from:"Mika"


Ok, thanks for the info :-)


_ Mika




On 05/07/2017 05:49 PM, Joanmarie Diggs wrote:

I am looking at the line of code which caused the crash and it is the
same line of code as in the bug I reported. So you might have been doing
something different, but it appears to be the same bug which needs to be
fixed in AT-SPI2.

--joanie

On 05/07/2017 09:14 AM, Mika Hanhijärvi wrote:


If it is the same bug then I have to say I did not close any application
when Orca crashed. I also did not do anythything particularly fast. I am
not 100% sure what I Was doing but If I remember correctly I just
switched between virtual Gnome desktops which did have some application
windows open.




On 05/07/2017 03:45 PM, Joanmarie Diggs wrote:

That is this AT-SPI2 bug:
https://bugzilla.gnome.org/show_bug.cgi?id=767074

--joanie

On 05/07/2017 08:00 AM, Mika Hanhijärvi wrote:

Package: gnome-orca
Version: 3.22.2-3
Severity: grave

Orca seems to sometime crash suddenly without any warning. This is
not good
because blind users like me have to rely on screen reader working
reliably.
This, or similar, problem also existed before the latest update to
Orca in
Debian Stretch, so I do not know if this has anything to do with the
latest
Orca update.

There are these lines in the /var/log/syslog

May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Fatal
Python error:
Segmentation fault
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Stack
(most recent
call first):
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/Accessibility.py", line 184
in 
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 256 in
_queuePrintln
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 329 in
_dequeue
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/registry.py", line 155 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 561 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 712 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 269 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 272 in 




-- System Information:
Debian Release: 9.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64
   (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-orca depends on:
ii  gir1.2-glib-2.01.50.0-1+b1
ii  gir1.2-gtk-3.0 3.22.11-1
ii  gir1.2-pango-1.0   1.40.5-1
ii  gir1.2-wnck-3.03.20.1-3
ii  gsettings-desktop-schemas  3.22.0-1
ii  python3-brlapi 5.4-7
ii  python3-cairo  1.10.0+dfsg-5+b1
ii  python3-gi 3.22.0-2
ii  python3-louis  3.0.0-3
ii  python3-pyatspi2.20.3+dfsg-1
ii  python3-speechd0.8.6-4
pn  python3:any
ii  speech-dispatcher  0.8.6-4

Versions of packages gnome-orca recommends:
ii  libgail-common  2.24.31-2
ii  xbrlapi 5.4-7

gnome-orca suggests no packages.

-- no debconf information

Bug#862008: crashes, segmentation fault

When I read the discussion in Gnome bug page I see that some people have 
regular Orca crashes which happen often e.g when they close some 
application. Luckily I have not noticed problem like that. Orca crashes 
do not happen often or regularly on my computer, just sometimes. I also 
have not had Orca crashes when I have closed applications. I think those 
crashes have happened mostly when I have switched between apps running 
on different Gnome virtual desktops. I run just one application on each 
virtual desktop.






On 05/07/2017 03:45 PM, Joanmarie Diggs wrote:

That is this AT-SPI2 bug: https://bugzilla.gnome.org/show_bug.cgi?id=767074

--joanie

On 05/07/2017 08:00 AM, Mika Hanhijärvi wrote:

Package: gnome-orca
Version: 3.22.2-3
Severity: grave

Orca seems to sometime crash suddenly without any warning. This is not good
because blind users like me have to rely on screen reader working reliably.
This, or similar, problem also existed before the latest update to Orca in
Debian Stretch, so I do not know if this has anything to do with the latest
Orca update.

There are these lines in the /var/log/syslog

May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Fatal Python error:
Segmentation fault
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Stack (most recent
call first):
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/Accessibility.py", line 184 in 
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 256 in
_queuePrintln
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 329 in _dequeue
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/registry.py", line 155 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 561 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 712 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 269 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 272 in 




-- System Information:
Debian Release: 9.0
   APT prefers testing
   APT policy: (500, 'testing')
Architecture: amd64
  (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-orca depends on:
ii  gir1.2-glib-2.01.50.0-1+b1
ii  gir1.2-gtk-3.0 3.22.11-1
ii  gir1.2-pango-1.0   1.40.5-1
ii  gir1.2-wnck-3.03.20.1-3
ii  gsettings-desktop-schemas  3.22.0-1
ii  python3-brlapi 5.4-7
ii  python3-cairo  1.10.0+dfsg-5+b1
ii  python3-gi 3.22.0-2
ii  python3-louis  3.0.0-3
ii  python3-pyatspi2.20.3+dfsg-1
ii  python3-speechd0.8.6-4
pn  python3:any
ii  speech-dispatcher  0.8.6-4

Versions of packages gnome-orca recommends:
ii  libgail-common  2.24.31-2
ii  xbrlapi 5.4-7

gnome-orca suggests no packages.

-- no debconf information

Bug#862008: crashes, segmentation fault




If it is the same bug then I have to say I did not close any application 
when Orca crashed. I also did not do anythything particularly fast. I am 
not 100% sure what I Was doing but If I remember correctly I just 
switched between virtual Gnome desktops which did have some application 
windows open.





On 05/07/2017 03:45 PM, Joanmarie Diggs wrote:

That is this AT-SPI2 bug: https://bugzilla.gnome.org/show_bug.cgi?id=767074

--joanie

On 05/07/2017 08:00 AM, Mika Hanhijärvi wrote:

Package: gnome-orca
Version: 3.22.2-3
Severity: grave

Orca seems to sometime crash suddenly without any warning. This is not good
because blind users like me have to rely on screen reader working reliably.
This, or similar, problem also existed before the latest update to Orca in
Debian Stretch, so I do not know if this has anything to do with the latest
Orca update.

There are these lines in the /var/log/syslog

May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Fatal Python error:
Segmentation fault
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Stack (most recent
call first):
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/Accessibility.py", line 184 in 
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 256 in
_queuePrintln
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 329 in _dequeue
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/registry.py", line 155 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 561 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 712 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 269 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 272 in 




-- System Information:
Debian Release: 9.0
   APT prefers testing
   APT policy: (500, 'testing')
Architecture: amd64
  (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-orca depends on:
ii  gir1.2-glib-2.01.50.0-1+b1
ii  gir1.2-gtk-3.0 3.22.11-1
ii  gir1.2-pango-1.0   1.40.5-1
ii  gir1.2-wnck-3.03.20.1-3
ii  gsettings-desktop-schemas  3.22.0-1
ii  python3-brlapi 5.4-7
ii  python3-cairo  1.10.0+dfsg-5+b1
ii  python3-gi 3.22.0-2
ii  python3-louis  3.0.0-3
ii  python3-pyatspi2.20.3+dfsg-1
ii  python3-speechd0.8.6-4
pn  python3:any
ii  speech-dispatcher  0.8.6-4

Versions of packages gnome-orca recommends:
ii  libgail-common  2.24.31-2
ii  xbrlapi 5.4-7

gnome-orca suggests no packages.

-- no debconf information

Bug#862008: crashes, segmentation fault

Package: gnome-orca
Version: 3.22.2-3
Severity: grave

Orca seems to sometime crash suddenly without any warning. This is not good
because blind users like me have to rely on screen reader working reliably.
This, or similar, problem also existed before the latest update to Orca in
Debian Stretch, so I do not know if this has anything to do with the latest
Orca update.

There are these lines in the /var/log/syslog

May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Fatal Python error:
Segmentation fault
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]: Stack (most recent
call first):
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/Accessibility.py", line 184 in 
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 256 in
_queuePrintln
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/event_manager.py", line 329 in _dequeue
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/pyatspi/registry.py", line 155 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 561 in start
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/lib/python3/dist-packages/orca/orca.py", line 712 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 269 in main
May  7 11:21:12 miksuhlaptop2 orca-autostart.desktop[3579]:   File
"/usr/bin/orca", line 272 in 




-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages gnome-orca depends on:
ii  gir1.2-glib-2.01.50.0-1+b1
ii  gir1.2-gtk-3.0 3.22.11-1
ii  gir1.2-pango-1.0   1.40.5-1
ii  gir1.2-wnck-3.03.20.1-3
ii  gsettings-desktop-schemas  3.22.0-1
ii  python3-brlapi 5.4-7
ii  python3-cairo  1.10.0+dfsg-5+b1
ii  python3-gi 3.22.0-2
ii  python3-louis  3.0.0-3
ii  python3-pyatspi2.20.3+dfsg-1
ii  python3-speechd0.8.6-4
pn  python3:any
ii  speech-dispatcher  0.8.6-4

Versions of packages gnome-orca recommends:
ii  libgail-common  2.24.31-2
ii  xbrlapi 5.4-7

gnome-orca suggests no packages.

-- no debconf information

Bug#859262: Re: freezes Orca screen reader

2017-04-29 Thread Mika Hanhijärvi


Hello




On 04/29/2017 09:42 PM, Paul Gevers wrote:

Hi Mika, Tim,

On 29-04-17 17:51, Joanmarie Diggs wrote:

And to prepare for fixes of the package in Debian (which is 3.22.2 and
will be extremely hard convince the release managers to update in this
stage due to the freeze), which fixes would we need to backport to fix
the issues identified so far?

commit ea02cc2d268348c22ffe8c23099f6b023d4c90a7
commit 382c5408afc7dd25f9b477a5e30c50ba917155c0
commit d51f87a7f000d099da98247dc7ca337b2b5483be
commit edbfafbd89409bfb1e4a4e3a9339c0b2de7435d6

I prepared and build¹ a Debian gnome-orca package with the above
mentioned upstream commits that should prevent Orca from freezing (or
appearing to do so). It would be great if you could install the deb²
(checksum below³) and report if it resolves your issues with Synaptic
(as my Orca installation isn't set-upped properly, I don't hear anything).

Paul

¹
http://debomatic-amd64.debian.net/distribution#testing/gnome-orca/3.22.2-3~debo1
²
http://debomatic-amd64.debian.net/debomatic/testing/pool/gnome-orca_3.22.2-3~debo1/gnome-orca_3.22.2-3~debo1_all.deb
³
paul@testavoira ~ $ sha256sum gnome-orca_3.22.2-3~debo1_all.deb
6d9c8bca6b211ac1570792dd66fde8a46cdf59a038b87a0d9bf16a43822e1887
gnome-orca_3.22.2-3~debo1_all.deb





Ok. I will try it now, thanks.

Bug#861387: fails to open applet menu

2017-04-29 Thread Mika Hanhijärvi





Hello
On 04/29/2017 06:35 PM, Scott Leggett wrote:

tags 861387 + moreinfo unreproducible
severity 861387 important
--

Hello Mika,

On 2017-04-28.13:17, Mika Hanhijärvi wrote:

Package: pasystray
Version: 0.6.0-1
Severity: grave

Hello

pasystray applet is visible in the Gnome's legacy icon tray but when I click
the  icon then applet menu does not open. This makes pasystray unusable,
atleast on Gnome, I do not know if the problem happens on other desktops too.


Thanks for the bug report.

I have tried to reproduce your issue by downloading the latest live-cd
of Strech with Gnome, and installing pasystray. As you can see in the
attached screenshot, the menu does work for me (both right-click and
left-click).

Could you provide any more information about your Gnome configuration
that is different from the default?

You could also try running `pasystray -d` in a terminal to print debug
information that may help figure out what's going on.

In the meantime, I have downgraded the severity of the bug as I cannot
reproduce it on a default Gnome desktop.





I can not see the screenshot because I am blind. If the pasystray menu 
opens then atleast it does not work with Orca screen reader. Note that I 
use the computer using keyboard whithout using mouse. Blind users like 
me can not use mouse. So  when I say that  i click the pasystray icon, I 
mean that I select the icon using left and right arrow keys from 
keyboard and then I click the icon using enter or space from keyboard.


When I click the pasystray icon Orca screen reader says something like 
"shshshsh" or something like that, but  the pasystray menu can not be 
accessed from keyboard. The menu may be accessible using mouse, but as I 
said I am blind and I can not use mouse.


I am using the Gnome desktop installed by Debian. This problem happens 
on both of my laptops running Debian Stretch. Both laptops have been 
upgraded from Jessie to Stretch  The only package that I have installed 
from outside of debian is Skype.


I have still the padevchooser installed, because pasystray does not 
work. I do not know if that could  cause problems. I would like to 
uninstall padevchooser because it is not in Debian anymore, but if If I 
uninstall it and pasystray does anot work then I have no Pulseaudio 
applet at all...


Here is how to reproduce this bug:

1) install Orca screen reader
2) activate Orca
3) go to Gnome desktop legacy icon tray by pressing  ctrl-alt-tab from 
keyboard
4) select the pasystray applet by using left and right arrow keys from 
keyboard

5( click the  pasystray by pressing enter or space from keyboard

Bug#861387: fails to open applet menu

2017-04-28 Thread Mika Hanhijärvi

Package: pasystray
Version: 0.6.0-1
Severity: grave

Hello

pasystray applet is visible in the Gnome's legacy icon tray but when I click
the  icon then applet menu does not open. This makes pasystray unusable,
atleast on Gnome, I do not know if the problem happens on other desktops too.



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages pasystray depends on:
ii  gnome-icon-theme 3.12.0-2
ii  libatk1.0-0  2.22.0-1
ii  libavahi-client3 0.6.32-2
ii  libavahi-common3 0.6.32-2
ii  libavahi-glib1   0.6.32-2
ii  libc62.24-10
ii  libcairo-gobject21.14.8-1
ii  libcairo21.14.8-1
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.50.3-2
ii  libgtk-3-0   3.22.11-1
ii  libnotify4   0.7.7-2
ii  libpango-1.0-0   1.40.4-1
ii  libpangocairo-1.0-0  1.40.4-1
ii  libpulse-mainloop-glib0  10.0-1
ii  libpulse010.0-1
ii  libx11-6 2:1.6.4-3

pasystray recommends no packages.

Versions of packages pasystray suggests:
ii  paman   0.9.4-1+b3
ii  paprefs 0.9.10-2+b1
ii  pavucontrol 3.0-3+b3
ii  pavumeter   0.9.3-4+b3
ii  pulseaudio-module-zeroconf  10.0-1

-- no debconf information

Bug#859926: speechd-up: fails to install

2017-04-09 Thread Mika Hanhijärvi


Hello


On 04/09/2017 10:10 PM, Samuel Thibault wrote:

Control: retitle -1 speechd-up: fails to install

Hello,

Mika Hanhijärvi, on dim. 09 avril 2017 13:42:36 +0300, wrote:

When I try to install speechd-up package I get this error:

E: speechd-up: subprocess installed post-installation script returned error
exit status 1

Do you happen to have the espeakup package installed too?  They can't
work at the same time.

Otherwise, could somebody from debian-accessibility check whether
speechd-up works with the current speech-dispatcher?

Samuel




No. I do not have espeakup installed.

I removed espeakup because I wanted to try if speechd-up would solve 
atleast part of the one problem I have (maybe offtopic here). For some 
reason if espeakup speaks something when computer is booting then screen 
reader does not speak on Gdm login screen and on desktop. But espeak 
speaks on console.  So I have to reboot sometimes severaltimes. If  
espeakup does not say anything when computer boots, then screen reader 
speaks on gdm, but not on console. If I then login to desktop then  Orca 
speaks on desktop, but  if I go back to gdm screen whitout logging out 
from desktop first then screen reader does not speak on gdm screen. 
espeakup also does not speak on console. If I logout from desktop then 
screen reader starts to speak on gdm screen again, but espeak still does 
not speak on console. So I can not switch between desktop, gdm login 
screen and console, I am blind so I need to use screen reader.


I have no idea to which package I would need to file the bug, because I 
do not know if the problem is in espeakup, pulseaudio, 
speech-dispatcher, Orca or espeak / espeak-ng   ...


So I wanted to try if speechd-up would solve atleast part of the problem.

- Mika

Bug#859949: has a dependency problem

2017-04-09 Thread Mika Hanhijärvi

Package: python3-espeak
Version: 0.5-1+b4
Severity: grave

Packages python-espeak and python3-espeak can not be installed because of the
dependency problem if espeak speech synthesizer is replaced with espeak-ng by
installing the package libespeak-ng-libespeak1 which replaces the package
libespeak1

This bug makes it impossible to install e.g package ibus-braille when espeak is
replaced with espeak-ng.



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python3-espeak depends on:
ii  libc6 2.24-9
ii  libespeak-ng-libespeak1 [libespeak1]  1.49.0+dfsg-8
ii  libgcc1   1:6.3.0-11
ii  libstdc++66.3.0-11
ii  python3   3.5.3-1

python3-espeak recommends no packages.

python3-espeak suggests no packages.

Bug#859926: fails to install

2017-04-09 Thread Mika Hanhijärvi

Package: speechd-up
Version: 0.5~20110719-6+b1
Severity: grave

When I try to install speechd-up package I get this error:

E: speechd-up: subprocess installed post-installation script returned error
exit status 1

Synaptic marks the package as installed. If I try to reinstall the package I
get this error:

E: Internal Error, No file name for speechd-up:amd64





-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages speechd-up depends on:
ii  libc6  2.24-9
ii  libdotconf01.3-0.2
ii  libspeechd20.8.6-4
ii  speech-dispatcher  0.8.6-4

speechd-up recommends no packages.

speechd-up suggests no packages.

-- no debconf information

Bug#859262: freezes Orca screen reader

2017-04-01 Thread Mika Hanhijärvi

Package: synaptic
Version: 0.84.2
Severity: grave

Synaptic often freezes the Orca screen reader so that Orca speaks nothing until
Synaptic is closed. The same happens on both of my laptops running Debian
Stretch.

I am blind so I have to use computer using Orca screen reader. It happens wery
often that when I e.g click the Reload button in Synaptic, or select Reload
from the Synaptic menu, then Orca screen reader stops speaking. Synapticdoes
not freeze the whole desktop, just Orca.  This problem seems to happen
randomly, sometimes it happens sometimes it does not. When Synaptic has
finished reloading the package database information Orca may start speaking
again, but often it does not. If it does not then I have to close the Synaptic
by pressing alt + F4 after which Orca starts to speak again.

It also happens sometimes that if I have reloaded repository package database
information and click Mark all updades after that then Orca stops speaking. On
my second laptop it currently happens almost every time that Orca stops
speaking when I click the Mark all updates or select it from the menu. Tkhat
also seems to happen randomly, sometimes it happens sometimes not.

I have not noticed any problems like that when I have used other applications,
this happns only when I am using Synaptic.

As I said I have two laptops running Debian Stretch and both have the same
problems. Both laptops have been upgraded from Jessie to Stretch. The first
laptop was almost clean Jessie installation before it was upgraded to Stretch,
it still has wery little apps installed.

I am using Gnome desktop. I am blind so it is difficult for me to try to figure
out what is wrong. I I have used both espeak and espeak-ng speech synthetisers
with Orca screen reader, the same problem exists notmatter which of those is in
use.



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages synaptic depends on:
ii  hicolor-icon-theme   0.15-1
ii  libapt-inst2.0   1.4~rc2
ii  libapt-pkg5.01.4~rc2
ii  libatk1.0-0  2.22.0-1
ii  libc62.24-9
ii  libcairo-gobject21.14.8-1
ii  libcairo21.14.8-1
ii  libept1.5.0  1.1+nmu3+b1
ii  libgcc1  1:6.3.0-11
ii  libgdk-pixbuf2.0-0   2.36.5-2
ii  libglib2.0-0 2.50.3-2
ii  libgnutls30  3.5.8-3
ii  libgtk-3-0   3.22.9-4
ii  libpango-1.0-0   1.40.4-1
ii  libpangocairo-1.0-0  1.40.4-1
ii  libpcre2-8-0 10.22-3
ii  libstdc++6   6.3.0-11
ii  libvte-2.91-00.46.1-1
ii  libx11-6 2:1.6.4-3
ii  libxapian30  1.4.3-1
ii  policykit-1  0.105-17
ii  zlib1g   1:1.2.8.dfsg-5

Versions of packages synaptic recommends:
ii  libgtk2-perl   2:1.2499-1
ii  rarian-compat  0.8.1-6+b1
ii  xdg-utils  1.1.1-1

Versions of packages synaptic suggests:
ii  apt-xapian-index 0.49
pn  deborphan
pn  dwww 
ii  menu 2.1.47+b1
ii  software-properties-gtk  0.96.20.2-1
ii  tasksel  3.39

-- no debconf information

Bug#858645: opening and saving remote documents fails

2017-03-24 Thread Mika Hanhijärvi

Package: libreoffice-writer
Version: 1:5.2.5-2
Severity: normal

If I try to save document to remote  Google Drive using Libreoffice then I get
the  General input / output error. The same happens if I try to open remote
document.

 when I added my Google Drive account it didn't gave any error. I entered my
email ID in username and my password in password in Google Drive. I don't have
2 factor authentication.

I am blind so it is difficult for me to try to figure out what is wrong.

I am using the current LibreOffice in Debian Stretch



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages libreoffice-writer depends on:
ii  dpkg   1.18.23
ii  libabw-0.1-1   0.1.1-4
ii  libc6  2.24-9
ii  libe-book-0.1-10.1.2-4
ii  libetonyek-0.1-1   0.1.6-5
ii  libgcc11:6.3.0-10
ii  libicu57   57.1-5
ii  libmwaw-0.3-3  0.3.9-1
ii  libodfgen-0.1-10.1.6-2
ii  libreoffice-base-core  1:5.2.5-2
ii  libreoffice-core   1:5.2.5-2
ii  librevenge-0.0-0   0.0.4-6
ii  libstdc++6 6.3.0-10
ii  libwpd-0.10-10 0.10.1-5
ii  libwpg-0.3-3   0.3.1-3
ii  libwps-0.4-4   0.4.5-1
ii  libxml22.9.4+dfsg1-2.2
ii  uno-libs3  5.2.5-2
ii  ure5.2.5-2
ii  zlib1g 1:1.2.8.dfsg-5

Versions of packages libreoffice-writer recommends:
ii  libreoffice-math  1:5.2.5-2

Versions of packages libreoffice-writer suggests:
ii  default-jre [java5-runtime]2:1.8-58
ii  fonts-crosextra-caladea20130214-1
ii  fonts-crosextra-carlito20130920-1
ii  libreoffice-base   1:5.2.5-2
pn  libreoffice-gcj
ii  libreoffice-java-common1:5.2.5-2
ii  openjdk-8-jre [java5-runtime]  8u121-b13-4

Versions of packages libreoffice-core depends on:
ii  fontconfig2.11.0-6.7+b1
ii  fonts-opensymbol  2:102.7+LibO5.2.5-2
ii  libboost-date-time1.62.0  1.62.0+dfsg-4
ii  libc6 2.24-9
ii  libcairo2 1.14.8-1
ii  libclucene-contribs1v52.3.3.4+dfsg-1
ii  libclucene-core1v52.3.3.4+dfsg-1
ii  libcmis-0.5-5v5   0.5.1+git20160603-3+b1
ii  libcups2  2.2.1-8
ii  libcurl3-gnutls   7.52.1-3
ii  libdbus-1-3   1.10.16-1
ii  libdbus-glib-1-2  0.108-2
ii  libdconf1 0.26.0-2+b1
ii  libeot0   0.01-4+b1
ii  libexpat1 2.2.0-2
ii  libexttextcat-2.0-0   3.4.4-2+b1
ii  libfontconfig12.11.0-6.7+b1
ii  libfreetype6  2.6.3-3+b2
ii  libgcc1   1:6.3.0-10
ii  libgl1-mesa-glx [libgl1]  13.0.5-1
ii  libglew2.02.0.0-3+b1
ii  libglib2.0-0  2.50.3-1
ii  libgltf-0.0-0v5   0.0.2-5
ii  libglu1-mesa [libglu1]9.0.0-2.1
ii  libgraphite2-31.3.9-4
ii  libharfbuzz-icu0  1.4.2-1
ii  libharfbuzz0b 1.4.2-1
ii  libhunspell-1.4-0 1.4.1-2+b2
ii  libhyphen02.8.8-5
ii  libice6   2:1.0.9-2
ii  libicu57  57.1-5
ii  libjpeg62-turbo   1:1.5.1-2
ii  liblangtag1   0.6.2-1
ii  liblcms2-22.8-4
ii  libldap-2.4-2 2.4.44+dfsg-3
ii  libmythes-1.2-0   2:1.2.4-3
ii  libneon27-gnutls  0.30.2-2
ii  libnspr4  2:4.12-6
ii  libnss3   2:3.26.2-1
ii  libodfgen-0.1-1   0.1.6-2
ii  libpcre3  2:8.39-2.1
ii  libpng16-16   1.6.28-1
ii  librdf0   1.0.17-1.1
ii  libreoffice-common1:5.2.5-2
ii  librevenge-0.0-0  0.0.4-6
ii  libsm62:1.2.2-1+b3
ii  libstdc++66.3.0-10
ii  libx11-6  2:1.6.4-3
ii  libxext6  2:1.3.3-1+b2
ii  libxinerama1  2:1.1.3-1+b3
ii  libxml2   2.9.4+dfsg1-2.2
ii  libxrandr22:1.5.1-1
ii  libxrender1   1:0.9.10-1
ii  libxslt1.11.1.29-2
ii  uno-libs3 5.2.5-2
ii  ure   5.2.5-2
ii  zlib1g1:1.2.8.dfsg-5

Versions of packages libreoffice-core recommends:
ii  libpaper-utils  1.1.24+nmu5

-- no debconf information

Bug#858634: listviews are not accessible with Orca screen reader

2017-03-24 Thread Mika Hanhijärvi

Package: banshee
Version: 2.6.2-6.1
Severity: important

Hi

Banshe's artist, album, genre and song listviews are not accessible with Orca
screen reader.

I am blind so I have to use computer using screen reader which speaks the
content on screen. If I go e.g to the artist list and try to select one of the
artists using keyboard up and down arrow keys then Orca screen reader speaks
nothing. Same hapeens if I try to select album, genre or song.

This bug makes Banshee unusable for the users who are visually impaired and
have to use computer using screen reader..



-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages banshee depends on:
ii  gnome-icon-theme  3.12.0-2
ii  gstreamer1.0-alsa [gstreamer1.0-audiosink]1.10.4-1
ii  gstreamer1.0-plugins-bad [gstreamer1.0-audiosink  1.10.4-1
ii  gstreamer1.0-plugins-base 1.10.4-1
ii  gstreamer1.0-plugins-good [gstreamer1.0-audiosin  1.10.4-1
ii  gstreamer1.0-pulseaudio [gstreamer1.0-audiosink]  1.10.4-1
ii  libc6 2.24-9
ii  libcairo2 1.14.8-1
ii  libdbus-glib-1-2  0.108-2
ii  libdbus-glib2.0-cil   0.6.0-1
ii  libdbus2.0-cil0.8.1-2
ii  libgconf2.0-cil   2.24.2-4
ii  libgdata2.1-cil   2.2.0.0-2
ii  libgdk-pixbuf2.0-02.36.5-2
ii  libgkeyfile1.0-cil0.1-5
ii  libglib2.0-0  2.50.3-1
ii  libglib2.0-cil2.12.40-1
ii  libgpod4  0.8.3-8
ii  libgstreamer-plugins-base1.0-01.10.4-1
ii  libgstreamer1.0-0 1.10.4-1
ii  libgtk-sharp-beans-cil2.14.1-4
ii  libgtk2.0-0   2.24.31-2
ii  libgtk2.0-cil 2.12.40-1
ii  libgudev1.0-cil   0.1-4
ii  libkarma0 0.1.2-2.5
ii  libmono-addins0.2-cil 1.0+git20130406.adcd75b-4
ii  libmono-cairo4.0-cil  4.6.2.7+dfsg-1
ii  libmono-corlib4.5-cil 4.6.2.7+dfsg-1
ii  libmono-posix4.0-cil  4.6.2.7+dfsg-1
ii  libmono-sharpzip4.84-cil  4.6.2.7+dfsg-1
ii  libmono-system-core4.0-cil4.6.2.7+dfsg-1
ii  libmono-system-xml4.0-cil 4.6.2.7+dfsg-1
ii  libmono-system4.0-cil 4.6.2.7+dfsg-1
ii  libmono-zeroconf1.0-cil   0.9.0-6
ii  libmtp9   1.1.12-1+b1
ii  libnotify0.4-cil  0.4.0~r3032-7
ii  libpango-1.0-01.40.4-1
ii  libpangocairo-1.0-0   1.40.4-1
ii  libsoup-gnome2.4-12.56.0-2
ii  libsoup2.4-1  2.56.0-2
ii  libsqlite3-0  3.16.2-3
ii  libtaglib2.1-cil  2.1.0.0-3
ii  libwebkitgtk-1.0-02.4.11-3
ii  libwnck22 2.30.7-5.1
ii  libx11-6  2:1.6.4-3
ii  libxrandr22:1.5.1-1
ii  libxxf86vm1   1:1.1.4-1+b2
ii  mono-runtime  4.6.2.7+dfsg-1

Versions of packages banshee recommends:
ii  avahi-daemon 0.6.32-2
ii  brasero  3.12.1-4
ii  gstreamer1.0-pulseaudio  1.10.4-1
ii  media-player-info22-3

Versions of packages banshee suggests:
pn  banshee-dbg
pn  gstreamer1.0-ffmpeg
ii  gstreamer1.0-plugins-bad   1.10.4-1
ii  gstreamer1.0-plugins-ugly  1.10.4-1

-- no debconf information

Bug#857501: does not work with Orca screen reader and espeak

2017-03-11 Thread Mika Hanhijärvi

Package: mbrola
Version: 3.01h+2-2
Severity: grave

Hi

If I go to Orca screen reader settings and select the "Espeak Mbrola generic"
as a speech synthetiser then Orca speaks nothing. That speech synthetiser did
still work couple of days ago when I used it the last time. Orca did speak
using those more natural sounding mbrola voices. I installed the latest update
to mbrola package yesterday and if I now select that "Espeak Mbrola generic"
then Orca speakks nothing.

I am blind so it is difficult for me to try to solve what is causing this. I
have not changed the Orca and speech-dispatcher settings so that is not causing
the problem.

I have also noticed that if I now start the Gespeaker application and select
one of the mbrola voices then  Gespeaker speaks in wery robotic voice which
does not sound at all like that same mbrolaa voice did sound earlier.

The same happens if I use espeak with mbrola voice from command line. Espeak
speaks in wery robotic voice which does not sound like mbrola voice used to
sound. I also get this error message:

$ espeak -v mb-en1 "hello world"

mbrowrap error: Unable to get .wav header from mbrola
mbrola voice not found

I get the same error if I use some other mbrola voice than mb-en1.

So, any idea what is causing the problem?




-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages mbrola depends on:
ii  dpkg-dev 1.18.23
pn  libc6:i386 | libc6-i386  

mbrola recommends no packages.

Versions of packages mbrola suggests:
pn  cicero 
ii  espeak 1.48.04+dfsg-5+b1
ii  mbrola-ee1 [mbrola-voice]  0.0.20020407-1
ii  mbrola-en1 [mbrola-voice]  19980910-2
ii  mbrola-es1 [mbrola-voice]  0.0.19980610-2
ii  mbrola-fr4 [mbrola-voice]  0.0.19990521-2
ii  mbrola-us1 [mbrola-voice]  0.3-2
ii  mbrola-us2 [mbrola-voice]  0.1-2
ii  mbrola-us3 [mbrola-voice]  0.1-1

-- no debconf information

Bug#838858: firmware-amd-graphics: missing SI/CI smc firmware files

2016-11-24 Thread Mika Pflüger

Hi,

I can confirm that James' patch fixes the issue for me as well, on
4.9.0-rc5. Without the patch, X can't start for me neither on 4.8 nor
on 4.9.0-rc5, but works fine on 4.7. I'm using a pitcairn graphic card.

Would be nice to get the files included soon, as it is effectively
making testing/stretch systems with radeon SI/CI cards unbootable right
now.

Cheers + thanks,

Mika


-- 



pgpOT3VX6ZX8w.pgp
Description: Digitale Signatur von OpenPGP

Bug#844618: ITP: bornagain -- Simulating and fitting X-ray and neutron small-angle scattering at grazing incidence

2016-11-18 Thread Mika Pflüger


Hi Frederic,

I was just accepted in the debian-science team on alioth, my login is 
mikapfl-guest.
Thanks for creating the git repository on alioth, I'll commit what I've 
done so far (mostly some metadata like watchfile and copyright) using 
git-buildpackage soon.
bornagain is a pretty complex program, with a C++ shared library, a qt 
GUI and bindings for python as well as python3. I'll first try to build 
one monolithic package with GUI, library and python bindings, and then 
see how to split it and build the python3 bindings as well.
Another problem might be the bundled libraries, the upstream tarball is 
bundling patched versions of gtest, some fitting routines from other 
packages like ROOT and some themes and widgets from qt.


Cheers

Mika

Am 2016-11-18 08:07, schrieb PICCA Frederic-Emmanuel:

Hello Mika,

VEry glade to hear that you decided to integrate bornagain into Debian.

I created a git repository for it under

ssh://git.debian.org/git/debian-science/packages/bornagain.git

do you have an alioth account, and are you already member of the
debian-science team ?


Cheers


Frederic

Bug#844618: ITP: bornagain -- Simulating and fitting X-ray and neutron small-angle scattering at grazing incidence

2016-11-17 Thread Mika Pflüger

Package: wnpp
Severity: wishlist
Owner: "Mika Pflüger" <deb...@mikapflueger.de>

User: debian-scie...@lists.debian.org
Usertags: field..physics

* Package name: bornagain
  Version : 1.7.0
  Upstream Author : Scientific Computing Group at MLZ Garching: Jan Burle,
Jonathan M. Fisher, Marina Ganeva, Gennady Pospelov, Walter Van Herck and
Joachim Wuttke
* URL : http://bornagainproject.org
* License : GPL3
  Programming Lang: C++, Python
  Description : Simulating and fitting X-ray and neutron small-angle
scattering at grazing incidence

BornAgain is a software package to simulate and fit small-angle scattering at
grazing incidence. It supports analysis of both X-ray (GISAXS) and neutron
(GISANS) data. Calculations are carried out in the framework of the distorted
wave Born approximation (DWBA). BornAgain provides a graphical user interface
for interactive use as well as a generic python and C++ framework for modeling
multilayer samples with smooth or rough interfaces and with various types of
embedded nanoparticles.
..
BornAgain supports:
..
Layers:
* Multilayers without any restrictions on the number of layers
* Interface roughness correlation
* Magnetic materials
..
Particles:
* Choice between different shapes of particles (form factors)
* Particles with inner structures
* Assemblies of particles
* Size distribution of the particles (polydispersity)
..
Positions of Particles:
* Decoupled implementations between vertical and planar positions
* Vertical distributions: particles at specific depth in layers or on top.
* Planar distributions:
  - fully disordered systems
  - short-range order distribution (paracrystals)
  - two- and one-dimensional lattices
..
Input Beam:
* Polarized or unpolarized neutrons
* X-ray
* Divergence of the input beam (wavelength, incident angles) following
different distributions
* Possible normalization of the input intensity
..
Detector:
* Off specular scattering
* Two-dimensional intensity matrix, function of the output angles
..
Use of BornAgain:
* Simulation of GISAXS and GISANS from the generated sample
* Fitting to reference data (experimental or numerical)
* Interactions via Python scripts or Graphical User Interface
..
If you use BornAgain in your work, please cite
C. Durniak, M. Ganeva, G. Pospelov, W. Van Herck, J. Wuttke (2015), BornAgain
— Software for simulating and fitting X-ray and neutron small-angle
scattering at grazing incidence, version ,
http://www.bornagainproject.org

I would like to maintain the package within the debian science team. It would
be great to also get other widely-used free small- and wide-angle scattering
systems into debian, so it would be great to work together with other
interested people to package BornAgain as well as other SAS/WAS software.

Cheers,

Mika

Bug#840634: flashplugin-nonfree: Failed to download fp.11.2.202.637.sha512.amd64.pgp.asc

2016-10-20 Thread Mika

Debian testing is also affected. I just installed a new system on my
friends laptop and got the same error.

Mika

Bug#767233: udisks2: Not mounting with user permissions (even vfat!)

2015-11-05 Thread Mika Rastas

Package: udisks2
Version: 2.1.6-2
Followup-For: Bug #767233

Dear Maintainer,

Just noticed this problem also.

I connected a USB stick to my computer to edit some video files. It automounted
fine but as root and readonly premissions for users.



-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages udisks2 depends on:
ii  dbus   1.10.2-1
ii  libacl12.2.52-2
ii  libatasmart4   0.19-3
ii  libc6  2.19-22
ii  libglib2.0-0   2.46.1-2
ii  libgudev-1.0-0 230-2
ii  libpam-systemd 227-2
ii  libpolkit-agent-1-00.112-2
ii  libpolkit-gobject-1-0  0.112-2
ii  libsystemd0227-2
ii  libudisks2-0   2.1.6-2
ii  parted 3.2-9
ii  udev   227-2

Versions of packages udisks2 recommends:
ii  dosfstools   3.0.28-2
ii  eject2.1.5+deb1+cvs20081104-13.1
ii  gdisk1.0.0-3+b1
ii  ntfs-3g  1:2015.3.14AR.1-1
ii  policykit-1  0.112-2

Versions of packages udisks2 suggests:
pn  btrfs-tools 
ii  cryptsetup-bin  2:1.6.6-5
pn  exfat-utils 
pn  mdadm   
pn  reiserfsprogs   
pn  xfsprogs

-- no debconf information

Bug#799736: python-milter: statically compiled on all architectures besides arm64, ppc64el -> needs at least binNMU

2015-09-21 Thread Mika Pflüger


Package: python-milter
Version: 1.0-1
Severity: normal

Hi,

python-milter compilation seems to have been broken at some time during the 
jessie cycle, and
since it hasn't been recompiled since then, it is still statically compiled 
against libmilter
on most architectures.
See:
$ ldd /usr/lib/python2.7/dist-packages/milter.so
linux-vdso.so.1 (0x7ffd87b9f000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 
(0x7efcf3d72000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x7efcf39c9000)
/lib64/ld-linux-x86-64.so.2 (0x7efcf41a9000)

(There should be also a libmilter.so.1.0.1 in there)

The problems are:
1. python-milter would not pick up security updates of libmilter.
2. python-milter actually _did not_ pick up the last changes in libmilter, 
including the
socket activation patch added to make systemd socket activation possible 
(that's how I found this).
So socket activation works if you write a C program using smfi_setconn(), but 
does not work using
a python program with milter.setconn().

However, the build problem seems to have been fixed somehow already, if I 
recompile in an up-to-date
sid, python-milter picks up the libmilter dependency just fine, so I guess 
python-milter
only needs a binNMU to fix the binary packages in sid (and then testing).

I don't know if this warrants a fix in stable, it is quite annoying, but is 
most likely not
a big problem (until there is a security hole in libmilter). If I recompile in 
an up-to-date
stable chroot, it also picks up the dependency, so also in stable a binNMU 
should fix it.

Cheers,

Mika


-- System Information:
Debian Release: stretch/sid
  APT prefers testing-proposed-updates
  APT policy: (650, 'testing-proposed-updates'), (650, 'testing'), (450, 
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.1.0-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages python-milter depends on:
ii  libc6   2.19-20
ii  python  2.7.9-1
ii  python-dns  2.3.6-3

python-milter recommends no packages.

Versions of packages python-milter suggests:
ii  postfix2.11.3-1
pn  python-milter-doc  

-- no debconf information


-- 



pgp3XBV9_yU1O.pgp
Description: Digitale Signatur von OpenPGP

Bug#778487: s3ql: Needs python-dugong = 3.4

2015-02-16 Thread Mika Pflüger

Hi Nikolaus,

Am Mon, 16 Feb 2015 09:42:57 -0800
schrieb Nikolaus Rath nikol...@rath.org:

  So please tighten the dependencies of s3ql 2.13 to require
  python3-dugong = 3.4
 
 At least according to
 https://packages.debian.org/source/unstable/s3ql, this is exactly
 what the dependency is.

That shows the dependencies of the s3ql source package (I guess that's
build dependencies, but I'm not sure about that). The dependencies of
the s3ql binary packages are found at
https://packages.debian.org/sid/s3ql
and as you can see, there is no version specified for python3-dugong. I
think the ${python3:Depends} does not  expand to versioned dependencies
by default. The dh_python3 man page says:
If the pydist file contains PEP386 flag or set of (uscan like) rules,
dh_python3 will make the depedency versioned (version requirements are
ignored by default).
So I guess dh_python3 needs a pydist file or a py3dist-overrides file.
Adding debian/s3ql.pydist with the contents
dugong python3-dugong; PEP386
did not do the trick for me, maybe I'm reading the manpage wrong.
However; I couldn't test building in a clean environment because
building s3ql failed for me (with and without the pydist file) in an
unstable pbuilder. I still think a proper pydist file should work.

Cheers,

Mika


-- 



pgpjah7f9TaT9.pgp
Description: Digitale Signatur von OpenPGP

Bug#778487: s3ql: Needs python-dugong = 3.4

2015-02-15 Thread Mika Pflüger

Package: s3ql
Version: 2.13+dfsg-1
Severity: normal

Dear Maintainer,

s3ql version 2.13+dfsg-1 installs without problem on a jessie system, which has 
python3-dugong 3.3+dfsg-3, but it actually requires python3-dugong = 3.4, as 
this traceback shows:

Traceback (most recent call last):
File /usr/lib/python3/dist-packages/pkg_resources.py, line 449, in 
_build_master
ws.require(__requires__)
File /usr/lib/python3/dist-packages/pkg_resources.py, line 745, in require
needed = self.resolve(parse_requirements(requirements))
File /usr/lib/python3/dist-packages/pkg_resources.py, line 644, in resolve
raise VersionConflict(dist, req)
pkg_resources.VersionConflict: (dugong 3.3 (/usr/lib/python3/dist-packages), 
Requirement.parse('dugong=3.4'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File /usr/bin/fsck.s3ql, line 5, in module
from pkg_resources import load_entry_point
File /usr/lib/python3/dist-packages/pkg_resources.py, line 2876, in module
working_set = WorkingSet._build_master()
File /usr/lib/python3/dist-packages/pkg_resources.py, line 451, in 
_build_master
return cls._build_from_requirements(__requires__)
File /usr/lib/python3/dist-packages/pkg_resources.py, line 464, in 
_build_from_requirements
dists = ws.resolve(reqs, Environment())
File /usr/lib/python3/dist-packages/pkg_resources.py, line 639, in resolve
raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: dugong=3.4

So please tighten the dependencies of s3ql 2.13 to require python3-dugong = 3.4

Cheers,

Mika
  

-- System Information:
Debian Release: 8.0
  APT prefers testing-proposed-updates
  APT policy: (650, 'testing-proposed-updates'), (650, 'testing'), (450, 
'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages s3ql depends on:
ii  fuse   2.9.3-15+b1
ii  libc6  2.19-13
ii  libjs-sphinxdoc1.2.3+dfsg-1
ii  libsqlite3-0   3.8.7.1-1
ii  psmisc 22.21-2
ii  python33.4.2-2
ii  python3-apsw   3.8.6-r1-1
ii  python3-crypto 2.6.1-5+b2
ii  python3-defusedxml 0.4.1-2
ii  python3-dugong 3.3+dfsg-3
ii  python3-llfuse 0.40-2+b2
ii  python3-pkg-resources  5.5.1-1
ii  python3-requests   2.4.3-4

s3ql recommends no packages.

s3ql suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#777176: Fixed version uploaded to unstable, please unblock

2015-02-08 Thread Mika Pflüger

Hi,

the fixed version was uploaded to unstable by kobold (the maintainer),
and needs an unblock to migrate. The final debdiff between testing and
unstable is attached. Please unblock if all looks good to you:

unblock phpldapadmin/1.2.2-5.2

Cheers + thanks,

Mika
diff -Nru phpldapadmin-1.2.2/debian/changelog phpldapadmin-1.2.2/debian/changelog
--- phpldapadmin-1.2.2/debian/changelog	2014-05-02 04:30:44.0 +0200
+++ phpldapadmin-1.2.2/debian/changelog	2015-02-07 23:09:25.0 +0100
@@ -1,3 +1,11 @@
+phpldapadmin (1.2.2-5.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Update the php 5.5 compatibility patch for the password_hash_custom
+setting (Closes: #761637).
+
+ -- Mika PflÃ¼ger deb...@mikapflueger.de  Thu, 05 Feb 2015 00:41:07 +0100
+
 phpldapadmin (1.2.2-5.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru phpldapadmin-1.2.2/debian/NEWS phpldapadmin-1.2.2/debian/NEWS
--- phpldapadmin-1.2.2/debian/NEWS	1970-01-01 01:00:00.0 +0100
+++ phpldapadmin-1.2.2/debian/NEWS	2015-02-07 23:17:10.0 +0100
@@ -0,0 +1,9 @@
+phpldapadmin (1.2.2-5.2) unstable; urgency=medium
+
+  The setting option 'password_hash' has been renamed to 'password_hash_custom'.
+  Please fix your /etc/phpldapadmin/config.php and replace all references to
+  $servers-setValue('appearance','password_hash',
+  with
+  $servers-setValue('appearance','password_hash_custom',
+
+ -- Mika PflÃ¼ger deb...@mikapflueger.de  Sat, 07 Feb 2015 23:09:07 +0100
diff -Nru phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch
--- phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch	2014-05-02 04:28:13.0 +0200
+++ phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch	2015-02-05 01:13:38.0 +0100
@@ -20,9 +20,9 @@
 
 Index: phpldapadmin-1.2.2/lib/PageRender.php
 ===
 phpldapadmin-1.2.2.orig/lib/PageRender.php	2014-05-01 21:01:57.218441026 -0400
-+++ phpldapadmin-1.2.2/lib/PageRender.php	2014-05-01 21:01:57.210441026 -0400
-@@ -286,7 +286,7 @@
+--- phpldapadmin-1.2.2.orig/lib/PageRender.php
 phpldapadmin-1.2.2/lib/PageRender.php
+@@ -286,7 +286,7 @@ class PageRender extends Visitor {
  		break;
  
  	default:
@@ -31,7 +31,7 @@
  }
  
  $vals = array_unique($vals);
-@@ -956,7 +956,7 @@
+@@ -956,7 +956,7 @@ class PageRender extends Visitor {
  		if (trim($val))
  			$enc_type = get_enc_type($val);
  		else
@@ -40,7 +40,7 @@
  
  		$obfuscate_password = obfuscate_password_display($enc_type);
  
-@@ -981,7 +981,7 @@
+@@ -981,7 +981,7 @@ class PageRender extends Visitor {
  		if (trim($val))
  			$enc_type = get_enc_type($val);
  		else
@@ -51,9 +51,9 @@
  
 Index: phpldapadmin-1.2.2/lib/ds_ldap.php
 ===
 phpldapadmin-1.2.2.orig/lib/ds_ldap.php	2014-05-01 21:01:57.218441026 -0400
-+++ phpldapadmin-1.2.2/lib/ds_ldap.php	2014-05-01 21:01:57.210441026 -0400
-@@ -1116,13 +1116,24 @@
+--- phpldapadmin-1.2.2.orig/lib/ds_ldap.php
 phpldapadmin-1.2.2/lib/ds_ldap.php
+@@ -1116,13 +1116,24 @@ class ldap extends DS {
  
  		if (is_array($dn)) {
  			$a = array();
@@ -83,9 +83,9 @@
  	public function getRootDSE($method=null) {
 Index: phpldapadmin-1.2.2/lib/ds_ldap_pla.php
 ===
 phpldapadmin-1.2.2.orig/lib/ds_ldap_pla.php	2014-05-01 21:01:57.218441026 -0400
-+++ phpldapadmin-1.2.2/lib/ds_ldap_pla.php	2014-05-01 21:01:57.210441026 -0400
-@@ -16,7 +16,7 @@
+--- phpldapadmin-1.2.2.orig/lib/ds_ldap_pla.php
 phpldapadmin-1.2.2/lib/ds_ldap_pla.php
+@@ -16,7 +16,7 @@ class ldap_pla extends ldap {
  	function __construct($index) {
  		parent::__construct($index);
  
@@ -96,9 +96,9 @@
  
 Index: phpldapadmin-1.2.2/lib/functions.php
 ===
 phpldapadmin-1.2.2.orig/lib/functions.php	2014-05-01 20:59:08.770437445 -0400
-+++ phpldapadmin-1.2.2/lib/functions.php	2014-05-01 21:04:29.302444259 -0400
-@@ -2126,7 +2126,7 @@
+--- phpldapadmin-1.2.2.orig/lib/functions.php
 phpldapadmin-1.2.2/lib/functions.php
+@@ -2126,7 +2126,7 @@ function password_types() {
   *crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, or clear.
   * @return string The hashed password.
   */
@@ -107,7 +107,7 @@
  	if (DEBUG_ENABLED  (($fargs=func_get_args())||$fargs='NOARGS'))
  		debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
  
-@@ -2307,7 +2307,7 @@
+@@ -2307,7 +2307,7 @@ function password_check($cryptedpassword
  
  		# SHA crypted passwords
  		case 'sha':
@@ -116,7 +116,7 @@
  return true;
  			else
  return false;
-@@ -2316,7 +2316,7 @@
+@@ -2316,7 +2316,7 @@ function password_check($cryptedpassword
  
  		# MD5 crypted passwords
  		case 'md5':
@@ -125,7 +125,7 @@
  return true;
  			else
  return false;
-@@ -2544,13 +2544,24

Bug#761637: Fixed package

2015-02-07 Thread Mika Pflüger

Hi,

I have uploaded a package containing a fix for #761637 to
mentors.debian.net:
https://mentors.debian.net/package/phpldapadmin
I have asked for pre-approval of the release team to include the fixed
package into testing, Niels Thykier agreed that #761637 looks grave
enough to justify including a fix into Jessie, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777176

As I do not have upload privileges in debian, I can't upload the fixed
package myself. Could you check the fixed package and upload to
unstable? I'll then file the unblock request with the release team.
If you are unable to upload the package atm, I'll start searching for a
sponsor from monday on.

Cheers,

Mika

-- 



pgp0EkehLyetj.pgp
Description: Digitale Signatur von OpenPGP

Bug#777176: pre-approval: unblock: phpldapadmin/1.2.2-5.2

2015-02-05 Thread Mika Pflüger

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi,

phpldapadmin has bug #761637, which I think is RC for phpldapadmin. The short 
version is: phpldapadmin is a frontend to manage ldap directories. As a 
regression from stable, the version in testing crashes if an entry in the 
managed ldap directory contains a password field. As it is /very/ common to 
have password fields in ldap entries, this renders the package unusable for a 
large portion of the user base.
Fortunately, the fix for this is small, as the issue is already partly fixed by 
version 1.2.2-5.1 which is already in testing. It was missing:
* A single line change in the code.
* An update of the config file
* A NEWS entry to explain users how to update their config.
I have prepared a package containing the fix, which can provisionally be found 
at https://mentors.debian.net/package/phpldapadmin . The meat of the debdiff is:

diff -Nru phpldapadmin-1.2.2/debian/changelog 
phpldapadmin-1.2.2/debian/changelog
--- phpldapadmin-1.2.2/debian/changelog 2014-05-02 04:30:44.0 +0200
+++ phpldapadmin-1.2.2/debian/changelog 2015-02-05 01:02:16.0 +0100
@@ -1,3 +1,11 @@
+phpldapadmin (1.2.2-5.2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Update the php 5.5 compatibility patch for the password_hash_custom
+setting (Closes: #761637).
+
+ -- Mika Pflüger deb...@mikapflueger.de  Thu, 05 Feb 2015 00:41:07 +0100
+
 phpldapadmin (1.2.2-5.1) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch 
phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch
--- phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch  2014-05-02 
04:28:13.0 +0200
+++ phpldapadmin-1.2.2/debian/patches/php-5.5-compat.patch  2015-02-05 
01:13:38.0 +0100
+Index: phpldapadmin-1.2.2/config/config.php.example
+===
+--- phpldapadmin-1.2.2.orig/config/config.php.example
 phpldapadmin-1.2.2/config/config.php.example
+@@ -379,7 +379,7 @@ $servers-setValue('server','name','My L
+ 
+ /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
+blowfish, crypt or leave blank for now default algorithm. */
+-// $servers-setValue('appearance','password_hash','md5');
++// $servers-setValue('appearance','password_hash_custom','md5');
+ 
+ /* If you specified 'cookie' or 'session' as the auth_type above, you can
+optionally specify here an attribute to use when logging in. If you enter
+@@ -546,7 +546,7 @@ $servers-setValue('sasl','authz_id_rege
+ $servers-setValue('sasl','authz_id_replacement','$1');
+ $servers-setValue('sasl','props',null);
+ 
+-$servers-setValue('appearance','password_hash','md5');
++$servers-setValue('appearance','password_hash_custom','md5');
+ $servers-setValue('login','attr','dn');
+ $servers-setValue('login','fallback_dn',false);
+ $servers-setValue('login','class',null);
+Index: phpldapadmin-1.2.2/lib/TemplateRender.php
+===
+--- phpldapadmin-1.2.2.orig/lib/TemplateRender.php
 phpldapadmin-1.2.2/lib/TemplateRender.php
+@@ -2466,7 +2466,7 @@ function deleteAttribute(attrName,friend
+   if ($val = $attribute-getValue($i))
+   $default = get_enc_type($val);
+   else
+-  $default = 
$this-getServer()-getValue('appearance','password_hash');
++  $default = 
$this-getServer()-getValue('appearance','password_hash_custom');
+ 
+   if (! $attribute-getPostValue())
+   printf('input type=hidden name=post_value[%s][] 
value=%s /',$attribute-getName(),$i);

(the version currently at mentors has a slightly larger debdiff due to quilt 
refresh'ing of the php-5.5-compat.patch, but with no further real changes).

If you pre-approve the unblock request, I will write a NEWS entry, seek a 
sponsor and come back to you. I am using a fixed version at a reasonably busy 
site for two weeks now.

One thing to note is that the version currently in testing deviates from the 
upstream solution, possibly because it predates it. The setting which collides 
with a php-internal function name ('password_hash' in debian stable) was 
[incompletely, hence this bug] changed to 'password_hash_custom' in debian, but 
to 'pla_password_hash' in the 1.2.3 upstream version. That is clearly a 
suboptimal situation, as this will confuse users and will come back to bite us 
later. However, I guess changing 'password_hash_custom' to 'pla_password_hash' 
is a bit intrusive at this stage of the release cycle. If you disagree, I can 
also prepare a patch which aligns with upstream's choice of bike shed colour.

Cheers,

Mika

unblock phpldapadmin/1.2.2-5.2

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (650, 'testing'), (450, 'unstable

Bug#763701: config: Check for doveconf does not work

2014-10-01 Thread Mika Pflüger

Package: dovecot-core
Version: 1:2.2.13-5
Severity: normal

Hi,

in dovecot-core.config you use:
if [ ! -z `which doveconf  /dev/null 21` ]; then
which will never be true. As you redirect stderr _and_ stdout of 'which',
the string will always be zero, so the '-z' will always be true and the '!'
will always be false. To fix that, and make stuff more readable, just use:
if which doveconf  /dev/null 21; then
instead. 'which' already returns false if the program does not exist.

If you want to, I can prepare a pull request or even a package, just drop
me a line. I also read you consider redesigning the whole certificate
generation code. If you could articulate your goal of what should happen,
I could try to implement that cleanly.

Cheers,

Mika

-- Package-specific info:

dovecot configuration
-
# 2.2.13: /etc/dovecot/dovecot.conf
# OS: Linux 3.14-2-amd64 x86_64 Debian jessie/sid 
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_location = maildir:~/.Maildir
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox Sent Messages {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix = 
}
passdb {
  driver = pam
}
plugin {
  sieve = ~/.dovecot.sieve
  sieve_dir = ~/sieve
}
protocols =  imap
ssl = no
userdb {
  driver = passwd
}

-- System Information:
Debian Release: jessie/sid
  APT prefers testing
  APT policy: (650, 'testing'), (450, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.14-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages dovecot-core depends on:
ii  adduser3.113+nmu3
ii  debconf [debconf-2.0]  1.5.53
ii  libbz2-1.0 1.0.6-7
ii  libc6  2.19-11
ii  liblzma5   5.1.1alpha+20120614-2
ii  libpam-runtime 1.1.8-3.1
ii  libpam0g   1.1.8-3.1
ii  libssl1.0.01.0.1i-2
ii  libwrap0   7.6.q-25
ii  openssl1.0.1i-2
ii  ucf3.0030
ii  zlib1g 1:1.2.8.dfsg-2

dovecot-core recommends no packages.

Versions of packages dovecot-core suggests:
ii  dovecot-gssapi1:2.2.13-5
ii  dovecot-imapd 1:2.2.13-5
ii  dovecot-ldap  1:2.2.13-5
pn  dovecot-lmtpd none
pn  dovecot-lucenenone
pn  dovecot-managesieved  none
ii  dovecot-mysql 1:2.2.13-5
ii  dovecot-pgsql 1:2.2.13-5
pn  dovecot-pop3d none
ii  dovecot-sieve 1:2.2.13-5
pn  dovecot-solr  none
ii  dovecot-sqlite1:2.2.13-5
ii  ntp   1:4.2.6.p5+dfsg-3

Versions of packages dovecot-core is related to:
ii  dovecot-core [dovecot-common]  1:2.2.13-5
pn  dovecot-dbgnone
pn  dovecot-devnone
ii  dovecot-gssapi 1:2.2.13-5
ii  dovecot-imapd  1:2.2.13-5
ii  dovecot-ldap   1:2.2.13-5
pn  dovecot-lmtpd  none
pn  dovecot-managesieved   none
ii  dovecot-mysql  1:2.2.13-5
ii  dovecot-pgsql  1:2.2.13-5
pn  dovecot-pop3d  none
ii  dovecot-sieve  1:2.2.13-5
ii  dovecot-sqlite 1:2.2.13-5

-- debconf information:
* dovecot-core/create-ssl-cert: false
  dovecot-core/ssl-cert-name: localhost
* dovecot-core/ssl-cert-exists:


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#702030: [DSE-Dev] forbid most packages to depend on or recommend apparmor

2014-08-29 Thread Mika Pflüger

Hi,

I certainly can't speak for the whole team, but can offer my thoughts
about the situation of SELinux at the moment.

intrigeri intrig...@debian.org wrote:
  AFAIK this is inconsistent with how selinux is handled, which is
  only enabled via an explicit boot option.
 
  I was not aware of that, thanks for pointing it out.
 
  @SELinux maintainers: is this behavior on purpose, or is it due to
  the historical lack of a facility (recently added by the
  /etc/default/grub.d support) to easily have a package append
  arguments to the kernel command-line?

I think both. Installing the default SELinux policy and enabling it
routinely breaks all kinds of stuff (avahi-things, booting with
systemd, obtaining IP addresses via dhcp, hotplugging of network
interfaces etc. just to name some things that popped up in testing or
stable during the last year), especially things not usually tested on
servers run by the more security-aware part of the linux admin
population. So for the regular user (unfortunately), enabling selinux
simply by installing the policy package would certainly feel a lot like
a grave bug (breaks unrelated software).
 
  Shouldn't we handle our LSMs symmetrically?
 
  Indeed, I think we should. I see several ways of keeping things
  consistent while reaching the aforementioned AppArmor usability
  goal:
 
  a) Having the SELinux equivalent of the apparmor package enable it
  by default too (and then, we'll need conflicts); I've no idea if
  this is feasible; one would need to look at the SELinux packages and
 their chain of reverse-dependencies.

However, I think this could be pretty reasonable, given
1) it would be e.g. a selinux binary package doing this, not the
library or selinux-basics/utils package. This binary package does not
exist at the moment, but could be created.
2) it would ask via debconf before enabling.
 
  b) Implementing the behavior proposed by Patrick via a dedicated
 apparmor-$something configuration package. ftp-masters likely
  won't be happy with it (understandably), unless we demonstrate it's
  the best available solution to reach a sensible goal. The SELinux
  team is then free to create a corresponding package.

This is basically a) for selinux, as there is no standard selinux
package.
 
  c) A new package whose job is to select and enable a LSM (or none).
 Likely none would be the default for now. It's tempting to take
 benefit from debconf here.
 
  d) An apparmor-activate command, very similar to selinux-activate
 (from the selinux-basics package). The resulting user experience
 would be less friendly than just install the apparmor package,
 but perhaps that's acceptable for now.
 
  Other ideas?
 
  SELinux maintainers, any thoughts on this? I've no idea what's the
  current situation wrt. SELinux policies in Debian — are they in
  a shape that warrants thinking of usability matters for the target
  userbase described above, or do potential users anyway have to play
  with a terminal and text editor as root? In other words, should we
  work on a shared solution to this problem, or should the AppArmor
  folks do their bit on their side, merely being careful not to break
  the SELinux usecases?

For the users we are currently targetting, selinux-activate is
adequate, but a debconf question would certainly be easier. We are
(slowly) working on getting better user experience, but yes, people
still have to play with a terminal as root for jessie, I'm afraid.
 
  (Also, what happens if someone has already enabled selinux, then
  installs this apparmor package which is intended to automatically
  enable apparmor?)
 
  The *last* LSM activated on the kernel command-line is the one
  that's enabled in practice (tested both ways). So, installing a
  apparmor package, that automatically enables this LSM, would
  override the previous manual enabling of SELinux. The reciprocal
  applies when running selinux-activate (which is arguably a more
  explicit choice made by the administrator than installing the
  apparmor package).
 
  IMO, both should first check if another LSM is enabled.

That sounds like a good idea. It would be nice to have some kind of
standard way to tell if any other LSM is enabled, otherwise we all have
to maintain some 
selinuxenabled | $apparmorenabled | $whateverelseenabled
shell snippets on our own.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#758600: shibboleth-sp2-utils: postinst fails on initial installation

2014-08-19 Thread Mika Tiainen

Package: shibboleth-sp2-utils
Version: 2.5.3+dfsg-1~bpo70+1
Severity: normal

Hi,

Installing libapache2-mod-shib2 from wheezy backports. shibboleth-sp2-utils
postinst fails on initial installation, because it tries to enable the apache
module, but libapache2-mod-shib2 is not yet configured so
/etc/apache2/mods-available/ contains only shib2.load.dpkg-new.

Attached is a log of the install.

-- System Information:
Debian Release: 7.6
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages shibboleth-sp2-utils depends on:
ii  adduser3.113+nmu3
ii  libc6  2.13-38+deb7u3
ii  libfcgi0ldbl   2.4.0-8.1
ii  libgcc11:4.7.2-5
ii  liblog4shib1   1.0.4-1
ii  libsaml8   2.5.3-2~bpo70+1
ii  libshibsp-plugins  2.5.3+dfsg-1~bpo70+1
ii  libshibsp6 2.5.3+dfsg-1~bpo70+1
ii  libstdc++6 4.7.2-5
ii  libxerces-c3.1 3.1.1-3
ii  libxmltooling6 1.5.3-2~bpo70+1

Versions of packages shibboleth-sp2-utils recommends:
ii  openssl  1.0.1e-2+deb7u12

shibboleth-sp2-utils suggests no packages.

-- no debconf information
mika@y-moodle:~$ sudo aptitude install -t wheezy-backports libapache2-mod-shib2
The following NEW packages will be installed:
  libapache2-mod-shib2 libfcgi0ldbl{a} liblog4shib1{a} libmemcached10{a}
  libodbc1{a} libsaml8{a} libshibsp-plugins{a} libshibsp6{a}
  libxerces-c3.1{a} libxml-security-c17{a} libxmltooling6{a}
  opensaml2-schemas{a} shibboleth-sp2-common{a} shibboleth-sp2-utils{a}
  xmltooling-schemas{a}
0 packages upgraded, 15 newly installed, 0 to remove and 34 not upgraded.
Need to get 5 547 kB of archives. After unpacking 28,8 MB will be used.
Do you want to continue? [Y/n/?]
Get: 1 http://ftp.fi.debian.org/debian/ wheezy/main libmemcached10 amd64 1.0.8-1
 [117 kB]
Get: 2 http://ftp.fi.debian.org/debian/ wheezy/main libodbc1 amd64 2.2.14p2-5 [2
52 kB]
Get: 3 http://ftp.fi.debian.org/debian/ wheezy/main libxerces-c3.1 amd64 3.1.1-3
 [1 139 kB]
Get: 4 http://ftp.fi.debian.org/debian/ wheezy/main liblog4shib1 amd64 1.0.4-1 [
95,7 kB]
Get: 5 http://ftp.fi.debian.org/debian/ wheezy-backports/main libxml-security-c1
7 amd64 1.7.2-2~bpo70+1 [290 kB]
Get: 6 http://ftp.fi.debian.org/debian/ wheezy-backports/main libxmltooling6 amd
64 1.5.3-2~bpo70+1 [613 kB]
Get: 7 http://ftp.fi.debian.org/debian/ wheezy-backports/main libsaml8 amd64 2.5
.3-2~bpo70+1 [940 kB]
Get: 8 http://ftp.fi.debian.org/debian/ wheezy-backports/main opensaml2-schemas
all 2.5.3-2~bpo70+1 [25,8 kB]
Get: 9 http://ftp.fi.debian.org/debian/ wheezy-backports/main shibboleth-sp2-com
mon all 2.5.3+dfsg-1~bpo70+1 [48,8 kB]
Get: 10 http://ftp.fi.debian.org/debian/ wheezy-backports/main xmltooling-schema
s all 1.5.3-2~bpo70+1 [15,9 kB]
Get: 11 http://ftp.fi.debian.org/debian/ wheezy-backports/main libshibsp6 amd64
2.5.3+dfsg-1~bpo70+1 [1 307 kB]
Get: 12 http://ftp.fi.debian.org/debian/ wheezy/main libfcgi0ldbl amd64 2.4.0-8.
1 [281 kB]
Get: 13 http://ftp.fi.debian.org/debian/ wheezy-backports/main libshibsp-plugins
 amd64 2.5.3+dfsg-1~bpo70+1 [247 kB]
Get: 14 http://ftp.fi.debian.org/debian/ wheezy-backports/main shibboleth-sp2-ut
ils amd64 2.5.3+dfsg-1~bpo70+1 [103 kB]
Get: 15 http://ftp.fi.debian.org/debian/ wheezy-backports/main libapache2-mod-sh
ib2 amd64 2.5.3+dfsg-1~bpo70+1 [72,2 kB]
Fetched 5 547 kB in 0s (6 051 kB/s)
Selecting previously unselected package libmemcached10:amd64.
(Reading database ... 34023 files and directories currently installed.)
Unpacking libmemcached10:amd64 (from .../libmemcached10_1.0.8-1_amd64.deb) ...
Selecting previously unselected package libodbc1:amd64.
Unpacking libodbc1:amd64 (from .../libodbc1_2.2.14p2-5_amd64.deb) ...
Selecting previously unselected package libxerces-c3.1:amd64.
Unpacking libxerces-c3.1:amd64 (from .../libxerces-c3.1_3.1.1-3_amd64.deb) ...
Selecting previously unselected package liblog4shib1:amd64.
Unpacking liblog4shib1:amd64 (from .../liblog4shib1_1.0.4-1_amd64.deb) ...
Selecting previously unselected package libxml-security-c17:amd64.
Unpacking libxml-security-c17:amd64 (from .../libxml-security-c17_1.7.2-2~bpo70+
1_amd64.deb) ...
Selecting previously unselected package libxmltooling6:amd64.
Unpacking libxmltooling6:amd64 (from .../libxmltooling6_1.5.3-2~bpo70+1_amd64.de
b) ...
Selecting previously unselected package libsaml8:amd64.
Unpacking libsaml8:amd64 (from .../libsaml8_2.5.3-2~bpo70+1_amd64.deb) ...
Selecting previously unselected package opensaml2-schemas.
Unpacking opensaml2-schemas (from .../opensaml2-schemas_2.5.3-2~bpo70+1_all.deb)
 ...
Selecting previously unselected package shibboleth-sp2-common.
Unpacking shibboleth-sp2-common (from .../shibboleth-sp2-common_2.5.3+dfsg-1~bpo
70+1_all.deb) ...
Selecting previously unselected package xmltooling-schemas.
Unpacking xmltooling-schemas (from .../xmltooling-schemas_1.5.3-2

Bug#758464: [DSE-Dev] Bug#758464: selinux-policy-default: Impossible to use libvirt(d) if enforcing

2014-08-17 Thread Mika Pflüger

Hi Andreas,

Andreas Florath an...@flonatel.org wrote:
 avc:
 denied  { execstack }

Which SELinux booleans have you set? Does allowing execstack help?
To learn about SELinux booleans, see booleans(8), to see the status of
all booleans, use getsebool -a.
To switch allow_execstack, use setsebool allow_execstack on.

Maybe this helps and it is merely a configuration/documentation issue.

Cheers,

Mika


-- 



signature.asc
Description: PGP signature

Bug#756729: [DSE-Dev] Bug#756729: selinux-policy-default: Setting SELinux to enforce results in not configured network interface at boot time

Hi,

Andreas Florath an...@flonatel.org wrote:
 Package: selinux-policy-default
 Version: 2:2.20110726-12
 Severity: important
 
 Dear Maintainer,
 
 after enableing SELinux the eth0 network device is not longer
 configured automatically during boot time.
 
 There is a similar bug
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728950
 but it differs in the command. Here it is 'dhclient' there the
 scripts.
 
 IMHO this is an 'important' bug, because systems using dhcp cannot
 switch to enforce - or they will not work properly any more.
 
 The eth0 device is configured as:
 
 allow-hotplug eth0
 iface eth0 inet dhcp
 
 After booting with SELinux set to enforced the eth0 network interface
 is not configured. ifconfig shows only 'lo'.
 
 During boot, the following two AVCs are reported:
 
 Jul 31 12:55:55 debtest kernel: [4.489454] type=1400
 audit(1406804155.296:5): avc:  denied  { name_bind } for  pid=1677
 comm=dhclient src=1356
 scontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023
 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket Jul 31
 12:55:55 debtest kernel: [4.489641] type=1400
 audit(1406804155.296:6): avc:  denied  { name_bind } for  pid=1677
 comm=dhclient src=14762
 scontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023
 tcontext=system_u:object_r:port_t:s0 tclass=udp_socket
 
 When I use these both lines as input to 'audit2allow' and 'semodule
 
 $ audit2allow -M localdhclient
 $ semodule -i localdhclient.pp
 
 after booting, the interface comes up, but it looks that the further
 setup needs 'hostname' and 'ip':
 
 Jul 31 13:39:41 debtest kernel: [4.954371] type=1400
 audit(1406806780.651:5): avc:  denied  { read write } for  pid=1723
 comm=ip path=socket:[7251] dev=sockfs ino=7251
 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 Jul 31 13:39:41 debtest kernel: [4.954457] type=1400
 audit(1406806780.651:6): avc:  denied  { read write } for  pid=1723
 comm=ip path=socket:[7252] dev=sockfs ino=7252
 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 Jul 31 13:39:41 debtest kernel: [5.005695] type=1400
 audit(1406806780.703:7): avc:  denied  { read write } for  pid=1751
 comm=hostname path=socket:[7251] dev=sockfs ino=7251
 scontext=system_u:system_r:hostname_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 Jul 31 13:39:41 debtest kernel: [5.005781] type=1400
 audit(1406806780.703:8): avc:  denied  { read write } for  pid=1751
 comm=hostname path=socket:[7252] dev=sockfs ino=7252
 scontext=system_u:system_r:hostname_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 Jul 31 13:39:41 debtest kernel: [5.007904] type=1400
 audit(1406806780.703:9): avc:  denied  { read write } for  pid=1752
 comm=ip path=socket:[7251] dev=sockfs ino=7251
 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 Jul 31 13:39:41 debtest kernel: [5.007988] type=1400
 audit(1406806780.703:10): avc:  denied  { read write } for  pid=1752
 comm=ip path=socket:[7252] dev=sockfs ino=7252
 scontext=system_u:system_r:ifconfig_t:s0-s0:c0.c1023
 tcontext=system_u:system_r:dhcpc_t:s0-s0:c0.c1023 tclass=udp_socket
 
 After another 'autid2allow' and 'semodule' there are no further AVCs
 in the log after a reboot and the interface works fine.
 


Could you provide the output of
# sestatus
# semodule -l
and also which init system you are using?

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#756731: [DSE-Dev] Bug#756731: selinux-policy-default: Setting SELinux to enforce when using systemd some AVCs are logged during boot

Hi Andre,

as you can see I set the severity of the cosmetic bug reports, where
AVCs are logged but apparently no functional degradation happens to
minor. Often programs will use different codepaths (or do not
actually care) when something is denied (think of the equivalent of ls
-la|grep etc [or something along the lines which actually makes sense]
where stat'ing /dev will be prohibited. It will log an AVC, but the
program doesn't actually care). Therefore, in policy we have
dontaudit rules, which do deny access, but don't log AVCs. So if
functionality is not degraded, this actually looks like a missing
dontaudit rule, which is arguably only a minor error.

Also please note that updates to Debian stable are only done for at
least important bugs, so it is not really worth reporting minor bugs
against versions in stable (other than for documentation purposes), we
most likely will not actually fix them. If someone finds time, we will
however try to test if they persist in testing/unstable to try to fix
them in testing, such that the next stable release will have fewer
bugs. If you could test minor/normal bugs you find in stable in
testing/unstable (e.g. in a VM), that would actually help us a lot!

If you need some help in setting up a test environment for that, I can
help you with it (or even provide a vm to you which you can use for
testing if you do not have necessary hardware).

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#756729: [DSE-Dev] Bug#756729: selinux-policy-default: Setting SELinux to enforce results in not configured network interface at boot time

Hi Andre,

most interesting is the output of semodule -l. SELinux refpolicy is
modular, so that you only have to load the policy for the programs you
actually use. Note that in your case you have loaded only some select
modules, pretty much a minimal set of modules, which will provide only
very basic functionality.
Upon installation, the selinux-policy-default package in stable tries to
guess which modules you could need and installs those. If you then
install other software afterwards, you have to enable other modules
yourself.
To enable the dhcp module (which hopefully will fix your problem), use:
# semodule -i /usr/share/selinux/default/dhcp.pp
you will find all available modules in /usr/share/selinux/default/,
just check which one sounds like you need it. You can also install all
of them and then selectively disable some using
# semodule -d dhcp
(or equivalent for other module names, see semodule(8)), which is often
easier.

Note that having loaded too many modules usually only means selinux
is not as effective in preventing acceses (if e.g. you don't have an
ftp server installed, there is no need to allow ftp access), but it
usually will not do much harm.

We recognise that this situation (minimal set of default modules enable
upon installation) is confusing for many users, which is why we changed
this already in debian unstable, such that by default a much larger set
(also including dhcp) of modules is installed.

I hope this helps you to get up and running with selinux.
Unfortunately, there is only very basic documentation about selinux on
debian (the best I know is
http://debian-handbook.info/browse/stable/sect.selinux.html from the
debian administrator's handbook), but it is mostly analogous to how it
works on RHEL and Fedora, so you can also read
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/SELinux_Users_and_Administrators_Guide/index.html

Cheers,

Mika

signature.asc
Description: PGP signature

Bug#756468: [DSE-Dev] Bug#756468: Please think about fixing this bug in stable

Hi,

Andreas Florath an...@flonatel.org wrote:
 IMHO this bug should be fixed in stable, because it prevents
 installing packages that use addgroup when SELinux is set to
 enforcing.

I haven't found time to investigate the issue, but if you have loaded
the unconfined module and use normal apt-get (not se_apt-get etc.)
commands as unconfined root, everything should work. You could at least
use this as a workaround for the time being.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#756542: [DSE-Dev] Bug#756542: selinux-policy-default: Installation of systemd from wheezy-backports results in many AVCs

2014-07-30 Thread Mika Pflüger

Hi,

Andreas Florath an...@flonatel.org wrote: 
 using systemd from backports (version see below) many AVCs appear in
 the logging. The system is (partially) unusable - e.g. eth0 works not
 reliable.

Using software from backports usually is not supported by the refpolicy
in stable (we can't see the future, after all), and it is very unlikely
we'll be able to fix that in stable.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#747298: request-tracker4: Missing dependency on libcss-squish-perl

2014-05-07 Thread Mika Tiainen

Package: request-tracker4
Version: 4.2.3-2
Severity: important

Hi,

I did a new clean install of RT 4.2 from unstable on wheezy (with backports).
Needed to install libcss-squish-perl manually, without it RT dies with:

[28346] [Wed May  7 09:32:48 2014] [error]: Base class package CSS::Squish is 
empty.
(Perhaps you need to 'use' the module which defines that package first,
or make that module available in @INC (@INC contains: 
/usr/local/share/request-tracker4/lib /usr/share/request-tracker4/lib /etc/perl 
/usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.14 /usr/share/perl/5.14 
/usr/local/lib/site_perl . /etc/apache2).
 at /usr/share/request-tracker4/lib/RT/Squish/CSS.pm line 66
BEGIN failed--compilation aborted at 
/usr/share/request-tracker4/lib/RT/Squish/CSS.pm line 66.

Stack:
  [/usr/share/request-tracker4/lib/RT/Squish/CSS.pm:66]
  [/usr/share/request-tracker4/html/Elements/Header:129]
  [/usr/share/request-tracker4/html/Elements/Login:49]
  [/usr/share/request-tracker4/html/NoAuth/Login.html:56]
  [/usr/share/request-tracker4/lib/RT/Interface/Web.pm:347]
  [/usr/share/request-tracker4/html/autohandler:53]
Compilation failed in require at 
/usr/share/request-tracker4/lib/RT/Interface/Web.pm line 83.

Stack:
  [/usr/share/request-tracker4/lib/RT/Interface/Web.pm:83]
  [/usr/share/request-tracker4/html/Elements/Header:129]
  [/usr/share/request-tracker4/html/Elements/Login:49]
  [/usr/share/request-tracker4/html/NoAuth/Login.html:56]
  [/usr/share/request-tracker4/lib/RT/Interface/Web.pm:347]
  [/usr/share/request-tracker4/html/autohandler:53] 
(/usr/share/request-tracker4/lib/RT/Interface/Web/Handler.pm:212)


-- Package-specific info:
Changed files:

-- System Information:
Debian Release: 7.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=fi_FI.UTF-8, LC_CTYPE=fi_FI.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages request-tracker4 depends on:
ii  dbconfig-common  1.8.47+nmu1
ii  debconf [debconf-2.0]1.5.49
ii  exim44.80-7
ii  exim4-daemon-light [mail-transport-agent]4.80-7
ii  fonts-droid  20111207+git-1
ii  libapache-session-perl   1.89-1
ii  libcgi-emulate-psgi-perl 0.14-1
ii  libcgi-psgi-perl 0.15-1
ii  libclass-accessor-perl   0.34-1
ii  libconvert-color-perl0.08-1
ii  libcrypt-eksblowfish-perl0.008-1+b2
ii  libcrypt-ssleay-perl 0.58-1
ii  libcrypt-x509-perl   0.51-1
ii  libdata-guid-perl0.046-1
ii  libdata-ical-perl0.18+dfsg-1
ii  libdate-extract-perl 0.04-1~bpo70+1
ii  libdate-manip-perl   6.32-1
ii  libdatetime-format-natural-perl  1.00-1
ii  libdatetime-locale-perl  1:0.45-1
ii  libdatetime-perl 2:0.7500-1
ii  libdbi-perl  1.622-1
ii  libdbix-searchbuilder-perl   1.65-1~bpo70+1
ii  libdevel-globaldestruction-perl  0.06-1
ii  libemail-address-list-perl   0.05-1~bpo70+1
ii  libemail-address-perl1.901-1~bpo70+1
ii  libfcgi-procmanager-perl 0.24-1
ii  libfile-sharedir-perl1.00-0.1
ii  libfile-which-perl   1.09-1
ii  libgd-graph-perl 1.48-1~bpo70+1
ii  libgd-text-perl  0.86-8
ii  libgnupg-interface-perl  0.45-1
ii  libgraphviz-perl 2.10-1
ii  libhtml-formattext-withlinks-andtables-perl  0.02-1
ii  libhtml-formattext-withlinks-perl0.14-1
ii  libhtml-mason-perl   1:1.48-1
ii  libhtml-mason-psgihandler-perl   0.52-1
ii  libhtml-quoted-perl  0.03-1
ii  libhtml-rewriteattributes-perl   0.05-1~bpo70+1
ii  libhtml-scrubber-perl0.09-1
ii  libhttp-message-perl 6.03-1
ii  libipc-run-perl  0.92-1
ii  libipc-run3-perl 0.045-1
ii  libjson-perl 2.53-1
ii  liblist-moreutils-perl   0.33-1+b1
ii  liblocale-maketext-fuzzy-perl0.11-1
ii  liblocale-maketext-lexicon-perl  0.91-1
ii  liblog-dispatch-perl 2.32-1
ii  libmailtools-perl2.12-1~bpo70+1
ii  libmime-tools-perl   5.505-1~bpo70+1
ii  libmime-types-perl   1.35-1
ii  libmodule-refresh-perl   0.17-1
ii

Bug#747111: [DSE-Dev] Bug#747111: selinux-basics: MCS mode is missing in /etc/selinux/config

2014-05-05 Thread Mika Pflüger

Hi,

Victor Porton por...@narod.ru wrote:
 
 From /etc/selinux/config:
 
 # SELINUXTYPE= can take one of these two values:
 # default - equivalent to the old strict and targeted policies
 # mls - Multi-Level Security (for military and educational use)
 # src - Custom policy built from source
 SELINUXTYPE=default
 
 MCS mode is missing in the comments and I am not sure whether it
 is supported at all.
 
 Personally I need MCS (but not MLS) support for my project.

The default policy (from selinux-policy-default) is a mcs policy. It
might be a good idea to reword the documentation to clearly state this
like this:

# default - equivalent to the old strict and targeted policies
(includes multi category security)

on the other hand that would change the config file, triggering
dpkg-questions for users who modified the file for only a small
benefit. Note that the fact that selinux-policy-default uses mcs is
already documented in the package description.
I personally don't think we should update the comments
in /etc/selinux/config unless we are changing that file anyway.

Cheers,

Mika


signature.asc
Description: PGP signature

Bug#728442: #728442 - gnome-control-center crashes gnome-shell trying to raise privileges

2014-05-03 Thread Mika

I haven't been able to reproduce this in the version I am now using.
G-control-center 3.8.3-5 and -data 3.8.3-7

So now raising privileges work as it should. Also running things like
synaptic asks for privileges and password as it should now.

Thanks Upstream packagers


On Mon, Apr 28, 2014 at 7:20 PM, althaser altha...@gmail.com wrote:

 Hey,

 Could you please still reproduce this issue with newer
 gnome-control-center version like 1:3.8.3-7 ?

 I can't reproduce it here with g-c-c-1:3.8.3-7

 cheers,
 althaser

Bug#728442: Gnome-Shell and Libc6 Segfaults on running of any unlock dialog or gksu

2014-03-30 Thread Mika

I have had a similar if not same problem for a long while now. I know
I can get around this by running things from terminal as su to root.
But now that I found this I thought I should join in with info.

So whenever I run synaptic from gnome it takes 15 seconds and crashes
the desktop. Whenever I run a program with admin unlock and press
unlock it crashes.

Here are a few log files. Hope we can find the culprit here and fix this.


dmesg :

[   22.470494] nvidia :01:00.0: irq 89 for MSI/MSI-X
[   23.103680] NVRM: Your system is not currently configured to drive
a VGA console
[   23.103689] NVRM: on the primary VGA device. The NVIDIA Linux graphics driver
[   23.103691] NVRM: requires the use of a text-mode VGA console. Use
of other console
[   23.103693] NVRM: drivers including, but not limited to, vesafb,
may result in
[   23.103694] NVRM: corruption and stability problems, and is not supported.
[ 3498.164413] gnome-shell[2688]: segfault at 7fffcdd1aff8 ip
7f057c289812 sp 7fffcdd1b000 error 6 in
libc-2.18.so[7f057c21+1a]


###  auth.log ###

Mar 30 18:17:01 BirdFarm0 CRON[4451]: PAM unable to
dlopen(pam_ldap.so): /lib/security/pam_ldap.so: cannot open shared
object file: No such file or directory
Mar 30 18:17:01 BirdFarm0 CRON[4451]: PAM adding faulty module: pam_ldap.so
Mar 30 18:17:01 BirdFarm0 CRON[4451]: pam_unix(cron:session): session
opened for user root by (uid=0)
Mar 30 18:17:01 BirdFarm0 CRON[4451]: pam_unix(cron:session): session
closed for user root
Mar 30 18:19:14 BirdFarm0 polkitd(authority=local): Unregistered
Authentication Agent for
unix-session:/org/freedesktop/ConsoleKit/Session2 (system bus name
:1.50, object path /org/freedesktop/PolicyKit1/AuthenticationAgent,
locale en_US.utf8) (disconnected from bus)
Mar 30 18:19:14 BirdFarm0 polkitd(authority=local): Operator of
unix-session:/org/freedesktop/ConsoleKit/Session2 FAILED to
authenticate to gain authorization for action
org.gnome.controlcenter.datetime.configure for
unix-process:4476:347791 [gnome-control-center datetime] (owned by
unix-user:miqu)
Mar 30 18:19:15 BirdFarm0 dbus[1136]: [system] Rejected send message,
2 matched rules; type=method_call, sender=:1.82 (uid=1000 pid=5392
comm=/usr/bin/gnome-shell )
interface=org.freedesktop.DBus.Properties member=GetAll error
name=(unset) requested_reply=0 destination=:1.16 (uid=0 pid=2030
comm=/usr/sbin/console-kit-daemon --no-daemon )
Mar 30 18:19:15 BirdFarm0 polkitd(authority=local): Registered
Authentication Agent for
unix-session:/org/freedesktop/ConsoleKit/Session2 (system bus name
:1.82 [/usr/bin/gnome-shell], object path
/org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.utf8)
Mar 30 18:19:26 BirdFarm0 su[5556]: PAM unable to dlopen(pam_ldap.so):
/lib/security/pam_ldap.so: cannot open shared object file: No such
file or directory
Mar 30 18:19:26 BirdFarm0 su[5556]: PAM adding faulty module: pam_ldap.so
Mar 30 18:19:30 BirdFarm0 su[5556]: Successful su for root by miqu
Mar 30 18:19:30 BirdFarm0 su[5556]: + /dev/pts/0 miqu:root
Mar 30 18:19:30 BirdFarm0 su[5556]: pam_unix(su:session): session
opened for user root by miqu(uid=1000)

/var/log/kern.log

Mar 30 18:19:13 BirdFarm0 kernel: [ 3498.164413] gnome-shell[2688]:
segfault at 7fffcdd1aff8 ip 7f057c289812 sp 7fffcdd1b000 error
6 in libc-2.18.so[7f057c21+1a]

Please let me know if more info is needed.

Mika

Bug#722217: Updated the Nvidia driver from Experimental

2014-02-21 Thread Mika

 (= 2.14); however:
  Package libc6:amd64 is not configured yet.

dpkg: error processing package man-db (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of libc6-i386:
 libc6-i386 depends on libc6 (= 2.18-1); however:
  Package libc6:amd64 is not configured yet.

dpkg: error processing package libc6-i386 (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of locales:
 locales depends on glibc-2.18-1; however:
  Package glibc-2.18-1 is not installed.
  Package libc6:amd64 which provides glibc-2.18-1 is not configured yet.

dpkg: error processing package locales (--configure):
 dependency problems - leaving unconfigured
dpkg: dependency problems prevent configuration of nscd:
 nscd depends on libc6 ( 2.18); however:
  Package libc6:amd64 is not configured yet.
 nscd depends on libc6 ( 2.19); however:
  Package libc6:amd64 is not configured yet.

dpkg: error processing package nscd (--configure):
 dependency problems - leaving unconfigured
Errors were encountered while processing:
 libc6-dev:amd64
 libc6-dev:i386
 libc6:amd64
 man-db
 libc6-i386
 locales
 nscd

Anyhow thank you for a workaround. I couldnt reproduce it after once
setting mesa diverting. Maybe I could if I went back to the same situation
with istalling libc6 older version, running with Nvidia. But dont have time
right now.

Hope we can still find the culprit and fix it.

Thanks,
Mika


On Tue, Feb 4, 2014 at 10:41 AM, Mika mika.ras...@gmail.com wrote:

 Thanks for the info,

 I updated the drivers from experimental. I will try to find time to try
 replicating the bug later this evening if its fixed or not.

Bug#737681: synaptic: Apt-get, aptitude and synaptic quits with error immediately after start

2014-02-06 Thread Mika Rastas

Package: synaptic
Version: 0.80.4
Followup-For: Bug #737681

Dear Maintainer,

Well I checked and its not Synaptics fault. Other front ends fail also. It
seems to be that my hard drive is failing. So I suppose you can close this bug.

Sorry for the inconvenience,

Mika



-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages synaptic depends on:
ii  hicolor-icon-theme   0.13-1
ii  libapt-inst1.5   0.9.15
ii  libapt-pkg4.12   0.9.15
ii  libatk1.0-0  2.10.0-2
ii  libc62.17-92
ii  libcairo-gobject21.12.16-2
ii  libcairo21.12.16-2
ii  libept1.4.12 1.0.12
ii  libgcc1  1:4.8.2-14
ii  libgdk-pixbuf2.0-0   2.28.2-1+b1
ii  libglib2.0-0 2.37.5-1
ii  libgtk-3-0   3.9.14-1
ii  libpango-1.0-0   1.36.0-1+b1
ii  libpangocairo-1.0-0  1.36.0-1+b1
ii  libstdc++6   4.8.2-14
ii  libvte-2.90-91:0.34.9-1
ii  libx11-6 2:1.6.2-1
ii  libxapian22  1.2.17-1
ii  libxext6 2:1.3.2-1
ii  zlib1g   1:1.2.8.dfsg-1

Versions of packages synaptic recommends:
ii  gksu   2.0.2-6
ii  libgtk2-perl   2:1.249-1
ii  policykit-10.105-4
ii  rarian-compat  0.8.1-5

Versions of packages synaptic suggests:
ii  apt-xapian-index 0.46
ii  deborphan1.7.28.8
ii  dwww 1.12.1
ii  menu 2.1.46
ii  software-properties-gtk  0.92.25debian1
ii  tasksel  3.20

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722217: Updated the Nvidia driver from Experimental

2014-02-04 Thread Mika

Thanks for the info,

I updated the drivers from experimental. I will try to find time to try
replicating the bug later this evening if its fixed or not.

Bug#737681: synaptic: quits with error immediately after start

2014-02-04 Thread Mika Rastas

Package: synaptic
Version: 0.80.4
Severity: important

Dear Maintainer,

I, opened terminal, ran su and then synaptic.

Synaptic tries to start but gives an error and quits after I click on the
error.

Here is the error dialog:

E: Read error - read (5 Input/output error)
E: The package lists or status file could not be parsed or opened.
E: _cache-open() failed, please report.

Here is the console output:

root@Xx:/home/ss# synaptic
Traceback (most recent call last):
  File /usr/sbin/update-apt-xapian-index, line 97, in module
if not indexer.setupIndexing(force=opts.force, system=opts.pkgfile is
None):
  File /usr/lib/pymodules/python2.7/axi/indexer.py, line 518, in
setupIndexing
addon.obj.init(dict(values=self.values), self.progress)
  File /usr/share/apt-xapian-index/plugins/translated-desc.py, line 105, in
init
self.indexers.append(Indexer(lang, file))
  File /usr/share/apt-xapian-index/plugins/translated-desc.py, line 41, in
__init__
for pkg in deb822.Deb822.iter_paragraphs(open(file)):
  File /usr/lib/python2.7/dist-packages/debian/deb822.py, line 371, in
iter_paragraphs
for section in parser:
SystemError: E:Read error - read (5: Input/output error)
Traceback (most recent call last):
  File /usr/sbin/update-apt-xapian-index, line 97, in module
if not indexer.setupIndexing(force=opts.force, system=opts.pkgfile is
None):
  File /usr/lib/pymodules/python2.7/axi/indexer.py, line 518, in
setupIndexing
addon.obj.init(dict(values=self.values), self.progress)
  File /usr/share/apt-xapian-index/plugins/translated-desc.py, line 105, in
init
self.indexers.append(Indexer(lang, file))
  File /usr/share/apt-xapian-index/plugins/translated-desc.py, line 41, in
__init__
for pkg in deb822.Deb822.iter_paragraphs(open(file)):
  File /usr/lib/python2.7/dist-packages/debian/deb822.py, line 371, in
iter_paragraphs
for section in parser:
SystemError: E:Read error - read (5: Input/output error)



-- System Information:
Debian Release: jessie/sid
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.12-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages synaptic depends on:
ii  hicolor-icon-theme   0.13-1
ii  libapt-inst1.5   0.9.15
ii  libapt-pkg4.12   0.9.15
ii  libatk1.0-0  2.10.0-2
ii  libc62.17-92
ii  libcairo-gobject21.12.16-2
ii  libcairo21.12.16-2
ii  libept1.4.12 1.0.12
ii  libgcc1  1:4.8.2-14
ii  libgdk-pixbuf2.0-0   2.28.2-1+b1
ii  libglib2.0-0 2.37.5-1
ii  libgtk-3-0   3.9.14-1
ii  libpango-1.0-0   1.36.0-1+b1
ii  libpangocairo-1.0-0  1.36.0-1+b1
ii  libstdc++6   4.8.2-14
ii  libvte-2.90-91:0.34.9-1
ii  libx11-6 2:1.6.2-1
ii  libxapian22  1.2.17-1
ii  libxext6 2:1.3.2-1
ii  zlib1g   1:1.2.8.dfsg-1

Versions of packages synaptic recommends:
ii  gksu   2.0.2-6
ii  libgtk2-perl   2:1.249-1
ii  policykit-10.105-4
ii  rarian-compat  0.8.1-5

Versions of packages synaptic suggests:
ii  apt-xapian-index 0.46
ii  deborphan1.7.28.8
ii  dwww 1.12.1
ii  menu 2.1.46
ii  software-properties-gtk  0.92.25debian1
ii  tasksel  3.20

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722217: legacy304 also

2014-01-28 Thread Mika

I have Nvidia's newest driver 331.20-2 so its not only on Legacy drivers.

Dpkg is 1.17.6 now. I don't know did I already try an upgrade with this
dpkg version. I have the libc packages now pinned so I can use my system.

Kernel and kbuild packages are version 3.12.6.

I tried an upgrade a few weeks ago and the bug was still there.


Mika



On Fri, Dec 20, 2013 at 6:35 PM, Wendy J. Elmer webe...@aim.com wrote:



 What version of dpkg are you using?  Could it be this problem?

 dpkg (1.17.5) unstable; urgency=low

   [ Guillem Jover ]
 [...]
   * Fix segfault in update-alternatives when adding or renaming slaves for
 an existing alternative. Regression introduced in dpkg 1.17.2.
 Closes: #731710


  dpkg 1.16.12 from jessie/testing

 Brent

Bug#724890: /usr/sbin/ndiswrapper: Ndiswrapper fails with sh: 1: Syntax error: end of file unexpected

2013-09-29 Thread Mika Rastas

Package: ndiswrapper-common
Version: 1.58-2
Severity: important
File: /usr/sbin/ndiswrapper

Dear Maintainer,

I got a used pci wlan card that happens to be mrv8355 and needs ndiswrapper to 
work. I found that out from the Debian wiki here: 
https://wiki.debian.org/libertas#Supported_Devices

The Ndiswrapper Debian wiki page https://wiki.debian.org/NdisWrapper

I also checked here https://help.ubuntu.com/community/WifiDocs/Driver/mrv8k

So here is what I did and the results on command line.

miqu@TFC-1:~$ su
Salasana: 
root@TFC-1:/home/miqu# cd Lataukset/
root@TFC-1:/home/miqu/Lataukset# ndiswrapper -i mrv8335.
install argument must be .inf file
root@TFC-1:/home/miqu/Lataukset# ndiswrapper -i mrv8335.inf 
driver mrv8335 is already installed
root@TFC-1:/home/miqu/Lataukset# ndiswrapper -l
mrv8335 : driver installed
device (11AB:1FAA) present
root@TFC-1:/home/miqu/Lataukset# modprobe ndiswrapper
root@TFC-1:/home/miqu/Lataukset# iwconfig
usb0  no wireless extensions.

ppp0  no wireless extensions.

eth0  no wireless extensions.

lono wireless extensions.

usbpn0no wireless extensions.

root@TFC-1:/home/miqu/Lataukset# ndiswrapper -m
adding alias wlan0 ndiswrapper to  ...
sh: 1: Syntax error: end of file unexpected
couldn't add module alias:  at /usr/sbin/ndiswrapper-1.9 line 882.
root@TFC-1:/home/miqu/Lataukset# depmod -a
root@TFC-1:/home/miqu/Lataukset# 

After reboot another try no change. I suspected the lines to be added to the 
file /usr/sbin/ndiswrapper-1.9 are needed for things to load up. 

If I can help tracing this down anyhow please let me know.


-- System Information:
Debian Release: jessie/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), 
(500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10-3-amd64 (SMP w/1 CPU core)
Locale: LANG=fi_FI.utf8, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

ndiswrapper-common depends on no packages.

ndiswrapper-common recommends no packages.

Versions of packages ndiswrapper-common suggests:
ii  ndiswrapper-source  1.58-2

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#673589: gnome-online-accounts: Gnome account expired after last update

2013-09-12 Thread Mika Rastas

Package: gnome-online-accounts
Version: 3.8.3-1
Followup-For: Bug #673589

Dear Maintainer,

I updated my Sid system yesterday. After a reboot the accounts were expired. 
Tried to re enter credentials but gnome control center hangs after I enter the 
credentials. I killed gnome control center after waiting for a while and tried 
to run gnome-online-accounts from console and it gave the error libgcr-... not 
found. Then I found this bug and read about that workaround. After a reboot it 
now works.

Here is the list of updates I did yesterday.

Commit Log for Thu Sep 12 00:12:45 2013

Upgraded the following packages:
apt (0.9.11.2) to 0.9.11.3
apt-utils (0.9.11.2) to 0.9.11.3
geoclue (0.12.99-2) to 0.12.99-3
geoclue-hostip (0.12.99-2) to 0.12.99-3
geoclue-localnet (0.12.99-2) to 0.12.99-3
geoclue-manual (0.12.99-2) to 0.12.99-3
geoclue-yahoo (0.12.99-2) to 0.12.99-3
gir1.2-goa-1.0 (3.8.2-1) to 3.8.3-1
gnash (0.8.11~git20130903-2) to 0.8.11~git20130903-3
gnash-common (0.8.11~git20130903-2) to 0.8.11~git20130903-3
gnome-online-accounts (3.8.2-1) to 3.8.3-1
libapt-inst1.5 (0.9.11.2) to 0.9.11.3
libapt-pkg4.12 (0.9.11.2) to 0.9.11.3
libclone-perl (0.34-1+b1) to 0.35-1
libgegl-0.2-0 (0.2.0-3+b1) to 0.2.0-4
libgeoclue0 (0.12.99-2) to 0.12.99-3
libgmime-2.6-0 (2.6.16-1) to 2.6.17-1
libgmime2.6-cil (2.6.16-1) to 2.6.17-1
libgoa-1.0-0 (3.8.2-1) to 3.8.3-1
libgoa-1.0-common (3.8.2-1) to 3.8.3-1
libkpathsea6 (2013.20130729.30972-1) to 2013.20130729.30972-2
libnewt0.52 (0.52.15-2+b1) to 0.52.15-3
libparted0debian1 (2.3-15) to 2.3-16
libsqlite3-0 (3.8.0.1-1) to 3.8.0.2-1
libsqlite3-0:i386 (3.8.0.1-1) to 3.8.0.2-1
libsqlite3-dev (3.8.0.1-1) to 3.8.0.2-1
libusb-1.0-0 (2:1.0.16-3) to 2:1.0.17-1
libusb-1.0-0-dev (2:1.0.16-3) to 2:1.0.17-1
libusb-1.0-0:i386 (2:1.0.16-3) to 2:1.0.17-1
p11-kit (0.18.5-1) to 0.18.5-3
parted (2.3-15) to 2.3-16
steam-launcher (1.0.0.41) to 1.0.0.42
steam:i386 (1.0.0.41) to 1.0.0.42
synaptic (0.80.2) to 0.80.3
telepathy-gabble (0.18.0-1) to 0.18.1-1
telepathy-rakia (0.7.4-1) to 0.7.5-1
whiptail (0.52.15-2+b1) to 0.52.15-

Hope this helps,
Mika

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.10-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages gnome-online-accounts depends on:
ii  libc62.17-92
ii  libgcr-base-3-1  3.8.2-4
ii  libglib2.0-0 2.37.5-1
ii  libgoa-1.0-0 3.8.3-1
ii  libkrb5-31.11.3+dfsg-3
ii  librest-0.7-00.7.12-3
ii  libsoup2.4-1 2.42.2-6

Versions of packages gnome-online-accounts recommends:
ii  gnome-control-center  1:3.8.3-1

gnome-online-accounts suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#673589: gnome-online-accounts: Google account credentials expire immediately after login

2013-09-12 Thread Mika Rastas

Package: gnome-online-accounts
Version: 3.8.3-1
Followup-For: Bug #673589

Dear Maintainer,
*** Please consider answering these questions, where appropriate ***

So my earlier info was incomplete. I found this bug #717945 in libgcr that
might be related to my problem. The workaround was also from that report.

The Gnome upstream had deemed this bug to be related to two factor
authentication with the original reporter. My situation is not related to two
factor authentication as I am not using it. Maybe a name change for this bug
and another bug that links to libgcr would clear things up.

*** End of the template - remove these lines ***



-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.10-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages gnome-online-accounts depends on:
ii  libc62.17-92
ii  libgcr-base-3-1  3.8.2-4
ii  libglib2.0-0 2.37.5-1
ii  libgoa-1.0-0 3.8.3-1
ii  libkrb5-31.11.3+dfsg-3
ii  librest-0.7-00.7.12-3
ii  libsoup2.4-1 2.42.2-6

Versions of packages gnome-online-accounts recommends:
ii  gnome-control-center  1:3.8.3-1

gnome-online-accounts suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722217: libc6: Update fails halfway with segfault

2013-09-09 Thread Mika Rastas

Package: libc6
Version: 2.17-92+b1
Severity: important

Dear Maintainer,

I was updating my Sid / experimental system through synaptic. Selected update 
all. After some of the libc6 multiarch packages were updated the installation 
of the rest of libc6 packages failed due to a segfault on installation of 
another libc6 dependant package.

Here is the term.log from apt. 

Preparing to replace libc6-dev-x32 2.17-92 (using 
.../libc6-dev-x32_2.17-92+b1_amd64.deb) ...
Unpacking replacement libc6-dev-x32 ...
Preparing to replace libc6-x32 2.17-92 (using 
.../libc6-x32_2.17-92+b1_amd64.deb) ...
Unpacking replacement libc6-x32 ...
Preparing to replace libc6-dev-i386 2.17-92 (using 
.../libc6-dev-i386_2.17-92+b1_amd64.deb) ...
Unpacking replacement libc6-dev-i386 ...
Preparing to replace libc6-i386 2.17-92 (using 
.../libc6-i386_2.17-92+b1_amd64.deb) ...
Unpacking replacement libc6-i386 ...
Replaced by files in installed package libc6:i386 ...
Preparing to replace libc6-dev:i386 2.17-92 (using 
.../libc6-dev_2.17-92+b1_i386.deb) ...
De-configuring libc6-dev:amd64 ...
Unpacking replacement libc6:amd64 ...
Preparing to replace libc6:i386 2.17-92 (using .../libc6_2.17-92+b1_i386.deb) 
...
dpkg: error processing /var/cache/apt/archives/libc6_2.17-92+b1_i386.deb 
(--unpack):
 subprocess new pre-installation script was killed by signal (Segmentation 
fault)
Preparing to replace libgcc1:amd64 1:4.8.1-9 (using 
.../libgcc1_1%3a4.8.1-10_amd64.deb) ...
De-configuring libgcc1:i386 ...
Unpacking replacement libgcc1:amd64 ...
Preparing to replace libgcc1:i386 1:4.8.1-9 (using 
.../libgcc1_1%3a4.8.1-10_i386.deb) ...


I restored the system by manually installing libc6 2.17-92 packages from 
/var/cache/apt/arhives/


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.10-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#722223: pangoft: GIMP 2.8 segfaults when selecting fonts

2013-09-09 Thread Mika Rastas

Package: libpangoft2-1.0-0
Version: 1.32.5-5+b1
Severity: important
File: pangoft

Dear Maintainer,

Use Gimp to add and edit text. Use toolbar to select font for the text and 
scroll for the one you want. After a while of scrolling Gimp crashes. I 
searched the logs for signs and found this in kern.log.
Sep  6 11:16:52 this kernel: [11329.417012] gimp-2.8[31007]: segfault at 58 ip 
7f0d6403771e sp 7fffb6e23990 error 4 in 
libpangoft2-1.0.so.0.3200.5[7f0d64028000+15000]

Tried again and everytime I scroll fonts it segfaults. I can select font by 
writing the real font name.



-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.10-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages libpangoft2-1.0-0:amd64 depends on:
ii  libc6  2.17-92
ii  libfontconfig1 2.10.2-2
ii  libfreetype6   2.4.9-1.1
ii  libglib2.0-0   2.37.5-1
ii  libharfbuzz0a  0.9.19-1
ii  libpango-1.0-0 1.32.5-5+b1
ii  multiarch-support  2.17-92+b1

libpangoft2-1.0-0:amd64 recommends no packages.

libpangoft2-1.0-0:amd64 suggests no packages.

-- no debconf information


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#721085: graphite-web: Please update to 0.9.12 to work with Django 1.5

2013-08-27 Thread Mika Boström

Package: graphite-web
Version: 0.9.10+debian-2
Severity: normal

The current version does not work with Django 1.5, which has been the
default in unstable since late March. The problem is due to changed
settings and the newly required SECRET_KEY configuration token, which is
not applied even if available in /etc/graphite/local_settings.py

This configuration option is mandatory, so graphite-web no longer starts
when running with Django 1.5:

$ grep SECRET_KEY /etc/graphite/local_settings.py 
SECRET_KEY='XXX123456789'
$ whoami
_graphite
$ /usr/bin/graphite-manage runfcgi socket=/run/graphite/graphite.sock \
  pidfile=/run/graphite/graphite-fcgi.pid daemonize=true umask=002
ImproperlyConfigured: The SECRET_KEY setting must not be empty.


More information and the necessary patch available from
https://github.com/graphite-project/graphite-web/pull/394 ; should be
included in 0.9.12.


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=fi_FI.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages graphite-web depends on:
ii  adduser3.113+nmu3
ii  libjs-jquery   1.7.2+dfsg-3
ii  libjs-jquery-flot  0.8.1+dfsg-2
ii  libjs-prototype1.7.1-3
ii  libjs-scriptaculous1.9.0-2
ii  python 2.7.5-4
ii  python-cairo   1.8.8-1+b2
ii  python-django  1.5.2-1
ii  python-django-tagging  0.3.1-2
ii  python-pyparsing   1.5.7+dfsg1-2
ii  python-simplejson  3.3.0-3
ii  python-sqlite  1.0.1-9
ii  python-tz  2012c-1
ii  python-whisper 0.9.10-1

graphite-web recommends no packages.

Versions of packages graphite-web suggests:
ii  graphite-carbon  0.9.10-4
pn  libapache2-mod-wsgi  none
pn  python-ldap  none
pn  python-memcache  none
pn  python-mysqldb   none

-- Configuration Files:
/etc/graphite/local_settings.py changed [not included]

-- no debconf information

-- 
 Mika Boström   Individualisti, eksistentialisti,
 www.iki.fi/bostik  rationalisti ja mulkvisti
 GPG: 0x2AED22CC; 6FC9 8375 31B7 3BA2 B5DC  484E F19F 8AD6 2AED 22CC


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#719743: selinux-policy-default: GDM3 doesn't load in permissive mode

2013-08-15 Thread Mika Pflüger

Hi Kees,

could you post the output of:
# semodule -l
# sestatus
# cat /var/log/gdm3/:0.log
# cat /var/log/gdm3/:0-greeter.log
# cat /var/log/gdm3/:0-slave.log

I am running testing (with the same policy as 7/wheezy) in permissive
mode without problems, so we need to figure out what is different in
your setup.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#503565: [DSE-Dev] Bug#503565: closed by Mika Pflüger deb...@mikapflueger.de (Old and unreproducible)

2013-08-09 Thread Mika Pflüger

Hi,

Am Thu, 8 Aug 2013 23:41:06 +0200
schrieb Julien Cristau jul...@cristau.org:
 With resolvconf installed and the bind hook configured?

With resolvconf installed but without bind hook – the bind hook was
removed some time ago (see #697435). Now, you /can/ of course write
your own hook for bind or copy the one from resolvconf's doc
repository; however, I think than you have to write the relevant parts
of policy yourself (possibly using audit2allow).

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#690087: Can't reproduce with -13

Hi,

I can't reproduce this bug. What I did:
* Install a fresh wheezy with task standard and openssh-server.
* apt-get install selinux-basics auditd
* selinux-activate; reboot; selinux-config-enforcing; reboot
* adduser unconf
* adduser conf
* semanage login -a -s user_u conf

Then semanage login -l shows:
Login Name SELinux User MLS/MCS Range

__default__unconfined_u SystemLow-SystemHigh
conf   user_u   SystemLow
root   unconfined_u SystemLow-SystemHigh
system_u   system_u SystemLow-SystemHigh

Also, ps -eZ|grep sshd shows that sshd actually has categories:
LABEL   PID  TTY TIME CMD
system_u:system_r:sshd_t:s0-s0:c0.c1023 2585 ?   00:00:00 sshd

I can log in via ssh for both users, unconf and conf:
conf@setest:~$ id -Z
user_u:user_r:user_t:SystemLow

unconf@setest:~$ id -Z
unconfined_u:unconfined_r:unconfined_t:SystemLow-SystemHigh


Either the bug was fixed in the meantime or I don't understand where
the bug actually is.

Cheers,

Mika

-- 


signature.asc
Description: PGP signature

Bug#716753: Not an important bug

Severity 716753 normal
Thanks

As far as I can see the effect of the missing setsched is only that the
regeneration of ssl dh parameters cannot be nice'd and therefore runs
with higher priority than would be necessary, possibly congesting the
system. As the core functionality (regenerate ssl dh parameters) is not
affected, this is not an important bug. And the spurious AVC denial is
annoying, but not important either.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#707243: Does anything break?

Hi,

does anything break, or is it just a spurious AVC denial? If no
important functionality of irqbalance is lost, it may not be worth
fixing this in stable, we could just forward a fix upstream and wait
until it trickles back to debian.

Cheers,

Mika

-- 



signature.asc
Description: PGP signature

Bug#707293: default (chrooted) configuration of postfix is not supported by selinux policy; won't be