On Mon, 4 Mar 2024, Fabio Valentini wrote:
Since this update was stuck and obviously broken, with no response
from Paul in over a week (either here or on the bodhi update), I've
used my provenpackager rights to revert the commits in dist-git and
unpush the stuck update (it failed gating tests, s
On Wed, 7 Feb 2024, Ben Beasley wrote:
Subject: Re: google-re2 pacakge update and facebook vs google python bindings
I haven't heard back from any of the maintainers.
I've created a PR to upgrade re2-2022-06-01 to re2-2024-02-01 as the
first step towards getting python-google-re2 working.
ht
Hi,
At $dayjob we are running into issues with re2 and python bindings.
Fedora has a fairly old version of re2 with so.9 while upstream is at
so.11. Is there a reason for this? If it is just time, I'd like to
help bumping the package in rawhide.
Originally, facebook creating python bindings fo
Hi,
After talking to the debian maintainer of tcpcrypt, we both decided the
best thing is to remove tcpcrypt from the distributions.
- The protocol at the IETF seems have stalled for many years
- The main proponent and implementer sadly passed away years ago
- The website tcpcrypt.org has died
On Wed, 15 Feb 2023, Ben Cotton wrote:
For the curious, here are the stats from today's run:
### Found 2129 users in the packager group. ###
### Found 914 users with no activity in pagure/src.fp.org over the
last year. ###
### Found 845 users which also show no activity in Bodhi over the last y
On Thu, 9 Feb 2023, Dmitry Belyavskiy wrote:
I've just pushed updates of OpenSSL to the 3.0.8 version to f36/37.
I will also push to f38 and rawhide later today.
Why is f36/f37 the playground for f38/rawhide? Shouldn't this be done
in the reverse order?
In fact all the updates landed simulta
On Thu, 9 Feb 2023, Dmitry Belyavskiy wrote:
I've just pushed updates of OpenSSL to the 3.0.8 version to f36/37.
I will also push to f38 and rawhide later today.
Why is f36/f37 the playground for f38/rawhide? Shouldn't this be done
in the reverse order?
This is a security release, it fixes 8
On Mon, 12 Sep 2022, Miroslav Suchý wrote:
Do you want to make Fedora 37 better? Please spend 1 minute of your time and
try to run:
In case you hit dependency issues, please report it against the appropriate
package.
Seemed fine. I saw two issues related to python azure packages but since
On Fri, 2 Sep 2022, Neal H. Walfield wrote:
Note: Sequoia currently uses Nettle on Fedora, but there is ongoing
work to port it to Sequoia to OpenSSL:
I think this should be considered a blocker for changing gpg backends.
https://github.com/rpm-software-management/rpm/issues/2041#issuecomm
On Tue, 23 Aug 2022, Otto Liljalaakso wrote:
The relevant policy is Bundled software policy [1]. Unlike in the past, a
package does not need a FESCo exception to bundle dependencies. However, the
requirements of that policy are not being met here: The reason for bundling
should be recorded in
Hi,
I looked at fixing percona-xtrabackup and noticed it is staticly linking
to a bunch of libraries. These .a files are then removed in %install so
they are not shipped. It bundles a bunch of this stuff from its extra/ dir:
duktape googletest icu libcbor libedit libevent libfido2 libkmi
Looks like dnf makecache is uses a lot more memory, causing issues on
smaller systems/containers.
F34:
Metadata cache created.
1.51user 0.15system 0:12.01elapsed 13%CPU (0avgtext+0avgdata 162440maxresident)k
144inputs+56outputs (0major+46906minor)pagefaults 0swaps
F35:
Metadata cache created
On Fri, 8 Jul 2022, Kevin Kofler via devel wrote:
But upstream is now under a hostile corporation's control? Can we trust the
most privileged userspace program when it is effectively controlled by a
hostile corporation?
Yes we can, by reading and evaluating the code like we always do. If it
st
ny to become Fedora maintainers is Paul Wouters. I'm
grateful to him for this.Best Regards,
Roman
Welcome Roman! I'm happy to see more Aiven people join our Fedora efforts :)
Paul
___
devel mailing list -- devel@lists.fedoraproject.org
To unsu
On Mon, 12 Jul 2021, Simo Sorce wrote:
SQLite is a general-purpose tool. Not every use of SHA-1 is
cryptographically relevant. Most uses in the context of SQLite probably
aren't, so the removal just annoys users for no good reason.
Note that this is a Sqlite decision, from RHEL engineering w
On Mon, 28 Jun 2021, Ben Cotton wrote:
https://fedoraproject.org/wiki/Change/DisableSHA1InOpenDNSSec
== Detailed Description ==
OpenDNSSec changed the default behavior to not include SHA1 DS by
default, and added the -sha1 knob as an immediately-deprecated
compatibility knob in version 2.1.0
On Wed, 31 Mar 2021, Petr Menšík wrote:
strongswan and NetworkManager-strongswan packages were passed to me from
previous maintainer. I admit I have little experience with them and do
not run any service based on them. Because IPSsec is quite complex
technology, I am looking for help with its ma
On Wed, 24 Feb 2021, Colin Walters wrote:
It's trickier than that because local caching nameservers can provide real
benefits in various server scenarios, and also the IoT/edge case (as usual)
blurs the traditional datacenter/mobile boundary. (IoT can be servers with
WiFi)
We ended up enabl
On Tue, 23 Feb 2021, Lennart Poettering wrote:
And yeah, call me a hypocrite, but if I have the choice between having
no Internet at all or using some public DNS servers for DNS, and
leaking a tiny bit of information to those DNS server providers then I
am definitely preferring to have Internet,
On Mon, 22 Feb 2021, Petr Menšík wrote:
Wouldn't it be much simpler, if I could just dnf remove systemd-resolved
in case I don't want it?
In the past I also mentioned this. The overwhelming majority of installs
do not gain any benefit from te systemd-resolved service. Most servers,
containers
On Wed, 9 Dec 2020, Dridi Boukelmoune wrote:
So it looks like my initial intuition that there could be a mitigation
of sorts is starting to hold water. The problem now is that clients on
my system using getaddrinfo in a way that was legit until now are now
being DoS'd by systemd-resolved, waitin
On Wed, 18 Nov 2020, Alexander Bokovoy wrote:
Is there a way to use systemd resolved in a container?
I figured this out yesterday -- at least in Rawhide, dbus-daemon is now
replaced by dbus-broker which is not active by default.
So you need
systemctl enable --now dbus-broker
Without it even
On Mon, 2 Nov 2020, Jakub Jelen wrote:
Some months ago, I wrote a patch [2] for scp to use SFTP internally (with
possibility to change it back using -M scp) and ran it through some
successful testing. The general feedback from upstream was also quite
positive so I would like to hear also opini
On Thu, 8 Oct 2020, Michael Catanzaro wrote:
On Thu, Oct 8, 2020 at 1:28 pm, Paul Wouters wrote:
I agree for two reasons. One, the FESCO decision to postpone making
systemd-resolvd the default resolver. I would like to ensure this
change happens properly and securely for f34.
Well it
On Thu, 8 Oct 2020, Petr Menšík wrote:
I would like to request pausing any new systemd-resolved features
system-wide, until its current bugs and deficiencies are resolved
sufficiently.
I agree for two reasons. One, the FESCO decision to postpone making
systemd-resolvd the default resolver. I w
On Wed, 7 Oct 2020, Dominik 'Rathann' Mierzejewski wrote:
Today, I upgraded one of my machines to F33. Upon first F33 boot I
noticed that the dnssec-triggerd service failed to start. It turns out I
had very old dnssec-trigger keys and certificates ("only" 1536-bit RSA)
generated back in 2014 whi
On Fri, 2 Oct 2020, Michael Catanzaro wrote:
Hm, thanks for the explanation. I guess the DNS request would indeed be the
*first* way you lose, because you have to do DNS before you do anything else.
But you are going to lose immediately after anyway:
* Immediately after you connect to the net
On Thu, 1 Oct 2020, Michael Catanzaro wrote:
We are not going to patch out fallback to Cloudflare or Google because it is
a non-issue. Fallback only happens when you have zero other DNS servers
configured. When was the last time you connected to a network and there's no
DHCP, no nothing? The n
On Thu, 1 Oct 2020, Neal Gompa wrote:
Essentially, split-horizon DNS setups on Fedora systems become
possible with this change.
As reported by libreswan and openvpn developers already in the last
two days, these are already possible without systemd-resolved and
people have relied on that for y
On Wed, 30 Sep 2020, Neal Gompa wrote:
since it's only a
couple of binaries averaging 2MB with a few unit files.
My reply was aimed at Peter saying he'd like to not ship resolved, and
I'm saying that we should *not* do that, because it makes things even
harder and more complicated.
These tw
On Wed, 30 Sep 2020, Zbigniew Jędrzejewski-Szmek wrote:
the systemd package is getting a systemd-networkd subpackage split out
that will contain systemd-networkd, networkctl, and the associated data files.
This was requested by coreos maintainers: NetworkManager is used and skipping
systemd-netw
On Tue, 29 Sep 2020, Lennart Poettering wrote:
"Custom" is in the eye of the beholder. It appears to me you mean that
in a derogatory way.
I went out of my way to compare the systemd-resolved team to te DNS teams
consisting of dozens of full time senior people working 20+ years on
DNS with ann
On Tue, 29 Sep 2020, Petr Menšík wrote:
is there any generic protocol exchanging what (sub)domains should be
targetted to specific DNS server?
The search domains are usually the only signal available and used for
this. RFC 7296 (IKEv2) and split-DNS (RFC 8598) defines the sent domain
name list
On Tue, 29 Sep 2020, Lennart Poettering wrote:
Well, but how do you determine "local resources"?
This is not the proper question. The proper question is "what are you
trying to do". The .local domain discovery clearly is something meant
to be local.
I assume the real question is: How to conve
On Mon, 28 Sep 2020, Lennart Poettering wrote:
stuff that doesn't come from classic Internet DNS cannot
possibly be DNSSEC validated.
This statement is incorrect. Please read RFC 8598 and perhaps
read up on the handling of Special Use Domain Names and DNSSEC
validation. No one expects .local t
On Mon, 28 Sep 2020, Marius Schwarz wrote:
It's always a bad idea for a programm to do the dns itself, instead of
using the dns anyone on the host does. You get a inconsistent behaviour
at best, and a security nightmare at worse. DOx in a browser or any other
programm is wrong anyhow.
The soft
On Mon, 28 Sep 2020, Michael Catanzaro wrote:
Well, let's amend that to "first when it's smart to be first." We can't ever
*require* DNSSEC validation, because Windows and macOS are not going to do
so.
https://tools.ietf.org/id/draft-pauly-add-resolver-discovery-01.html
That draft has a Micr
On Mon, 28 Sep 2020, Michael Catanzaro wrote:
Anyway, if you don't like this heuristic, we could decide to always delete
/etc/resolv.conf.
You will break all software linked against libunbound that uses the
ub_ctx_resolvconf() function. Most users of libunbound will use this,
because firewalls
On Mon, 28 Sep 2020, Michael Catanzaro wrote:
I don't think it would be smart for employees to voluntarily opt-in to
sending all DNS to their employer anyway... there's little benefit to the
employee, and a lot of downside.
Again, it is not up to systemd to limit valid use cases.
Perhaps Lis
On Mon, 28 Sep 2020, Tom Hughes via devel wrote:
On 28/09/2020 15:57, Marius Schwarz wrote:
Am 28.09.20 um 13:47 schrieb Zbigniew Jędrzejewski-Szmek:
DNSSEC support in resolved can be enabled through resolved.conf.
Why isn't that the default, if this resolver can do it?
Because DNSSEC is
On Mon, 28 Sep 2020, Michael Catanzaro wrote:
If you're running mail servers or VPN servers, you can probably configure the
DNS to your liking, right? Either enable DNSSEC support in systemd-resolved,
or disable systemd-resolved. I'm not too concerned about this
You should be concerned ab
On Mon, 28 Sep 2020, Zbigniew Jędrzejewski-Szmek wrote:
This change is harmful to network security, impacts existing installations
depending on DNSSEC security, and leaks private queries for VPN/internal
domains to the open internet, and prefers faster non-dnssec answers
over dnssec validated an
Subject: Re: Fedora 33 System-Wide Change proposal: systemd-resolved
I was just hit by the first bug in systemd-resolved 4 days after I
upgraded to fedora33. I will file a bug report for that, but I wanted
to discuss something more fundamental.
systemd-resolved has a number of architectural f
Or just a new option to rpmbuild that skips %check ?
Sent from my iPhone
> On Jun 5, 2020, at 10:11, Tomas Orsava wrote:
>
> Hi,
> I think it would be useful to have a standard way of disabling the running of
> tests during RPM build (in the %check section of a spec file).
>
> I see a lot o
On Fri, 9 Aug 2019, Daniel P. Berrangé wrote:
We can't carry on postponing things indefinitely though - at some point we
have to say enough, and expect a maintainer to actually do some maintaining.
That is an argument to orphan, not an argument to remove the package.
Had gettext been orphaned,
This was a mistake on my end. I thought I was the owner of the package, but
I think I was only the owner of it back in el6. I assume systemd then
wasn't depending on it. I saw a PR the other day, assumed it was to me as
package owner, and saw no reason to not upgrade since it was long over due.
I d
On Thu, 14 Jun 2018, Tomas Mraz wrote:
On Wed, 2018-06-13 at 00:45 -0400, Paul Wouters wrote:
I don't think TLS 1.3 will see a wide deployment immediately. Sure,
the
famous top websites and top browsers will, but enterprises will not.
And
especially those with any kind of loggin/aud
On Wed, 6 Jun 2018, Nikos Mavrogiannopoulos wrote:
I think the debate here is whether fedora (and in general operating
systems) can afford to be stricter than the browsers. As an OS our
attack surface is much larger than the browser setup, and thus it makes
sense (to me), to be more careful.
Y
On Wed, 2 May 2018, Lennart Poettering wrote:
I presume you mean "~/.local" rather than "~/local"?
I don't. As my argument goes, hidden directories containing binaries
in your path are a bad idea. And it was a bad idea 15 years ago. Note
that my home directory seems to only contain ~/.local/sh
On Wed, 2 May 2018, Vít Ondruch wrote:
User explicitly installed SW into his home directory. Why (s)he needs to
override the $PATH in addition to make the SW work?
Can you account for all your ~/.??* entries in your home dir? I have
several of which I have no clue what it is or why it got ther
On Wed, 2 May 2018, Lennart Poettering wrote:
It's already there. And it is XDG complaint. The question here is about
order (what takes priority).
Can you point me to the XDG specification that requires it ? It was mentioned
by Lenart on the bug, but he later clarified his comment[1].
So th
On Tue, 24 Apr 2018, Sam Varshavchik wrote:
Is there a way to run a custom command after hotspot authentication?
You might be able to hook into dhclient.
That happens when you obtain an IP address. There is no notification
method that I know about that will signal me when the hotspot
authen
Hi,
Is there a way to run a custom command after hotspot authentication?
Fedora has/had some ways of detecting portals. dnssec-trigger,
NetworkManager and Gnome3. I think the current method is supposed
to be based on the latter. So I guess the problem that is used is
/usr/libexec/gnome-shell-po
st release of Getdns. See https://
> src.fedoraproject.org/rpms/getdns/blob/master/f/getdns.spec
>
> Maybe you could suggest the package maintainer to add a "Provides: stubby" so
> it can be found directly. CCing Paul Wouters in that regard.
That's a good idea
On Wed, 14 Dec 2016, Scott Schmit wrote:
IPsec requires AF_NETLINK (NETLINK_XFRM) to manage the security
associations & security policies. libreswan probably also needs to be
able to manage the routing for IPsec tunnels (NETLINK_ROUTE[6]).
The nature of libreswan is that it allows custom "upd
On Mon, 12 Dec 2016, Lennart Poettering wrote:
Note that I wonder if restricting address families really belongs in
systemd. Why isnt this a libcap-ng capability? That way my software
can support this without depending on systemd.
hu?
libcap-ng is a library to manage Linux process capabilitie
On Mon, 12 Dec 2016, Matthew Miller wrote:
Question 1: How can we take advantage of this feature in specific? We
could bulk file a bunch of bugs. Or, what about turning on some more
restrictive defaults (AF_INET AF_INET6 AF_UNIX) on some flag day in
Rawhide, and having services which have differ
On Mon, 5 Dec 2016, Michael Catanzaro wrote:
On Mon, 2016-12-05 at 09:05 -0500, Paul Wouters wrote:
That is incorrect in my experience. When I go to coffee shops, my
iphone
shows the portal page, but my laptop shows the TLS cert invalid
thing.
Oh wow. I didn't know that. Feels like ti
On Sun, 4 Dec 2016, Michael Catanzaro wrote:
On Sun, 2016-12-04 at 16:39 -0500, Paul Wouters wrote:
That is a different issue. And indeed I see it as well, and was quite
surprised at them checking the TLS validity of a captive portal page.
We have no plans to stop doing this, because that
On Sun, 4 Dec 2016, Kevin Fenzi wrote:
On Fri, 2 Dec 2016 21:42:07 -0600
Eric Sandeen wrote:
On 12/2/16 7:10 PM, Paul Wouters wrote:
Fedora runs a captive portal check page at:
http://fedoraproject.org/static/hotspot.txt
It used to return "OK\n".
Now it returns "OK"
On Sat, 3 Dec 2016, Langdon White wrote:
Wouldn't it make more sense to be checking for status 200? Checking for content
on the page seems
fragile in general.
Who says a stolen page wouldn't return status 200?
Also, and perhaps related, I filed a bug[1] about captive portals that seems to
Fedora runs a captive portal check page at:
http://fedoraproject.org/static/hotspot.txt
It used to return "OK\n".
Now it returns "OK" without the newline.
This caused at least the geome tool (from the geome package) to return
a false positive and abort, telling the user to first authenticate
On Tue, 13 Sep 2016, Ralf Corsepius wrote:
This is a truly awful experiance from POV of a Fedora user filing bugs :-(
We've set a silent trap for them with no warning of the fact that their
bug reports are going to be ignored until Fedora EOL procedure closes
them :-(
One lesson I have lea
On Fri, 9 Sep 2016, Adam Williamson wrote:
2. fingerprint identification:
The laptop has a fingerprint reader and it works fine. However
I prefer not to use it. The user set up specifies that fingerprint login
is disabled.
However whenever I am asked for a password the fingerp
> On Jun 15, 2016, at 12:51, Stephen Gallagher wrote:
> Traditionally, we've assumed a greater level of understanding for those who
> use
> CLI tools as opposed to GUI tools. It's expected that if someone is using DNF
> directly, it's because they know what they are doing (and what risks that
On Mon, 6 Jun 2016, bendem wrote:
Are you using an alias like ls="ls --quoting-style=shell"?
Not knowingly. Whatever I got, I got it from systems default.
And yes this is an f-24 install. using a gnome-term if it matters.
Paul
On 06/06/2016 05:53 PM, Paul Wouters wrote:
pau
paul@thinkpad:/tmp/test$ touch foo bar baz
paul@thinkpad:/tmp/test$ touch "touch and go"
paul@thinkpad:/tmp/test$ ls -l
total 0
-rw-rw-r--. 1 paul paul 0 Jun 6 11:48 bar
-rw-rw-r--. 1 paul paul 0 Jun 6 11:48 baz
-rw-rw-r--. 1 paul paul 0 Jun 6 11:48 foo
-rw-rw-r--. 1 paul paul 0 Jun 6 11:49 '
On Fri, 3 Jun 2016, Lennart Poettering wrote:
You are redefining the meaning of (a graphical) logout. It simply
means another user can use the mouse, keyboard and screen of this
device. It makes no statement on whether the machines resources are
shared or not.
Actually, with logind, current ke
> On Jun 1, 2016, at 09:48, Lennart Poettering wrote:
>
> Any scheme that relies on unprivileged programs "being nice" doesn't
> fix the inherent security problem: after logout a user should not be
> able consume further runtime resources on the system, regardless if he
> does that because of a b
On Thu, 2 Jun 2016, Lennart Poettering wrote:
Well. Let's say you are responsible for the Linux desktops of a large
security-senstive company (let's say bank, whatever), and the desktops
are installed as fixed workstations, which different employees using
them at different times. They log in, th
On Sun, 29 May 2016, Chris Murphy wrote:
On Fri, May 27, 2016 at 5:03 PM, Paul Wouters wrote:
If there is a systematic
problem of badly written code leaving orphaned code running when
a user logs out, then that broken code should be fixed instead of
adding another layer of process management
On Fri, 27 May 2016, Chris Murphy wrote:
It seems to me systemd should be able to know the difference between
a program that's zombie or unresponsive but isn't doing anything or is
unresponsive but is doing something; and if not then some way for
programs to say "hey wait just a minute, I need
On Mon, 9 May 2016, Jan Synacek wrote:
I got a few of these warnings in the last few weeks and I'd like those
to stop :)
Is there any interest in supporting SILC? It's an old encryption chat
protcol that I never used or never heard of someone using.
Do the pidgin maintainers want to take the p
On Tue, 3 May 2016, opensou...@till.name wrote:
libsilcorphan, cicku, nosnilmot 9 weeks ago
Depending on: libsilc (12), status change: 2016-02-26 (9 weeks ago)
pidgin (maintained by: jsynacek, itamarjp, jskarvad, mcrha, nosnilmot)
libpurpl
On Mon, 21 Dec 2015, Michael Cronenworth wrote:
On 12/21/2015 01:19 PM, Paul Wouters wrote:
Could we have a mod_rewrite rule for
bodhi.fedoraproject.org/updates/packagename ?
One already existed. Have you not tried it?
https://bodhi.fedoraproject.org/updates/libreswan
I had in the past
Hi,
I really miss the simple URL lookup to find links to the last few
package builds of a certain package. Eg for libreswan, I could use:
https://admin.fedoraproject.org/updates/libreswan/
Now I have to go search around and type in a package name, eg:
https://bodhi.fedoraproject.org/updates/?
On 12/14/2015 04:26 PM, Oron Peled wrote:
>>> 2. dbus:
>>>* The local DNS server would send specific DBUS signal (e.g:
>>> net.dnsseq.InsecureDNSReply).
>>>* A desktop process would listen on these signals and show proper
>>> desktop notification.
>>
>> But these solutions can quickly be
On 12/12/2015 09:11 PM, Oron Peled wrote:
> On Friday 11 December 2015 09:09:28 Paul Wouters wrote:
>> On 12/09/2015 06:02 PM, Oron Peled wrote:
>>> Why don't we plan this feature in two stages:
>>> * Fedora 24: turn it on by default, but *keep using re
On 12/09/2015 06:02 PM, Oron Peled wrote:
> Why don't we plan this feature in two stages:
> * Fedora 24: turn it on by default, but *keep using results* from bad DNS
> servers,
>just issue a user-visible warning, possibly with a link to a page with
> friendly
>explanation and suggestion
On 12/09/2015 01:04 PM, Debarshi Ray wrote:
> On Mon, Dec 07, 2015 at 10:48:55AM +0100, Tomas Hozza wrote:
>> On 04.12.2015 15:57, Lennart Poettering wrote:
>>> How do other popular desktop/consumer OSes deal with this? Windows, MacOS,
>>> iOS, Android, ChromeOS? Does any of them do client-side DN
On Mon, 7 Dec 2015, Florian Weimer wrote:
Clearly, fedora cannot be changed to hijack a real domain, so Fritzbox better
solve this quickly with an update, even if no one actually will update their
router :(
Well, AVM could just register fritz.box and leave it unsigned, which
solves the problem
(resending - looks like mty @redhat.com is not subscribed)
On 12/07/2015 04:48 AM, Tomas Hozza wrote:
So, here's a question: in germany "Fritzbox" wifi routers are very
popular. Their configuration page is reachable under the "fritz.box"
pseudo-domain from inside their wifi network, and all oth
On Mon, 7 Dec 2015, Lennart Poettering wrote:
In case this is blocked on the network, Unbound is configured to tunnel
the DNS queries to Fedora public infrastructure over TCP (80, 443) or
SSL (443), in which case this is similar to the first situation, when
Unbound forwards queries to the resolv
On Mon, 7 Dec 2015, Matthew Miller wrote:
I read your whole post. Those possibilities seem pretty limited, from
the point of view of serious regressions in Fedora usability. It isn't
that I "like" Fedora being less than technically correct (especially
around security-related features), but I don
On Mon, 7 Dec 2015, Lennart Poettering wrote:
Hmm? If I work for a company "Foo Corp" that defined .foocorp as its
private TLD, then I won't be able to access servers in that local
network until I added .foocorp to a local whitelist
Foo Corp should not have done that. If you had picked .hotel
On 12/07/2015 04:48 AM, Tomas Hozza wrote:
>> So, here's a question: in germany "Fritzbox" wifi routers are very
>> popular. Their configuration page is reachable under the "fritz.box"
>> pseudo-domain from inside their wifi network, and all other systems on
>> the network are also eachable below
On Tue, 1 Dec 2015, Randy Barlow wrote:
This sounds overall pretty neat to me! One detail came to my mind: how
would this interact with VPN DNS servers? In my experience with VPNs,
it's common for them to provide a DNS server that allows internal host
resolution to work. Would this local resolve
On Tue, 1 Dec 2015, Björn Persson wrote:
Tomas Hozza wrote:
- dnssec-trigger does not do the Captive Portal detection and handling and
we rather rely on NM for the detection and on Gnome Shell for the Portal login
Can I assume that users of non-Gnome desktops will also be able to log
in to
On Mon, 5 Oct 2015, Kevin Fenzi wrote:
On Mon, 5 Oct 2015 11:04:40 -0400
Paul Wouters wrote:
And openpgpkey-milter :)
And put in a TLSA record for their MX :)
I don't think it makes much sense for Fedora Infrastructure to get into
the business of being a SMTP server provider. Is
And openpgpkey-milter :)
And put in a TLSA record for their MX :)
Paul
Sent from my iPhone
> On Oct 5, 2015, at 10:58, Michel Alexandre Salim
> wrote:
>
> On a related note to that, it would be great if active Fedora contributors do
> get to use an SMTP server with SPF and DKIM set up.
>
On Fri, 25 Sep 2015, Matthew Miller wrote:
On Thu, Sep 24, 2015 at 10:10:40AM +0200, Vít Ondruch wrote:
Also, you might consider to ship the precompiled bytecode just
optionally, using recommends.
On contrary, if you insist on shipping the bytecode, why you don't drop
the .py files? I see a lo
On Mon, 21 Sep 2015, Owen Taylor wrote:
Experimenting with GNOME, the model presented to the user seems to be:
- Each application's volume control separate goes from 0-100% of the
maximum system volume.
- Adjusting each application is independent
- Modifying the system global volume slid
On Fri, 4 Sep 2015, Bojan Smojver wrote:
According to ISC, these two affect bind 9.10.2 as well (up to P3).
There a no new builds (i.e. P4) for F22 of this package that I can see.
Does anyone know why? Is there something Fedora specific that prevents
these problems in F22 packages?
I just bui
On Wed, 2 Sep 2015, Vít Ondruch wrote:
3) Packages are updated, but the bug is kept open
I would suggest probably to close the bugs for 1st category, the
packages from 2nd category should be orphaned and the packages from 3rd
category should not be monitored anymore. Any thoughts?
I would k
On Fri, 7 Aug 2015, Petr Šabata wrote:
This package's license tag was wrong all along; the license
tag will be corrected to `MIT'. Updates are on the way.
hm, I had 1.01 packages pending..
Also, the license says GPL+ or Artistic. The README says:
Permission to use, copy, modify, and dis
On Wed, 5 Aug 2015, Neal Gompa wrote:
I disagree that including the keys for EOL'd releases counts as
"encouraging" people to use old stuff. If someone has a reason to be
building RPMs for something way-old, I think it'd be nice for us to keep
those GPG keys available for them.
Agreed.
Paul
-
On Fri, 17 Jul 2015, Chuck Anderson wrote:
What doesn't work in your experience with the captive portal stuff?
Usually, the dnssec-triggerd captive portal detection pops up a
dialog, and when I click "log in" nothing happens. When I click
"skip" (sorry I might be forgetting the exact button
On Fri, 17 Jul 2015, Zbigniew Jędrzejewski-Szmek wrote:
[In light of https://bugzilla.redhat.com/show_bug.cgi?id=1241383]
'dnf install --installroot=... --releasever=XX dnf' can be used to bootstrap
a Fedora chroot. The only snag is that --nogpg is often recommended, because
fedora-repos only p
And dnssec-validator.cx for a Firefox/chrome plugin that you can see in action
against fedoraproject.org that already deploys this
Sent from my iPhone
> On Jul 3, 2015, at 10:43, Petr Spacek wrote:
>
>> On 2.7.2015 17:56, Michael Catanzaro wrote:
>>> On Thu, 2015-07-02 at 16:38 +0200, Reindl
On Wed, 1 Jul 2015, Michael Catanzaro wrote:
Date: Wed, 1 Jul 2015 19:26:55
From: Michael Catanzaro
To: devel@lists.fedoraproject.org
Subject: Re: dnssec-trigger + GNOME + NetworkManager integration
On Wed, 2015-07-01 at 18:40 -0400, Paul Wouters wrote:
That's the same as saying remov
1 - 100 of 453 matches
Mail list logo