Bug#868258: Patches or pull request before updating to 4.13

2017-10-18 Thread Nicholas D Steeves 
Hi Dimitri,

Thank for you for applying these and uploading an update.

On Wed, Oct 18, 2017 at 02:13:34PM +0100, Dimitri John Ledkov wrote:
> On 18 September 2017 at 19:12, Nicholas D Steeves  wrote:
> >
> > Hi Dimitri,
> >
> > List of patches against 4.12-1 is at the bottom.  Please apply them
> > before merging 4.13.  In particular this is essential for 0001.  While
> > I don't use Ubuntu, let's prioritize getting this package into great
> > shape before 18.04's final merge from Debian!
> >
> > > > >> > M 0002-Ignore-.pc-the-quilt-state-tracking-dir.patch
> > > > >> >   * I read that this is supposed to be standard in dgit repos
> > > > >>
> > > > >> True, but upstream tarball ships .gitignore, and i'd rather not patch
> > > > >> upstream .gitignore =/
> > > > >
> > > > > In that case, lets submit the patch upstream?  I'd be happy to, if
> > > > > you're busy
> > > >
> > > > possibly.
> > >
> > > Should I submit this patch upstream or wait for you to?
> >
> > I have not yet submitted this one upstream.

So I'll go ahead and submit this trivial patch?

> >
> > If you prefer to pull from a git remote, pull from the
> > proposed-pre-4.13-1 branch of https://github.com/sten0/btrfs-progs.git
> >
> > [I]mportant, [N]ormal, [O]tional
> > I 0001-Remove-orphaned-files-that-no-longer-exist-upstream.patch
> > * These look like they will cause problems if not removed :-/
> 
> I do not see these as orphaned at all. I see them shipped in the
> upstream tarball.

Ah, I think I see what happened.  Upstream .gitignore and/or dgit <-> git
interroperation weirdness is preventing my git branch that tracks your
dgit remote from properly updating them...strange, because my upstream
branch updates them with every release, as does my master branch.

> > O 0002-Move-all-binaries-back-to-sbin-Closes-786893.patch
> > * Given that /sbin is for administrator programs and /bin for user
> >   ones, /bin suggests these programs are for regular users.  Without
> >   this patch I believe you will start to receive bug reports like the
> >   following -> tldr users can create subvols but cannot remove
> >   them...or even list them.
> >   https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67879.html
> >   https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67912.html
> 
> moving a binary to /sbin does not prevent non-cap_sys_admin user
> calling it and creating subvolumes..

True, but /sbin -> /bin was to close #770806 right?

The premise of #770806 was that btrfs is that /?bin/*btrfs* are
intended for use by normal users.  Where is the evidence to support
this?

Would you please address:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786893#41
and
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786893#42

Cheers!
Nicholas


signature.asc
Description: PGP signature

Bug#868258: Patches or pull request before updating to 4.13

2017-10-18 Thread Dimitri John Ledkov 
On 18 September 2017 at 19:12, Nicholas D Steeves  wrote:
>
> Hi Dimitri,
>
> List of patches against 4.12-1 is at the bottom.  Please apply them
> before merging 4.13.  In particular this is essential for 0001.  While
> I don't use Ubuntu, let's prioritize getting this package into great
> shape before 18.04's final merge from Debian!
>
> > > >> > M 0002-Ignore-.pc-the-quilt-state-tracking-dir.patch
> > > >> >   * I read that this is supposed to be standard in dgit repos
> > > >>
> > > >> True, but upstream tarball ships .gitignore, and i'd rather not patch
> > > >> upstream .gitignore =/
> > > >
> > > > In that case, lets submit the patch upstream?  I'd be happy to, if
> > > > you're busy
> > >
> > > possibly.
> >
> > Should I submit this patch upstream or wait for you to?
>
> I have not yet submitted this one upstream.
>
> > > >> > I 0006-Exclude-non-free-RFC-BCP78-files-affects-test-suite.patch
> > > >>
> > > As i read it is this. The whole RFC is subject to BCP 79, which states
> > > that a subset of the document - the code component, is only subject to
> > > BSD license as long as both the BSD license and the IETF copyright is
> > > included. The whole text of RFC does not follow the copyright, only
> > > the the code component which is only under the bsd as documented in
> > > the sha.h.
> [...]
> >
> > Thank you.  If I don't hear back from you by Aug 9th I'll ask
> > debian-legal for their analysis.  As it stands the presently not excluded
> > tests/sha-stuff needs to be added to debian/copyright, and it might also
> > be a good idea to add a README.copyright explaining how this
> > licensing functions.
>
> You were right!  Patch accepted upstream:
> https://github.com/kdave/btrfs-progs/commit/fc567cfda15fbe7ca04aeb623f4682a7ac089348
>
> If you prefer to pull from a git remote, pull from the
> proposed-pre-4.13-1 branch of https://github.com/sten0/btrfs-progs.git
>
> [I]mportant, [N]ormal, [O]tional
> I 0001-Remove-orphaned-files-that-no-longer-exist-upstream.patch
> * These look like they will cause problems if not removed :-/

I do not see these as orphaned at all. I see them shipped in the
upstream tarball.


> O 0002-Move-all-binaries-back-to-sbin-Closes-786893.patch
> * Given that /sbin is for administrator programs and /bin for user
>   ones, /bin suggests these programs are for regular users.  Without
>   this patch I believe you will start to receive bug reports like the
>   following -> tldr users can create subvols but cannot remove
>   them...or even list them.
>   https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67879.html
>   https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67912.html

moving a binary to /sbin does not prevent non-cap_sys_admin user
calling it and creating subvolumes..

> I 0003-Add-copyright-for-tests-sha.h-tests-sha224-256.c-tes.patch
> * It's a custom 3-clause Simplified BSD, and from what I've read
>   about best practises it's best to chose something that doesn't
>   mention BSD when it's a custom license.  Instead of 3-clause, I
>   chose TLP-4, because that's the authoritative source document
>   for 2011 IETF copyright.
>  -> https://trustee.ietf.org/license-info/IETF-TLP-4.htm

applied

> N 0004-Drop-dh-autoreconf-from-build-depends-because-it-s-a.patch

applied

> N 0005-Fix-two-lintian-W-debian-changelog-line-too-long.patch
>
applied

> Other comments:
>
> btrfs-progs-4.13 (Closes: #875384)
> Please consider changing the maintainer address to your Ubuntu one, or
> maybe just adding it.
> Standards-version should be bumped.
>   * 4.1.0 recommends autopkgtest is the biggest change.  Before
> buster's soft freeze I hope to investigate how to run these as
> root in a VM on Debian'sbuild infrastructure.
> Lintian W uses-implicit-await-trigger for activate update-initramfs
>   * I lack the experience to be able to responsibly suggest a fix for
> this.

fixed.

-- 
Regards,

Dimitri.

Bug#868258: Patches or pull request before updating to 4.13

2017-09-18 Thread Nicholas D Steeves 
Hi Dimitri,

List of patches against 4.12-1 is at the bottom.  Please apply them
before merging 4.13.  In particular this is essential for 0001.  While
I don't use Ubuntu, let's prioritize getting this package into great
shape before 18.04's final merge from Debian!

> > >> > M 0002-Ignore-.pc-the-quilt-state-tracking-dir.patch
> > >> >   * I read that this is supposed to be standard in dgit repos
> > >>
> > >> True, but upstream tarball ships .gitignore, and i'd rather not patch
> > >> upstream .gitignore =/
> > >
> > > In that case, lets submit the patch upstream?  I'd be happy to, if
> > > you're busy
> >
> > possibly.
> 
> Should I submit this patch upstream or wait for you to?

I have not yet submitted this one upstream.

> > >> > I 0006-Exclude-non-free-RFC-BCP78-files-affects-test-suite.patch
> > >>
> > As i read it is this. The whole RFC is subject to BCP 79, which states
> > that a subset of the document - the code component, is only subject to
> > BSD license as long as both the BSD license and the IETF copyright is
> > included. The whole text of RFC does not follow the copyright, only
> > the the code component which is only under the bsd as documented in
> > the sha.h.
[...]
> 
> Thank you.  If I don't hear back from you by Aug 9th I'll ask
> debian-legal for their analysis.  As it stands the presently not excluded
> tests/sha-stuff needs to be added to debian/copyright, and it might also
> be a good idea to add a README.copyright explaining how this
> licensing functions.

You were right!  Patch accepted upstream:
https://github.com/kdave/btrfs-progs/commit/fc567cfda15fbe7ca04aeb623f4682a7ac089348

If you prefer to pull from a git remote, pull from the
proposed-pre-4.13-1 branch of https://github.com/sten0/btrfs-progs.git

[I]mportant, [N]ormal, [O]tional
I 0001-Remove-orphaned-files-that-no-longer-exist-upstream.patch
* These look like they will cause problems if not removed :-/
O 0002-Move-all-binaries-back-to-sbin-Closes-786893.patch
* Given that /sbin is for administrator programs and /bin for user
  ones, /bin suggests these programs are for regular users.  Without
  this patch I believe you will start to receive bug reports like the
  following -> tldr users can create subvols but cannot remove
  them...or even list them.
  https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67879.html
  https://mail-archive.com/linux-btrfs@vger.kernel.org/msg67912.html
I 0003-Add-copyright-for-tests-sha.h-tests-sha224-256.c-tes.patch
* It's a custom 3-clause Simplified BSD, and from what I've read
  about best practises it's best to chose something that doesn't
  mention BSD when it's a custom license.  Instead of 3-clause, I
  chose TLP-4, because that's the authoritative source document
  for 2011 IETF copyright.
 -> https://trustee.ietf.org/license-info/IETF-TLP-4.htm
N 0004-Drop-dh-autoreconf-from-build-depends-because-it-s-a.patch
N 0005-Fix-two-lintian-W-debian-changelog-line-too-long.patch

Other comments:

btrfs-progs-4.13 (Closes: #875384)
Please consider changing the maintainer address to your Ubuntu one, or
maybe just adding it.
Standards-version should be bumped.
  * 4.1.0 recommends autopkgtest is the biggest change.  Before
buster's soft freeze I hope to investigate how to run these as
root in a VM on Debian'sbuild infrastructure.
Lintian W uses-implicit-await-trigger for activate update-initramfs
  * I lack the experience to be able to responsibly suggest a fix for
this.

Cheers,
Nicholas
From 5d2cdec42bde64b94678eae51b57f795dfe918c1 Mon Sep 17 00:00:00 2001
From: Nicholas D Steeves 
Date: Sun, 17 Sep 2017 18:27:35 -0400
Subject: [PATCH 1/5] Remove orphaned files that no longer exist upstream

---
 config.h.in |  135 
 config/config.guess | 1431 
 config/config.sub   | 1813 ---
 config/install-sh   |  501 --
 4 files changed, 3880 deletions(-)
 delete mode 100644 config.h.in
 delete mode 100755 config/config.guess
 delete mode 100755 config/config.sub
 delete mode 100755 config/install-sh

diff --git a/config.h.in b/config.h.in
deleted file mode 100644
index 42167c0a..
--- a/config.h.in
+++ /dev/null
@@ -1,135 +0,0 @@
-/* config.h.in.  Generated from configure.ac by autoheader.  */
-
-/* Define if building universal (internal helper macro) */
-#undef AC_APPLE_UNIVERSAL_BUILD
-
-/* disable backtrace stuff in kerncompat.h */
-#undef BTRFS_DISABLE_BACKTRACE
-
-/* Define to 1 if you have the `backtrace' function. */
-#undef HAVE_BACKTRACE
-
-/* Define to 1 if you have the `backtrace_symbols_fd' function. */
-#undef HAVE_BACKTRACE_SYMBOLS_FD
-
-/* Define to 1 if you have the  header file. */
-#undef HAVE_EXECINFO_H
-
-/* Define to 1 if you have the  header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have the  header file. */
-#undef HAVE_MEMORY_H
-
-/* E2fsprogs does