X-Debbugs-Cc: hlieber...@debian.org,
pkg-gnome-maintain...@lists.alioth.debian.org
Hello maintainers,
Not entirely sure whether this is a GNOME issue or a pulseaudio issue, but since
the breakage occured due to a change in the
On Sun, Jan 3, 2021 at 1:51 PM Adam D. Barratt wrote:
> Thanks. Please feel free to upload.
Uploaded!
--
Harlan Lieberman-Berg
~hlieberman
wrote:
>
>
>
> Le 01/01/2021 à 22:16, Harlan Lieberman-Berg a écrit :
> > […]
> > Can you also attach the output of this new script?
>
> You can find it in the attached files.
>
> $ ./import2.py > import2.out1 2> import2.out2
>
>
> --
> Nicolas
--
Harlan Lieberman-Berg
~hlieberman
the brownouts. I may be able to
encourage them to nudge it backwards into February.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
diff -Nru python-certbot-0.31.0/debian/changelog python-certbot-0.31.0/debian/changelog
--- python-certbot-0.31.0/debian/changelog 2019-02-09 19:39:59.0 -0500
++
.
A couple more things to try so we can get some more info:
find /usr/lib/python3/dist-packages/cryptography/hazmat -name __init__.py -ls
Can you also attach the output of this new script?
--
Harlan Lieberman-Berg
~hlieberman
#!/usr/bin/python3 -vvv
import os, sys
import pkgutil
def
ive me the output?
--
Harlan Lieberman-Berg
~hlieberman
#!/usr/bin/python3
import cryptography
print(cryptography.__file__)
print(cryptography.__version__)
import cryptography.hazmat
print(cryptography.hazmat.__file__)
import cryptography.hazmat.primitives
print(cryptography.hazmat.primitives.__file__)
r you to upload the log of the renewal that
occurred with the old version and the new version? The certbot client
version will be one of the first lines in the file.
Thanks for your help!
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
disruptions to their certificate
+renewals, this update backports the switch over to the ACMEv2 API.
+
+ -- Harlan Lieberman-Berg Fri, 04 Dec 2020 21:33:11
-0500
+
python-certbot (0.31.0-1) unstable; urgency=medium
* New upstream version 0.31.0
diff -Nru python-certbot-0.31.0/debian
Package: evdi-dkms
Version: 1.7.0+dfsg-1
Severity: grave
Hello maintainer,
Looking at #960391, it looks like we've seen another kernel regression for evdi.
Even on the evdi-dkms from experimental, the module FTBFS with 5.9.0.
The compile log is attached.
-- System Information:
Debian Release:
Source: gitlab
Severity: serious
Hello maintainer,
The source package contains copies of various project templates
(vendor/project_templates) that contain copyleft code which needs to
be mentioned in d/copyright.
For example, the git bundle ("./project.bundle") inside
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
n as on your machine, but I can't recreate the error.
Would it be possible for you to use rr to capture a dump of the segfault for me?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
erly.
Reassigning the bug to the correct packages.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
Package: cargo
Version: 0.43.1-3
Severity: wishlist
Hello fellow Rustaceans!
Because cargo has a direct dependency on OpenSSL, it seems logical that we
should switch the priority of openssl and gnutls so Cargo, at least by default,
isn't building against two different TLS implementations.
This
leanly to the
version of anki you have in master in salsa right now.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
Description: Fix mpv arguments to prevent failures
In mpv 0.31.0, it started interpreting its arguments strictly, such
that you must pass the option value after an equals sign. As a
d dependency for the time being.
Hi Julian,
Confirmed; this is fixed in the upstream version 2.1.20.
Sincerely,
--
Harlan Lieberman-Berg
works with :
>
> python3-requests 2.22.0-2
> python3-urllib31.24.1-1
>
> it fails with :
>
> python3-requests 2.22.0-2
> python3-urllib3 1.25.8-1
>
> a.
>
> On 21/02/2020 05:29, Harlan Lieb
future.
Thanks for your report!
--
Harlan Lieberman-Berg
~hlieberman
Package: wnpp
Severity: wishlist
Owner: Harlan Lieberman-Berg
* Package name: golang-github-letsencrypt-challtestsrv
Version : 1.2.0
Upstream Author : Let's Encrypt (Internet Security Research Group)
* URL : https://github.com/letsencrypt/challtestsrv
* License
Package: wnpp
Severity: wishlist
Owner: Harlan Lieberman-Berg
* Package name: pebble
Version : 2.3.0
Upstream Author : Let's Encrypt (Internet Security Research Group)
* URL : https://github.com/letsencrypt/pebble
* License : MPL-2.0
Programming Lang: Go
ersions of packages certbot depends on:
> ii python3 3.7.5-3
> ii python3-certbot 1.1.0-1
>
> certbot recommends no packages.
>
> Versions of packages certbot suggests:
> pn python-certbot-doc
> ii python3-certbot-apache 1.1.0-1
> pn python3-certbot-nginx
>
> -- no debconf information
>
--
Harlan Lieberman-Berg
~hlieberman
Nope; that’s what I get for filing bugs while sleep deprived.
Sorry for the spam!
On Tue, Dec 31, 2019 at 04:10 Faidon Liambotis wrote:
> On Mon, Dec 30, 2019 at 11:37:52PM -0500, Harlan Lieberman-Berg wrote:
> >
> >
> > Based on this license change, it seems to me
change, it seems to me that geoipupdate can no longer be
in main. Contrib may be a suitable home, however?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
tests my debs, but that should be happening in the next
week.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
mit to not being sure how reproducible-builds could have
been affected by the same thing. Otherwise, maybe a difference in one
of the deps that was fixed in the last... day?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
tem somewhere.
Other than that, +1, it's ready to ship!
--
Harlan Lieberman-Berg
~hlieberman
--- old.txt 2019-10-27 11:50:56.226063124 -0400
+++ new.txt 2019-10-27 11:53:02.668777460 -0400
@@ -11,12 +11,12 @@
python-acme is part of an implementation of the ACME protocol, as used
by the Let's Encr
to reflect that so I hopefully don't forget.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
On Sun, Oct 13, 2019 at 06:53 Adam D. Barratt
wrote:
> Apologies for the delay. Please go ahead.
Uploaded!
> --
Harlan Lieberman-Berg
~hlieberman
ect
> and meant for another unrelated package.
>
> Thank you,
>
> --
> Sunil
>
> --
Harlan Lieberman-Berg
~hlieberman
=medium
+
+ * This stretch update is to switch to using a POST-as-GET protocol
+before the November 1, 2019 deadline when Let's Encrypt will begin
+refusing requests using the (old) GET protocol. (Closes: #932248)
+
+ -- Harlan Lieberman-Berg Wed, 31 Jul 2019 22:26:45
-0400
+
python-acme
"The requested apache plugin does not appear to be installed."
>
> by
>
> "Plugin python-certbot-apache is missing, it must be installed"
--
Harlan Lieberman-Berg
~hlieberman
=medium
+
+ * Backport POST-as-GET support (Closes: #928452)
+
+ -- Harlan Lieberman-Berg Sat, 04 May 2019 21:32:00
-0400
+
python-acme (0.31.0-1) unstable; urgency=medium
* Bump dependency on josepy to >= 1.1.0
diff -Nru python-acme-0.31.0/debian/patches/0001-post-as-get.patch
python-a
Source: python-certbot
Version: 0.31.0-1
Severity: serious
Tags: upstream
Because of changes to the ACME v2 standard, unauthenticated GET
requests to ACME compatible APIs must be performed as special
POST-as-GET requests to be valid. The primary ACME API, Let's
Encrypt, has deprecated support
Package: sicherboot
Version: 0.1.5
Severity: wishlist
Tags: upstream
Hallo Julian!
Recently, I've started running into a problem where my efi partition
is so small that there isn't room to have two copies of the kernel
living in the efi partition to do the signing operation. Looking at
l111 of
reopen 905929
notfixed 905929 0.24.1-2
thanks
Unfortunately, the patch was missing an #ifdef. Correcting with -3
Lieberman-Berg Mon, 08 Apr 2019 18:07:45
-0400
+
lexicon (3.0.8-1) unstable; urgency=medium
[ Ana Custura ]
diff -Nru lexicon-3.0.8/debian/patches/0004-fix-dnsimple-creates.patch
lexicon-3.0.8/debian/patches/0004-fix-dnsimple-creates.patch
--- lexicon-3.0.8/debian/patches/0004-fix-dnsimple
Package: python3-lexicon
Version: 3.0.8-1
Severity: important
Tags: upstream
An update to the DNSimple API caused a bug in lexicon to go from
technically-wrong-but-working to straight-up-broke. A minor patch
ported from upstream will fix this problem, and unbreak the certbot
plugin that depends
On Mon, 8 Apr 2019 16:50:31 +0100 ana wrote:
> Thanks for the update on this. It would be a shame to drop the package
> entirely from Debian. Have had a look at the packaging on salsa and I'm
> happy to take over. I would need DM permissions on it to make uploads.
Hi Ana!
Happy to sponsor you
sor it in.
> --
Harlan Lieberman-Berg
~hlieberman
lan Lieberman-Berg
~hlieberman
functionality because "it wasn't supposed to change" (because that's
never caused bugs before, god knows.)
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
certbot-src.debdiff
Description: Binary data
was diffing the changes file instead of the .dsc. Attached.
--
Harlan Lieberman-Berg
~hlieberman
certbot-src.debdiff
Description: Binary data
is all that's needed.
What are your thoughts about using the security upload process to fix
this in a more aggressive timeline?
Apologies for the trouble. :(
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
h back to
compat level 9, they'll all be forcibly started again by the postinst,
correct? Or do we need to explicitly start it again?
--
Harlan Lieberman-Berg
~hlieberman
mctl-show-certbot.timer.txt;msg=20
. One of the reporters will have to follow up with the output of
journalctl -u certbot.timer, as I can't replicate the problem.
> Is certbot.timer restarted as part of the package update?
Not unless dh_installsystemd is doing it automagically, no.
Sincerely,
--
Harl
help.
I'm not subscribed to pkg-systemd-maintainers, so please keep me (and
the bug!) CCed.
Thanks much!
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
timer used to work, and now
no longer does, correct?
Can you send the output of `systemctl show certbot.timer`?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
deleted if you purge certbot, which is the
new and correct owner of that path.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
ery experienced, certbot will install its
own ciphersuites. If this is not desired, you can avoid it by not
using the apache plugin for installation, and only using it for
authentication.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
ython3 with the shebang,
so what /usr/bin/python is set to shouldn't matter. (Additionally,
I've tested it and it appears to still work even if it is set that
way.)
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
config files are
> modified.
Sent this one upstream!
--
Harlan Lieberman-Berg
~hlieberman
i.conf` return any rows?
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
he initial uploads used the wrong version numbers and had to
> be rejected. AIUI Harlan should be back this week, hopefully he can get
> to this.
>
> Cheers,
> Julien
>
> > > On Jan 8, 2019, at 4:24 PM, Harlan Lieberman-Berg
> > > wrote:
> > >
> >
Package: dpkg-dev
Version: 1.19.2
Severity: wishlist
Tags: security
Hello GCC Maintainers!
It would be Really Awesome (TM) if we could add the
-fstack-clash-protection flag to our default hardening posture. This
would have provided protection against the recent System Down
vulnerability
- parsedatetime_2.1-3+deb9u1
On Sun, Dec 2, 2018 at 7:55 PM Harlan Lieberman-Berg
wrote:
>
> On Sun, Dec 2, 2018 at 10:48 AM Julien Cristau wrote:
> > OK, let's do that then. Sorry for not getting back to this sooner.
>
> Sounds good. I'm preparing the uploads now.
>
> It looks lik
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
Get:1 copy:/<>/apt_archive ./ sbuild-build-depends-lintian-dummy
0.invalid.0 [852 B]
Get:2 http://deb.debian.org/debian unstable/main amd64 liblocale-gettext-perl
amd64 1.07-3+b4 [18.9 kB]
Get:3 http://deb.debian.org/debian unstable/main amd64
t ansible upstream may be uninterested in
fixing this as it will get fixed "automatically" when we switch to
using python3. We're working on that now, and we hope to have it
finished in time to get into buster before the freeze. They still
advertise py2 support, though, so I consider it still a
ommand without the
verbosity flags? That error appears to be a unicode string problem
related to some debug output.
--
Harlan Lieberman-Berg
~hlieberman
Hello all!
Just pinging this again for reconsideration. I ran into this
recently, and copy/pasting bits of makefile throughout various
packages' debian/rules seems like the wrong solution to me.
--
Harlan Lieberman-Berg
~hlieberman
uld also backport a newer version that builds python3. Let me know.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
out of backports without
breaking anything.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
y", line 842, in
> load
> metadata = fetcher.retrieve_iam_role_credentials()
> File "/usr/lib/python3/dist-packages/botocore/utils.py", line 291, in
> retrieve_iam_role_credentials
> r = self._get_request(url, timeout, num_attempts)
> File "/usr/lib/python3/dist-packages/botocore/utils.py", line 276, in
> _get_request
> response = self._session.send(request.prepare())
> File "/usr/lib/python3/dist-packages/botocore/httpsession.py", line 264, in
> send
> raise ProxyConnectionError(proxy_url=proxy_url, error=e)
> botocore.exceptions.ProxyConnectionError: Failed to connect to proxy URL:
> "http://127.0.0.1:9/;
> ...
> Ran 17 tests in 0.061s
>
> FAILED (errors=17)
> Test failed:
> error: Test failed: failures=0>
> E: pybuild pybuild:338: test: plugin distutils failed with: exit code=1:
> python3.6 setup.py test
> dh_auto_test: pybuild --test -i python{version} -p 3.6 returned exit code 13
> make: *** [debian/rules:6: build] Error 25
>
--
Harlan Lieberman-Berg
~hlieberman
Package: certbot
Severity: wishlist
As requested by jmorahan in
https://community.letsencrypt.org/t/certbot-dovecot-postfix-certificate-renewal-issue/72226/11,
we should add descriptive text to the cronjob reminding users that the
systemd timer is controlling if installed.
and should
not be used.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
1 - 100 of 329 matches
Mail list logo