Sorry, if I missed this in previous messages...
Are the cvs tags going to become git tags, or git branches? When I
checked out ~48 hours ago, it seemed like everything was a git branch,
which is not what I expected for the build tags.
kernel.org admins recommend either 'git tag -a' or 'git
On 12/19/2009 08:04 PM, Jesse Keating wrote:
On Dec 19, 2009, at 15:02, Jeff Garzik jgar...@pobox.com wrote:
Sorry, if I missed this in previous messages...
Are the cvs tags going to become git tags, or git branches? When I
checked out ~48 hours ago, it seemed like everything was a git
On 12/14/2009 04:57 PM, Todd Zullinger wrote:
Mike Chambers wrote:
If I understand what is happening now (and over the past weekend),
the datacenter machines are moving to a new location, AND the
package building is moving from cvs to git (will be, or already in
process)?
Only the former is
On 11/24/2009 08:31 PM, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 06:17:08PM -0600, Dennis Gilmore wrote:
the goal for F-13 is to have unified media, for F-14 and beyond we could look
at other options like having a 64 bit kernel and 32 bit userland. i should
have stated that a bit more
On 11/24/2009 09:58 PM, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 09:19:22PM -0500, Jeff Garzik wrote:
So would this mean one disk with two repositories on it, or is everything
mashed together all in one repository?
The current x86-64 has both 32-bit and 64-bit mashed together, so
On 11/25/2009 01:32 AM, Jesse Keating wrote:
On Nov 24, 2009, at 19:30, Jeff Garzik jgar...@pobox.com wrote:
On 11/24/2009 09:58 PM, Matthew Miller wrote:
On Tue, Nov 24, 2009 at 09:19:22PM -0500, Jeff Garzik wrote:
So would this mean one disk with two repositories on it, or is
everything
On 11/20/2009 02:21 AM, Rudolf Kastl wrote:
there are also inconsistencies between gui clickery and shell usage...
simple example:
click shutdown in gnome just does it in f12
Yeah, you can do that in F11 as well :(
I agree, this needs protecting with a root password too.
Jeff
--
On 11/19/2009 09:03 AM, Chris Adams wrote:
Again, you are also making the assumption that desktop distro ==
single-user system, when the Fedora desktop work is going in the other
direction (making the desktop more multi-user friendly). Many home
systems are now multi-user, and not everybody
On 11/19/2009 12:16 PM, Simon Andrews wrote:
Bill Nottingham wrote:
Jeff Garzik (jgar...@pobox.com) said:
This sounds like a tacit admission that the default install for
servers is bloody stupid (== same as desktop), unless the admin
REMOVES packages we helpfully installed on the server system
On 11/19/2009 03:59 PM, Peter Jones wrote:
On 11/19/2009 03:37 PM, Jeff Garzik wrote:
On 11/19/2009 12:16 PM, Simon Andrews wrote:
Bill Nottingham wrote:
Jeff Garzik (jgar...@pobox.com) said:
This sounds like a tacit admission that the default install for
servers is bloody stupid (== same
Note to all...
Please add your vote to
https://bugzilla.redhat.com/show_bug.cgi?id=534047 (Active local console
users get to install signed software on a machine they do not have the
root password to)
I agree with Rahul that it is less productive to +1 on this email thread.
Jeff
On 11/19/2009 07:48 PM, Jesse Keating wrote:
On Nov 19, 2009, at 13:51, Jeff Garzik jgar...@pobox.com wrote:
Note to all...
Please add your vote to
https://bugzilla.redhat.com/show_bug.cgi?id=534047 (Active local
console users get to install signed software on a machine they do not
have
On 11/19/2009 08:25 PM, Jeff Spaleta wrote:
On Thu, Nov 19, 2009 at 4:15 PM, Jeff Garzikjgar...@pobox.com wrote:
Are you not familiar with the concept of bugzilla votes? Try clicking on
the '(vote)' link sometime.
I'm not aware of a workflow or policy which takes into account
bugzilla votes
On 11/19/2009 09:20 PM, Jeff Spaleta wrote:
On Thu, Nov 19, 2009 at 4:34 PM, Jeff Garzikjgar...@pobox.com wrote:
I'm curious what Fedora leaders think is the proper forum for __Fedora
users__ to register complaints against this policy. Voting seems to be the
most efficient, and least spam-y
Sorry, but this default (desktop users can install pkgs without root) is
just stupid. It is antithetical to all standard security models that
have come before in Fedora and other Linux distributions.
Instead of shielding yourselves with silly arguments about the lack of
lock-and-key on a
On 11/18/2009 12:45 PM, Bastien Nocera wrote:
On Wed, 2009-11-18 at 18:08 +0100, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Seems fair as the default for a desktop installation.
On 11/18/2009 01:04 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
You have PackageKit installed on servers? really?
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined
On 11/18/2009 01:28 PM, Seth Vidal wrote:
I didn't say it did - I said it didn't make sense to have items like PK
on servers.
Listen to yourself.
The above is a blatant admission that it is REALLY EASY for existing
users to upgrade themselves into a security nightmare.
* F11 w/
On 11/18/2009 01:23 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 19:18, schrieb Colin Walters:
This is a major change. I vote for secure by default.
If the admin wishes this surprise-root feature to be enabled he can
enable it.
I'm not sure how this is 'surprise
On 11/18/2009 01:41 PM, Konstantin Ryabitsev wrote:
2009/11/18 Simo Sorcesso...@redhat.com:
On Wed, 2009-11-18 at 13:19 -0500, Konstantin Ryabitsev wrote:
This significantly limits the number of users with powers to install
signed software -- almost to the point of where it sounds like a fair
On 11/18/2009 02:26 PM, Bob Arendt wrote:
On 11/18/09 12:03, Konstantin Ryabitsev wrote:
2009/11/18 Simo Sorcesso...@redhat.com:
If I have physical access to your machine, I'll own it. I may have to
use tools to get to the HDD, but it's only a question of time and
dedication.
*you* are not
On 11/18/2009 02:53 PM, Casey Dahlin wrote:
The answer is: because being associated with a login on the local console
doesn't verify that it is a /user/ in control.
Bingo.
I guess everyone else missed that day in Security 101 class.
Jeff
--
fedora-devel-list mailing list
On 11/18/2009 03:25 PM, Colin Walters wrote:
On Wed, Nov 18, 2009 at 3:20 PM, Jeff Spaletajspal...@gmail.com wrote:
I'm not sure enough sysadmins understand PolicyKit enough to
confidently generate local policy edits. I think learning how to
implement site specific PolicyKit best practises
On 11/18/2009 04:34 PM, Seth Vidal wrote:
I said I do remove items from @core that I don't need. It was my way of
saying servers should have as little as possible on them.
You keep repeating this, as if your personal actions and situation are
relevant.
How many existing installs out there
On 11/18/2009 04:46 PM, Seth Vidal wrote:
Jeff, I think you're misunderstanding, a lot, here. I'm not in favor of
user-can-install-pkgs. I'm just explaining why I don't think pk should
be on servers.
PK will be on F12 servers, because of upgrades and very poor
communication of this new
On 11/18/2009 05:14 PM, Richard Hughes wrote:
2009/11/18 Jeff Garzikjgar...@pobox.com:
How little social engineering + virus automation does it take to get such an
install to include a malicious 3rd party repo?
You need the root password to install from repos not signed by a key
previously
On 11/18/2009 05:36 PM, Colin Walters wrote:
On Wed, Nov 18, 2009 at 5:18 PM, Jeff Garzikjgar...@pobox.com wrote:
You forget we have botnets doing distributed cracking now.
But...if you've cracked the root password, there are rather easier
(and less audited) routes to trojaning the system
On 11/18/2009 05:38 PM, Richard Hughes wrote:
If you're deploying F12, then I really think you should know the
basics about PolicyKit.
should?
The F12 security policy is dumbed down to make life easier for users,
making it easier for them to get by with -less- knowledge. And yet you
claim
On 11/18/2009 05:51 PM, Rahul Sundaram wrote:
On 11/19/2009 04:19 AM, Richard Hughes wrote:
2009/11/18 Seth Vidalskvi...@fedoraproject.org:
Richard,
to be fair, when I asked you how to edit a .pkla file you couldn't tell me.
So, if our engineers don't know the basics, how should our users?
On 11/18/2009 06:12 PM, Richard Hughes wrote:
2009/11/18 Eric Christensene...@christensenplace.us:
Has anyone drafted a notice to go out on the Announce List explaining
this vulnerability? If admins don't know to fix/remove PK then they are
putting their systems at risk.
I'm really bored of
On 11/18/2009 07:23 PM, Bill Nottingham wrote:
Jeff Garzik (jgar...@pobox.com) said:
Sorry, but this default (desktop users can install pkgs without
root) is just stupid. It is antithetical to all standard security
models that have come before in Fedora and other Linux
distributions.
Out
On 11/18/2009 07:34 PM, Jeff Garzik wrote:
On 11/18/2009 07:23 PM, Bill Nottingham wrote:
Jeff Garzik (jgar...@pobox.com) said:
Sorry, but this default (desktop users can install pkgs without
root) is just stupid. It is antithetical to all standard security
models that have come before
On 11/18/2009 07:37 PM, Colin Walters wrote:
On Wed, Nov 18, 2009 at 7:36 PM, Jeff Garzikjgar...@pobox.com wrote:
And it ignores that remote exploits are now much easier, because remote
non-root exploit + package install == remote root exploit.
No, the uid needs to have logged in through a
On 11/18/2009 07:37 PM, Mike McGrath wrote:
I think that's too subjective though. I'd be more in favor of a simple,
broad view of what the user should be able to do without root. It's
possible install packages would be on that list, it's possible not.
That way packages could ask themselves
On 11/18/2009 07:52 PM, Eric Christensen wrote:
I guess the big thing, to me, is that this vulnerability wasn't
presented, documented, or talked about and it is the opposite policy to
what most (all?) SYSADMINS would expect. If you don't know to fix it
then you are pwned.
Bingo. That is the
On 11/18/2009 07:45 PM, Mike McGrath wrote:
Stick with the facts, be clear about what you're
trying to accomplish (changing it back in F13? Changing it back in F12?
Setting a policy so stuff like this doesn't happen again?)
1) We should recognize this new policy departs from decades of Unix
Another data point for this thread:
Running a 64-bit kernel with a 32-bit userland is a common practice on
non-x86 platforms, and non-Linux OS's. For a lot of tasks, you simply
do not need 64-bit pointers and a 64-bit process address space. Both
executable code and in-memory data
On 11/18/2009 09:56 PM, Roland McGrath wrote:
Another data point for this thread:
x86 is unlike other architectures because 64-bit also has twice as many
registers as 32-bit. So you get to trade off the benefits of register
allocation across more registers against the memory/cache footprint
On 11/18/2009 01:32 AM, Gregory Maxwell wrote:
I noticed that http://fedoraproject.org/get-fedora appears to be
strongly promoting i386 Fedora over x86_64. Is this intentional or an
oversight?
I agree, that was my first impression as well.
However, if you just want a single download now
On 11/16/2009 12:37 AM, Arthur G wrote:
Hi anyonewhocanhelp,
Just curious, is libc now an explicit dependency or should I buy a sense
of humour?
broken dependencies in the development tree:
On ppc:
xmlfy-1.5.0-1.fc12.ppc requires libc.so.6(GLIBC_2.4)
xmlfy-1.5.0-1.fc12.ppc
Project Hail[1] has three packages in F12, cld, chunkd and tabled, which
need updating.
I successfully built cld: make build placed it into
dist-f12-updates-candidate apparently. But koji wait-repo is timing
out after a two-hour wait, preventing me from building chunkd and tabled.
What
On 11/16/2009 09:42 PM, Orcan Ogetbil wrote:
On Mon, Nov 16, 2009 at 8:43 PM, Jeff Garzik wrote:
What do I need to do, to build updated chunkd and tabled packages on top of
the new cld?
You need to file a ticket to releng [1] and ask for buildroot
overrides as outlined in the guidelines
On 10/28/2009 06:24 AM, Kevin Kofler wrote:
Jud Craft wrote:
On Mon, Oct 26, 2009 at 12:31 PM, Kevin Kofler wrote:
But this is about C++.
I don't mean to misunderstand, but if I recall from your very first
post in this thread...
Actually, the ABI issue is only if you use the C code
On 10/26/2009 10:45 AM, Adam Jackson wrote:
On Mon, 2009-10-26 at 19:07 +0530, Rahul Sundaram wrote:
On 10/26/2009 07:03 PM, Adam Jackson wrote:
On Sun, 2009-10-25 at 21:05 +0530, Rahul Sundaram wrote:
Has anyone been looking into building Fedora with it to see how the
performance impact is?
On 10/14/2009 08:21 AM, Steve Dickson wrote:
On 10/13/2009 09:56 AM, Christopher Aillon wrote:
Not everyone had issues with the indexing so that seemed to slip past
testing. It was a change, but didn't seem to disrupt things, so we let
it slide.
Not to pile on, believe me I know painful
On 10/14/2009 10:31 AM, Jesse Keating wrote:
On Wed, 2009-10-14 at 09:27 -0500, Mike McGrath wrote:
The problem isn't GLODA and smart folders, it's that we have no process in
place to identify and deal with problems like this before it's too late.
Aside from updates-testing you mean, where
On 10/13/2009 09:56 AM, Christopher Aillon wrote:
Not everyone had issues with the indexing so that seemed to slip past
testing. It was a change, but didn't seem to disrupt things, so we let
it slide.
We are looking at reverting both in F11.
Global indexing introduces legal issues, disk
On 10/14/2009 11:35 AM, Michael Cronenworth wrote:
Jeff Garzik wrote:
Global indexing introduces legal issues, disk space requirements and CPU
requirements that extend beyond F11...
Maybe I'm a bit stupid, but what is the significance of how many files
your emails are stored in? Separating
On 10/14/2009 12:03 PM, Michael Cronenworth wrote:
I fully understand the separation of email accounts, but what I'm
getting at is the storage of your binary data on the hard disk. If you
keep any personal email on your hard disk, and the whole disk is
subpoenaed, your personal+RH email will be
On 10/13/2009 01:58 AM, Christopher Aillon wrote:
On 10/11/2009 09:46 AM, Rahul Sundaram wrote:
On 10/11/2009 10:03 PM, Michael Cronenworth wrote:
I do use TB (read my email headers). I fully understood that TB 3.0 was
in beta and could drastically change at any moment. I keep track of
their
On 10/11/2009 04:54 AM, Rahul Sundaram wrote:
It was ok to ship a beta release of thunderbird but updates shouldn't
cause such issues. If the fixes were necessary to push as updates then
it would have prudent to disable smart folders and indexing by
default and leave it enabled in Fedora 12.
Just upgraded my F11 workstation, which included an upgrade to
thunderbird-3.0-2.7.b4.fc11.x86_64
Without any prompting or warning, my email layout -- a key interface
into my open source development workflow -- was changed to use something
called smart folders.
Also annoying, though of
On 09/28/2009 12:21 PM, Josh Boyer wrote:
Hi All,
As of today, ppc and ppc64 are no longer primary architectures in koji starting
with the dist-f13 tag. This is in accordance with the FESCo approved demotion
of PowerPC starting with Fedora 13 development.
The dist-f12 and older tags continue
What is the policy regarding deletion of individual entries in the
middle of %changelog?
A developer added a %changelog entry to each of my cloud daemons'
packages, on the main fedora-cvs devel branch of each.
Then, a day or so later, after other %changelog entries had been added
by me...
On 08/24/2009 03:11 AM, Jim Meyering wrote:
Jim Meyering wrote:
Todd Zullinger wrote:
I tried to build a git update into dist-f12-openssl earlier and had it
die in %doc with an error from cp¹:
cp: preserving times for
On 08/16/2009 01:37 PM, Dennis Gilmore wrote:
While this is the completely wrong list to ask something like this on. fedora-
infrastructre list is the correct place. there is currently no plans to roll
My apologies. I have just subscribed to this list, and will re-send my
query there.
It
Is there any IPv6 plan for *.fedoraproject.org ?
One plan that projects (including wikimedia) have chosen is a staged
rollout,
1) enable IPv6 reachability and records for DNS servers
2) enable IPv6 for small-audience or developer-only services, such as
cvs/svn/git services
3) enable
Richard W.M. Jones wrote:
Now I agree that extending RPM to add metadata to mark the upstream
changelog file or URL would be an excellent idea. It's a one-off
change to specfiles and means that we don't need to write the same
thing in every update - a win all round.
Suggestions:
Lennart Poettering wrote:
Doing digital grabbing of is very reliable these days. The analog path
is just completely obsolete.
I guess it's an open question why HDA touts multi-analog and hw mixing
as modern features, then :)
Modern hardware isn't all PCM either...
Jeff
--
Lennart Poettering wrote:
On Thu, 30.07.09 19:06, Jeff Garzik (jgar...@pobox.com) wrote:
Lennart Poettering wrote:
Doing digital grabbing of is very reliable these days. The analog path
is just completely obsolete.
I guess it's an open question why HDA touts multi-analog and hw mixing
Lennart Poettering wrote:
On Thu, 30.07.09 19:37, Jeff Garzik (jgar...@pobox.com) wrote:
Lennart Poettering wrote:
On Thu, 30.07.09 19:06, Jeff Garzik (jgar...@pobox.com) wrote:
Lennart Poettering wrote:
Doing digital grabbing of is very reliable these days. The analog path
is just
Lennart Poettering wrote:
On Wed, 29.07.09 09:47, Jeff Garzik (jgar...@pobox.com) wrote:
mixing is certainly the smallest part of it. Plese don't forget that
mixing is not exactly the most complex operation on earth.
Please don't forget that hardware mixing... is more than just mixing
Adam Williamson wrote:
On Wed, 2009-07-29 at 08:51 -0500, Dr. Diesel wrote:
This is supported by the zillions of forum messages asking how to fix
or remove pulseaudio. Not to mention the billion post thread here on
devel.
In my experience, this is a more common pattern:
$POOR_NEWBIE: I
Jesse Keating wrote:
http://jkeating.fedorapeople.org/failed-f12-rebuilds.html
chunkd should be fixed as soon as wait-repo permits :)
Jeff
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
Adam Williamson wrote:
On Sun, 2009-07-26 at 13:50 +0200, Ralf Corsepius wrote:
The worst about it: Unless rel-eng finally releases updated Fedroa 11
isos, the shameful situation about F11 installs will not see much
improvements, because anaconda being FIXED UPSTREAM/RAWHIDE doesn't
help
Rahul Sundaram wrote:
On 07/28/2009 01:11 AM, David Cantrell wrote:
The problem here is when do you stop generating new media to fix bugs in
F-11's installer and start working on F-12? Never? A week after F-11 GA?
What determines if an installer bug gets a fix in F-11 vs. not?
It's a
Adam Williamson wrote:
What: F12Alpha Blocker bug meeting
(https://bugzilla.redhat.com/show_bug.cgi?id=f12alpha)
When: Friday, 2009-07-24 @ 15:00 UTC (11 AM EDT)
Where: #fedora-bugzappers
Yes, ladies and gentlemen, tomorrow marks the second blocker bug review
meeting for Fedora 12 Alpha.
Adam Williamson wrote:
On Thu, 2009-07-23 at 17:53 -0400, Jeff Garzik wrote:
Adam Williamson wrote:
What: F12Alpha Blocker bug meeting
(https://bugzilla.redhat.com/show_bug.cgi?id=f12alpha)
When: Friday, 2009-07-24 @ 15:00 UTC (11 AM EDT)
Where: #fedora-bugzappers
Yes, ladies and gentlemen
Jesse Keating wrote:
On Thu, 2009-07-23 at 18:12 -0400, Jeff Garzik wrote:
[tone note: not a sarcastic question...]
What are critical functions of the system?
I'd say access to one's filesystem is quite critical. :)
Either way things go... thanks!
Outside the less popular cases of nfs
Fighting against in-buildroot-or-not? dependencies ;-)
I have three packages,
cld depends: none
chunkd depends: cld
tabled depends: cld chunkd
1) I updated all three packages in cvs devel (rawhide), and tagged them.
2) 'make build' on cld
My little cloud computing project has three small server daemons, plus
client libs, ready for Fedora.
Thanks to Mike Bonnet, the first package of three, cld, is now in
rawhide (BZ# 511934).
The remaining two packages, chunkd (BZ# 511941) and tabled (BZ#
511944), are practically the same
Pete Zaitcev wrote:
On Thu, 16 Jul 2009 16:12:30 -0500, Dennis Gilmore den...@ausil.us wrote:
On Thursday 16 July 2009 03:58:37 pm Jeff Garzik wrote:
cld and chunkd built just fine in koji, but tabled does not: it
BuildRequires both cld and chunkd.
Its not possible you can only build
72 matches
Mail list logo