Bug#689003: unblock: bacula/5.2.6+dfsg-5

2013-01-13 Thread Alexander Golovko 
В Wed, 2 Jan 2013 23:28:50 +0400
Alexander Golovko alexan...@ankalagon.ru пишет:

 В Sat, 1 Dec 2012 14:02:30 +0100
 Julien Cristau jcris...@debian.org пишет:
 
  On Mon, Nov 26, 2012 at 01:24:19 +0400, Alexander Golovko wrote:
  
   Sorry, i don't see any reply.
   
   I prepare package for wheezy, changelog here:
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/changelog;h=56223bdd477cd7a52770eae92cfc5d1c857dea27;hb=wheezy
   
   i try to make each changelog record as separate commit with clean
   description:
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=shortlog;h=refs/heads/wheezy
   
   If i has not a mess, than all changes except one was accepted.
   I didn't get final reply about #556207 (see inline).
   
  I thought it was clear I'm not convinced this change is suitable.
  Please drop it.
 
 Ok
 
  
   And i have yet another question - there was a non-maintainer
   upload. What package version should be now?
   
  I would much prefer if this was a 5.2.6+dfsg-7 version, uploaded to
  sid, and including only the approved changes, rather than a direct
  upload to testing.
 
 Ok, 5.2.6+dfsg-7 prepared. 
 Additional changes - add dutch translation and update info about
 upstream bugs in patches.
 
 Also i have a question about opened bugs 605449 and 694046. Can be
 fixes included into wheezy or not?

Please, unblock 5.2.6+dfsg-7 (#605449 included, #694046 - not).


 
 If this is interest, git history was changed. Subtree [1] with clean
 changes since 5.2.6+dfsg-2 was merged [2] into master branch without
 undescribed changes [3]
 
 [1]
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=595829670fcf9555b1f50897655d3ae23cca65e6
 
 [2]
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=bbe70c0b38617576fb67a318007c70818007306d
 
 [3]
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commitdiff;h=bbe70c0b38617576fb67a318007c70818007306d;hp=595829670fcf9555b1f50897655d3ae23cca65e6
 
 


-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2013-01-02 Thread Alexander Golovko 
В Sat, 1 Dec 2012 14:02:30 +0100
Julien Cristau jcris...@debian.org пишет:

 On Mon, Nov 26, 2012 at 01:24:19 +0400, Alexander Golovko wrote:
 
  Sorry, i don't see any reply.
  
  I prepare package for wheezy, changelog here:
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/changelog;h=56223bdd477cd7a52770eae92cfc5d1c857dea27;hb=wheezy
  
  i try to make each changelog record as separate commit with clean
  description:
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=shortlog;h=refs/heads/wheezy
  
  If i has not a mess, than all changes except one was accepted.
  I didn't get final reply about #556207 (see inline).
  
 I thought it was clear I'm not convinced this change is suitable.
 Please drop it.

Ok

 
  And i have yet another question - there was a non-maintainer upload.
  What package version should be now?
  
 I would much prefer if this was a 5.2.6+dfsg-7 version, uploaded to
 sid, and including only the approved changes, rather than a direct
 upload to testing.

Ok, 5.2.6+dfsg-7 prepared. 
Additional changes - add dutch translation and update info about
upstream bugs in patches.

Also i have a question about opened bugs 605449 and 694046. Can be
fixes included into wheezy or not?

If this is interest, git history was changed. Subtree [1] with clean
changes since 5.2.6+dfsg-2 was merged [2] into master branch without
undescribed changes [3]

[1]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=595829670fcf9555b1f50897655d3ae23cca65e6

[2]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=bbe70c0b38617576fb67a318007c70818007306d

[3]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commitdiff;h=bbe70c0b38617576fb67a318007c70818007306d;hp=595829670fcf9555b1f50897655d3ae23cca65e6


-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2013-01-01 Thread Julien Cristau 
On Sat, Dec  1, 2012 at 14:02:30 +0100, Julien Cristau wrote:

 I would much prefer if this was a 5.2.6+dfsg-7 version, uploaded to sid,
 and including only the approved changes, rather than a direct upload to
 testing.
 
Ping?

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2013-01-01 Thread Alexander Golovko 
В Tue, 1 Jan 2013 23:35:35 +0100
Julien Cristau jcris...@debian.org пишет:

 On Sat, Dec  1, 2012 at 14:02:30 +0100, Julien Cristau wrote:
 
  I would much prefer if this was a 5.2.6+dfsg-7 version, uploaded to
  sid, and including only the approved changes, rather than a direct
  upload to testing.
  
 Ping?

pong.
I'm sorry for delay, will rework 5.2.6+dfsg-2+deb7u1 into 5.2.6+dfsg-7
until end of week.


 
 Cheers,
 Julien


-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-12-01 Thread Julien Cristau 
On Mon, Nov 26, 2012 at 01:24:19 +0400, Alexander Golovko wrote:

 Sorry, i don't see any reply.
 
 I prepare package for wheezy, changelog here:
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/changelog;h=56223bdd477cd7a52770eae92cfc5d1c857dea27;hb=wheezy
 
 i try to make each changelog record as separate commit with clean
 description:
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=shortlog;h=refs/heads/wheezy
 
 If i has not a mess, than all changes except one was accepted.
 I didn't get final reply about #556207 (see inline).
 
I thought it was clear I'm not convinced this change is suitable.
Please drop it.

 And i have yet another question - there was a non-maintainer upload.
 What package version should be now?
 
I would much prefer if this was a 5.2.6+dfsg-7 version, uploaded to sid,
and including only the approved changes, rather than a direct upload to
testing.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-25 Thread Alexander Golovko 
Sorry, i don't see any reply.

I prepare package for wheezy, changelog here:
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/changelog;h=56223bdd477cd7a52770eae92cfc5d1c857dea27;hb=wheezy

i try to make each changelog record as separate commit with clean
description:
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=shortlog;h=refs/heads/wheezy

If i has not a mess, than all changes except one was accepted.
I didn't get final reply about #556207 (see inline).

And i have yet another question - there was a non-maintainer upload.
What package version should be now?


В Fri, 9 Nov 2012 10:12:29 +0400
Alexander Golovko alexan...@ankalagon.ru пишет:

 В Thu, 8 Nov 2012 23:10:46 +0100
 Julien Cristau jcris...@debian.org пишет:
 
  On Fri, Nov  9, 2012 at 01:07:18 +0400, Alexander Golovko wrote:
  
   bacula daemons SIGSEGV handler can call gdb for save some useful
   (for developers) info about process (stack for all threads and
   other). Gdb called with bacula user privileges, but files
   in /proc/pid/ owned by root and gdb can't get info about
   process. This is subject of bug #556207.
   
  Or you could just let the kernel get you a core file with all the
  info you would want.  
 
 Yes, coredump will be enough and in some cases it required for solve
 problem. But it contain some information, such a passwords, that
 1. make impossible coredump publication
 2. require password changing even after privately sending
 coredump to developers due to possibility of passwords leakage.
 
 But thank you for attention to this moment, there is a bacula bug -
 daemons don't create coredumps on such signals, i will send bugreport
 to upstream.

1. we can't get coredump for bacula daemons
http://bugs.bacula.org/view.php?id=1949

2. Upstream declare, that backtrace output enough for bugreports about
crashes.


 
 
 
  I'm sorry, but I don't think this is worthy of
  breaking the freeze.
  
   Yes, user still must install -dbg packages before this will
   work, but this is not so hard work for them as manually changing
   init scripts.
   
  Seriously, editing a shell script, hard work?
  

Seriously, user must know, what to change before edit shell script.
I can add this to documentation, but will not be this poinlessly?


-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-08 Thread Alexander Golovko 
В Wed, 7 Nov 2012 18:35:44 +0100
Moritz Muehlenhoff j...@inutil.org пишет:

 On Wed, Oct 24, 2012 at 06:28:47PM +0200, Moritz Muehlenhoff wrote:
 
 [..]
 
 Alexander, what's the status?

I am sorry for delay!

Most of changes prepared with clean commits, but i still need reply to
question about systemd changes:


3. fix daemons user/group on systems with systemd (Closes:
#679958). delegate daemons uid/gid changing to
start-stop-daemon or systemd, thanks to Matija Nalis (Closes:
#556207).

This changes are related and intersected. First commit reverted
by last.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8

Upstream already much time (at least since 2010, Oct) use
start-stop-daemon for change daemons uid/gid in their variant of
init scripts. Our patch for uid/gid changing by systemd was
already accepted into upstream. 

The big problem, that without this change user can't simply get
backtraces on daemons crashes. This backtraces required for some
bugreport to upstream.
  
   Meh.  Can't the systemd files be simply removed?  If this doesn't
   affect sysvinit systems I would prefer not to bother.  
  
  Hmm. But systemd service files was added to package in 5.2.6+dfsg-1
  via bug #624532. And patch for fix them is trivial.

 Apparently not so trivial, since it needs a fixup now.  I would rather
 not see a change that affects all paths to fix something for the .1%
 of users that run systemd.  

ohh. i think, that will be better to split explanation of this change
into two parts.

First - changes in sysvinit scripts. Instead of run daemons as root and
pass options for chuid we allow start-stop-daemon to run it as
non-root. This is what do upstream and without this fix we have a
problems with getting backtraces on daemons crashes.

Second - changes in systemd service files. In 5.2.6+dfsg-1 our team add
this files into packages, but unfortunely, they was shipped with
incorrect (empty) uid/gid in them.
So, for systemd service files was fixed two problems:
a) Change daemons uid/gid by systemd, as do sysvinit scripts. This
is separate patch [1] for simplicity sending it to upstream (already
accepted by upstream)
b) Fixing incorrect uid/gid. Due to limitation of upstream build
system we can't use build options and hardcore uid/gid by patch [2]

[1]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/delegate-chuid-to-systemd.patch
[2]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/fix-systemd-daemon-user-group.patch

As i understand, your opinion is that will be better do not ship
systemd service files at all, but include changes in sysvinit scripts?



-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-08 Thread Julien Cristau 
On Thu, Nov  8, 2012 at 13:26:33 +0400, Alexander Golovko wrote:

 ohh. i think, that will be better to split explanation of this change
 into two parts.
 
 First - changes in sysvinit scripts. Instead of run daemons as root and
 pass options for chuid we allow start-stop-daemon to run it as
 non-root. This is what do upstream and without this fix we have a
 problems with getting backtraces on daemons crashes.
 
That doesn't sound like freeze material to me, as the current scripts
work.  I don't understand your comment about backtraces.

 Second - changes in systemd service files. In 5.2.6+dfsg-1 our team add
 this files into packages, but unfortunely, they was shipped with
 incorrect (empty) uid/gid in them.
 So, for systemd service files was fixed two problems:
 a) Change daemons uid/gid by systemd, as do sysvinit scripts. This
 is separate patch [1] for simplicity sending it to upstream (already
 accepted by upstream)
 b) Fixing incorrect uid/gid. Due to limitation of upstream build
 system we can't use build options and hardcore uid/gid by patch [2]
 
 [1]
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/delegate-chuid-to-systemd.patch
 [2]
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/fix-systemd-daemon-user-group.patch
 
 As i understand, your opinion is that will be better do not ship
 systemd service files at all, but include changes in sysvinit scripts?
 
I don't think that reflects my opinion.  My understanding is that the
current init script works, and if that is true then the current init
script doesn't need to be changed.  I don't particularly care what
happens to the systemd files, though if the current ones don't work then
I'd kinda prefer to see them go away rather than get more changes.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-08 Thread Alexander Golovko 
В Thu, 8 Nov 2012 19:45:00 +0100
Julien Cristau jcris...@debian.org пишет:

 On Thu, Nov  8, 2012 at 13:26:33 +0400, Alexander Golovko wrote:
 
  ohh. i think, that will be better to split explanation of this
  change into two parts.
  
  First - changes in sysvinit scripts. Instead of run daemons as root
  and pass options for chuid we allow start-stop-daemon to run it as
  non-root. This is what do upstream and without this fix we have a
  problems with getting backtraces on daemons crashes.
  
 That doesn't sound like freeze material to me, as the current scripts
 work.  I don't understand your comment about backtraces.

bacula daemons SIGSEGV handler can call gdb for save some useful (for
developers) info about process (stack for all threads and other). Gdb
called with bacula user privileges, but files in /proc/pid/ owned by
root and gdb can't get info about process. This is subject of bug
#556207.

Yes, user still must install -dbg packages before this will work, but
this is not so hard work for them as manually changing init scripts.


 
  Second - changes in systemd service files. In 5.2.6+dfsg-1 our team
  add this files into packages, but unfortunely, they was shipped with
  incorrect (empty) uid/gid in them.
  So, for systemd service files was fixed two problems:
  a) Change daemons uid/gid by systemd, as do sysvinit scripts. This
  is separate patch [1] for simplicity sending it to upstream (already
  accepted by upstream)
  b) Fixing incorrect uid/gid. Due to limitation of upstream build
  system we can't use build options and hardcore uid/gid by patch [2]
  
  [1]
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/delegate-chuid-to-systemd.patch
  [2]
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/fix-systemd-daemon-user-group.patch
  
  As i understand, your opinion is that will be better do not ship
  systemd service files at all, but include changes in sysvinit
  scripts?
  
 I don't think that reflects my opinion.  My understanding is that the
 current init script works, and if that is true then the current init
 script doesn't need to be changed.

Current init scripts work, but have a bug, as described above.


 I don't particularly care what
 happens to the systemd files, though if the current ones don't work
 then I'd kinda prefer to see them go away rather than get more
 changes.

Hmm, but if users want worked systemd files (#679958), is it really
prefer to drop systemd support over fix problem?



-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-08 Thread Julien Cristau 
On Fri, Nov  9, 2012 at 01:07:18 +0400, Alexander Golovko wrote:

 bacula daemons SIGSEGV handler can call gdb for save some useful (for
 developers) info about process (stack for all threads and other). Gdb
 called with bacula user privileges, but files in /proc/pid/ owned by
 root and gdb can't get info about process. This is subject of bug
 #556207.
 
Or you could just let the kernel get you a core file with all the info
you would want.  I'm sorry, but I don't think this is worthy of breaking
the freeze.

 Yes, user still must install -dbg packages before this will work, but
 this is not so hard work for them as manually changing init scripts.
 
Seriously, editing a shell script, hard work?

[...]
 Hmm, but if users want worked systemd files (#679958), is it really
 prefer to drop systemd support over fix problem?
 
We're frozen.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-08 Thread Alexander Golovko 
В Thu, 8 Nov 2012 23:10:46 +0100
Julien Cristau jcris...@debian.org пишет:

 On Fri, Nov  9, 2012 at 01:07:18 +0400, Alexander Golovko wrote:
 
  bacula daemons SIGSEGV handler can call gdb for save some useful
  (for developers) info about process (stack for all threads and
  other). Gdb called with bacula user privileges, but files
  in /proc/pid/ owned by root and gdb can't get info about process.
  This is subject of bug #556207.
  
 Or you could just let the kernel get you a core file with all the info
 you would want.  

Yes, coredump will be enough and in some cases it required for solve
problem. But it contain some information, such a passwords, that
1. make impossible coredump publication
2. require password changing even after privately sending
coredump to developers due to possibility of passwords leakage.

But thank you for attention to this moment, there is a bacula bug -
daemons don't create coredumps on such signals, i will send bugreport to
upstream.



 I'm sorry, but I don't think this is worthy of
 breaking the freeze.
 
  Yes, user still must install -dbg packages before this will work,
  but this is not so hard work for them as manually changing init
  scripts.
  
 Seriously, editing a shell script, hard work?
 
 [...]
  Hmm, but if users want worked systemd files (#679958), is it really
  prefer to drop systemd support over fix problem?
  
 We're frozen.

ok, i understand you and will remove this files



-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-11-07 Thread Moritz Muehlenhoff 
On Wed, Oct 24, 2012 at 06:28:47PM +0200, Moritz Muehlenhoff wrote:
 On Wed, Oct 10, 2012 at 12:42:42AM +0400, Alexander Golovko wrote:
 
  Upstream recommend do not use hardening for bacula, so we have 71
  lintian warning about this fact. In git master branch this warnings was
  hidden by adding lintian-overrides. This is cosmetic change and should
  not present in next upload, intended for wheezy?
 
 Cosmetic changes should be avoided during the freeze, yes.
 
  What is the best way to prepare package without rejected changes?
  Should i upload new package into sid and reopen bugs with rejected
  fixes or i should upload it directly (but how?) into wheezy?
 
 Use 5.2.6+dfsg-2+deb7u1 as the version number and upload as described
 here: http://www.debian.org/doc/manuals/developers-reference/pkgs.html#t-p-u

Alexander, what's the status?
 
Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-24 Thread Moritz Muehlenhoff 
On Wed, Oct 10, 2012 at 12:42:42AM +0400, Alexander Golovko wrote:

 Upstream recommend do not use hardening for bacula, so we have 71
 lintian warning about this fact. In git master branch this warnings was
 hidden by adding lintian-overrides. This is cosmetic change and should
 not present in next upload, intended for wheezy?

Cosmetic changes should be avoided during the freeze, yes.

 What is the best way to prepare package without rejected changes?
 Should i upload new package into sid and reopen bugs with rejected
 fixes or i should upload it directly (but how?) into wheezy?

Use 5.2.6+dfsg-2+deb7u1 as the version number and upload as described
here: http://www.debian.org/doc/manuals/developers-reference/pkgs.html#t-p-u

Cheers,
Moritz


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-09 Thread Alexander Golovko 
В Mon, 08 Oct 2012 14:26:08 +0200
Mehdi Dogguy me...@dogguy.org пишет:

 On 28/09/2012 07:57, Alexander Golovko wrote:
  Package: release.debian.org Severity: normal User:
  release.debian@packages.debian.org Usertags: unblock
  
  Hi!
  
  Please unblock bacula-* packages, it fixes multiple bugs, include 
  CVE-2012-4430, crashes and debian policy violations:
  
  #687923 - security issue CVE-2012-4430 #688732 - bacula-fd save
  only first xattr on file #682733 - unowned files after purge 
  #680051 - switch between bacula-director-dbtype #679958 -
  incorrect systemd service file Fix unsafe bacula-director
  passwords. Fix bacula-fd crash on saving xattr on btrfs.
  
 
 Ok, I don't feel comfortable with all these packaging changes. I don't
 think I'm going to unblock this package. Could you prepare an upload
 to t-p-u please? #687923, #682733, #679958, Fix unsafe
 bacula-director passwords look okay. For the others, please show
 minimal separate patches if you want to include them.

I can try to remove some patches, but i'm afraid, that completely
rework changes will be very hard. I list all changes (except #687923,
#682733, #679958, Fix unsafe bacula-director passwords) with links to
commits and additional description. Please say, which of changes can be
included and which not. Sorry for this abuse.



1. Build packages for all database types in the same time, not a
separate process for sqlite3, mysql and pgsql.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=1ca440fc3758a28fdcd17c05aa24f724934dbc5f

This change affect only package building process. It was thoroughly
checked, that binary packages changed not more, than on rebuild from
the same sources.
This change make build process much more clear and less differ from
standard debhelper. I'm afraid, that unaccepting this change will lead
to requirement of very hard reworking some other changes.
Another argument for accept this change is that this change will be one
of first candidate for post-wheezy and we will need support two
different solutions - for stable wheezy and current.



2. Save all file xattrs, not only first (Closes: #688732),
Fix bacula-fd crash on saving xattr on btrfs.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=455622199fb46805cd11f69630279af5987c0bb2
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d7bb353b616c6221684ffc81cbfe2c885a1dab81

It is a regression since squeeze. Squeeze shipped with previous major
version of bacula. There are a big commits, but however this is
only adding upstream patch. I'm think, there is important bugfix.



3. fix daemons user/group on systems with systemd (Closes: #679958).
delegate daemons uid/gid changing to start-stop-daemon or systemd,
thanks to Matija Nalis (Closes: #556207).

This changes are related and intersected. First commit reverted by
last.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8

Upstream already much time (at least since 2010, Oct) use
start-stop-daemon for change daemons uid/gid in their variant of init
scripts. Our patch for uid/gid changing by systemd was already accepted
into upstream. 

The big problem, that without this change user can't simply get
backtraces on daemons crashes. This backtraces required for some
bugreport to upstream.



4. fix waiting for real daemon stopping (Closes: #684744).
remove unused code from bacula-director init script.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=ef0c7b8b1ee7060decff3b4757bfb512c11bb98a
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d4052cfbafbcb1718b687886a7b01198f06fb0a1
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=037b600ebfec34b6d48adcbfa08580276e188d0b

First commit is bug fix, last is only adding info into changelog.
Second commit is not required, but always better, when init scripts
make the same tasks by the same methods.



5. Add build-depends for read-all capability support (Closes: #683080).
capabilities is linux-only feature. disable it for non-linux
platforms, add information, that capabilities is linux-only feature.
Add information about file daemon without root privileges.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=c6b51c2c010ae82f73d8cdce2eecbfbe52e6bbec
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=74198182c2fa9e2567077356e345ff5251e26bf1
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=6e1fab3c304fa73b9c6801a07290ce48b7cadb24

Yes, this is, of-course, new feature. But maybe fact, that this
change can improve Debian security and will be very useful for Debian
System Administration Team will be enough for accept this

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-09 Thread Julien Cristau 
On Tue, Oct  9, 2012 at 13:17:23 +0400, Alexander Golovko wrote:

 1. Build packages for all database types in the same time, not a
 separate process for sqlite3, mysql and pgsql.
 
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=1ca440fc3758a28fdcd17c05aa24f724934dbc5f
 
nak.

 2. Save all file xattrs, not only first (Closes: #688732),
 Fix bacula-fd crash on saving xattr on btrfs.
 
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=455622199fb46805cd11f69630279af5987c0bb2
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d7bb353b616c6221684ffc81cbfe2c885a1dab81
 
 It is a regression since squeeze. Squeeze shipped with previous major
 version of bacula. There are a big commits, but however this is
 only adding upstream patch. I'm think, there is important bugfix.
 
I would tend to agree.

 3. fix daemons user/group on systems with systemd (Closes: #679958).
 delegate daemons uid/gid changing to start-stop-daemon or systemd,
 thanks to Matija Nalis (Closes: #556207).
 
 This changes are related and intersected. First commit reverted by
 last.
 
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8
 
 Upstream already much time (at least since 2010, Oct) use
 start-stop-daemon for change daemons uid/gid in their variant of init
 scripts. Our patch for uid/gid changing by systemd was already accepted
 into upstream. 
 
 The big problem, that without this change user can't simply get
 backtraces on daemons crashes. This backtraces required for some
 bugreport to upstream.
 
Meh.  Can't the systemd files be simply removed?  If this doesn't
affect sysvinit systems I would prefer not to bother.

 4. fix waiting for real daemon stopping (Closes: #684744).
 remove unused code from bacula-director init script.
 
ack.

 5. Add build-depends for read-all capability support (Closes: #683080).
 
A bit nervous about this one.  How much has this been tested, and how
likely is it to affect unrelated features?

 6. don't remove bacula user on package purging (details in bug 621833).
 
ack.

 7. fix files left after packages purge (thanks to piuparts).
 
ack.

 8. make package purging more careful about users files.
 
Don't really see the point of this one.  Purging means purging.

 9. fix bacula log directory (Closes: #684203).
 
ack.

 10. force /etc/defaults/bacula-dir reregistration in ucf when
 changing bacula-director database type, fix purging after this
 (Closes: #680051).
 
Not sure about this, would appreciate advice from somebody who knows
ucf.

 11. switch to /run directory
 
nak.

 12. Fix impossibility to run out-of-box scripts make_mysql_tables and
 update_mysql_tables scripts, shipped with package (#679855).
 
Are these scripts ever run automatically by the package?

 13. switch from usermod to more debian-policy friendly adduser.
 
Unless this is fixing an actual bug, nak.

 14. fix hostname substitution (Closes: #682966).
 
Doesn't seem critical?

 15. add bacula into cdrom group (Closes: #520508).
 
Same here, I'd say defer to wheezy+1.

 16. Cleanup list of linked libraries.
 
nak.

 17. Add build-depends for LZO support.
 
nak.

 16. Improve the use of English (thanks to debian-l10n-english team).
 
I guess this should be ok...

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-09 Thread Alexander Golovko 
В Tue, 9 Oct 2012 12:32:07 +0200
Julien Cristau jcris...@debian.org пишет:

 On Tue, Oct  9, 2012 at 13:17:23 +0400, Alexander Golovko wrote:
 
  1. Build packages for all database types in the same time, not a
  separate process for sqlite3, mysql and pgsql.
  
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=1ca440fc3758a28fdcd17c05aa24f724934dbc5f
  
 nak.

I try to convince you again, if you don't mind.

Benefits for our team:

Package building is faster. It was start, wait, make something, look,
wait, look, wait, forget, remember only after some time :(
It was really annoying and significantly slow my work.

Package building process is much clear. Anybody other can help us if
he has basic knowledge about debhelper. With old variant d/rules is
more hard for understanding.

Also this change i test very-very deep. I compare packages, built from
sources with and without this change. Comparison include non-elf files
by content, where point symlinks, list of linked libraries for elf
files and buildlogs for anomaly differences in flags. There was one of
my most tested changes.

I really can promise, that this change not affect anything in binary
packages.

I hope, if this arguments will enough for allow exclusion and accept
this change.


  3. fix daemons user/group on systems with systemd (Closes: #679958).
  delegate daemons uid/gid changing to start-stop-daemon or systemd,
  thanks to Matija Nalis (Closes: #556207).
  
  This changes are related and intersected. First commit reverted by
  last.
  
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
  http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8
  
  Upstream already much time (at least since 2010, Oct) use
  start-stop-daemon for change daemons uid/gid in their variant of
  init scripts. Our patch for uid/gid changing by systemd was already
  accepted into upstream. 
  
  The big problem, that without this change user can't simply get
  backtraces on daemons crashes. This backtraces required for some
  bugreport to upstream.
  
 Meh.  Can't the systemd files be simply removed?  If this doesn't
 affect sysvinit systems I would prefer not to bother.

Hmm. But systemd service files was added to package in 5.2.6+dfsg-1 via
bug #624532. And patch for fix them is trivial.



  5. Add build-depends for read-all capability support (Closes:
  #683080).
  
 A bit nervous about this one.  How much has this been tested, and how
 likely is it to affect unrelated features?

There are only one difference between packages built with and without
capabilities support in src/lib/priv.c on lines 110-132.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=src/lib/priv.c;h=cfa4ec768970df40c3baea3f9d87831e761b7735;hb=52609e79da8df27cb68918acd074bff4af7cceb0

If binaries built without capabilities, than bacula-fd will return
error Keep readall caps not implemented when user try to use it.
If user start bacula without flags for enabling cap usage (default),
then the same code will be executed in both binaries - with or without
cap support.

This change should not affect to anything other.



  8. make package purging more careful about users files.
  
 Don't really see the point of this one.  Purging means purging.

actually, this is a difference from squeeze behavior for bacula-director
packages. Revert anyway?



  10. force /etc/defaults/bacula-dir reregistration in ucf when
  changing bacula-director database type, fix purging after this
  (Closes: #680051).
  
 Not sure about this, would appreciate advice from somebody who knows
 ucf.
 
  11. switch to /run directory
  
 nak.

Ok. i revert it.



  12. Fix impossibility to run out-of-box scripts make_mysql_tables
  and update_mysql_tables scripts, shipped with package (#679855).
  
 Are these scripts ever run automatically by the package?

No, scripts (dbconfig-common) use other files, generated on build time.
This files intended for users, who don't want or can't use dbconfig for
database population.



  13. switch from usermod to more debian-policy friendly adduser.
  
 Unless this is fixing an actual bug, nak.

Ok, i revert it.



  14. fix hostname substitution (Closes: #682966).
  
 Doesn't seem critical?

It is not critical for package installation. But this changes will do
all users immediately after first package installation.



  15. add bacula into cdrom group (Closes: #520508).
  
 Same here, I'd say defer to wheezy+1.

Ok, i revert it.


  16. Cleanup list of linked libraries.
  
 nak.

Maybe i incorrect worded this change.
This change remove unused libraries (no symbols from library used) from
list of linked libraries. 

From ld documentation:
--as-needed causes DT_NEEDED tags to only be emitted for libraries that
satisfy some symbol

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-09 Thread Julien Cristau 
On Tue, Oct  9, 2012 at 17:56:47 +0400, Alexander Golovko wrote:

 В Tue, 9 Oct 2012 12:32:07 +0200
 Julien Cristau jcris...@debian.org пишет:
 
  On Tue, Oct  9, 2012 at 13:17:23 +0400, Alexander Golovko wrote:
  
   1. Build packages for all database types in the same time, not a
   separate process for sqlite3, mysql and pgsql.
   
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=1ca440fc3758a28fdcd17c05aa24f724934dbc5f
   
  nak.
 
 I try to convince you again, if you don't mind.
 
ok, I guess I'll take your word for it.
 
   3. fix daemons user/group on systems with systemd (Closes: #679958).
   delegate daemons uid/gid changing to start-stop-daemon or systemd,
   thanks to Matija Nalis (Closes: #556207).
   
   This changes are related and intersected. First commit reverted by
   last.
   
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
   http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8
   
   Upstream already much time (at least since 2010, Oct) use
   start-stop-daemon for change daemons uid/gid in their variant of
   init scripts. Our patch for uid/gid changing by systemd was already
   accepted into upstream. 
   
   The big problem, that without this change user can't simply get
   backtraces on daemons crashes. This backtraces required for some
   bugreport to upstream.
   
  Meh.  Can't the systemd files be simply removed?  If this doesn't
  affect sysvinit systems I would prefer not to bother.
 
 Hmm. But systemd service files was added to package in 5.2.6+dfsg-1 via
 bug #624532. And patch for fix them is trivial.
 
Apparently not so trivial, since it needs a fixup now.  I would rather
not see a change that affects all paths to fix something for the .1% of
users that run systemd.

   5. Add build-depends for read-all capability support (Closes:
   #683080).
   
  A bit nervous about this one.  How much has this been tested, and how
  likely is it to affect unrelated features?
 
 There are only one difference between packages built with and without
 capabilities support in src/lib/priv.c on lines 110-132.
 
 http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=src/lib/priv.c;h=cfa4ec768970df40c3baea3f9d87831e761b7735;hb=52609e79da8df27cb68918acd074bff4af7cceb0
 
 If binaries built without capabilities, than bacula-fd will return
 error Keep readall caps not implemented when user try to use it.
 If user start bacula without flags for enabling cap usage (default),
 then the same code will be executed in both binaries - with or without
 cap support.
 
 This change should not affect to anything other.
 
ok, fine.

   8. make package purging more careful about users files.
   
  Don't really see the point of this one.  Purging means purging.
 
 actually, this is a difference from squeeze behavior for bacula-director
 packages. Revert anyway?
 
That would be my preference, yes.
 
   12. Fix impossibility to run out-of-box scripts make_mysql_tables
   and update_mysql_tables scripts, shipped with package (#679855).
   
  Are these scripts ever run automatically by the package?
 
 No, scripts (dbconfig-common) use other files, generated on build time.
 This files intended for users, who don't want or can't use dbconfig for
 database population.
 
ok.  don't have a strong opinion about it then, feel free to keep it.

   14. fix hostname substitution (Closes: #682966).
   
  Doesn't seem critical?
 
 It is not critical for package installation. But this changes will do
 all users immediately after first package installation.
 
ok.  as for 12, no strong opinion.

   16. Cleanup list of linked libraries.
   
  nak.
 
 Maybe i incorrect worded this change.
 This change remove unused libraries (no symbols from library used) from
 list of linked libraries. 
 
I know what --as-needed does.  It's essentially cosmetic, not
appropriate during the freeze.

 And the next question.
 Currently bacula can't built on hurd platforms. Should i include fix for
 this problem into next upload, intended for wheezy or not?
 
If the patch is small and obvious enough why not, but hurd won't make
wheezy so it's not really needed from our perspective.

Thanks for your work.

Cheers,
Julien


signature.asc
Description: Digital signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-09 Thread Alexander Golovko 
В Tue, 9 Oct 2012 19:50:04 +0200
Julien Cristau jcris...@debian.org пишет:

 On Tue, Oct  9, 2012 at 17:56:47 +0400, Alexander Golovko wrote:
 
  В Tue, 9 Oct 2012 12:32:07 +0200
  Julien Cristau jcris...@debian.org пишет:
  
   On Tue, Oct  9, 2012 at 13:17:23 +0400, Alexander Golovko wrote:
   
1. Build packages for all database types in the same time, not a
separate process for sqlite3, mysql and pgsql.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=1ca440fc3758a28fdcd17c05aa24f724934dbc5f

   nak.
  
  I try to convince you again, if you don't mind.
  
 ok, I guess I'll take your word for it.

i'm sorry for my english, but what you mean? That you allow this change
or that it rejected and i should not continue try to change you opinion?


  
3. fix daemons user/group on systems with systemd (Closes:
#679958). delegate daemons uid/gid changing to
start-stop-daemon or systemd, thanks to Matija Nalis (Closes:
#556207).

This changes are related and intersected. First commit reverted
by last.

http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=d077cd3c71734828b635f8605c8411f6cd86b6f6
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=cf9eb640182f4adfd83d05954dc35a20b60170c1
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=commit;h=694b788e0f82a734ca98bb0930a97432240c7fe8

Upstream already much time (at least since 2010, Oct) use
start-stop-daemon for change daemons uid/gid in their variant of
init scripts. Our patch for uid/gid changing by systemd was
already accepted into upstream. 

The big problem, that without this change user can't simply get
backtraces on daemons crashes. This backtraces required for some
bugreport to upstream.

   Meh.  Can't the systemd files be simply removed?  If this doesn't
   affect sysvinit systems I would prefer not to bother.
  
  Hmm. But systemd service files was added to package in 5.2.6+dfsg-1
  via bug #624532. And patch for fix them is trivial.
  
 Apparently not so trivial, since it needs a fixup now.  I would rather
 not see a change that affects all paths to fix something for the .1%
 of users that run systemd.

ohh. i think, that will be better to split explanation of this change
into two parts.

First - changes in sysvinit scripts. Instead of run daemons as root and
pass options for chuid we allow start-stop-daemon to run it as
non-root. This is what do upstream and without this fix we have a
problems with getting backtraces on daemons crashes.

Second - changes in systemd service files. In 5.2.6+dfsg-1 our team add
this files into packages, but unfortunely, they was shipped with
incorrect (empty) uid/gid in them.
So, for systemd service files was fixed two problems:
a) Change daemons uid/gid by systemd, as do sysvinit scripts. This
is separate patch [1] for simplicity sending it to upstream (already
accepted by upstream)
b) Fixing incorrect uid/gid. Due to limitation of upstream build
system we can't use build options and hardcore uid/gid by patch [2]

[1]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/delegate-chuid-to-systemd.patch
[2]
http://anonscm.debian.org/gitweb/?p=pkg-bacula/bacula.git;a=blob;f=debian/patches/fix-systemd-daemon-user-group.patch

As i understand, your opinion is that will be better do not ship
systemd service files at all, but include changes in sysvinit scripts?


8. make package purging more careful about users files.

   Don't really see the point of this one.  Purging means purging.
  
  actually, this is a difference from squeeze behavior for
  bacula-director packages. Revert anyway?
  
 That would be my preference, yes.

ok. i revert it.


16. Cleanup list of linked libraries.

   nak.
  
  Maybe i incorrect worded this change.
  This change remove unused libraries (no symbols from library used)
  from list of linked libraries. 
  
 I know what --as-needed does.  It's essentially cosmetic, not
 appropriate during the freeze.

ok. i revert it.

 
  And the next question.
  Currently bacula can't built on hurd platforms. Should i include
  fix for this problem into next upload, intended for wheezy or not?
  
 If the patch is small and obvious enough why not, but hurd won't make
 wheezy so it's not really needed from our perspective.

In fact this is depend on upstream. There was a little changes in
package (disabled acl, xattr and mtx on this platform) and i wait
while upstream fix problems with maximum path length on this platform.
I will ask this additionally, when upstream prepare patch.


Upstream recommend do not use hardening for bacula, so we have 71
lintian warning about this fact. In git master branch this warnings was
hidden by adding lintian-overrides. This is cosmetic change and should
not present in next upload, intended for wheezy?


What is the best way to prepare package without rejected changes?

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-10-08 Thread Mehdi Dogguy 
On 28/09/2012 07:57, Alexander Golovko wrote:
 Package: release.debian.org Severity: normal User:
 release.debian@packages.debian.org Usertags: unblock
 
 Hi!
 
 Please unblock bacula-* packages, it fixes multiple bugs, include 
 CVE-2012-4430, crashes and debian policy violations:
 
 #687923 - security issue CVE-2012-4430 #688732 - bacula-fd save
 only first xattr on file #682733 - unowned files after purge 
 #680051 - switch between bacula-director-dbtype #679958 -
 incorrect systemd service file Fix unsafe bacula-director
 passwords. Fix bacula-fd crash on saving xattr on btrfs.
 

Ok, I don't feel comfortable with all these packaging changes. I don't
think I'm going to unblock this package. Could you prepare an upload
to t-p-u please? #687923, #682733, #679958, Fix unsafe
bacula-director passwords look okay. For the others, please show
minimal separate patches if you want to include them.

Regards,

-- 
Mehdi Dogguy مهدي الدڤي


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-09-28 Thread Alexander Golovko 
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Hi!

Please unblock bacula-* packages, it fixes multiple bugs, include
CVE-2012-4430, crashes and debian policy violations:

#687923 - security issue CVE-2012-4430
#688732 - bacula-fd save only first xattr on file
#682733 - unowned files after purge
#680051 - switch between bacula-director-dbtype
#679958 - incorrect systemd service file
Fix unsafe bacula-director passwords.
Fix bacula-fd crash on saving xattr on btrfs.


Also new version include useful for DSA team [1] security improvement -
ability to run bacula-fd without root privileges (#683080)


There are also other changes in packages, i don't know need you see
more detailed description about this changes. Most of them are
not so important bugfixes, as listed above and several minor
wishlistes, that should not affect to stability.

Thank you very much!


[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683080#75


unblock bacula/5.2.6+dfsg-5

-- 
with best regards,
Alexander Golovko
email: alexan...@ankalagon.ru
xmpp: alexan...@ankalagon.ru


signature.asc
Description: PGP signature

Bug#689003: unblock: bacula/5.2.6+dfsg-5

2012-09-28 Thread Christian PERRIER 
Quoting Alexander Golovko (alexan...@ankalagon.ru):
 Package: release.debian.org
 Severity: normal
 User: release.debian@packages.debian.org
 Usertags: unblock
 
 Hi!
 
 Please unblock bacula-* packages, it fixes multiple bugs, include
 CVE-2012-4430, crashes and debian policy violations:
 
 #687923 - security issue CVE-2012-4430
 #688732 - bacula-fd save only first xattr on file
 #682733 - unowned files after purge
 #680051 - switch between bacula-director-dbtype
 #679958 - incorrect systemd service file
 Fix unsafe bacula-director passwords.
 Fix bacula-fd crash on saving xattr on btrfs.
 
 
 Also new version include useful for DSA team [1] security improvement -
 ability to run bacula-fd without root privileges (#683080)
 
 
 There are also other changes in packages, i don't know need you see
 more detailed description about this changes. Most of them are
 not so important bugfixes, as listed above and several minor
 wishlistes, that should not affect to stability.
 
 Thank you very much!
 
 
 [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683080#75
 
 
 unblock bacula/5.2.6+dfsg-5

Among other things, that would break completeness for l10n in
testing. OK, admitedly, we have a running update round but nothing at
this point guarantees me that l10n updates will be accepted eternally
by the release team. At some point, even those will be blocked. And I
don't want to risk blocking one of the i18n team goals.


My understanding was that the debconf changes you had in
unstable were *not* meant for wheezy. So, it seems that this release mixes
release-critical fixes and non critical fixes. Therefore, and even
though my advice is onlyan advice...as I'm not a release team
member, I would like to object to this unblock.

Given that bacula version in unstable now implements the non critical
fixes, I guess that your only option is uploading them through
testing-proposed-updates, if the release team doesn't grant the unblock.



signature.asc
Description: Digital signature